template

Cryptographic Controls Policy

by
C
Chris Young
Nov, 01 2022

When to use this template

This Cryptographic Controls Policy details when encryption is required and how encryption keys (private and public) should be managed.It links to a Password Policy and Security Policy, which are typically other policies used as part of an overall Information Security Management System (ISMS), such as those required for ISO27001 and SOC2.

Key issues covered in this template

  • Cryptographic algorithms
  • Password protection
  • Minimum key lengths
  • Key generation, management & renewal
  • Protection in transit
  • Protection at rest
  • Scope of policy
  • Password policy

What to watch out for

  • See ISO 27001 annex A.10 for more information regarding cryptographic controls and what is required to achieve ISO 27001 certification

39

Used by

Author

C

Chris Young

@chris75410632
Genie AI Team

Safe Capital
FIDO
Vallina & Associates LLC
DigiMasters
FINTRAIL
Back in Action Consultancy Ltd
Viridios Capital
Wintervest Capital
l
Novatus Advisory
assura
Soletis
+27 more
Consultancy
22%
Technology
20%
Finance
14%
Legal Services
12%
Education
8%
Consumer, Public & Health Services
8%
Other
8%
Insurance
2%
Public Administration
2%
Energy
2%
Sport & Entertainment
2%

Additional information

Business categories

Relevant sectors

Agriculture, Forestry and Fishing

Mining

Construction

Transport

Wholesale

Manufacturing

Energy

Retail

Finance

Real Estate

Consumer, Public & Health Services

Media

Insurance

Legal Services

Education

Technology

Sport & Entertainment

Consultancy

Public Administration

Other

Relevant company sizes

1 - 3

20 - 49

250 - 999

4 - 19

50 - 249

1000 +

Governing law

England and Wales

Language

English UK

Gender neutral

Yes