Janco

HomeSearchTemplatesCIO Productivity KitCIO Network SoftwareCost Control and MetricsBusiness IT Impact QuestionnaireDisaster Recovery / Business Continuity TemplateDisaster Recovery Security Bundle TemplatesFunctional Specification TemplateIT Hiring KitIT Infrastructure, Strategy & Charter TemplateIT Service Management TemplateITIL - TemplateOutsourcing Template with ContractSafety Program TemplateSarbarnes-Oxley Compliance KitSecurity Manual TemplateSLA Policy Template with MetricsThreat & Vulnerability Assessement Tool2008 - IT Salary SurveyHistorical 1996 - 2008Free CopyParticipateIT Hiring KitClient Server ManagementInternet & IT Position DescriptionsInternet & PC Workstation PoliciesMetrics for the Internet, IT, & Service ManagementOutsourcingFull SetBundlesGovernmentHiring KitInternet, e-Mail, Mobile Device, Electronic Information, and Record Retention PolicyBlog & Personal Web Sites PolicySensitive Information PolicyTravel and Off-Site Meeting PolidyPolicies & Procedures Internet & PC WorkstationOutsourcingDRP / BCP Audit ProgramSecurity Audit programDRP/BCP and Security Templates and Audit BundleSabanes-Oxley Compliance & Monitoring Auditing ToolsISO 27000 Security ManualHIPAA Sensitive Information PolicySarbanes-Oxley Compliance KitBrowser Market ShareIT Salary SurveyUpdate ServiceDRP & Security Template BundlesDRP/BCP and Security Templates and Audit BundleEnterprise LicensesIT Cost Control Metrics BundleIT Hiring KitIT Management Template SuiteTools to Focus ITDisk Space MonitorNetwork Event ViewerText Log MonitorDiskMonitor & Network Event ViewerOperational Control Productivity BundleSecurity, DRP, & BCP Audit ProgramsService Orient ArchitectureVoIP Resource KitIT Management Template Suite - Special Offer -- Save over $2,500

Sarbanes-Oxley Compliance Kit

Sarbanes-Oxley Section 404 requires that:

Enterprises have an enterprise wide security policy;
Enterprises have enterprise wide classification of data for security, risk, and business impact;
Enterprises have security related standards and procedures;
Enterprises have formal security based documentation, auditing, and testing in place;
Enterprise enforce separation of duties; and
Enterprises have policies and procedures in place for Change Management, Help Desk, Service Requests, and changes to applications, policies, and procedures.

SOX adopted the COSO model of controls, which is the same model that SAS 70 audits have utilized since inception. SOX heightened the focus placed on understanding the controls over financial reporting and identified a type II SAS 70 report as the only acceptable method of obtaining third-party assurance regarding the controls at a service organization. Security "certifications" are excluded as acceptable substitutes for a type II SAS 70 audit report.

In addition the ISO 27000 standard is used in SAS 70 reports. The Security Manual Template contains an ISO 27000 Security Process Audit Checklist. These two items directly address a service organization's descriptions of controls. The auditor can use these to help them in the evaluation of the service organization's control framework.

Preparation for Disaster Recovery / Business continuation in light of SOX has two primary parts. The first is putting systems in place to completely protect all financial and other data required to meet the reporting regulations and to archive the data to meet future requests for clarification of those reports. The second is to clearly and expressly document all these procedures so that in the event of a SOX audit, the auditors clearly see that the DR plan exists and will appropriately protect the data.

To meet these needs the Sarbanes Oxley Compliance Resource Kit, which comes in four editions (Standard, Silver, Gold, and Platinum) contains:

Security Policies (all editions);
Threat & Vulnerability Assessment Tool (all editions);
Business & IT Impact Questionnaire Risk Assessment Tool (all editions);
Safety Program Template (all editions);
Disaster Recovery Template (all editions);
Outsourcing guide update to reflect what you vendors need to do (all editions);
Software tool to monitor key data files (all editions);
Internet and IT Job Descriptions (Silver, Gold, and Platinum Editions) and;
IT Service Management Template (Platinum Edition) includes
- Service Request Policy and Standard
- Help Desk Policy, Procedure, Standard, and Service Level Agreement
- Change Control Standard, Quality Assurance Standard, and Management Workbook
- Documentation Standard
- Version Control Policy and Standard
- Sensitive Information Standard
- Blog and Personal Web Site Policy
- Travel and Off-Site Meetings Security Policy
- Internet, e-mail and electronic communication Policy

