+353-1-416-8900REST OF WORLD
+44-20-3973-8888REST OF WORLD
1-917-300-0470EAST COAST U.S
1-800-526-8630U.S. (TOLL FREE)

PRINTER FRIENDLY

Security Manual Template Gold Edition

  • ID: 4745242
  • Report
  • 226 pages
  • Janco Associates, Inc
1 of 3
California Defines Standard for Privacy Compliance

Policy and Procedure Manual Compliance Management Made Easy -- Califorina Consumer Privacy Act - 2018 / GDPR / ISO / HIPAA / SOX / CobiT / FIPS Compliant

The Security Manual Template - (ISO CobiT SOX HIPAA Compliant) is provided in MS WORD, PDF, and ePub formats. Included also are 27 ELECTRONIC FORMS that will help you implement the policies and procedures in this electronic document.

Security Manual Template - Gold Edition

  • Security Manual Template Premium Edition Electronically Delivered Security Manual Gold Edition
  • IT Job Descriptions MS Word Format - Updated to meet all mandated security requirements
    • 300 Job Descriptions from the Internet and IT Job Descriptions HandiGuide in MS Word Format including all of the job descriptions in the Premium Edition. Each job description is at least 2 pages long and some of the more senior positions are up to 8 pages in length.
Note: Product cover images may vary from those shown
2 of 3

Security - Introduction 
Scope 
Objective 
Applicability 
Best Practices 
Best Practices When Implementing Security Policies and Procedures 
Best Practices Network Security Management 
Best Practices to Meet Compliance Requirements 
Best Practices to Manage Compliance Violations 
Best Practices Data Destruction and Retention 
Best Practices Ransomware Protection 
Web Site Security Flaws 
ISO 27000 Compliance Process 
Security General Policy 
Responsibilities 

Minimum and Mandated Security Standard Requirements 
ISO Security Domains
ISO 27000
Gramm-Leach-Bliley (Financial Services Modernization Act of 1999
FTC Information Safeguards
Federal Information Processing Standard – FIPS 199
NIST SP 800-53
Sarbanes-Oxley Act
California SB 1386 Personal Information Privacy
California Consumer Privacy Act - 2018
Massachusetts 201 CMR 1700 Data Protection Requirements
What Google and Other 3rd Parties Know
Internet Security Myths

Vulnerability Analysis and Threat Assessment 
Evaluate Risk 

Risk Analysis - IT Applications and Functions 
Objective 
Roles and Responsibilities 
Program Requirements 
Frequency 
Relationship to Effective Security Design 
Selection of Safeguards 
Requests for Waiver 
Program Basic Elements 
 
Staff Member Roles 
Basic Policies 
Security - Responsibilities 
Determining Sensitive Internet and Information Technology Systems Positions 
Personnel Practices 
Hiring Procedures 
Termination 
Termination Types 
Termination Actions 
Education and Training 
Contractor Personnel 

Physical Security 
Information Processing Area Classification 
Classification Categories 
Access Control 
Levels of Access Authority 
Access Control Requirements by Category 
Implementation Requirements 
Protection of Supporting Utilities 

Facility Design, Construction, and Operational Considerations 
Building Location 
External Characteristics 
Location of Information Processing Areas 
Construction Standards 
Water Damage Protection 
Air Conditioning 
Entrances and Exits 
Interior Furnishings 
Fire 
Electrical 
Air Conditioning 
Remote Internet and Information Technology Workstations 
Lost Equipment 
Training, Drills, Maintenance, and Testing 

Media and Documentation 
Data Storage and Media Protection 
Documentation 

Data and Software Security 
Resources to Be Protected 
Classification 
Rights 
Access Control 
Internet / Intranet / Terminal Access / Wireless Access
Spyware 
Wireless Security Standards 
Logging and Audit Trail Requirements 
Satisfactory Compliance 
Violation Reporting and Follow-Up 

Internet and Information Technology Contingency Planning 
Responsibilities 
Information Technology 
Contingency Planning
Documentation 
Contingency Plan Activation and Recovery 
Disaster Recovery / Business Continuity and Security Basics 

Insurance Requirements 
Objectives 
Responsibilities 
Filing a Proof of Loss 
Risk Analysis Program 
Purchased Equipment and Systems 
Leased Equipment and Systems 
Media 
Business Interruption 
Staff Member Dishonesty 
Errors and Omissions 

Security Information and Event Management (SIEM) 
Best Practices for SIEM 
KPI Metrics for SIEM 

Identity Protection 
Identifying Relevant Red Flags 
Preventing and Mitigating Identity Theft 
Updating the Program 
Methods for Administering the Program 

Ransomware - HIPAA Guidance 
Required response 

Outsourced Services 
Responsibilities 
Outside Service Providers – Including Cloud 

Waiver Procedures 
Purpose and Scope 
Policy 
Definition 
Responsibilities 
Procedure

Incident Reporting Procedure 
Purpose & Scope 
Definitions 
Responsibilities 
Procedure 
Analysis/Evaluation 

Access Control Guidelines 
Purpose & Scope 
Objectives 
Definitions of Access Control Zones 
Responsibilities 
Badge Issuance 

Internet, Email, and Electronic Communication 
Overview
Internet and Electronic Communication Policy 
Email 

Appendix 

Attached Policies 

  • Blog and Personal Website Policy
  • Mobile Device Policy
  • Physical and Virtual File Server Security Policy
  • Sensitive Information Policy - Credit Card, Social Security, Employee, and Customer Data
  • Travel and Off-Site Meeting Policy

Attached Security Forms

  • Blog Policy Compliance Agreement
  • BYOD Access and Use Agreement
  • Company Asset Employee Control Log
  • Email Employee Agreement
  • Employee Termination Procedures and Checklist
  • FIPS 199 Assessment
  • Internet Access Request Form
  • Internet and Electronic Communication Employee Agreement
  • Internet use Approval
  • Mobile Device Access and Use Agreement
  • Mobile Device Security and Compliance Checklist
  • New Employee Security Acknowledgment and Release
  • Outsourcing and Cloud Security Compliance Agreement
  • Outsourcing Security Compliance Agreement
  • Preliminary Security Audit Checklist
  • Privacy Compliance Policy Acceptance Agreement
  • Risk Assessment (pdf & docx)
  • Security Access Application
  • Security Audit Report
  • Security Violation Procedures
  • Sensitive Information Policy Compliance Agreement
  • Server Registration
  • Social networking Policy Compliance Agreement
  • Telecommuting Work Agreement
  • Text Messaging Sensitive Information Agreement
  • Threat and Vulnerability Assessment Inventory

Practical Tips for Prevention of Security Breaches and PCI Audit Failure
Risk Assessment Process
Employee Termination Process
Security Management Compliance Checklist
Massachusetts 201 CMR 17 Compliance Checklist
User/Customer Sensitive Information and Privacy Bill of Rights
General Data Protection Regulation (GDPR) - Checklist
HIPAA Audit Program Guide
ISO 27000 Security Process Audit Checklist
Firewall Security Requirements
Firewall Security Policy Checklist
BYOD and Mobile Content Best of Breed Security Checklist
Business and IT Impact Questionnaire
Threat and Vulnerability Assessment Tool
Sarbanes-Oxley Section 404 Check List Excel Spreadsheet 

Revision History 

Note: Product cover images may vary from those shown
3 of 3

Loading
LOADING...

Adroll
adroll