Sarbanes Oxley Compliance Kit
The audit spotlight now shines on IT. After years of regulation and embarrassing data breaches, the highest levels of management now comfortably discuss IT controls and audit results. However, their quality expectations are rising. Where IT once performed audits annually, many now support quarterly, monthly, and ad hoc exercises. Each audit expands the scope of the technologies assessed, measured, and proven compliant. Broader scope means more complexity and more work. With the Sarbanes Oxley Compliance Kit you can increase timeliness and accuracy of audit data while reducing IT audit effort, disruption, and cost.
Sarbanes-Oxley Section 404 requires that:
- Enterprises have an enterprise wide security policy;
- Enterprises have enterprise wide classification of data for security, risk, and business impact;
- Enterprises have security related standards and procedures;
- Enterprises have formal security based documentation, auditing, and testing in place;
- Enterprise enforce separation of duties; and
- Enterprises have policies and procedures in place for Change Management, Help Desk, Service Requests, and changes to applications, policies, and procedures.
To meet these needs the Sarbanes Oxley Compliance Resource Kit, which comes in four editions (Standard, Silver, Gold, and Platinum) contains:
- Security Policies (all editions);
- Threat & Vulnerability Assessment Tool (all editions);
- Business & IT Impact Questionnaire Risk Assessment Tool (all editions);
- Safety Program Template (all editions);
- Disaster Recovery Template (all editions);
- Outsourcing guide update to reflect what you vendors need to do (all editions);
- Software tool to monitor key data files (all editions);
- Internet and IT Job Descriptions (Silver, Gold, and Platinum Editions) and;
- IT Service Management Template (Platinum Edition).
Disaster Recovery Template (DRP)
The Disaster Recovery Plan template (DRP) can be used for any enterprise. DRP Template is sent to you via e-mail in WORD and/or PDF format. Included is a Business Impact Questionnaire as well as a full Job Description for the 
Disaster Recovery Manager
Security Manual
The plan is 178 pages and includes everything needed to customize the Internet and Information Technology Security Manual to fit your specific requirement. The electronic document includes proven written text and examples for your security plan.
220 Internet and IT Job Descriptions
The 220 Internet and IT Position Descriptions are in Word for Windows format. Includes positions from CIO and CTO to Wireless and Metrics Managers. All of the positions in the book have been created to reflect the technology world of today.
The IT Service Management Template
The IT Service Management Template contains policies, standards, procedures and metrics for Change Control, Help Desk and Service Request processing. ITSM template also contains several easy to implement forms and conforms with ITIL.
Practical Guide for IT Outsourcing
The guide is 91 packed pages and includes everything needed to plan for, negotiate, and manage an outsourcing process within an enterprise. 
Safety Program Template
The plan is 60 pages and includes everything needed to customize the Safety Program to fit your specific requirement. The Safety was updated in December of 2004 and reflects the latest issues associated with the most recent legislation (Sarbanes Oxley).
Sarbanes-Oxley Issues and News
Disaster Recovery Planning Site Re-Launched by Janco
The site www.zinnote.com has just been re-lanuched by Janco Associates, Inc. the site focus on disaster recovery and business continuity planning.
Victor Janulaitis, the Chief Executive Officer of Janco Associates, Inc. said "Our mission is to provide the Chief Information Officer (CIO) and the Chief Technology Officer (CTO) all of the tools they need to efficiently and effectively stay current on the latest developments in Technology. To that end this site focused to meet these objectives." He added, "Each of our site is manually created from Janco products. This is not a mindless automated process, rather it is one which we gather, filter and prioritize. Only the most meaningful disaster recovery and business continuity informationpresented is presented."
- more infoDisaster Recovery is Area of Cost Cutting Focus
Disaster Recovery (DR) is a tough game. It's a
critical component of IT and risk mitigation strategies, and compounded in
difficulty by ever growing data volumes, distributed computing, and new
technologies. Unfortunately, DR is often one of the first line items hit by
budget cuts. How can you get creative in protecting more data, recovering more
swiftly, but also saving some money at the same time?
According to an AT&T Survey of 100 Chicago firms (revenues <$10M), 81 have DR plans, but only 43% have fully tested their plans within the last 12 months and 12% admitted they have never tested their business continuity plans.
Next to personnel, data is your most irreplaceable asset. Networks, application hosting platforms, and end user computing environments can be replaced quickly. However, without your customer lists, product catalogs, inventory, financial records, and other operational data your business cannot recover.
A disaster recovery is a response to a declared disaster or a regional disaster. It is the restoration or recovery of an entire Agent computer. A disaster recovery plan describes how an organization is to deal with potential disasters. Just as a disaster is an event that makes the continuation of normal functions impossible, a disaster recovery plan consists of the precautions taken so that the effects of a disaster will be minimized, and the organization will be able to either maintain or quickly resume mission-critical functions. Typically, disaster recovery planning involves an analysis of business processes and continuity needs; it may also include a significant focus on disaster prevention.
- more infoEnterprise Architecture - a cost savings solution
Enterprise Architecture: A Solution for Business Savings
Business works best when its orchestrated carefully, choreographed thoroughly and directed perfectly. Business, in other words, is a production that requires planning, staging and management in order to hit peak performance. Thats the value Enterprise Architecture brings to the IT world and all other functions, divisions and departments of todays businesses.
Janco is focused on supporting that peak performance with tools for professionals to architect the complex structures of modern corporations and to help create opportunities for the future.
