Guide to Developing Cybersecurity Programs

for NSF Science and Engineering Projects

Read the Guide:

Click here to view the Guide, v1

Use templates to create or improve policies:

These templates are available via Google.  To access, click the title.  To retrieve an editable version of a template to utilize for your project, go to File > Make a copy..., and save your own.

Acceptable Use Policy Template

Access Control Policy Template

Asset Management Policy Template

Asset-Specific Access and Privilege Specification Template

Disaster Recovery Policy Template

Incident Response Policy and Procedures Template

Information Asset Inventory Template

Information Classification Policy Template

Information Security Training and Awareness Policy Template

Master Information Security Policy & Procedures Template

Password Policy Template

Physical Security Policy Template

Try these forms, tables, and tools:

These tools are available via Google.  To access, click the title.  To retrieve an editable version of a template to utilize for your project, go to File > Make a copy..., and save your own.

Personnel Exit Checklist

Risk Assessment Table

Learn more from these resources:

Security Commodity IT in Scientific CI Projects: Baseline Controls and Best Practices

CTSC "Cyber Hygiene" Information Security Training Slide Deck

Developing Cybersecurity Programs For NSF Projects Slide Deck (NSF Security Summit 2014)