Facebook Follow



XLM News Janco News Feed

Reddit  Del.icio.us  Stumble Upon  Facebook  
Business Continuity &
Disaster Recovery Template
A disaster recovery is a response to a declared disaster or a regional disaster. It is the restoration or recovery of an entire Agent computer. A disaster recovery plan describes how an organization is to deal with potential disasters.

The DRP template includes everything needed to customize the Disaster Recovery Plan to fit your specific requirement. More...
Security Manual Template
Most companies have initiated the necessary steps to safeguard their company assets. Information security has moved from a business cost to a business enabler. However, new threats and technologies are constantly and rapidly changing the network landscape. System administrators must scan the network continually for known security weaknesses, keep their skills current and, most important, reexamine corporate security policies periodically.

The IT Security Manual Template provides all the essential sections of a complete security manual and walks you through the creation of each step.. More...
Job Descriptions
The Internet and IT Position Descriptions HandiGuide® was completed in 2011 and is over 660 pages; which includes sample organization charts, a job progression matrix, and 243 Internet and IT job descriptions.  The book also addresses Fair Labor Standards, the ADA, and is in a new easier to read format. More...
Security Policies Procedures
Security Audit Program
Security Policies and Procedures and Audit Program

DRP Security Template
DRP BCP Audit
IT Hiring IT Job Descriptions IT Salary Survey
Security Topics

How to Justify Security Spending
ISO Domains & Security Manual Template
ISO 27008:2011
Top 10 Security Myths
Security Issue Trends
Security Management
Common User Passwords
User Security Holes
Passwords
Top Network
Security Weaknesses
Malware Impact On Security
Steps to Detect and Prevent Security Breaches
Insider Data Security Issues
What is HIPAA
SmartPhone & Tablet Security
Digital Copier Risk
Mobile Device Security


 

Security Policies Procedures

Security Manual Template
Version History

Sarbanes Oxley / HIPAA
PCI-DSS - CobiT
ISO 27000 Compliant

Order Security ManualSample DRP

 

The Security Manual Template is typically updated every six to nine months.  If you subscribe for the update service you will automatically receive all of these updates. You can maximize your investment by subscribing to our update service.  In that way you will be kept abreast of the latest developments that are mandated.  Below is a listing of the most recent updates.

Version 9.1

  • Added Electronic form
    • Employee Termination Checklist
  • Added Best Practices Section to Meet Compliance Requirements

Version 9.0

  • Updated Sensitive Information Policy
  • Added Electronic Forms
    • Blog Policy Compliance
    • Company Asset Employee Control Log
    • Email - Employee Acknowledgment
    • Internet Access Request
    • Internet Use Approval
    • Internet & Electronic Communication - Employee Acknowledgment
    • Mobile Device Access and Use Agreement
    • New Employee Security Acknowledgement and Release
    • Preliminary Security Audit Checklist
    • Security Access Application
    • Security Audit Report
    • Security Violation Reporting
    • Sensitive Information Policy Compliance Agreement

Version 8.3

  • Added policy for mobile device access and use
  • Added Mobile Device Assess and Use Agreement Form
  • Added Enterprise Owned Equipment Inventory Form
  • Updated CSS Style sheet

Version 8.2

  • Updated the Threat and Vulnerability Assessment Tool

Version 8.1

  • Add section on Best Practices When Implementing Security Policies and Procedures.
  • Added section on Skype
  • Updated Sensitive Information section
  • Added section on enterprise web site security flaws
  • Corrected minor errata

Version 8.0

  • Updated Fire Suppression Section
  • Updated for ISO compliance and security domain definition
  • Log management section expanded

Version 7.3

  • Updated Risk Assessment Business and IT Impact Questionnaire
    • Updated for COBIT compliance
    • Updated for PCI-DSS compliance
    • Updated for US state level compliance (New York, Massachusetts, and California)\
    • Update for ISO security requirements

Version 7.2

  • Updated to comply with CobiT requirements
  • Added Security Management Compliance Checklist
  • Added Massachusetts Data Protection Requirements Section
  • Added Massachusetts 201 CMR 17 Compliance Checklist

Version 7.1

  • Corrected minor errata
  • Added Employee Termination Process
  • Added Employee Termination Checklist
  • Forms Added
    • Employee Termination Form

Version 7.0

  • Updated to reflect latest PCI-DSS requirements
  • Updated the sensitive information policy section
  • Forms Updated
    • Security Violation Form
    • Inspection Checklist
    • New Employee Security Form
    • Internet & Electronic Communication - Employee Acknowledgment (short form)
    • Internet Use Approval Form
    • Internet Access Request Form
    • Security Access Application Form
  • Updated ISO 27000 Security Process Audit Checklist
  • Updated to CSS Style Sheet

Version 6.5

  • Updated Threat and Vulnerability Assessment tool to include a detail work plan for the assessment process.
  • Updated Threat and Vulnerability Assessment tool to include a definition of the safeguards that should be included.
  • Threat and Vulnerability Assessment tool provided in PDF, WORD 2003, WORD 2007, EXCEL 2003, and EXCEL 2007 formats

Version 6.4

  • Blog & Personal Web Site Policy added
  • Replaced WORD 2003 style sheet with WORD 2007 style sheet

Version 6.3

  • Best Practices Update
  • Added section with a summary of the ISO 27000 Series standards
  • Updated the template to comply with ISO 27000  Series Standards (27001 and 27002)
  • Disaster Recovery Plan Basics Section Added
  • Wireless Security Standards Added
  • Updated Business Impact and IT Questionnaire
  • Corrected various errata

Version 6.2

  • Sensitive Information Policy Updated
    • Best Practices Added
    • Wireless and VPN Added
    • Payment Card Industry Data Security Standard Added
    • Added separate document PCI DSS Audit Program
  • Internet and E-mail Communication Updated
    • E-mail Forwarding Added
  • Travel, Laptop, PDA, and Off-Site Meetings Updated
    • Laptop and PDA Security Added
    • Wireless and VPN Added

Version 6.1

  • Added HIPAA Audit Program Guide
  • Added ISO 17799 Security Audit Checklist

Version 6.0

  • Added section defining ISO 17799 requirements
  • Modified entire template to be ISO 17799 compliant
  • Added Best Data Deletion and Retention Practices
  • Added Spy ware Best Practices and Removal
  • Provided two versions of the documents - WORD 2003 and WORD 2007
  • New Forms
    • Internet Use Approval Form
    • Internet Access Request Form
  • Updated forms
    • Internet Usage Policy – Employee Acknowledgement (short form)
    • E-Mail Usage Policy – Employee Acknowledgement (short form)

Version 5.1

  • New section on Internet, e-Mail, and Electronic Communication
  • New forms
    • Internet Usage Policy – Employee Acknowledgement
    • E-Mail Usage Policy – Employee Acknowledgement

Version 5.0

  • New section on Sensitive Information
  • New forms
    • Checklist For Separating Employees
    • Supervisor Checklist For Separating Employees

Version 4.1

  • New section on lost equipment
  • New section on termination process
    • Deciding whether to fire
    • Carrying out the firing decision
  • New attached excel spreadsheet with internal controls checklist for Sarbanes-Oxley section 404 compliance

Version 4.0

  • New section on travel and off-site meetings
  • Updated Inspection Check List Form

 

OrderTable of Contents

 

 

 

 

 

 

 

 

Scrutiny Policies and Procedures News