Information Security policy for not-for-profits

To define and formally document your cyber security practices and processes, you can download and customise this template for your not-for-profit.

We highly recommend that every not-for-profit develop an Information Security Policy. This important document will outline what the organisation must have in place to protect its information from cyber security-related threats. This policy together with an end-user security policy and privacy policy provide a strong foundation for the protection of your organisation’s information and operations.

PwC Australia has developed an Information Security Policy template which is a great resource tailored for not-for-profits of different sizes and risk profiles. To define and formally document your cyber security practices and processes, you can download and customise this template for your organisation.

An accompanying IT security register template is also available for download – this register will assist your organisation in the implementation of some of the security measures outlined in the policy.