This sample policy documents security requirements surrounding network access between a company’s computer network and untrusted computer networks.

Sample procedures include ensuring that technical and procedural controls are in place prior to activating network connections; verifying management approval; advising management on technical risk factors to support the approval decision; configuring network-security-specific devices; presenting requests for new connections or changes to existing connections to management for approval; and gathering technical requirements necessary for secure configuration, including endpoint IP addresses and port numbers.