---

 

 Outsourcing Policy

The outsourcing policy is twenty (20) pages in length and defines everything that is needed for a function, department, or area to be outsourced. 

The policy comes as a Microsoft Word document (Word 2003 & Word 2007) that can be modified as needed.  The template has been updated to include an ISO 27001 audit program definition. The policy template includes:

• Outsourcing Management Standard
  • Service Level Agreement
  • Responsibility
• Outsourcing Policy
  • Policy Statement
  • Goal
• Approval Standard
  • Base Case
  • Responsibilities

Note: Look at the Practical Guide for Outsourcing over 110 page template for a more extensive process for outsourcing which includes a sample contract with a sample service level agreement

 

---

 

Other Policies

All of the policies that are provided here are contained within one or more of the templates that are on this site. These policies have been added as individual documents in WORD format for those clients who just need this particular policy.  All policies are Sarbanes-Oxley compliant.

The policies have just been updated to comply with all mandated requirements and include electronic forms that can be Emailed, filled out completely on the computer, routed and stored electronically -- a total solution.

• CIO IT Infrastructure Policy Bundle (All of the policies below are included as individual MS Word files and a single PDF file. Electronic forms are all individual documents that are easily modifiable)
  • Backup and Backup Retention Policy
  • Blog and Personal Web Site Policy (Includes electronic Blog Compliance Agreement Form)
  • BYOD Policy Template (Includes electronic BYOD Access and Use Agreement Form)
  • Incident Communication Plan Policy (Updated to include social networks as a communication path)
  • Internet, e-Mail, Social Networking, Mobile Device, Electronic Communications, and Record Retention Policy (Includes 5 electronic forms to aid in the quick deployment of this policy)
  • Mobile Device Access and Use Policy
  • Patch Management Policy
  • Outsourcing Policy
  • Record Management, Retention, and Destruction Policy
  • Sensitive Information Policy (HIPAA Compliant and includes electronic Sensitive Information Policy Compliance Agreement Form)
  • Service Level Agreement (SLA) Policy Template with Metrics
  • Social Networking Policy (includes electronic form)
  • Telecommuting Policy (includes 3 electronic forms to help to effectively manage work at home staff)
  • Travel and Off-Site Meeting Policy
  • IT Infrastructure Electronic Forms

 

---

 

Outsourcing Policies and Procedures News

---

BC/DR Planning More complex

May 10th, 2013

As enterprise operations, including netwwork access with mobile computing, BYOD, SmartPhones, and tablets become more advanced and complex, solutions to restore companies back to business as usual after downtime are now more difficult. Preparing a DR plan can take months but in the midst of a disaster, you only have minutes to execute it.

 

Some Disaster Recovery and Business Continuity current articles:

1. Business Continuity Plan Has to be in Place Now  Business continuity plan is something that every organization needs to have in place before a disaster happens.  Every day somewhere in the world disasters are...
2. Top 10 Disasters That Need to be Planned for  Top 10 disasters that businesses should plan for Disasters Happen – How do you balance the business continuity disaster recovery risk and investment equation? Is...
3. Disaster Recovery High Risk Users Disaster Recovery High Risk Users There are three types of high risk users in disaster recovery and business continuity planning. They are: People who do...
4. Disaster Recovery Misconceptions  Disaster Recovery - What are the major misconceptions when a disaster occurs with IT systems? Can your systems can not support your company's day-to-day operations?...
5. Safety Program For Disaster Recovery Plan  Safety Program needs to be integrated into the Disaster Recovery Business Continuity Plan A safety program should be in place before disasters occur. Hurricanes, tornadoes,...

 

- more info

---

Pandemic in China a concern

May 2nd, 2013

 

Pandemic Disaster Recovery and Business Continuity
Top Priority

There is no question we are vulnerable to infectious and contagious diseases. The influenza pandemic of 1918-1919 killed more than 20 million people - more than 600,000 in the United States. That winter, more U.S. soldiers died from influenza than had died on World War I battlefields.

According to Centers for Disease Control and Prevention (CDC), nearly 40,000 Americans die annually from seasonal flu. And most experts agree that the human race is long overdue for an influenza pandemic far more deadly than the H1N1 pandemic of 2009-2010. The threat from Mother Nature goes far beyond the flu.

The current outbreak in China and its spead to Saudi Arabia is cause for concern.  Pandemic planning, if it has not been completed, should be a tip priority.

- more info

---

What is the cost of downtime?

April 11th, 2013

If your people can continue working for days without systems your cost of downtime is relatively low. If your business is tied to your systems or work cannot be processed your downtime cost may be high. We have had both sets of clients, a small architecture firm accounting system went down and they were comfortable with it being down for a few days.

 

However another customer, a lumber mill, shut down after someone tripped over a power cord. A server failed, and more than 200 workers were paid for doing nothing. That human error cost the company $10,000.

So calculate the cost of downtime in terms of labor paid, productivity lost, and all the other factors. Presenting such a number to your customer in terms of costs per hour or day can make a compelling argument for a solid business continuity plan.

MTPOD is the maximum amount of time that an enterprise's key products or services can be unavailable or undeliverable before its stakeholders see unacceptable consequences.

 

- more info

---

Top 10 list for Business Continuity and Disaster Recovery Planning

March 29th, 2013

Top 10 lists for Disaster Recovery and Business Continuity Planning:

 

1. Top 10 tips for Disaster Recovery in a Small Business – best way to protect your data (16.3) Disaster Recovery for a Small Business Baseline for best practices defined in Janco’s Disaster Recovery Business Continuity Template. As requirements for avoiding downtime become increasingly...
2. Top 10 Disaster Recovery Best Practices (16.1) As requirements for avoiding downtime become increasingly stringent, administrators need tools and platforms that can help them plan, design, and implement disaster recovery strategies that...
3. Top 10 Reasons Why Disaster Recovery Business Continuity Plans Fail (14.6) In the recession many organizations put disaster recovery and business continuity on the back burner. As a result those plans are not as functional as...
4. Best of Breed Disaster Recovery Business Continuity (13.2) Best of Breed solutions for disaster recovery and business continuity has four key components: High Availability – Best of breed requires service that have high...
5. 10 Backup Best Practices supplementing a disaster recovery and business continuity solution with the cloud (13.2) 10 Backup best practices -  supplementing a disaster recovery and business continuity back-up solution with the cloud Backup best practices are used by many CIOs...

 

- more info

---

Disaster Planning is Required for Virtual Applications

March 12th, 2013

A number of customers using the Microsoft-hosted Dynamics CRM Online and its Office 365 cloud service were reporting performance problems.
 
One CRM Online customer said problems began in the morning. The @MSCloudUS twitter account acknowledged the Office 365 problems, starting in the afternoon (EST).

 

The Disaster Planning Template addresses these issues. On the CRM Online front, "performance is slow for most users, to the point that some can’t use CRM at all," one Microsoft CRM user said. His company is based in the U.S., he said, but international users of the system were affected, as well.

A Microsoft spokesperson said, "We were made aware of a few customers experiencing difficulty using their Microsoft Dynamics CRM Online service this morning.  The customer impact was limited to some organizations in North America and has been resolved.  Microsoft takes any downtime seriously, and customers will be reimbursed service charges per the terms of our SLA which guarantees  99.9% uptime."

- more info