~2-page information security policy template on outsider threats.
 
Information risks arising from people outside the organization, and other external threat sources (such as storms and pandemics), must be identified, evaluated and treated in the same manner as those arising from insider threats.
 
Naturally complements the policy on insider threats.
 
Supplied as an MS Word document, readily customised for your organisation's specific situation.