Security Manual Template
Version History
Sarbanes Oxley / HIPAA
PCI-DSS - CobiT
ISO 27000 Compliant
The Security Manual Template is typically updated every six to nine months. If you subscribe for the update service you will automatically receive all of these updates. You can maximize your investment by subscribing to our update service. In that way you will be kept abreast of the latest developments that are mandated. Below is a listing of the most recent updates.
Version 9.1
- Added Electronic form
- Employee Termination Checklist
- Added Best Practices Section to Meet Compliance Requirements
Version 9.0
- Updated Sensitive Information Policy
- Added Electronic Forms
- Blog Policy Compliance
- Company Asset Employee Control Log
- Email - Employee Acknowledgment
- Internet Access Request
- Internet Use Approval
- Internet & Electronic Communication - Employee Acknowledgment
- Mobile Device Access and Use Agreement
- New Employee Security Acknowledgement and Release
- Preliminary Security Audit Checklist
- Security Access Application
- Security Audit Report
- Security Violation Reporting
- Sensitive Information Policy Compliance Agreement
Version 8.3
- Added policy for mobile device access and use
- Added Mobile Device Assess and Use Agreement Form
- Added Enterprise Owned Equipment Inventory Form
- Updated CSS Style sheet
Version 8.2
- Updated the Threat and Vulnerability Assessment Tool
Version 8.1
- Add section on Best Practices When Implementing Security Policies and Procedures.
- Added section on Skype
- Updated Sensitive Information section
- Added section on enterprise web site security flaws
- Corrected minor errata
Version 8.0
- Updated Fire Suppression Section
- Updated for ISO compliance and security domain definition
- Log management section expanded
Version 7.3
- Updated Risk Assessment Business and IT Impact Questionnaire
- Updated for COBIT compliance
- Updated for PCI-DSS compliance
- Updated for US state level compliance (New York, Massachusetts, and California)\
- Update for ISO security requirements
Version 7.2
- Updated to comply with CobiT requirements
- Added Security Management Compliance Checklist
- Added Massachusetts Data Protection Requirements Section
- Added Massachusetts 201 CMR 17 Compliance Checklist
Version 7.1
- Corrected minor errata
- Added Employee Termination Process
- Added Employee Termination Checklist
- Forms Added
- Employee Termination Form
Version 7.0
- Updated to reflect latest PCI-DSS requirements
- Updated the sensitive information policy section
- Forms Updated
- Security Violation Form
- Inspection Checklist
- New Employee Security Form
- Internet & Electronic Communication - Employee Acknowledgment (short form)
- Internet Use Approval Form
- Internet Access Request Form
- Security Access Application Form
- Updated ISO 27000 Security Process Audit Checklist
- Updated to CSS Style Sheet
Version 6.5
- Updated Threat and Vulnerability Assessment tool to include a detail work plan for the assessment process.
- Updated Threat and Vulnerability Assessment tool to include a definition of the safeguards that should be included.
- Threat and Vulnerability Assessment tool provided in PDF, WORD 2003, WORD 2007, EXCEL 2003, and EXCEL 2007 formats
Version 6.4
- Blog & Personal Web Site Policy added
- Replaced WORD 2003 style sheet with WORD 2007 style sheet
Version 6.3
- Best Practices Update
- Added section with a summary of the ISO 27000 Series standards
- Updated the template to comply with ISO 27000 Series Standards (27001 and 27002)
- Disaster Recovery Plan Basics Section Added
- Wireless Security Standards Added
- Updated Business Impact and IT Questionnaire
- Corrected various errata
Version 6.2
- Sensitive Information
Policy Updated
- Best Practices Added
- Wireless and VPN Added
- Payment Card Industry Data Security Standard Added
- Added separate document PCI DSS Audit Program
- Internet and E-mail
Communication Updated
- E-mail Forwarding Added
- Travel, Laptop, PDA, and
Off-Site Meetings Updated
- Laptop and PDA Security Added
- Wireless and VPN Added
Version 6.1
- Added HIPAA Audit Program Guide
- Added ISO 17799 Security Audit Checklist
Version 6.0
- Added section defining ISO 17799 requirements
- Modified entire template to be ISO 17799 compliant
- Added Best Data Deletion and Retention Practices
- Added Spy ware Best Practices and Removal
- Provided two versions of the documents - WORD 2003 and WORD 2007
- New Forms
- Internet Use Approval Form
- Internet Access Request Form
- Updated forms
- Internet Usage Policy – Employee Acknowledgement (short form)
- E-Mail Usage Policy – Employee Acknowledgement (short form)
Version 5.1
- New section on Internet, e-Mail, and Electronic Communication
- New
forms
- Internet Usage Policy – Employee Acknowledgement
- E-Mail Usage Policy – Employee Acknowledgement
Version 5.0
- New section on Sensitive Information
- New
forms
- Checklist For Separating Employees
- Supervisor Checklist For Separating Employees
Version 4.1
- New section on lost equipment
- New
section on termination process
- Deciding whether to fire
- Carrying out the firing decision
- New attached excel spreadsheet with internal controls checklist for Sarbanes-Oxley section 404 compliance
Version 4.0
- New section on travel and off-site meetings
- Updated Inspection Check List Form
Scrutiny Policies and Procedures News







