Information Management Security System Document Template Library

Rapidly deploy your own information security management program using a quality-based approach that is well-defined, well-organized, and easy to setup and follow. No training required!

About this project

Organizations are increasing under threat of cyber-security breaches. We all know this. Still, many organizations do not have the skills or budget to handle this themselves, or hire contractors.

This document template library provides all the necessary parts to help the do-it-yourselfer to start their own program and to start making some simple changes immediately to better protect themselves.

What's included:

  • Policy templates
  • Actual Procedures
  • Complete instructions

Implementing an InfoSec program does not have to be complex or difficult. Starting with the basics and gradually expanding from there is what this library will help you achieve.

Why am I releasing this? because I want to see companies become more resiliant from cyber-criminals that threaten the livelihood of us all.

Why use this

What this is

  • A framework providing an InfoSec program foundation
  • Document library that you can modify to suit your needsAdvice for organizing and conducting the work and documentation
  • Educational tool to help you understand InfoSec and protecting your assets

What this is not

  • A replacement for a professionally managed InfoSec program
  • A cure-all that will prevent cyber-attacks
  • A method to avoid hiring professionals

Adopting the methods applied in this library will be quick and effective. You may be surprised at just how quickly you can build a robust and effective InfoSec system.


This documentation template library is provided under the MIT license.

You are free to use this library, to enhance it, and expand upon it. I would love to see the library grow.

When using this library, please attribute my original works.

Need help? reach out to me.


The documentation template library consists of many documents and templates, all of which have been carefully designed to be easy to use and fully self-describing.

Samples of content are provided in most documents, where applicable.

Start with the 00 - Instructions.docx document, which will guide you step-by-step on implementing this library.

Current library contents, grouped into phases:

Original Focus

The original focus of this project was to help small factory engineers to build an InfoSec program to protect their production lines.


  • Microsoft Word 2016


Instructions Document
Company Policy
Company Policy
Internal Audit Checklist
Internal Audit Checklist
Guide to Vulnerability Analysis
Vulnerability Analysis
Guide to Measuring Performance
Measuring Performance
Asset Register - Sample data
Asset Register
Risk Register - Sample data
Risk Register
Fork me on GitHub

Submit an issue or a suggestion

Submit an issue here.

Fork and contribute

If you find an issue in the documentation or have made improvements then please fork the repository and send a pull request to the master branch.