Sample IT Documents

The NOREX Resource Library is a trusted source that features 2000+ documents that include working templates contributed by NOREX Members, IT event transcripts, Member polls, and IT Toolkits (collections of Member-contributed documents, transcripts, and polls on a specific topic). 

Non-Members are welcome to request documents from the NOREX Resource Library. View descriptions of the sample documents below. Then click the orange button to complete a short form to request specific documents. If you would like to request documents other than those listed below, please contact [email protected]

NOREX Members: Click the GREEN button to proceed to the Member Hub where unlimited documents may be downloaded. If you need help with login credentials, contact [email protected]

Non-Members: Request documents Here
Members: Download documents Here

AI GOVERNANCE POLICY (20-1446)
This policy establishes formal standards governing the acquisition, approval, and use of Artificial Intelligence tools and solutions. 4 Pages

AI USE POLICY (20-1445)
The following framework guides associates on acceptable and unacceptable usage of AI. 2 Pages

BUSINESS IMPACT ANALYSIS TEMPLATE (20-1441)
This template is used for analysis of product, service, supplier, applications, and resource impacts. 8 Pages

DISASTER RECOVERY PLAN (50-462)
The following are policies and procedures for technology disaster recovery, as well as process-level plans for recovering critical technology platforms and the telecommunications infrastructure. 23 Pages

ELECTRONIC COMMUNICATION POLICY (20-1447)
This policy defines electronic and digital communication, computing, and data storage systems and services. 8 Pages

INFORMATION SECURITY POLICY (20-1407)
An IS policy helps users comply with legal and contractual requirements to protect information, safeguard resources from damage, alteration, or theft, and designate appropriate security requirements for securing data and IT resources. 4 Pages

ITAM POLICY (20-1417)
The following policies will regulate and standardize responsibilities, accountabilities, and governance of the associated tangible and intangible assets to maximize efficiency and minimize risk. 6 Pages

MOBILE DEVICE ACCEPTABLE USE POLICY (20-1449)
This policy provides guidance to the acceptable use for cell phones, smart phones, tablets, and other handheld devices. 5 Pages

NEW COMPANY PROJECT PLAN (50-474)
A comprehensive list of action items to take on during a merger or acquisition. 9 Pages

NEW LOCATION ASSESSMENT CHECKLIST (50-481)
This document represents a comprehensive list of items to assess at a new location or acquisition. 5 Pages

ONBOARDING QUESTIONNAIRE (20-1411)
This template is for an email sent to newly-hired employees, which  would include a link to an online questionnaire to gather information about shipping address, requested hardware, and account details. 7 Pages

RANSOMWARE INCIDENT RESPONSE PLAN (20-1439)
This incident management plan includes initial actions and procedures to respond to events that could impact critical business activities. It is designed to minimize the operational and financial impacts of disasters. 15 Pages

REMOTE ACCESS POLICY (20-1448)
This policy defines standards and restrictions for connecting to internal network(s) from external hosts via remote access technology and third-party wireless internet services. 3 Pages

UNDERSTANDING DATA GOVERNANCE (20-1416)
This presentation explores the key principles and importance of data governance within an organization. 36 Pages

VENDOR PRIVACY & SECURITY (50-469)
The following contract example outlines the components of vendor privacy and security requirements with an organization. 11 Pages