See Table Below

Component	Standard	Silver	Gold	Platinum
Security Manual Template	x	x	x	x
Threat & Vulnerability Assessment Tool	x	x	x	x
Business & IT Impact Questionnaire Risk Assessment Tool	x	x	x	x
Safety Program Template	x	x	x	x
Outsourcing guide	x	x	x	x
DiskMonitor (Desktop)	x	x	x	x
Internet and IT Job Descriptions (PDF Format)		x	x	x
Internet and IT Job Descriptions (Word Format)			x	x
Internet and IT Job Description HandiGuide (PDF Format)				x
Service Request Policy and Standard				x
Help Desk Policy, Procedure, Standard, and Service Level Agreement				x
Change Control Standard, Quality Assurance Standard, and Management Workbook				x
Documentation Standard				x
Version Control Policy and Standard				x
Sensitive Information Standard				x
Blog and Personal Web Site Policy				x
Travel and Off-Site Meetings Security Policy				x
Internet, e-mail and electronic communication Policy				x

Security Manual

The plan is over 215 pages and includes everything needed to customize the Internet and Information Technology Security Manual to fit your specific requirement. The electronic document includes proven written text and examples for your security plan.

Disaster Recovery Plan (DRP)

This Disaster Recovery Plan (DRP) can be used as a template for any enterprise. DRP is sent to you via e-mail in WORD and/or PDF format. Included is a 13 page Business Impact Questionnaire as well as a 3 page Job Description for the Disaster Recovery Manager.

IT Job Descriptions

The 192 Internet and IT Position Descriptions are in Word for Windows format. Includes positions from CIO and CTO to Wireless and Metrics Managers.

The IT Service Management Template

The IT Service Management Template contains policies, standards, procedures and metrics for Change Control, Help Desk and Service Request processing. ITSM template also contains several easy to implement forms and conforms with ITIL.

Practical Guide for IT Outsourcing

The guide is 91 packed pages and includes everything needed to plan for, negotiate, and manage an outsourcing process within an enterprise.

Safety Program Template

Safety Program is 60 pages and includes everything needed to customize the Safety Program to fit your specific requirement. The Safety was updated in December of 2004 and reflects the latest issues associated with the most recent legislation (Sarbanes Oxley).

DiskMonitor

Network Administrators, DRP Coordinators, and Security Managers - can use DiskMonitor (DSM) to view drive and folder usage. Local drives as well as network shares are supported. UNC pathing and Drive$ shares are supported as well.

View The Features and Functions

Site Map

Sarbanes-Oxley compliance checklist: IT security and SQL audits (Michelle Gutzait) My company needs to meet Sarbanes-Oxley compliance for all its Information Technology (IT) department layers and products, including SQL Server. We're running SQL Server 2000 and SQL Server 2005 with no security ... more

What is Sarbanes-Oxley? Date: 12.05.08. more

Ron Paul 2008 › Fought Sarbanes-Oxley Most members of Congress saw the implosion of Enron as an opportunity to grab headlines by passing new legislation to "crack down on corporate crime." Congressman Ron Paul saw that new federal legislation would make matters worse, ... more

Financial Accounts Manager (GAAP / Sarbanes-Oxley), circa £60k Financial Accounts Manager (GAAP / Sarbanes-Oxley), circa £60k the package is £55000 - £65000 per annum + Benefits it's location SURREY, date posted: Fri, 09 May 2008 15:54:21 GMT. more

Full committee hearing on Sarbanes-Oxley section 404 : new ... United States. Congress. House. Committee on Small Business. more

Sarbanes-Oxley compliance checklist: IT security and SQL audits Get security practices, procedures and documentation to meet Sarbanes-Oxley (SOX) compliance. This tip includes checklists to guide SQL DBAs and developers to inspect systems. ... more

Sarbanes-Oxley compliance checklist: IT security and SQL audits If your SQL Server environment is not yet expected to meet Sarbanes-Oxley (SOX) Act compliance standards, it soon will be. In this tip, SQL Server expert Michelle Gutzait presents security practices, procedures and documentation that ... more

Lawsuits may expand Sarbanes-Oxley For instance, she wrote that just because Fidelity chairman Edward C. Johnson III also owns shares in Fidelity funds "does not establish common ownership" that would give Zang the protections of Sarbanes-Oxley. ... more

Carbon Footprint Management Worse Than Sarbanes-Oxley Martin says that managing Jones Lang LaSalle’s carbon footprint has been “a nightmare…worse than the horrors of Sarbanes-Oxley.” That’s largely because the company’s activities depend heavily on travel and on managing buildings that ... more

The Sarbanes-Oxley Section 404 Implementation Toolkit: Practice ... Looking for a highly accessible, simple, and practical approach to help your company easily comply with Sarbanes-Oxley Section 404? The Sarbanes-Oxley Section 404 Implementation Toolkit, Second Edition presents a detailed road map to ... more

News HTML
SAFE Shopping