Policy Generator | InfoSec Policies | Encryption and Key Management Policy
Encryption and Key Management Policy
All your company policies and legal agreements in one platform
What is an Encryption and Key Management Policy?
The Encryption and Key Management Policy aims to ensure cryptography is used effectively to protect the confidentiality, authenticity and/or integrity of information.
When storing or transmitting confidential data, it is considered good practice to encrypt the data.
Why is an Encryption and Key Management Policy important?
Many data protection regulations, including EU & UK GDPR, require you to implement appropriate technical and organisational measures to ensure you process personal data securely. They often reference encryption as an example of an appropriate technical measure.
Encryption is a widely-available measure with relatively low costs of implementation. There is a large variety of solutions available, it is important that the encryption solutions you utilise meet current standards.
The UK’s ICO (Information Commissioner’s Office) recommends that an encryption policy be implemented to govern how and when you implement encryption, and you should also train your staff in the use and importance of encryption.
ISO 27001 Encryption and Key Management Policy
InfoSec policies are part of the requirements of the ISO 27001 Certification standard. The Encryption and Key Management policy is one of those ISO 27001 policies required, you can take a look at the full list here.
Encryption and Key Management Policy Sections
The use of encryption
Encryption and data storage
Data At-Rest encryption
In-Transit encryption
Encryption key management
Policy governance
Encryption and Key Management Policy Related
Also known as: Encryption Policy, Data Encryption Policy, Key Management Policy, Cryptography Policy, Cryptographic controls policy, ISO 27001 Key Management, Cryptography Policy ISO 27001
Related terms: Cryptographic controls, Keys, Encryption, Decryption, AES, TLS, SSL, HTTPS
Framework references: ISO 27001
Create your Encryption and Key Management Policy now
Simply register for free and create your custom policy within minutes.
The Encryption and Key Management Policy is part of the BUILD plan
How does it work?
Select a policy from our library of over 70 policies
Answer simple questions
Our platform generates your bespoke policy
Sign-off and share in seconds
Always aligned with the latest legislation ISO and GDPR Compliance
Some of the companies trusting Adoptech