DUBLIN–(BUSINESS WIRE)–The “Cloud Outsourcing, Disaster Recovery, and Security Bundle” report has been added to ResearchAndMarkets.com’s offering.
The Cloud Outsourcing, Disaster Recovery, and Security Bundle includes in editable Microsoft WORD and PDF formats:
- How to Guide for Cloud Processing and Outsourcing includes job descriptions for Manager Cloud applications, Cloud Computing Architect, sample contract, service level agreement, ISO 27001 – 27002 – 27031 security audit checklist, Business and IT Impact Questionnaire and much more.
- Disaster Recovery Plan (DRP) can be used in whole or in part to establish defined responsibilities, actions and procedures to recover the computer, communication and network environment in the event of an unexpected and unscheduled interruption. The template is IS0 27000 (27031) Series, COBIT, Sarbanes Oxley, PCI-DSS, and HIPAA compliant.
- Security Manual Template – (ISO CobiT SOX HIPAA Compliant) includes the Business Impact questionnaire and a Threat and Vulnerability Assessment Form (PDF and Excel). It is a complete Security Manual and can be used in whole or in part to comply with Sarbanes Oxley, define responsibilities, actions and procedures to manage the security of your computer, communication, Internet and network environment.
These core documents are delivered electronically along with specific infrastructure procedures, job descriptions and electronic forms. In addition, there are over 200 pages of additional supporting materials that can be used by companies to update their existing DR/BC plans and Security protocols. Being modular in nature, Janco’s full bundle does not need to be implemented. Rather components of the How to Cloud Guide, DR/BC, and Security Templates can be extracted and added to existing infrastructure and plans.
The 2021 Edition has detailed DR/BC activation procedures and implementation work plans. The bundle of three templates provides clear examples of how to get something done quickly and efficiently given the needs of today’s complex operating environments. Any sized organization can benefit from this tool. It is comprehensive and the processes created are concise and easily implemented. There are checklists and examples of what is needed to get systems and networks working quickly.
Key Topics Covered:
How to Guide for Cloud Processing and Outsourcing
- License for This Document
- Cloud and Outsourcing Management Standard
- Service Level Agreements (SLA)
- Problem Responsibility
- Cloud Processing and Outsourcing Policy Standard
- ISO 31000 Compliance – Risk Management
- GDPR Data Privacy Mandate
- Cloud Processing and Outsourcing Approval Standard
- Steps to implement Software as a Service (SaaS) via the Cloud.
- Cloud Outsource Service Provider Level Agreements and Metrics.
- SLA and Metrics Reporting
- Finding and Selecting a Cloud Outsource Vendor
- Outline for RFP and Negotiation of Contract Terms
Disaster Recovery Plan (DRP)
1. Plan Introduction
2. Business Impact Analysis
3. Backup Strategy
4. Recovery Strategy
5. Disaster Recovery Organization
6. Disaster Recovery Emergency Procedures
7. Plan Administration
8. Appendix A – Listing of Attached Materials
9. Appendix B – Reference Materials
10. Change History
Security Manual Template
1. Security – Introduction
2. Minimum and Mandated Security Standard Requirements
- ISO Security Domains
- ISO 27000
- Gramm-Leach-Bliley (Financial Services Modernization Act of 1999)
- FTC Information Safeguards.
- Federal Information Processing Standard – FIPS 199.
- NIST SP 800-53
- Sarbanes-Oxley Act
- California SB 1386 Personal Information Privacy
- California Consumer Privacy Act – 2018
- Massachusetts 201 CMR 17.00 Data Protection Requirements
- What Google and Other 3rd Parties Know
- Internet Security Myths
3. Vulnerability Analysis and Threat Assessment
- Threat and Vulnerability Assessment Tool
- Evaluate Risk
4. Risk Analysis – IT Applications and Functions
- Roles and Responsibilities
- Program Requirements
- Relationship to Effective Security Design
- Selection of Safeguards
- Requests for Waiver
- Program Basic Elements
5. Staff Member Roles
- Basic Policies
- Security – Responsibilities.
- Determining Sensitive Internet and Information Technology Systems Positions
- Personnel Practices
- Education and Training
- Contractor Personnel
6. Physical Security
- Information Processing Area Classification.
- Classification Categories
- Access Control
- Levels of Access Authority
- Access Control Requirements by Category.
- Implementation Requirements
- Protection of Supporting Utilities
7. Facility Design, Construction, and Operational Considerations
- Building Location
- External Characteristics
- Location of Information Processing Areas
- Construction Standards
- Water Damage Protection
- Air Conditioning
- Entrances and Exits.
- Interior Furnishings
- Air Conditioning
- Remote Internet and Information Technology Workstations
- Lost Equipment
- Training, Drills, Maintenance, and Testing
8. Media and Documentation
- Data Storage and Media Protection
9. Data and Software Security
- Resources to Be Protected
- Access Control
- Internet/Intranet/Terminal Access/Wireless Access
- Wireless Security Standards
- Logging and Audit Trail Requirements
- Satisfactory Compliance.
- Violation Reporting and Follow-Up
10. Internet and Information Technology Contingency Planning
- Information Technology
- Contingency Planning
- Contingency Plan Activation and Recovery
- Disaster Recovery/Business Continuity and Security Basics
11. Insurance Requirements
- Filing a Proof of Loss
- Risk Analysis Program
- Purchased Equipment and Systems
- Leased Equipment and Systems
- Business Interruption.
- Staff Member Dishonesty
- Errors and Omissions
12. Security Information and Event Management (SIEM)
- Best Practices for SIEM
- KPI Metrics for SIEM
13. Identity Protection
- Identifying Relevant Red Flags
- Preventing and Mitigating Identity Theft
- Updating the Program
- Methods for Administering the Program
14. Ransomware – HIPAA Guidance
15. Outsourced Services
- Outside Service Providers – Including Cloud
16. Waiver Procedures
- Purpose and Scope
17. Incident Reporting Procedure
- Purpose & Scope
18. Access Control Guidelines
- Purpose & Scope
- Definitions of Access Control Zones
- Badge Issuance
For more information about this report visit https://www.researchandmarkets.com/r/i4nd5o