What does the ISNetworld information security policy RAVS include?

It is a pre-written information security policy written as an ISNetworld RAVS answer. It covers the commitment statement, roles and responsibilities, acceptable use of systems and data, protection of confidential information, incident handling, and policy communication.

Is this a safety document?

No. Information security is a governance policy, not an occupational health and safety document. Hiring clients increasingly include it in ISNetworld pre-qualification because contractors with access to client data and systems are part of the operator's risk picture.

Why does ISNetworld ask for an information security policy?

Operators want to confirm that the contractors they hire protect the data, systems, and confidential information they touch. A written policy shows the contractor takes that responsibility seriously.

How long does it take to complete and upload?

Most companies finish in 15 to 30 minutes. You add your company name, confirm a few company-specific details, then copy the content into your ISNetworld RAVS questionnaire.

ISNet RAVS Documents

Information Security Policy - Alberta RAVS

$24.00$39.99Instant download

An Information Security Policy RAVS is the written answer document that satisfies the information security element of the ISNetworld RAVS questionnaire. It is a governance policy, not an OHS document - hiring clients increasingly require it to confirm a contractor protects the data and systems it touches. You add your company name, confirm the company-specific details, and upload it to your ISNetworld account.

Pre-written answer aligned with Canadian regulatory references
Upload to ISNetworld, Avetta, or ComplyWorks
Word format — add your company name and customise in minutes
Written by Canadian safety professionals
Instant download after purchase

Browse ISNet RAVS Documents

Need a different RAVS element?

Browse the Alberta RAVS library, all RAVS documents, or request a custom RAVS for an element not in the catalogue.

Overview

What this RAVS document does

Large operators increasingly hold their contractors to information security standards alongside safety ones, because a contractor with access to client data, networks, or sites is part of the operator's risk picture. The information security element confirms a contractor has a real policy.

This document states your company's information security policy in the structure an ISNetworld reviewer expects: the commitment to protecting information, the duties of management and workers, acceptable use of systems and data, incident handling, and how the policy is communicated. The file arrives in editable Word format - add your company name, confirm the company-specific details, and upload.

What the reviewer verifies

What ISNetworld checks

ISNetworld does not just check that an information security policy exists. A reviewer verifies the document addresses each requirement the hiring client has configured. For this element, that typically means confirming the document covers:

A written information security policy with a clear statement of commitment
The duties of management and workers for protecting information
Acceptable use of company and client systems and data
Protection of confidential and personal information
How an information security incident is reported and handled
How the policy is communicated and reviewed

What is inside

The document sections

Purpose and policy statement
Roles and responsibilities
Acceptable use of systems and data
Protection of confidential and personal information
Information security incident handling
Communication and review of the policy

Regulatory references this RAVS is written to

Provincial legislation: Personal Information Protection Act (Alberta)
Requirement type: Hiring client governance and pre-qualification requirement

Who it is for

Who needs this RAVS

This RAVS is for contractors whose hiring clients require the information security element in ISNetworld, Avetta, or ComplyWorks. It applies to any contractor that handles client data, connects to client systems, or holds confidential and personal information. If a hiring client's pre-qualification configuration flags information security, this is the document the reviewer is waiting on.

Practical guidance

How to pass the information security review the first time

Sign and date the policy. A reviewer expects a policy endorsed by senior management and kept current.
Make it real. The policy should reflect how your company actually handles data and systems - a generic statement that does not match practice reads as weak.
Cover incident handling. A reviewer wants a clear path for reporting and responding to an information security incident, not only prevention.

The full library

Browse every Alberta RAVS document in one place

One catalogue, filterable and searchable, for the whole province.

Open the Alberta RAVS library

Common questions

Questions about this RAVS

What does the ISNetworld information security policy RAVS include?: It is a pre-written information security policy written as an ISNetworld RAVS answer. It covers the commitment statement, roles and responsibilities, acceptable use of systems and data, protection of confidential information, incident handling, and policy communication.
Is this a safety document?: No. Information security is a governance policy, not an occupational health and safety document. Hiring clients increasingly include it in ISNetworld pre-qualification because contractors with access to client data and systems are part of the operator's risk picture.
Why does ISNetworld ask for an information security policy?: Operators want to confirm that the contractors they hire protect the data, systems, and confidential information they touch. A written policy shows the contractor takes that responsibility seriously.
How long does it take to complete and upload?: Most companies finish in 15 to 30 minutes. You add your company name, confirm a few company-specific details, then copy the content into your ISNetworld RAVS questionnaire.

Your cart