This template is designed to make it easier for small and medium-sized enterprises (managers and processors) to create the Rulebook on the Information Security System. Each of the sections that make up this form for creating the Rulebook on the Information Security System must be adapted to the data processing activities in your organization/company. Please note that it is not a document that is the same for all small and medium-sized enterprises, i.e. organizations/companies, even for those from the same industry.
The policy on the information security system must be adapted to the data processing activities that you carry out in your organization/company, i.e. it must reflect the actual measures, measures and procedures taken by the manager/executor of processing for the purpose of preventing loss or unauthorized disclosure and eliminating the consequences in the event of loss or unauthorized disclosure personal data that it processes.