First, a big shout out to the real policy rock stars!
We think it’s important to recognise the great work that the guys over at CIS and SANS institute provide. Please pay them a visit.
OK-NouNou uses policy templates that were originally based on designs provided by the Centre for Internet Security (CIS), but have since undergone considerable customisation and development, and in some areas are complete ground-up rewrites of the originals. The OK-NouNou templates keep that compliance in-tact giving you GRC peace of mind.
Sans Institute in collaboration with information security subject-matter experts and leaders who volunteered their security policy know-how and time, SANS has developed and posted here a set of security policy templates for your use. Membership to the SANS.org Community grants you access to thousands of free content-rich resources like these templates.
Center for Internet Security is home to the Multi-State Information Sharing and Analysis CenterĀ® (MS-ISACĀ®), the trusted resource for cyberthreat prevention, protection, response, and recovery. This following guide gives the correlation between 49 of the NIST CSF subcategories and applicable policy and standard templates.