Quality Assurance and Control Bundle
Defining quality means developing expectations or standards of quality. Standards can be developed for inputs, processes, or outcomes; they can be clinical or administrative. Standards can be applied at the level of an individual, facility, or an enterprise. A good standard is explicit, reliable, realistic, valid, and clear. Standards of quality can be developed according to the Dimensions of Quality and should be based on the best scientific evidence available. Stakeholder (including client and community) expectations of quality should also be incorporated in the definition of quality standards. Defined standards or definitions of quality are prerequisites for measuring quality. If standards don’t exist, they must be designed. Although standards are context-specific, universally accepted standards are often a good starting point for developing local standards.
To achieve these goals for Information Technology Janco has combined some of its most popular products to help CIO and IT organizations to meet the most stringent Quality Assurance and Control Standards.
The Quality Assurance and Quality Control Bundle includes:
- IT Infrastructure Template - Included with the template are a HIPAA Audit Program Guide and an ISO 27001 and ISO 27002 Security Process Audit Checklist. The Template is over 125 pages in length (the full table of contents can be downloaded by clicking on the link above) and the topics covered include:
- IT Infrastructure, Strategy, and Charter Summary
- Strategy and Charter Statement of Authority
- IT Management Structure
- Compliance
- Personnel Practices
- Controls
- Application Development Standards
- Service Requests
- Local Area Network
- Back-up and Recovery
- Disaster Recovery Plan
- Security
- Access Control - Physical Site
- Access Control - Software and Data
- Facility Requirements
- ISO 27001 & ISO 27002 Audit Checklist
- HIPAA Audit Program
- Full Job Description for CIO large enterprise
- Full Job Description for CIO small enterprise
- IT Service Management Template -The IT Service Management Policy Template is a 130 page document that contains policies, standards, procedures and metrics that comply with version 2 and 3 of the ITIL Standard. Chapters of the template include:
- Service Requests Policy
- Service Request Standard
- Help Desk Policy
- Help Desk Standards
- Help Desk Procedures
- Help Desk Service Level Agreement
- Change Control Standard
- Change Control Quality Assurance Standard
- Change Control Management Workbook
- Documentation Standard
- Application Version Control Standard
- Version Control Standard
- Internet Policy
- e-Mail Policy
- Electronic Communication Policy
- Blog & Personal Web Site Policy
- Travel and Off-Site Meeting
- Sensitive Information Policy
- Security Policy Template - Security Manual for the Internet and Information Technology is over 220 pages in length. The Security Manual template includes both the Business & IT Impact Questionnaire and the Threat & Vulnerability Assessment Tool (both were redesigned to address Sarbanes Oxley compliance).
- Disaster Recovery Template - The DRP template is over 200 pages and includes everything needed to customize the Disaster Recovery Plan to fit your specific requirement. The electronic document includes proven written text and examples.
- Record Management, Retention, and Destruction Policy - The Record Management, Retention, and Destruction policy is a detail template which can be utilized on day one to create a records management process. Included with the policy are forms for establishing the record management retention and destruction schedule and a full job description with responsibilities for the Manager Records Administration.
Quality Assurance and Control News
Disaster Recovery Business Continuity Articles
Disaster Plans need to be updated
Disaster Plans need to be update for as Windows XP is reaching
the ending of life - it will no longer be supported.
Recently Microsoft made the unsurprising announcement that as of 8th April 2014 they will no longer provide updates or security patches for Windows XP.
Organisations still using the 12 year old technology will be required to replace XP with a new operating system, most likely Windows 7. This change could come at considerably effort and cost and if not appropriately managed and co-ordinated could cause significant impact to the business. For example;
- Windows 7 Software licences will need to be purchased and installed
- Existing PCs, laptop and servers may not be Windows XP compatible and will require upgrade or replacement
- Legacy applications that are no longer supported may not continue to operate in a Windows 7 environment and would require development changes or in extreme cases complete replacement
- Existing data may need to be converted to alternative formats to ensure it can still be safely backed up, verified and restored in the event of a business continuity or disaster recovery event.
Data Backbone of Disaster Recovery
Data is the backbone of every
organization. No matter the business, industry, or size, reliable data access is
essential to operations. As that data continues to grow exponentially, it is
important to have a backup and recovery strategy that meets current business
needs and has the flexibility to grow and change.
Follow us at https://twitter.com/@itmanagercio
Protecting your data is vital to the survival and growth of your business. You must keep your systems and employees up and running - and productive - even as fast backup and restore processes are being completed. And, should a "worst-case scenario" occur, being prepared with an appropriate disaster recovery plan is essential.
The Disaster Recovery Plan (DRP) can be used as a Disaster Planning template for any size of
enterprise. The Disaster Recovery template and supporting material have
been updated to be Sarbanes-Oxley and HIPAA
compliant.
