Security Manual Template
ISO Compliant

Sarbanes Oxley / HIPAA / Patriot Act Complaint
Comes with Electronic Forms

Order Security Policies and ProceduresDownload TOC security policiesVersion History Security Policies
Security Manual Template

The Sarbanes-Oxley Act (SOX) requires the certification of the accuracy of the periodic reports and financial statements of ENTERPRISE by the Chief Executive Officer (CEO) and the Chief Financial Officer (CFO) of ENTERPRISE. In addition it adds the requirement that the CEO and CFO on a “rapid and current basis” disclose information that can or does materially change the financial condition of a publicly traded ENTERPRISE.

ISO/IEC 17799:2005 (which has be upgraded to ISO 22301 and ISO 2700) established guidelines and general principles for initiating, implementing, maintaining, and improving information security management in an organization. The objectives outlined provide general guidance on the commonly accepted goals of information security management. ISO/IEC 17799:2005 contains best practices of control objectives and controls in the following areas of information security management:

  • Security policy;
  • Organization of information security;
  • Asset management;
  • Human resources security;
  • Physical and environmental security;
  • Communications and operations management;
  • Access control; and
  • Information systems acquisition, development and maintenance.

All of the ISO 17799 best practices are needed to meet the objectives of SOX. This security manual template helps your enterprise to:

  • Understand your business requirements, outline control objectives, and perform IT risk assessments;
  • Analyze the IT control environment to identify gaps between internal policies and external requirements;
  • Create, disseminate, and document policies using a risk-based approach, track user acceptance, and manage exceptions and waiver requests; and
  • Translate imprecise regulatory mandates into actionable IT policies through an effective control framework.
  • Implement controls, policies, procedures and document operational management process to meet policy and business requirements;
  • Assess controls compliance for all major operating systems and identify and remediate deviations to proactively sustain the control environment; and
  • Maintain a secure control environment, assess security threats, and receive early warning to take proactive countermeasures.
  • Audit and examine the control environment on a continuing basis;
  • Author and publish reports to measure the effectiveness of security controls in meeting a variety of standards and regulations and demonstrate due care of compliance;
  • Map control information to specific policies in order to provide recommendations for improvements to the control environment; and
  • Collect, integrate, and retain trend analyses and evidentiary information from disparate control mechanisms for audits and documentation requests.

The Security Manual Template can be acquired as a stand alone item (Standard) or in the Premium or Gold sets:

Security Manual Template - Standard Edition

Security Manual TemplateSecurity Manual Template

  • Business and IT Impact Questionnaire
  • Threat and Vulnerability Assessment Toolkit
  • Security Management Checklist
  • Full Detail Policies for
    • Blog and Personal Website Policy
    • Mobile Device Policy
    • Physical and Virtural File Server Policy
    • Sensitive Information Policy
    • Travel and Off-Site Meeting Policy
  • HIPAA Audit Program
  • Sarbanes Oxley Section 404 Checklist
  • Security Audit Program- fully editable -- Comes in MS EXCEL and PDF formats -- Meets ISO 28000, 27001, 27002, Sarbanes-Oxley, PCI-DSS, HIPAA FIPS 199, and NIS SP 800-53 requirements -- Over 400 unique tasks divided into 11 areas of audit focus which are the divided into 38 separate task groupings
  • Electronic forms that can be Emailed, completed via a computer or tablet, and stored electronically including: Blog Policy Compliance, BYOD Access and Use, Company Asset Employee Control Log, Email - Employee Acknowledgment, Employee Termination Checklist, FIPS 199 Assessment Electronic Form, Internet Access Request, Internet Use Approval, Internet & Electronic Communication - Employee Acknowledgment, Mobile Device Access and Use Agreement, Employee Security Acknowledgement Release, Preliminary Security Audit Checklist, Risk Assessment, Security Access Application, Security Audit Report, Security Violation Reporting, Sensitive Information Policy Compliance Agreement, Server Registration, and Threat and Vulnerability Assessment
  • eReader version of the Security Manual Template

Security Manual Template - Premium Edition

Security Manual TemplateSecurity Manual Template

  • Business and IT Impact Questionnaire
  • Threat and Vulnerability Assessment Form
  • Security Management Checklist
  • HIPAA Audit Program
  • Sarbanes Oxley Section 404 Checklist
  • Security Audit Program
  • Over two dozen Electronic Forms
  • eReader version of the Security Manual Template

Security Job Descriptions MS Word Format 

  • Chief Security Officer (CSO), Chief Compliance Officer (CCO), VP Strategy and Architecture, Director e-Commerce, Database Administrator, Data Security Administrator, Manager Data Security, Manager Facilities and Equipment, Manager Network and Computing Services, Manager Network Services, Manager Training and Documentation, Manager Voice and Data Communication, Manager Wireless Systems, Network Security Analyst, System Administrator - Unix, and System Administrator - Windows

Security Manual Template - Gold Edition

Security Manual TemplateSecurity Manual Gold Edition

  • Business and IT Impact Questionnaire
  • Threat and Vulnerability Assessment Form
  • Security Management Checklist
  • HIPAA Audit Program
  • Sarbanes Oxley Section 404 Checklist
  • Security Audit Program
  • Over two dozen Electronic Forms
  • eReader version of the Security Manual Template

IT Job Descriptions  MS Word Format - Updated to meet all mandated security requirements

  • 281 Job Descriptions from the Internet and IT Job Descriptions HandiGuide in MS Word Format including all of the job descriptions in the Premium Edition. Each job description is at least 2 pages long and some of the more senior positions are up to 8 pages in length.

DR BC SecurityDisaster Recovery Business Continuity & Security Manual Templates Standard

  • Disaster Recovery Business Continuity Template

  • Security Manual Template

Both of the templates have been recently updated to meet new compliance requirements for ransomware, EU madated issues and BREXIT operational considerations

"Best of Breed - Best Practices Disaster Recovery Planning / Business Continuity Planning and Security Policies" according to the IT Productivity Center

DR BC SecurityDisaster Recovery Business Continuity & Security Manual Templates Premium

  • Disaster Recovery Business Continuity Template
  • Security Manual Template
  • 25 Job Descriptions
    • Chief Information Officer - CIO; Chief Compliance Officer - CCO; Chief Security Officer - CSO;VP Strategy and Architecture; Director e-Commerce; Database Administrator; Data Security Administrator; Manager Data Security; Manager Database; Manager Disaster Recovery; Manager Disaster Recovery and Business Continuity; Pandemic Coordinator; Manager Facilities and Equipment; Manager Media Library Support; Manager Network and Computing Services; Manager Network Services; Manager Site Management; Manager Training and Documentation; Manager Voice and Data Communication; Manager Wireless Systems;Capacity Planning Supervisor; Disaster Recovery Coordinator; Disaster Recovery - Special Projects Supervisor; Network Security Analyst; System Administrator - Unix; System Administrator - Windows

DR BC SecurityDisaster Recovery Business Continuity & Security Manual Templates Gold

  • Disaster Recovery Business Continuity Template
  • Security Manual Template
  • 281 Job Descriptions which includes all of the job descriptions in the premium edition

"Best of Breed - Best Practices Disaster Recovery Planning / Business Continuity Planning, Security Policies, IT Job Descriptions" according to the IT Productivity Center

Order DRP BCP SecurityDownload Table of Contents Security and DRP templates