2 templates mapped to NIST CSF 2.0 (PR.AC, PR.DS).
Comprehensive policy for secure management of secrets including API keys, passwords, certificates, cryptographic keys, and credentials. Covers secret types, vault requirements, rotation policies, access controls, audit logging, emergency access, prohibited practices (hardcoding), and scanning for exposed secrets.
Comprehensive policy establishing requirements for securing physical and digital workspaces to protect sensitive information from unauthorized viewing or access in traditional, remote, and hybrid work environments.