  Security Manual Template
ISO 27000 - 27001 & 27002
(formerly ISO 17799),
Sarbanes Oxley, HIPAA,
PCI-DSS,
and Patriot Act Compliant
Includes Audit Program for PCI DSS Compliance, HIPAA Audit Guide,
and ISO 27000 Checklist
 
The Security Manual for the Internet and Information Technology
is over 240 pages in length. This electronic document is fully compliant with
the ISO 27000 standard, Sarbanes Oxley, HIPAA standard, and the Patriot Act.
All versions of the Security
Manual template include both the Business & IT Impact Questionnaire and the
Threat & Vulnerability Assessment Tool (both were redesigned to address
Sarbanes Oxley compliance. In addition, the Security
Manual Template PREMIUM Edition contains 16 detail job descriptions
that apply specifically to security and Sarbanes Oxley.
The job descriptions are:
-
Chief Security Officer (CSO)
-
Chief
Compliance Officer (COO)
-
VP Strategy and Architecture
-
Director e-Commerce
-
Database Administrator
-
Data Security Administrator
-
Manager Data Security
-
Manager Facilities and Equipment
|
-
Manager Network and Computing Services
-
Manager Network Services
-
Manager Training and Documentation
-
Manager Voice and Data Communication
-
Manager Wireless Systems
-
Network Security Analyst
-
System Administrator - Unix
-
System Administrator - Windows
|
Clients can also subscribe to Janco's
Security Manual update service and receive all updates to the
Security Manual Template.
The template includes
everything needed to customize the Internet and Information Technology
Security Manual to fit your specific
requirement. The electronic document includes proven written text and
examples for the following major topics for your security plan:
-
Compliance to ISO 27000
(27001 & 27002), HIPAA,
SOX, PCI, and the Patriot Act
-
Security Manual
Introduction - scope, objectives, general policy, and
responsibilities
-
Risk Analysis
- objectives, roles, responsibilities, program requirements, and
practices program elements
-
Staff Member
Roles - policies, responsibilities and practices
-
Physical
Security - area classifications, access controls, and
access authority
-
Facility Design,
Construction and Operational Considerations - requirements for
both central and remote access points
-
Media and
Documentation - requirements and responsibilities
-
Data and
Software Security - definitions, classification, rights, access
control, INTERNET, INTRANET, logging, audit trails, compliance, and
violation reporting and follow-up
-
Network Security
- vulnerabilities, exploitation techniques, resource protection,
responsibilities, encryption, and contingency planning
-
Internet and
Information Technology contingency Planning - responsibilities
and documentation requirements
-
Travel and Off
- Site
Meetings - specifics of what to do and not do to maximize
security
-
Insurance -
objectives, responsibilities and requirements
-
Outsourced
Services - responsibilities for both the enterprise and the
service providers
-
Waiver
Procedures - process to waive security guidelines and policies,
-
Incident
Reporting Procedures - process to follow when security
violations occur
-
Access Control
Guidelines - responsibilities and how to issue and manage badges
/ passwords
-
Sample Forms
-
Business and IT Impact
Questionnaire
-
Threat & Vulnerability
Assessment Tool
-
Security Violation
Reporting form
-
Security Audit form
-
Inspection Check List
-
New Employee Security form
-
Security Access Application
form
 
Latest News
ISO 17799 Security Policies
-
Security Policies for ... ISO 17799? Download ISO 17799. Support Resources. Security Policies. ISO ... security policies is a fundamental requirement of the ...
-
more info
ISO 17799 Made Easy - Security Policies
-
ISO 17799 Security World - Resources, expertise and information for iso/iec 7799 - Security Policies ... 17799 is very clear with respect to security policies: ...
-
more info
ISO17799 Toolkit: ISO 17799 Security Policies
-
ISO 17799 and ISO 27001 Standards - ISO17799 Security Policies ... ISO 27002 (ISO 17799) COMPLIANT SECURITY POLICIES ... 17799 aligned information security ...
-
more info
ISO 17799
-
Directory of software for ISO 17799 audit, compliance, and security risk analysis.
-
more info
ISO 17799 Made Easy
-
Resources, expertise and information for ISO 17799. iso/iec 17799 ... ISO 17799 Security Policies ... 17799 is the establishment of appropriate security ...
-
more info
Risk Associates
-
Resources for BS7799/ISO 17799, security policies, risk analysis, and audits.
-
more info
Security Policies - Security Policy - Security Policy Template
-
... security policies, security policy templates, an IT security policy, internet & e-mail usage policies. ... SECURITY POLICIES. ISO 27002 - ISO 27001 - ISO 17799 ...
-
more info
ISO 27002 (ISO 17799) Policies (Aligned)
-
Information Security Policies. ISO17799, ISO 27001 and BS7799 compliance, audit and management made easy. The ISO 17799 Toolkit
-
more info
ISO 17799 and Information Security Policies
-
ISO 17799 review. The directory of information security policies and information security policy resources ... ISO 17799 Description and Review. ISO 17799 is ...
-
more info
ISO 17799 Information Security Policy Solutions
-
Information Security Policies Made Easy provides information security policies for ISO/IEC 17799:2005 compliance. ... Security Policies and ISO 17799 Framework ...
-
more info
|
|
|