Security Manual Template
Update Service
Now Includes ePub version
The latest version of the Security Manual Template includes several major enhancements.
- Best Practices and KPI metrics for SIEM (Security Information and Event Management)
- Best Practices and processes for Identity Protection
- All of the over two dozen electronic forms have been updated to meet the latest mandated compliance requirement.
- An eReader version of the template that can be distributed electronically to tablets, iPads, and SmartPhone.
Order Security Manual Update Service
The Security Manual Template is typically updated every three to six months. If you subscribe for the update service you will automatically receive all of these updates. You can maximize your investment by subscribing to our update service. With the updated you are kept abreast of the latest technological and mandated security developments. Below is a listing of the most recent updates.
Version History
Version 12.0
- Added Sexton on Security Information and Event Management (SIEM) - includes best practices
- Added section on Identity Protection
- Updated 24 included electronic forms
- Updated mandated compliance requirement
- Added eReader version to product offering
Version 11.3
- Added section on 10 Best Practices for Ransomware Protection
- Updated to meet the latest mandated compliance requirements and ISO standards
- Added section on Practical Tips for Prevention of Security Breaches and PCI Audit Failures
- Added section on the risk assessment process
Version 11.2
- Added User/Customer Sensitive Information and Privacy Bill of Rights
Version 11.1
- Added Best Practices Section
- Added Electronic forms for:
- Mobile Device Security and Compliance Checklist
- Outsourcing and Cloud Security Compliance Agreement
- Server Registration
- Text Messaging and Sensitive Information Agreement
- Updated Electronic Forms
- Updated Graphics
- Reviewed and updated to meet all mandated government and international standard requirements
- All of the supplemental materials have been updates
- Business Impact Analysis Questionnaire
- SOX Compliance Checklist
- PCI Audit Program
- Threat Assessment and Vulnerability Tool Kit
Version 11
- Added Firewall Requirements list
- Added Firewall Policy Security Checklist
- Updated to meet all ISO requirements
Version 10.3
- Updated to reflect Cloud requirements
- Updated to reflect new and old storage technologies
- Updated BYOD Use Agreement Form
- Added BYOD and Mobile Content Best of Breed Security Checklist
Version 10.2
- Added Physical and Virtual Server Security Policy
- Added Server Registration electronic form
- Updated headers and footers to facilitate easier customization by user
Version 10.1
- Add Electronic forms for Threat and Assessment Process - Utilized Adobe FormCentral
- Added Electronic Risk Assessment Matrix - Excel
- Updated graphics
Version 10.0
- Added section on FIPS 199
- Added section on NIS SP 800-53
- Added Electronic Forms
- FIPS 199 Assessment Electronic Form
Version 9.2
- Updated the Threat and Vulnerability Assessment to include mobile devices and BYODs
- Added Electronic form
- BYOD Access and Use Agreement
Version 9.1
- Added Electronic form
- Employee Termination Checklist
- Added Best Practices Section to Meet Compliance Requirements
Version 9.0
- Updated Sensitive Information Policy
- Added Electronic Forms
- Blog Policy Compliance
- Company Asset Employee Control Log
- Email - Employee Acknowledgment
- Internet Access Request
- Internet Use Approval
- Internet & Electronic Communication - Employee Acknowledgment
- Mobile Device Access and Use Agreement
- New Employee Security Acknowledgment and Release
- Preliminary Security Audit Checklist
- Security Access Application
- Security Audit Report
- Security Violation Reporting
- Sensitive Information Policy Compliance Agreement
Version 8.3
- Added policy for mobile device access and use
- Added Mobile Device Assess and Use Agreement Form
- Added Enterprise Owned Equipment Inventory Form
- Updated CSS Style sheet
Version 8.2
- Updated the Threat and Vulnerability Assessment Tool
Version 8.1
- Add section on Best Practices When Implementing Security Policies and Procedures.
- Added section on Skype
- Updated Sensitive Information section
- Added section on enterprise web site security flaws
- Corrected minor errata
Version 8.0
- Updated Fire Suppression Section
- Updated for ISO compliance and security domain definition
- Log management section expanded
Version 7.3
- Updated Risk Assessment Business and IT Impact Questionnaire
- Updated for COBIT compliance
- Updated for PCI-DSS compliance
- Updated for US state level compliance (New York, Massachusetts, and California)\
- Update for ISO security requirements
Version 7.2
- Updated to comply with CobiT requirements
- Added Security Management Compliance Checklist
- Added Massachusetts Data Protection Requirements Section
- Added Massachusetts 201 CMR 17 Compliance Checklist
Version 7.1
- Corrected minor errata
- Added Employee Termination Process
- Added Employee Termination Checklist
- Forms Added
- Employee Termination Form
Version 7.0
- Updated to reflect latest PCI-DSS requirements
- Updated the sensitive information policy section
- Forms Updated
- Security Violation Form
- Inspection Checklist
- New Employee Security Form
- Internet & Electronic Communication - Employee Acknowledgment (short form)
- Internet Use Approval Form
- Internet Access Request Form
- Security Access Application Form
- Updated ISO 27000 Security Process Audit Checklist
- Updated to CSS Style Sheet
Version 6.5
- Updated Threat and Vulnerability Assessment tool to include a detail work plan for the assessment process.
- Updated Threat and Vulnerability Assessment tool to include a definition of the safeguards that should be included.
- Threat and Vulnerability Assessment tool provided in PDF, WORD 2003, Word, EXCEL 2003, and EXCEL 2007 formats
Version 6.4
- Blog & Personal Web Site Policy added
- Replaced WORD 2003 style sheet with Word style sheet
Version 6.3
- Best Practices Update
- Added section with a summary of the ISO 27000 Series standards
- Updated the template to comply with ISO 27000 Series Standards (27001 and 27002)
- Disaster Recovery Plan Basics Section Added
- Wireless Security Standards Added
- Updated Business Impact and IT Questionnaire
- Corrected various errata
Version 6.2
- Sensitive Information
Policy Updated
- Best Practices Added
- Wireless and VPN Added
- Payment Card Industry Data Security Standard Added
- Added separate document PCI DSS Audit Program
- Internet and E-mail
Communication Updated
- E-mail Forwarding Added
- Travel, Laptop, PDA, and
Off-Site Meetings Updated
- Laptop and PDA Security Added
- Wireless and VPN Added
Version 6.1
- Added HIPAA Audit Program Guide
- Added ISO 17799 Security Audit Checklist
Version 6.0
- Added section defining ISO 17799 requirements
- Modified entire template to be ISO 17799 compliant
- Added Best Data Deletion and Retention Practices
- Added Spy ware Best Practices and Removal
- Provided two versions of the documents - MS WORD
- New Forms
- Internet Use Approval Form
- Internet Access Request Form
- Updated forms
- Internet Usage Policy - Employee Acknowledgment (short form)
- E-Mail Usage Policy - Employee Acknowledgment (short form)
Version 5.1
- New section on Internet, e-Mail, and Electronic Communication
- New
forms
- Internet Usage Policy - Employee Acknowledgment
- E-Mail Usage Policy - Employee Acknowledgment
Version 5.0
- New section on Sensitive Information
- New
forms
- Checklist For Separating Employees
- Supervisor Checklist For Separating Employees
Version 4.1
- New section on lost equipment
- New
section on termination process
- Deciding whether to fire
- Carrying out the firing decision
- New attached excel spreadsheet with internal controls checklist for Sarbanes-Oxley section 404 compliance
Version 4.0
- New section on travel and off-site meetings
- Updated Inspection Check List Form
