This study developed an Information Systems Security Policy Framework relevant in governing Information and Communication  Technologies (ICT) in public institutions of Tanzania. It used higher learning institutions as the case for study, The framework is to guide  professionals on how to secure ICT environment. Operationally, this study used a qualitative approach. It began with a review of the  literature, followed by a focus group discussion to formulate new themes for the proposed Information System Security policy  framework. The output of the study suggests a policy framework with the following themes: Data and information handling, Internet and  network Services Governance, the use of company-owned devices, physical security, guidelines on how to acquire new hardware and  software, incident handling and reporting, monitoring and compliance, and policy administration. This study recommends the use of a  new comprehensive and harmonised Information Systems Security policy framework for all public higher education institutions, for a  more secure environment. In addition, the study recommends additional studies including other types of organisations for comparison.