We use strictly necessary cookies to run this site, and — only with your consent — analytics & marketing cookies (Google Analytics, Google Tag Manager) to improve it. No analytics or marketing cookies are set unless you accept. See our Cookie Policy and Privacy Policy.

Templates

Policy templates you can actually use

Ready-to-adapt security and compliance policies, written by CERT-In empanelled auditors. Open any template, tailor it to your organisation, and save it as a PDF.

Governance
Information Security Policy

The top-level policy that sets your organisation’s commitment to protecting information and frames every other control.

Open template →
Access
Access Control Policy

Defines how identities, roles and permissions are granted, reviewed and revoked across your systems.

Open template →
Governance
Acceptable Use Policy

Sets the rules for how employees may use company systems, devices, networks and data.

Open template →
Access
Password & Authentication Policy

Standards for passwords, multi-factor authentication and credential handling.

Open template →
Operations
Incident Response Policy

How security incidents are detected, reported, contained, investigated and closed.

Open template →
Privacy
Data Protection & Privacy Policy

Internal policy for lawful, transparent handling of personal data — aligned with the DPDP Act.

Open template →
Risk
Third-Party / Vendor Risk Policy

How third parties with access to your data or systems are assessed and monitored.

Open template →
Privacy
Data Retention & Disposal Policy

Defines how long different data types are kept and how they are securely disposed of.

Open template →

Templates are starting points — tailor scope, roles and specifics to your environment. Want a policy set built and audited for you? Talk to our team.