IT / ITSEC Policy Index
This index lists the Cloudnaut IT and information security policy library by control area. Each entry points to the governing document.
Document control
| Role |
Name |
| Prepared by |
Management / Security Owner (Cloudnaut) |
| Reviewed by |
Nidhi Jain (third-party reviewer) |
| Approved by |
Sandeep AC |
Revision history (index)
| Date |
Summary |
Reviewed by |
Approved by |
| 2021-06-18 |
Initial control-area index. |
Nidhi Jain (third party) |
Sandeep AC |
| 2024-03-11 |
Annual review; link hygiene. |
Nidhi Jain (third party) |
Sandeep AC |
| 2026-05-14 |
SDLC index label clarified (Agile, risk-tiered). |
Nidhi Jain (third party) |
Sandeep AC |
| 2026-05-19 |
SDLC index: five-pillar SSDLC, CI/CD integration. |
Nidhi Jain (third party) |
Sandeep AC |
| Control area |
Policy document |
| Brand, logo, and design language |
Brand and design language |
| Certifications and attestations |
Security Certifications and Attestations |
| Security awareness and training |
Information Security Training Policy |
| Security awareness training (deliverable / PDF source) |
Information security awareness training |
| Personnel screening |
Background Verification Policy |
| Secure development and delivery (five-pillar SSDLC, CI/CD, risk-tiered) |
Secure Software Development Lifecycle Policy |
| Data classification and handling |
Data Handling Policy |
| Endpoint hardening, encryption, anti-malware, host firewall |
Endpoint Security Policy |
| Operating system patching |
Patch Management Policy |
| Development tools, IDEs, plugins, repository isolation |
Approved Development Tools and Plugin Policy |
| Customer code and infrastructure-as-code deliverables |
Customer Deliverable Development and Review Policy |
| Code and dependency security scanning |
Code Security Scanning Policy |
| Engagement and customer access separation |
Engagement Access Isolation Policy |
| Security-related services and governance role boundaries |
Engagement Role Boundaries and Security Governance Policy |