Sarbanes-Oxley (SOX)Resource Compliance Kit

Sarbanes Oxley Compliance

Mandated Requirements

The SOX kit contains all of the tools that are need to comply with the Sarbanes-Oxley legislation.  This tool kit has been used successfully by over 500 publicly traded companies.

 

Download Selected Pages

ITIL and "Best Practices" are no longer sufficient to conform to the Sarbanes Oxley and COBIT requirements. There are many products on the market that claim they can track changes, that they can control/manage changes or that they can audit the use of products and the changes made to systems.

Almost all of the Change Management products are either "Electronic Paper" (i.e. they cannot prevent unauthorized changes from being made) or they react after the event based on cyclic comparisons of the various data sets. The time between the cyclic comparisons is an open door for anyone trying to manipulate the systems, and paper based systems offer no protection at all.

Sarbanes-Oxley Section 404 requires that:

  • Enterprises have an enterprise wide security policy;
  • Enterprises have enterprise wide classification of data for security, risk, and business impact;
  • Enterprises have security related standards and procedures;
  • Enterprises have formal security based documentation, auditing, and testing in place;
  • Enterprise enforce separation of duties; and
  • Enterprises have policies and procedures in place for Change Management, Help Desk, Service Requests, and changes to applications, policies, and procedures.

To meet these needs the Sarbanes Oxley Kit, which comes in four editions (Standard, Silver, Gold, and Platinum) contains:

  • Security Policies (all editions);
  • Threat & Vulnerability Assessment Tool (all editions);
  • Business & IT Impact Questionnaire Risk Assessment Tool (all editions);
  • Safety Program Template (all editions);
  • Disaster Recovery Template (all editions);
  • Outsourcing guide update to reflect what you vendors need to do (all editions);
  • Software tool to monitor key data files (all editions);
  • Internet and IT Job Descriptions (Silver, Gold, and Platinum Editions) and;
  • IT Service Management Template (Platinum Edition).

The tools provided in these kits address not only the needs of Sarbanes-Oxley, COBIT and ISO -- they also provide a vehicle to comply with the IT Governance requirements.

Download Selected Pages

 

 

 

 

CIO - CTO - CSO News

Disaster recovery and business continuity still a struggle for many CIOs

Organizations of all sizes are struggling with getting some of the basics of disaster recovery and business continuity right. They still need support in obtaining executive buy-in, managing resources and implementing easy to use and reliable technology. To some extent, there is still a lack of best practices being provided by vendors, and many SMBs rely heavily on their channel partners to be their best practices advisors to help them make the right choices.

Preparing for Disaster

What has made the world more complex is the fact that organizations are now presented with three different platforms for their disaster recovery strategies: physical, virtual and cloud. Each platform has its own unique challenges and benefits. Some organizations will opt to keep purely physical, others will add virtualization while many will embrace all three.

Order Disaster Plan TemplateDisaster Plan Template

Ultimately the success of any company's backup and DR is based on the availability of its systems and data and the impact that downtime has in terms of lost revenue and lost customers, regardless of the environment data and systems are held in. Using multiple different solutions to manage data across physical, virtual and cloud environments makes this process unnecessarily complicated and risks wasting valuable time and resources.

For most small to medium size businesses, a service's success is underpinned by its ability to deliver ease of use, cost effectiveness and flexibility, and by its ability to implement measures quickly enough to affect a near immediate positive impact. Both cloud services and virtualization can do this, so the future is bright. Managed in the right way, from one central, easy to use solution, they can offer businesses the ultimate backup and disaster recovery protection, ensuring that business continuity becomes easier to manage.

For IT managers, Janco encourages them to compare their backup and DR practices against their counterparts.

- more info

Mobile devices are the bane of many CIOs concerns

Mobile Device UseAs more companies embrace the broad usage of individually-owned mobile devices for access to corporate applications and data, CIO are asked for guidance on the establishment of an associated device usage policy.

Every organization needs to identify and develop mobile security policies to be deployed which will provide adequate protection. The level of protection has to be aligned with the level of risk that your organization is willing to accept. These policies should ensure that the many regulatory or compliance concerns that might be applicable are addressed.

Order Mobile Device Access Use PolicySample Outsourcing Policy

Only by a partnership of information technology (IT), human resource (HR), finance, and legal teams - working closely with your executive team and business unit managers - can determine the exact corporate liable and/or individual liable policy that best fits your company, meets its financial goals and objectives, and takes into account security, legal, regulatory, tax, or other requirements and considerations that may uniquely apply to your company and its operations.

- more info

Will IT spending increase in 2012

IT spending is expected to increase in 2012. After years of budgets crimped by the economy, there is significant pent-up demand at companies around the globe to drop some extra cash for the products and services they’ve been waiting for to drive business forward. But we’ve heard this song before. One research fiorm that  was bullish on IT spending last year, said that it could rise somewhat significantly in 2012, yet in its latest report the research firm acknowledges that its estimates might have been too optimistic. Global spending on IT spending will still be up, the company says, but don’t expect it to rise too quickly.

Janco has found that consultants and contractors are starting to be hired again.

IT Hiring Trends

 

The salary survey is updated twice a year; once in January and then again in July. You can get a free copy of the full survey if you provide 10 valid data points and use a corporate email address. Free email accounts like gmail or yahoo do not qualify as we have no way to verify the accuracy of the data provided.

The report is updated twice a year, once in January and second time in July. The unemployment data on this page is updated at least once a month and is based on the Bureau of Labor Statistics data.

Order Salary Survey     Free Salary Survey

 

- more info

New Facts of Life For the CIO and IT Management

The world has changed and the CIO and IT managers need to face the new realities.  They include:Salary Survey IT

  • iPhone and Tablet are here to stay
  • CIO and IT department no longer are in control of how technology is used by you enterprise
  • There will always be some downtime
  • Systems will not be 100% compliant all of the time
  • The cloud will not be the solution for all problems and will case new ones
  • There will never be enough capital and staff to get what needs to be completed done
  • The network has already been compromised
  • Social networking use risks all of your company's secrets
  • Users will always need your support even for technology that you have not implemented
  • IT will continue to be viewed as a service organization
- more info