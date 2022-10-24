Dublin, Oct. 24, 2022 (GLOBE NEWSWIRE) -- The "Cloud Outsourcing, Disaster Recovery, and Security Bundle" report has been added to ResearchAndMarkets.com's offering.

How to Guide for Cloud Processing and Outsourcing includes job descriptions for Manager Cloud applications, Cloud Computing Architect, sample contract, service level agreement, ISO 27001 - 27002 - 27031 security audit checklist, Business and IT Impact Questionnaire and much more.

Disaster Recovery Plan (DRP) can be used in whole or in part to establish defined responsibilities, actions and procedures to recover the computer, communication and network environment in the event of an unexpected and unscheduled interruption. The template is IS0 27000 (27031) Series, COBIT, Sarbanes Oxley, PCI-DSS, and HIPAA compliant.

Security Manual Template - (ISO CobiT SOX HIPAA Compliant) includes the Business Impact questionnaire and a Threat and Vulnerability Assessment Form (PDF and Excel). It is a complete Security Manual and can be used in whole or in part to comply with Sarbanes Oxley, define responsibilities, actions and procedures to manage the security of your computer, communication, Internet and network environment.

These core documents are delivered electronically along with specific infrastructure procedures, job descriptions and electronic forms. In addition, there are over 200 pages of additional supporting materials that can be used by companies to update their existing DR/BC plans and Security protocols. Being modular in nature, Janco's full bundle does not need to be implemented. Rather components of the How to Cloud Guide, DR/BC, and Security Templates can be extracted and added to existing infrastructure and plans.

The 2021 Edition has detailed DR/BC activation procedures and implementation work plans. The bundle of three templates provides clear examples of how to get something done quickly and efficiently given the needs of today's complex operating environments. Any sized organization can benefit from this tool. It is comprehensive and the processes created are concise and easily implemented. There are checklists and examples of what is needed to get systems and networks working quickly.



Key Topics Covered:

How to Guide for Cloud Processing and Outsourcing

License for This Document

Limitations.

Cloud and Outsourcing Management Standard

Service Level Agreements (SLA)

Problem Responsibility

Cloud Processing and Outsourcing Policy Standard

ISO 31000 Compliance - Risk Management

GDPR Data Privacy Mandate

Cloud Processing and Outsourcing Approval Standard

Steps to implement Software as a Service (SaaS) via the Cloud.

Cloud Outsource Service Provider Level Agreements and Metrics.

SLA and Metrics Reporting

Finding and Selecting a Cloud Outsource Vendor

Outline for RFP and Negotiation of Contract Terms

Disaster Recovery Plan (DRP)

1. Plan Introduction

2. Business Impact Analysis

3. Backup Strategy

4. Recovery Strategy

5. Disaster Recovery Organization

6. Disaster Recovery Emergency Procedures

7. Plan Administration

8. Appendix A - Listing of Attached Materials

9. Appendix B - Reference Materials

10. Change History

Security Manual Template



1. Security - Introduction

2. Minimum and Mandated Security Standard Requirements

ISO Security Domains

ISO 27000

Gramm-Leach-Bliley (Financial Services Modernization Act of 1999.

FTC Information Safeguards.

Federal Information Processing Standard - FIPS 199.

NIST SP 800-53

Sarbanes-Oxley Act

California SB 1386 Personal Information Privacy

California Consumer Privacy Act - 2018

Massachusetts 201 CMR 17.00 Data Protection Requirements

What Google and Other 3rd Parties Know

Internet Security Myths

3. Vulnerability Analysis and Threat Assessment

Threat and Vulnerability Assessment Tool

Evaluate Risk

4. Risk Analysis - IT Applications and Functions

Objective

Roles and Responsibilities

Program Requirements

Frequency

Relationship to Effective Security Design

Selection of Safeguards

Requests for Waiver

Program Basic Elements

5. Staff Member Roles

Basic Policies

Security - Responsibilities.

Determining Sensitive Internet and Information Technology Systems Positions

Personnel Practices

Education and Training

Contractor Personnel

6. Physical Security

Information Processing Area Classification.

Classification Categories

Access Control

Levels of Access Authority

Access Control Requirements by Category.

Implementation Requirements

Protection of Supporting Utilities

7. Facility Design, Construction, and Operational Considerations

Building Location

External Characteristics

Location of Information Processing Areas

Construction Standards

Water Damage Protection

Air Conditioning

Entrances and Exits.

Interior Furnishings

Fire

Electrical

Air Conditioning

Remote Internet and Information Technology Workstations

Lost Equipment

Training, Drills, Maintenance, and Testing

8. Media and Documentation

Data Storage and Media Protection

Documentation

10. Data and Software Security

Resources to Be Protected

Classification

Rights

Access Control

Internet/Intranet/Terminal Access/Wireless Access

Spyware

Wireless Security Standards

Logging and Audit Trail Requirements

Satisfactory Compliance.

Violation Reporting and Follow-Up

11. Internet and Information Technology Contingency Planning

Responsibilities

Information Technology

Contingency Planning

Documentation

Contingency Plan Activation and Recovery

Disaster Recovery/Business Continuity and Security Basics

12. Insurance Requirements

Objectives

Responsibilities

Filing a Proof of Loss

Risk Analysis Program

Purchased Equipment and Systems

Leased Equipment and Systems

Media

Business Interruption.

Staff Member Dishonesty

Errors and Omissions

13. Security Information and Event Management (SIEM)

Best Practices for SIEM

KPI Metrics for SIEM

14. Identity Protection

Identifying Relevant Red Flags

Preventing and Mitigating Identity Theft

Updating the Program

Methods for Administering the Program

15. Ransomware - HIPAA Guidance

Required response

16. Outsourced Services

Responsibilities

Outside Service Providers - Including Cloud

17. Waiver Procedures

Purpose and Scope

Policy

Definition

Responsibilities

Procedure

18. Incident Reporting Procedure

Purpose & Scope

Definitions

Responsibilities

Procedure

Analysis/Evaluation

19. Access Control Guidelines

Purpose & Scope

Objectives

Definitions of Access Control Zones

Responsibilities

Badge Issuance

