template

Cryptographic Controls Policy

by
C
Chris Young
Nov, 01 2022

When to use this template

This Cryptographic Controls Policy details when encryption is required and how encryption keys (private and public) should be managed.It links to a Password Policy and Security Policy, which are typically other policies used as part of an overall Information Security Management System (ISMS), such as those required for ISO27001 and SOC2.

Key issues covered in this template

  • Cryptographic algorithms
  • Password protection
  • Minimum key lengths
  • Key generation, management & renewal
  • Protection in transit
  • Protection at rest
  • Scope of policy
  • Password policy

What to watch out for

  • See ISO 27001 annex A.10 for more information regarding cryptographic controls and what is required to achieve ISO 27001 certification

30

Used by

Author

C

Chris Young

@chris75410632
Genie AI

c
D
V
a
D
V
A
W
P
M
P
S
+8 more
Consultancy
22%
Technology
20%
Finance
13%
Legal Services
11%
Consumer, Public & Health Services
9%
Other
7%
Education
6%
Insurance
3%
Public Administration
3%
Energy
3%
Sport & Entertainment
3%

Terms of use

This is not legal advice - see more
Genie AI terms and conditions
Code of conduct

Additional information

Business categories

Policies

Business activities

Create A Cryptographic Controls Policy

Contract type

Cryptographic Controls Policy

Relevant sectors

Agriculture, Forestry and Fishing

Mining

Construction

Transport

Wholesale

Manufacturing

Energy

Retail

Finance

Real Estate

Consumer, Public & Health Services

Media

Insurance

Legal Services

Education

Technology

Sport & Entertainment

Consultancy

Public Administration

Other

Relevant company sizes

1 - 3

20 - 49

250 - 999

4 - 19

50 - 249

1000 +

Governing law

England and Wales

Language

English UK

Gender neutral

Yes