You might want to look here:
http://www.sans.org/resources/policies/
for sample policies. SANS is a security training/certification organization, associated with GIAC (Global Incident Analysis Center) who are heavily and directly involved with the state if system and internet security. They also publish a “Top 20” vulnerability list.
Discuss This Question: