Australia + New Zealand · ISO 27001 · Essential Eight
The security policies your business is supposed to have, written for your country.
Editable templates for the whole information security stack, plain enough for a GM to sign and specific enough for an auditor. Two libraries, one for Australian law and one for New Zealand.
Pick your path
Two countries, two rulebooks.
The controls rhyme, but the law and the guidance do not. Start on the library that matches where your business is registered. Each holds 22 guides across five domains.
Aligned to ISO 27001 Annex A and the ACSC Essential Eight, with privacy templates built on the Australian Privacy Principles and the Notifiable Data Breaches scheme.
Aligned to the NZISM and the CERT NZ Critical Controls, with privacy templates built on the Privacy Act 2020 and the Office of the Privacy Commissioner notification rules.
The map
See both libraries before you download a thing.
Switch countries and the whole map re-colours. Same five domains on each side, different guides underneath, because the obligations underneath are different.
How the library works
From blank page to signed policy in an afternoon.
Pick the guides you need
Start with the five that most audits ask for first, or take the full set. Every guide names the framework clause it satisfies.
Fill the yellow fields
Company name, roles, review dates. The wording is drafted, the decisions are marked, so you are editing, not writing from scratch.
Approve, publish, review
Each template carries an approval block and a review cycle, so the policy stays current instead of ageing in a shared drive.
Start with the five policies every auditor asks for.
A free starter pack of the five most requested templates, in your country's wording. No account needed to preview.