Electronic Forms Added to Security Policies and Procedure Template

Version 9.1 of the Security Manual Template has been updated with fourteen electronic forms

Security Manual TemplateJanco Associates has just released version 9.1 of its popular Security Manual Template. Included with this update are fourteen electronic forms which are needed by any organization that wants to manage its security policies and procedures. The CEO of Janco said, “We have found that it is much easier and less costly to use electronic forms which can be emailed, filled out on a computer or tablet, and filed electronically than using traditional paper forms. “ In addition, “This also paves the way to a very green solution which utilizes technology to reduce the overhead in managing the security requirements of enterprises of all sizes. ” He added, “With the ever increasing mandated compliance requirements we have updated this template four times in the last twelve months. We continue to update all of our products to meet both management requests and mandated requirements. ”

The forms included are:

    1. Application & File Server Inventory
    2. Blog Policy Compliance Agreement
    3. BYOD Access and Use Agreement
    4. Company Asset Employee Control Log
    5. Email Employee Agreement
    6. Employee Termination Procedures and Checklist
    7. FIPS 199 Assessment
    8. Internet Access Request Form
    9. Internet and Electronic Communication Employee Agreement
    10. Internet use Approval
    11. Mobile Device Access and Use Agreement
    12. Mobile Device Security and Compliance Checklist
    13. New Employee Security Acknowledgment and Release
    14. Outsourcing and Cloud Security Compliance Agreement
    15. Outsourcing Security Compliance Agreement
    16. Preliminary Security Audit Checklist
    17. Privacy Compliance Policy Acceptance Agreement
    18. Risk Assessment (pdf & docx)
    19. Security Access Application
    20. Security Audit Report
    21. Security Violation Procedures
    22. Sensitive Information Policy Compliance Agreement
    23. Server Registration
    24. Social networking Policy Compliance Agreement
    25. Telecommuting Work Agreement
    26. Text Messaging Sensitive Information Agreement
    27. Threat and Vulnerability Assessment Inventory
    28. Work From Home Work Agreement
    29. Plus more

Read on Order Security Manual Template Download sample


2012 IT Job Descriptions HandiGuide Released

ISO (including 27031), HIPAA, Sarbanes-Oxley, PCI-DSS, California SB 1386, and Cobit requirements are meet by Internet and IT Position Descriptions. . .

Job DescriptionsThe Internet and IT Position Descriptions HandiGuide™ is over 900 plus pages; includes sample organization charts, a job progression matrix, employee termination checklist as an electronic form, and 326 Internet and IT job descriptions. The book also addresses Fair Labor Standards, the ADA, ISO, and is in a new easier to read format.

The 2012 version changes include:

  • Added Termination Procedure
  • Added Termination Checklist and Electronic Form
  • All job descriptions were reviewed and modified where necessary to meet all currently mandated compliance requirements
  • Added the following Job Descriptions
    • Director Business Applications
    • Manager Video and Web Content
    • Manager Business Development
    • Manager Web Content
    • PCI-DSS Administrator
    • Desktop Specialist
    • Software Quality Control Tester

You can purchase either the book with all of the job descriptions in PDF format or the book in PDF format and the job descriptions in MS WORD format, or just the job description in MS WORD format.

Order IT Job Description HandiGuide  Sample Description  Download TOC


IT Infrastructure Management -- the Next Challenge

Infrastructure PoliciesIn many enterprises, CIOs are perceived as mere technology managers, while in reality they should beviewed as business leaders. The CIO's focus should be on reducing costs and improving profitability through the strategic usage of IT. It is very important for the Information Technology organization to get out of a transactional mode. If the CIO has the right infrastructure in place, then the CIO can help in directing the strategy of the enterprise, and even shape its destiny. The CIO brings his own perspective, and without IT, you cannot build a robust and business.

The CIO Infrastructure Management Tool Kit is comprised of a collection of Janco products that CIOs and IT Managers can use to create a strategy and manage in the ever changing business environment.

Read on. . .

Or you can get the CIO Infrastructure Policy Bundle which includes the following policies with Electronic forms. The policies have just been updated to comply with all mandated requirements and include electronic forms that can be Emailed, filled out completely on the computer, routed and stored electronically. A totally solution that uses technology at its best.

The policies have just been updated to comply with all mandated requirements and include electronic forms that can be Emailed, filled out completely on the computer, routed and stored electronically -- a total solution.

We have just completed a major update of all the individual polices and all of the electronic forms.

Read on. . .


Core Disaster Recovery Business Continuity Assessment

DR/BC Best of Breed

Many businesses have never tested the recovery process in the event of a server or site failure

With business continuity a core component of risk management, a well-rehearsed plan lays the foundation for confidence that IT systems will work when needed most.

Terms like Maximum Tolerable Period of Disruption (MTPOD), recovery time objective (RTO) and recovery point objective (RPO) are often used, but what do they really mean? In practical terms, recovery time objective is the duration until a business can return to normal after the failure of a server or key computer site, and recovery point objective is the place in the transaction flow where the business resumes.

  • Recovery Time Objective (RTO) - How long can your business afford to be down?
  • Recovery Point Objective (RPO) - How often do you backup? How much data can your business afford to lose in the event of a disaster?
  • Level of Service (LOS) - What are your business' critical servers and essential units that cannot be disrupted?

Implementing a disaster recovery plan includes documenting the process to bring a server or group of servers back online in the event of failure. An overlooked step in the process often flows from the assumption that an IT expert is always readily available. Due to the inherent unpredictability of a disaster, the IT staff that your company relies on may take time to find and start action. Considering this human latency when developing the recovery plan naturally highlights any undesirable complexity in the systems and processes, and the need to support recovery even with minimal IT expertise on hand.

  • Core disaster recovery and business assessment questions
  • Could a newly hired IT professional quickly handle the situation?
  • Could a remote IT engineer talk a novice through the procedures?
  • Could a smart phone, tablet, or remote laptop provide all needed access to bring your business back online?
  • Could the disaster recovery business continuity plan be executed within the RTO and RPO requirements?

In addition to reviewing your disaster recovery and business continuity plan your team needs to define a realistic picture of their expectations. You could spend too much time thinking of costly alternatives to cover aspects of daily operations that may not be critical. When doing so, ask yourself and your executive team:

  • Specifically, what level of protection is necessary (RTO, RPO, LOS)?
  • Which aspects of your company's business must stay operational?

All of this is defined in Janco's "Disaster Recovery - Business Continuity Template".

Read on  Order DRP  DRP Sample