- more infoDirections that IT infrastructure is moving defined
Through the years, the role of the network and it infrastructure has changed with computing transitions. Each computing transition has also increased the networks value and reshaped the vendor landscape. The transition to a virtual enterprise will have an impact on the network similar to the previous computing shifts. The network will become a strategic point of competitive advantage for companies that use it to accelerate virtualization deployments. For this to occur, network decisions-makers can no longer settle for any part of the network infrastructure that is good enough simply because it is from the market brand leader. Corporate network managers that seek to leapfrog the competition need to adopt bold new thinking and embrace the following concepts:
Virtualization will extend out of the data center and expand functionality all the way to the desktop, creating new demands across the network.
- Data center class reliability, performance and features are required not only in the data center, but also at the aggregation edge and wiring closest.
- Open and standards-based solutions need to be the norm, not the exception. The networks tight coupling with the compute infrastructure will drive greater ecosystem support, meaning that closed, proprietary systems will only act as long-term barriers to adoption.
- Good enough is no longer good enough. Its easy to evaluate different vendors and just choose the incumbent vendor or brand leader. However, as the market transitions, this decision can often be the wrong one as legacy vendors with a large installed base cant protect their install base and transition with the market simultaneously.
Social networks still banned by many CIOs
Cisco released the results of a third-party global study designed to assess how organizations use consumer social networking tools to collaborate externally, revealing the need for stronger governance and IT involvement. The research is the first of a two-part series that Cisco has commissioned to explore the impact of social networking and collaboration applications in the enterprise.
The study is based on extensive interviews with 105 participants representing 97 organizations in 20 countries around the globe.
The use of consumer-based social networking tools, such as Facebook and Twitter, as collaboration platforms is connecting organizations with the external world in myriad ways. These tools bring technology and business together through innovative experiences, connect people and information, establish potential new routes to market, and enhance customer intimacy and brand awareness. The study findings indicate that the business world is at the early stages of adopting these tools and in the process of identifying key challenges, such as the need for increased governance and IT involvement, which may impact the integration and adoption of these new platforms and technologies.
- more infoBusiness continuity planning becomes more critical
The more your business relies on its IT systems, the more you need to consider how unexpected disruptions might affect your business. These disruptions could come in many forms, from fire and floods to theft or malicious attacks on your systems, such as viruses or hacking.
Business continuity planning improves your business' ability to react to such disruptions. It describes how you will restart your operations in order to meet your business-critical requirements.
The business continuity template can be used for any sized enterprise. The Disaster Recovery template and supporting material have been updated to be ISO 27000, Sarbanes-Oxley, PCI-DSS, and HIPAA compliant. The Template explains the importance of business continuity plans to the success of your business, and how best to develop them.
- more infoSecurity demands CIOs to adapt as new threats appear
It is not easy to keep an enterprise successful and secure these
days. Businesses all over the world are faced with a host of new challenges: an
unsteady economy, growing competition, volatile global markets, shrinking
budgets, and consumer uncertainty. Overworked IT departments are not only
expected to respond to the demands of anxious business teams, theyre also
responsible for securing the organization and its valuable data against a raft
of sophisticated new threats they have never seen before; proving their
processes are internally and externally compliant; and being fiscally
responsible.
The security policies and procedures template by Janco is the perfect solution. It helps CIOs and IT Managers create the proper security environment.
Because of the way security has evolved over the years, it is rarely looked upon or "fulfilled the role" as a strategic business enabler. Some see it as an inescapable and often costly necessity. The approach to security is generally driven by the latest threats; it is reactive rather than proactive, tactical rather than strategic.
- more infoH-1B rule may help US IT job market
Job Market maybe helped by a proposed new rule. A rule known as the 50/50 rule in a piece of 2009 Senate legislation (as well as a clause in the House in the Comprehensive Immigration Reform ASAP Act of 2009) seeks to balance out the numbers of foreign workers and U.S. workers in companies that employ more than 50 U.S.-based employees. If a company is using H-1B or L-1 visa workers or both, the legislation would limit the number of those workers to no more than 50 percent of the company's U.S.-based workforce. - more info
Disaster Planning Takes Good Staff
Good business continuity planning
needs to take a broad view, embracing people, human behavior, customers and
other factors that lie outside the data center. It is also important to secure
the vision and endorsement of executive management. A properly funded,
well-prioritized business continuity plan, combined with a regular program of
testing and recovery drills, will help to safeguard the organization. Read this
white paper to understand the key elements of a successful business continuity
plan, see how to develop a plan that clarifies what is critical, and set
specific recovery requirements.
Disaster Recovery Planning is Required for Business Continuity Planning
Disaster Recovery Plans are part of a larger, more extensive planning process known as Business Continuity Planning. Disaster Recovery plans should be tested frequently so that the as many individuals as possible are familiar with the specific actions they will need to take when a disaster occurs. Disaster Recovery plans must also be adaptable and updated frequently, e.g. if new people, a new branch office, or new hardware or software are added to an organization they should promptly be incorporated into the organization's disaster recovery plan. Enterprises must consider all these facets of their organization as well as update and practice their plan if they want to maximize their recovery after a disaster.
Disaster Recovery and Business Continuity Planning are the process an organization uses to recover access to their enterprise operations; software, data, and/or hardware that are needed to resume the performance of normal, critical business functions after the event of either a natural disaster or a disaster caused by humans. While Disaster Recovery and Business Continuity plans, or DRPs & BCPs, often focus on bridging the gap where data, software, or hardware have been damaged or lost, one cannot forget the vital element of work force that composes much of any organization. A building fire might predominantly affect vital data storage; whereas a pandemic or epidemic illness is more likely to have an effect on staffing. Both types of disaster need to be considered when creating a Disaster Recovery and Business Continuity Plans. Thus, enterprises should include in their DRPs & BCPs contingencies for how they will cope with the sudden and/or unexpected loss of key personnel as well as how to recover their data.
- more info