Security Audit Program

DRP BCP Audit

DRP Security

Disaster Business Continuity

Security Policies Procedures

Job Descriptions

ITSM SOA

IT Infrastructure, Strategy, & Charter Template

IT Salary Survey

 

Security Policies and Procedures

Data Protection Priorities

ISO 27000 Compliant


Sarbanes Oxley Compliant - HIPAA Complaint
Version 6.3

 Includes HIPAA Audit Program Guide &
ISO 27000 Security Checklist
OrderVersion HistoryTable of Contents

 

Data protection priorities are impacted by various factors. Janco has identified seven of the ones that drive security policies and procedures.

 

Data Protection Priorities

 

OrderVersion HistoryTable of Contents

The Security Manual for the Internet and Information Technology is over 215  pages in length. All versions of the Security Manual template include both the Business & IT Impact Questionnaire and the Threat & Vulnerability Assessment Tool (both were redesigned to address Sarbanes Oxley compliance).   In addition, the Security Manual Template PREMIUM Edition  contains 16 detail job descriptions that apply specifically to security and Sarbanes Oxley. The job descriptions are:

  • Chief Compliance Officer (CCO)
  • Chief Security Officer (CSO)
  • VP Strategy and Architecture
  • Director e-Commerce
  • Database Administrator
  • Data Security Administrator
  • Manager Data Security
  • Manager Facilities & Equipment
  • Manager Network & Computing Services
  • Manager Network Services
  • Manager Training and Documentation
  • Manager Voice and Data Communication
  • Manager Wireless Systems
  • Network Security Analyst
  • System Administrator - Unix
  • System Administrator - Windows

Clients can also subscribe to Janco's Security Manual update service and receive all updates to the Security Manual Template for 12 months* from the date of purchase. 

The template includes everything needed to customize the Internet and Information Technology Security Manual to fit your specific requirement.  The electronic document includes proven written text and examples for the following major sections for your security plan:  

  • Security Manual Introduction - scope, objectives, general policy, and responsibilities
  • Risk Analysis - objectives, roles, responsibilities, program requirements, and practices program elements
  • Staff Member Roles - policies, responsibilities and practices
  • Physical Security  - area classifications, access controls, and access authority
  • Facility Design, Construction and Operational Considerations - requirements for both central and remote access points
  • Sensitive Information Policy
  • Media and Documentation - requirements and responsibilities
  • Data and Software Security - definitions, classification, rights, access control, INTERNET, INTRANET, logging, audit trails, compliance, and violation reporting and follow-up
  • Network Security - vulnerabilities, exploitation techniques, resource protection, responsibilities, encryption, and contingency planning
  • Internet and Information Technology contingency Planning - responsibilities and documentation requirements
  • Travel and Off & Site Meetings - specifics of what to do and not do to maximize security
  • Insurance - objectives, responsibilities and requirements
  • Outsourced Services - responsibilities for both the enterprise and the service providers
  • Waiver Procedures - process to waive security guidelines and policies,
  • Incident Reporting Procedures - process to follow when security violations occur
  • Access Control Guidelines - responsibilities and how to issue and manage badges / passwords
  • Sample Forms and Checklists
    • Business and IT Impact Questionnaire
    • Threat & Vulnerability Assessment Tool
    • Security Violation Reporting form
    • Security Audit form
    • Inspection Check List
    • New Employee Security form
    • Security Access Application form
    • Sensitive Information
    • Employee Termination Checklist
    • Supervisor's Employee Termination Checklist
    • Sensitive Information Policy Compliance Agreement
    • HIPAA Audit Program Guide
    • ISO 27000 Security Checklist
OrderVersion HistoryTable of Contents

 

 

 

 

 

 

 

 

Security Data Protection Priorities News



IT security - Often a Myth

IT Security polices for notebooks and desktops are typically managed by restricting the choices that users have by reducing the number options that are supported. This standards-based process ensures control by reducing flexibility. But try maintaining that system when users can buy a relatively cheap smartphone with as much power as a desktop had in the early 1990s.

Furthermore, attempts by IT organizations to prevent the use of handheld devices has largely failed because of the number of tools available to work around IT policies. For example, users who are restricted from using wireless e-mail often find ways to redirect e-mail to outside ISP services, where they synchronize e-mail to their personally owned devices. This raises the security threat for enterprises because it means that control of e-mail routing has been losts.

- more info


Microsoft gives Google Chrome an edge in the EU

Microsoft's new browser ballot screen, which is supposed to randomly scramble the positions of the top five browsers, instead gives Google's Chrome the best chance of landing in the preferred first spot, an IBM software architect said today.

"This was a rookie mistake," said a professor, who works for IBM and has a degree in astrophysics from Harvard University. "I was definitely surprised to see an error of this type in the ballot."

- more info


Windows 7 Crushes Vista In terms of adoption

Microsoft has already said that Windows 7 is the fastest selling operating system in history, but, judging by the adoption rate, the platform is simply leaving Vista in the dust. Janco found that Windows 7’s market share had skyrocketed to no less than 12.5% since the OS was released. In this regard, the market share of Windows 7 is dwarfing that of Vista, comparing the first seven months after release. - more info


IE Loses 6.21% Market Share in 12 Months

Janco has just released its Browser and Operating System Market Share White Paper. The major findings are that in the last 12 months Microsoft’s browser market share has continued to erode – Microsoft lost over 6% in the last 12 months; Firefox’s market share is unchanged for the last 12 months; Google Desktop and Chrome now have just under 6%; and Netscape is no more. On the operating systems side, Windows 7 is being accepted at a pace is parallel to the way Window XP was in the 90’s. The CEO of Janco Associates, Victor Janulaitis said, "The last six months have been a mixed bag for Microsoft. Their browser market share has fallen to level that they back in 1998 with no end in sight. At the same time Windows 7 now has 12% of the OS market in less than 7 months since its release."

The top five browser market share rankings are: 1 - Microsoft’s IE – 64.78%; 2 - Firefox – 17.38%; 3 – Google (Desktop & Chrome) – 5.78%; 4 – Mozilla – 1.73%; 5 – Safari– 1.39%. The CEO of Janco Associates, Inc and the ITPC, M. Victor Janulaitis said: "The positive glow on Google’s Chrome was dulled in with the identification of some defects in the way it handles XML pages. But the real story is the continued erosion of Microsoft’s" market.

 - more info


IT service management issues that CIOs face

The key service management business questions facing CIOs and senior IT managers today are:

  • What are the service management impacts with the ever-increasing technical complexity on margins and customer satisfaction?
  • Where are the areas where margin-improvement opportunities exist?
  • How can IT minimize the maintenance-contract price pressure to drive new service-revenue opportunities to the bottom line?
  • How does improved service management translate into a competitive advantage?
    What is the future as the IT function moves from fixing problems to driving product value?
  • What are the challenges of off shoring support and how should the enterprise address them?
- more info