XML Feed

 Feed
Description


Security Manual ISO 17799Threat Vulnerability Assessment Business IT Impact Security Manual Template
ISO 27000 - 27001 & 27002
(formerly ISO 17799),
Sarbanes Oxley, HIPAA,
PCI-DSS, and Patriot Act Compliant
 

Download once order is processed 
 

Includes Audit Program for PCI DSS  Compliance, HIPAA Audit Guide, and ISO 27000 Checklist

The Security Manual for the Internet and Information Technology is over 200 pages in length. This electronic document is fully compliant with the ISO 27000 standard, Sarbanes Oxley, HIPAA standard, and the Patriot Act.

 All versions of the Security Manual template include both the Business & IT Impact Questionnaire and the Threat & Vulnerability Assessment Tool (both were redesigned to address Sarbanes Oxley compliance).   In addition, the Security Manual Template PREMIUM Edition  contains 16 detail job descriptions that apply specifically to security and Sarbanes Oxley. The job descriptions are:

  • Chief Security Officer (CSO)

  • Chief Compliance Officer (COO)

  • VP Strategy and Architecture

  • Director e-Commerce

  • Database Administrator

  • Data Security Administrator

  • Manager Data Security

  • Manager Facilities and Equipment

  • Manager Network and Computing Services

  • Manager Network Services

  • Manager Training and Documentation

  • Manager Voice and Data Communication

  • Manager Wireless Systems

  • Network Security Analyst

  • System Administrator - Unix

  • System Administrator - Windows

Clients can also subscribe to Janco's Security Manual update service and receive all updates to the Security Manual Template. 

The template includes everything needed to customize the Internet and Information Technology Security Manual to fit your specific requirement.  The electronic document includes proven written text and examples for the following major topics for your security plan:
 

  • Compliance to ISO 27000 (27001 & 27002), HIPAA, SOX, PCI, and the Patriot Act

  • Security Manual Introduction - scope, objectives, general policy, and responsibilities

  • Risk Analysis - objectives, roles, responsibilities, program requirements, and practices program elements

  • Staff Member Roles - policies, responsibilities and practices

  • Physical Security  - area classifications, access controls, and access authority

  • Facility Design, Construction and Operational Considerations - requirements for both central and remote access points

  • Media and Documentation - requirements and responsibilities

  • Data and Software Security - definitions, classification, rights, access control, INTERNET, INTRANET, logging, audit trails, compliance, and violation reporting and follow-up

  • Network Security - vulnerabilities, exploitation techniques, resource protection, responsibilities, encryption, and contingency planning

  • Internet and Information Technology contingency Planning - responsibilities and documentation requirements

  • Travel and Off - Site Meetings - specifics of what to do and not do to maximize security

  • Insurance - objectives, responsibilities and requirements

  • Outsourced Services - responsibilities for both the enterprise and the service providers

  • Waiver Procedures - process to waive security guidelines and policies,

  • Incident Reporting Procedures - process to follow when security violations occur

  • Access Control Guidelines - responsibilities and how to issue and manage badges / passwords

  • Sample Forms

    • Business and IT Impact Questionnaire

    • Threat & Vulnerability Assessment Tool

    • Security Violation Reporting form

    • Security Audit form

    • Inspection Check List

    • New Employee Security form

    • Security Access Application form


 

 

 
 
 
 
 

 

Latest News

 
 Security Policies - Security Policy - Security Policy Template - ... security policies, security policy templates, an IT security policy, internet & e-mail usage policies. ... SECURITY POLICIES. ISO 27002 - ISO 27001 - ISO 17799 ... - more info

  

 
 ISO 17799 - Directory of software for ISO 17799 audit, compliance, and security risk analysis. - more info

  

 
 ISO 17799 Made Easy - Resources, expertise and information for ISO 17799. iso/iec 17799 ... ISO 17799 Security Policies ... 17799 is the establishment of appropriate security ... - more info

  

 
 Risk Associates - Resources for BS7799/ISO 17799, security policies, risk analysis, and audits. - more info

  

 
 ISO 17799 Online Guide - Public collaboration to document and support the international computer security standard. - more info

  

 
 ISO27000 - The ISO 27001 & ISO 27002 (17799) Toolkit - ISO17799 and ISO 27001 compliance and audit using the ISO 17799 Toolkit ... A complete set of ISO 27002 aligned information security policies ... - more info

  

 
 The ISO 17799 Toolkit - Provides information about the starter kit for the ISO 17799 and BS7799 computer security standards. - more info

  

 
 ISO 17799 Security Policies - Security Policies for ... ISO 17799? Download ISO 17799. Support Resources. Security Policies. ISO ... security policies is a fundamental requirement of the ... - more info

  

 
 Security Policies & Standards Group, The - Offers directory of information and computer security policies and resources, as well as downloadable software. - more info

  

 
 ISO17799 Toolkit: ISO 17799 Security Policies - ISO 17799 and ISO 27001 Standards - ISO17799 Security Policies ... ISO 27002 (ISO 17799) COMPLIANT SECURITY POLICIES ... 17799 aligned information security ... - more info

  

 

© 1999 - 2008 Janco Associates, Inc. - ALL RIGHTS RESERVED -- Revised: 08/06/08.