Skip to content

IT / ITSEC Policy Index

This index lists the Cloudnaut IT and information security policy library by control area. Each entry points to the governing document.

Document control

Role Name
Prepared by Management / Security Owner (Cloudnaut)
Reviewed by Nidhi Jain (third-party reviewer)
Approved by Sandeep AC

Revision history (index)

Date Summary Reviewed by Approved by
2021-06-18 Initial control-area index. Nidhi Jain (third party) Sandeep AC
2024-03-11 Annual review; link hygiene. Nidhi Jain (third party) Sandeep AC
2026-05-14 SDLC index label clarified (Agile, risk-tiered). Nidhi Jain (third party) Sandeep AC
2026-05-19 SDLC index: five-pillar SSDLC, CI/CD integration. Nidhi Jain (third party) Sandeep AC
Control area Policy document
Brand, logo, and design language Brand and design language
Certifications and attestations Security Certifications and Attestations
Security awareness and training Information Security Training Policy
Security awareness training (deliverable / PDF source) Information security awareness training
Personnel screening Background Verification Policy
Secure development and delivery (five-pillar SSDLC, CI/CD, risk-tiered) Secure Software Development Lifecycle Policy
Data classification and handling Data Handling Policy
Endpoint hardening, encryption, anti-malware, host firewall Endpoint Security Policy
Operating system patching Patch Management Policy
Development tools, IDEs, plugins, repository isolation Approved Development Tools and Plugin Policy
Customer code and infrastructure-as-code deliverables Customer Deliverable Development and Review Policy
Code and dependency security scanning Code Security Scanning Policy
Engagement and customer access separation Engagement Access Isolation Policy
Security-related services and governance role boundaries Engagement Role Boundaries and Security Governance Policy