Will your disaster recovery provider be in business when you need them?
What if your were in Florida and the Hurricane season was in full swing and your provider went out of business. Would you have the time to move to a new provider and test your solution before you need to execute your plan?
For example, earlier this year Google decided to close its Message Continuity service. Google gave most clients a reasonable timescale to find an alternative supplier, allowing existing Message Continuity contracts to run until their contacts expired. What if that was the communication solution you had selected for communicating with your staff? Would you be able to implement, test, and communicate a new one on time.
Another example was the news that Doyenz, the US-based supplier of rCloud, a service which offers disaster recovery for physical and virtual servers, had decided to pull the plug on its UK operations. Clients were given not weeks or months but days to respond and to find a new supplier.
CIOs and IT managers all need to consider all of the possibilities when developing and testing their disaster recovery plans.
- more info
Disaster Recovery Misconceptions
Disaster Recovery - What are the major misconceptions when a disaster occurs with IT systems? Can your systems can not support your companys day-to-day operations?
The major misconception is that a backup recovery plan is all that you need. At Janco Associates that is not enough. We have found that most companies are really not prepared. Files can be restored but it does no good if they do have facilities for their staffs.
- Disaster Recovery and Business Continuity Top 10 Disaster Recovery and business continuity are all about being ready for everything. The question that every IT manager and CIO has to answer every day...
- Google data center security & disaster recovery This is a great video on physical security as well as the the software security. This is a great primer which all CIOs and Data...
- Meeting ISO 27031 Requirements Meeting ISO 27031 Requirements ISO 27031 The ISO Standard defines the Information and Communication Technology (ITC) Requirements for Business Continuity (IRBC) program that supports the...
- Will your disaster recovery provider be in business when you need them? Disaster Recovery plans that depend on outsourcers face significant additional risk What if your were in Florida and the Hurricane season was in full swing...
- IBM Business Continuity Plan Services Business Continuity Services Video Business continuity video is good overview of what IBM thinks about this...
Weather Issues Impact Business Continuity Plans
Weather needs to be considered when business continuity plans are developed.
- Disasters Caused by Weather Affect South the Most Disasters as Hurricane Sandy showed, weather can have extensive and long lasting affects. Sandy now has entered the North East in the Billion Dollar Weather...
- Blizzard 2013 Blizzard 2013 to test many business continuity plans In the aftermath of the Blizzard 2013, which disrupted transportation, power, internet, phone and numerous other technical...
- Disaster Planning for Weather Related Events Disaster Planning steps to follow for weather related events Disaster Planning is a must given the changing weather and climate. As it has been recently...
- Disaster Recovery and Business Continuity Top 10 Disaster Recovery and business continuity are all about being ready for everything. The question that every IT manager and CIO has to answer every day...
- Business Continuity Plan Has to be in Place Now Business continuity plan is something that every organization needs to have in place before a disaster happens. Every day somewhere in the world disasters are...
Requirements of a basic disaster recovery plan
Effective operations management requires clear, concise recovery
execution or automation, enabling staff members to execute the same tasks and
achieve similar results. In particular, an effective disaster recovery plan must
address three key goals:
- Minimize downtime: The consequences of extended downtime can be severe, not only in terms of lost business and lost productivity, but even in terms of survival for small organizations.
- Minimize risk: Not having a disaster recovery plan often constitutes an unacceptable level of risk - but simply having a disaster recovery plan in place does not eliminate risk if its reliability is uncertain.
- Control costs: Traditional disaster recovery plans are often limited in scope because of the costs associated with building and maintaining a recovery site, training staff members in disaster recovery processes, testing those processes, and so on.
ISO22301:2012 - Standards definition
ISO22301:2012 (Societal Security - Business Continuity Management System - Requirements) is the international standard for business continuity within organisations and defines the specification and best practice for implementing a robust business continuity management system. Published in May 2012, ISO22301 replaces the BS25999 standard which will be withdrawn in 2013.
Is this years flu the start of a pandemic
In disaster planning when a pandemic occurs the data center exists but people often are in separate locations. The Disaster Planning and Business Continuity Planning processes need to make the user and business operating experience is as similar as possible so that the work environment is the same in the remote site (often home) as in the office.
How Sandy and Katrina have impacted DR Planning
Business continuity planning can help your organization thrive again, quickly, after a major catastrophe. After watching so many enterprises struggle after the wake of Hurricanes Sandy and Katrina, its important that you take a proactive approach to business continuity. Once the tragedy occurs, it may be too late to restore systems and access backup information properly. Here are some of the benefits of having a proactive recovery and continuity plan in the case of a major outage:
- Workforce Retention
- Employee Communication
- Customer Communication
- Supplier/Vendor Communication
- Quick Emergency Data Recovery
- Long-Term Data Recovery
