With this information with dealing with an issp can help answer some the questions. An example for each or what to put will be great!

The ISSP should address the fair and responsible use of company computers & networks, including Internet access from the office. Policy should include a prohibition on connecting non-organizational equipment (phones, tablets, laptops, USB drives, etc.) to company computers & networks

Recently (in 2015) both Mr. Billingsley, Senior and Mr. Boscovitch retired from the business leaving William Billingsley II (a.k.a. Junior) in charge of the business. Junior has an MBA and a BSBA in Entrepreneurship, with a minor in IT from the Atlantis University of Technology. Juniors first order of business was to update the almost obsolete IT infrastructure and telephony systems in all stores and the corporate headquarters. His next task is to improve the information security of the corporate headquarters. Executive Staff The current CEO, William Billingsley, Jr. oversees all operations at corporate headquarters and all 5 regional stores. The managers of the regional stores actually report to the COO, who reports to the CEO. The current CFO, James McNathy, oversees all financial operations at corporate headquarters and all 5 regional stores. The Senior Accountant reports directly to the CFO. The Current COO, Grace Williams, oversees all corporate and branch operations, including sales, procurements and distribution. The managers of all 5 stores report to the COO, as does the Managers of Purchasing, Sales, Distribution, HR and IT.

3. PROHIBITED USES

While the previous section specifies what the issue or technology can be used for, this section outlines what it cannot be used for. Unless a particular use is clearly prohibited, the organization cannot penalize employees for it. In some organizations, that which is not permitted is prohibited; in others, that which is not prohibited is permitted. In either case, be sure to state clearly the assumptions and then spell out the exceptions.

a. Disruptive Use or Misuse

b. Criminal Use

c. Offensive or Harassing Materials

d. Copyrighted, Licensed, or Other Intellectual Property

e. Other Restrictions

4. SYSTEMS MANAGEMENT

This section focuses on the users responsibilities with regard systems and data management. A company may want to issue specific rules regarding the use of e-mail and electronic documents, and storage of those documents, as well as guidelines about authorized employer monitoring and the physical and electronic security of e-mail and other electronic documents. This should also address retention policies, and the minimum and maximum times certain files may be retained and how, in accordance with relevant laws, regulations and guidelines. The Systems Management section should specify users and systems administrators responsibilities, so that all parties know what they are accountable for.

a. Management of Stored Materials

b. Employer Monitoring

c. Virus Protection

d. Physical Security

e. Encryption