About EZ Security Policy
Trusted IT security policy documents since 1995.
EZSecurityPolicy.com helps small and mid-sized organizations build a complete, audit-ready security policy program without hiring a six-figure consulting firm. Our Bronze, Silver, and Gold packages are written by information security professionals with more than 30 years of experience serving businesses from five employees to tens of thousands.
We have delivered policies to organizations in all 50 U.S. states and more than 55 countries. Customers include city and state governments, defense contractors, healthcare providers, payment processors, and fast-growing SaaS companies that need documented security controls for auditors, partners, and regulators.
Why customers choose us
- Instant delivery — download your policy pack immediately after purchase
- Editable documents — customize in Microsoft Word for your company
- 30-day money-back guarantee — if you are not satisfied, we refund your purchase
- BBB Accredited Business — veteran-owned, U.S.-based support
- Phone support — call (917) 765-0342 with questions
Our packages
Bronze ($149) includes four foundational policies. Silver ($349) adds remote access, VPN, wireless, and incident response. Gold ($599) is the full suite with 47 policies and 9 standard compliance forms — the choice for HIPAA, PCI, ISO, and SOC 2 readiness.
Defense contractors pursuing CMMC Level 2 can purchase our Complete CMMC Pro Policy Package ($799) — 41 editable documents including SSP and POA&M templates.
Questions? Contact us or email info@ezsecuritypolicy.com.
What is in the Gold package?
47 policies and 9 standard forms — 56 editable Word documents delivered instantly after purchase.
Show all 47 policies and 9 forms
Policies
- Acceptable Use Encryption Policy
- Acceptable Use Policy
- Accountability for Assets Policy
- AI Security Policy
- Application Access Control Policy
- Backup Policy
- Confidential Data Policy
- Cloud Computing Policy
- Cloud Security Policy
- Data Classification Policy
- Data Protection Policy
- Data Retention Policy
- Data Security Policy
- Email Policy
- Encryption Policy
- Equipment Security Policy
- Exception to Policy
- External Communications Policy
- External Party Information Disclosure Policy
- Firewall Policy
- Guest Access Policy
- Incident Response Policy
- Information Ownership Policy
- Information Security Infrastructure Policy
- Information Security Policy
- Mobile Device Policy
- Monitoring System Access and Use Policy
- Network Access Policy
- Network Security Policy
- Notifying Employees of Change Policy
- Operating System Access Control Policy
- Organizational Security Policy
- Outsourcing Policy
- Password Policy
- Personal Computer Policy
- Physical Security Policy
- Ransomware Policy
- Remote Access Policy
- Retention Policy
- Secure Areas Security Policy
- Telecommuting and Mobile Computer Security Policy
- Third Party Connection Policy
- User Training Policy
- VPN Policy
- Wireless Access Policy
- Wireless Security Policy
- Network Access & Authentication