The outsourcing policy is twenty (20) pages in length and defines everything that is needed for a function, department, or area to be outsourced.
The policy comes as a Microsoft Word document (Word 2003 & Word 2007) that can be modified as needed. The template has been updated to include an ISO 27001 audit program definition. The policy template includes:
- Outsourcing Management Standard
- Service Level Agreement
- Outsourcing Policy
- Policy Statement
- Approval Standard
- Base Case
Note: Look at the Practical Guide for Outsourcing over 110 page template for a more extensive process for outsourcing which includes a sample contract with a sample service level agreement
All of the policies that are provided here are contained within one or more of the templates that are on this site. These policies have been added as individual documents in WORD format for those clients who just need this particular policy. All policies are Sarbanes-Oxley compliant.The policies have just been updated to comply with all mandated requirements and include electronic forms that can be Emailed, filled out completely on the computer, routed and stored electronically -- a total solution.
- CIO IT Infrastructure Policy Bundle (All of the policies below are included as individual MS Word files and a single PDF file. Electronic forms are all individual documents that are easily modifiable)
- Backup and Backup Retention Policy
- Blog and Personal Web Site Policy (Includes electronic Blog Compliance Agreement Form)
- BYOD Policy Template (Includes electronic BYOD Access and Use Agreement Form)
- Google Glass Policy (Includes Google Glass Access and Use Agreement Form)
- Incident Communication Plan Policy (Updated to include social networks as a communication path)
- Internet, e-Mail, Social Networking, Mobile Device, Electronic Communications, and Record Retention Policy (Includes 5 electronic forms to aid in the quick deployment of this policy)
- Mobile Device Access and Use Policy
- Patch Management Policy
- Outsourcing Policy
- Physical and Virtual Server Security Policy
- Record Management, Retention, and Destruction Policy
- Sensitive Information Policy (HIPAA Compliant and includes electronic Sensitive Information Policy Compliance Agreement Form)
- Service Level Agreement (SLA) Policy Template with Metrics
- Social Networking Policy (includes electronic form)
- Telecommuting Policy (includes 3 electronic forms to help to effectively manage work at home staff)
- Text Messaging Sensitive and Confidential Information (includes electronic form)
- Travel and Off-Site Meeting Policy
- IT Infrastructure Electronic Forms
Outsourcing Policies and Procedures News
Communications key to business continuity
February 17th, 2014
Many business managers have found out the hard way the missed opportunities of not implementing a cloud-based communications solution. Winter snow storms and hurricane Sandy have opened CIO's eyes to the vulnerability and limitations of the premises-based communications system. Many firms on the East Coast just were not able to get back in business after those events.
- 43% of companies experiencing disasters never reopen, and 29% close within two years.
- 93% of businesses that lost their data center for10 days went bankrupt within one year.
- 40% of all companies that experience a major disaster will go out of business if they cannot gain access to their data within 24 hours.
After a breach event - what to do
February 2nd, 2014
One of the greatest assets of the vast majority of organizations consists of digital bits of information, not their physical holdings. Increasingly, data stored in databases, file management systems, flat files, spreadsheets, and other information storage formats is the linchpin for enterprise success. Intellectual property, transactions, and records to name a few are fueling business because that information is the currency upon which business operations function. Organizations are creating and using data at an unprecedented level, as represented in the demand for storage capacity.
After a data breach, following five steps:
- Know what you have and prioritize by risk levels
- Define what "good" looks like
- Harvest system state information from your production systems
- Perform a reference node variance analysis to identify compromised systems
- Remove suspect systems from the environment and return to a trustworthy state
Winter weather can cause business interruptions
January 3rd, 2014
Disaster Recovery and Business Continuity plans need to consider natural weather and events. The effects that natural events have on the environment directly and indirectly may be harmful to people. Forest fires and volcanoes harm air quality. Hurricanes and floods can contaminate water supplies and damage wastewater facilities. Any of these can spread contaminated materials into the environment.more info
Disaster Recovery Digest - current articles on Disaster Recovery and Business Continuity
December 15th, 2013
Disaster Recovery Digest - current articles on Disaster Recovery and Business Continuity.
- more info
- 10 Backup Best Practices supplementing a disaster recovery and business continuity solution with the cloud 10 Backup best practices - supplementing a disaster recovery and business continuity back-up solution with the cloud Backup best practices are used by many CIOs...
- Importance of Business Continuity ...
- Top 10 tips for Disaster Recovery in a Small Business best way to protect your data Disaster Recovery for a Small Business Baseline for best practices defined in Jancos Disaster Recovery Business Continuity Template. As requirements for avoiding downtime become increasingly...
- Business Continuity Plan Has to be in Place Now Business continuity plan is something that every organization needs to have in place before a disaster happens. Every day somewhere in the world disasters are...
- IBM Business Continuity Plan Services Business Continuity Services Video Business continuity video is good overview of what IBM thinks about this...
Disaster Recovery Business Continuity Articles
November 5th, 2013
- Options for a data center disaster recovery strategy Data Center disaster recovery strategy options A critical component of a disaster recovery business continuity is the data center disaster recovery strategy Hot...
- Data Center Recovery Strategy Data Center Recovery Strategy driven by cost risk considerations Creating a Data Center Recovery Strategy When considering the impact of the loss of...
- Google data center security & disaster recovery This is a great video on physical security as well as the the software security. This is a great primer which all CIOs and Data...
- Data Center Servers are Critical For Business Continuity Business Continuity and Data Centers issues Business transactions delivered from the data center pose major challenges to business continuity. Data center infrastructure and the...
- Cloud storage aids disaster recovery and business continuity Cloud Storage is a next step to implement after the disaster recovery plan is created Cloud storage is a next step after the CIO creates a...