Documents: Difference between revisions

From HORSE - Holistic Operational Readiness Security Evaluation.
Jump to navigation Jump to search
No edit summary
No edit summary
Line 1: Line 1:
== Sample Policy Templates ==
== Sample Policy Templates ==
<br>
<br>
'''Adaptive Best Practices'''<br>
'''Adaptive Best Practices'''
This section provides Scalable Policy Framework templates (for example, policies, standards, and technical standards) that are needed to create, implement, and maintain a best practice, risk management-based Information Security Program.<br>
This section provides Scalable Policy Framework templates (for example, policies, standards, and technical standards) that are needed to create, implement, and maintain a best practice, risk management-based Information Security Program.<br>
<br>
:[[Adaptive Best Practices Policy Samples:|'''Adaptive Best Practices Policy Samples''']]
:This section provides Policy Framework templates (for example, policies, standards, and technical standards) that are needed to create, implement, and maintain a best practice, risk management-based Information Security Program.<br>
<br>
<br>
:[[Sarbanes-Oxley Policy Samples:|'''Sarbanes-Oxley Policy Samples]]'''
:[[Sarbanes-Oxley Policy Samples:|'''Sarbanes-Oxley Policy Samples]]'''

Revision as of 15:05, 14 July 2006

Sample Policy Templates


Adaptive Best Practices This section provides Scalable Policy Framework templates (for example, policies, standards, and technical standards) that are needed to create, implement, and maintain a best practice, risk management-based Information Security Program.

Adaptive Best Practices Policy Samples
This section provides Policy Framework templates (for example, policies, standards, and technical standards) that are needed to create, implement, and maintain a best practice, risk management-based Information Security Program.


Sarbanes-Oxley Policy Samples
Section 404 of the Sarbanes-Oxley Act (SOX) requires companies to document their financial and Information Technology (IT) controls and attest to the effectiveness of the controls on an annual basis. This section highlights the templates from the Best Practice Policy Framework library (for example, policy and standards controls) that are needed to create, implement, and maintain an risk management-based Information Security Program that complies with SOX Section 404.


Gramm-Leach-Bliley Policy Samples
The Gramm-Leach-Bliley Act (GLBA) mandates that financial organizations take specific actions to protect the security (and privacy) of customer information. This section highlights the templates from the Best Practice Policy Framework library (for example, policy and standards controls) that are needed to create, implement, and maintain an Information Security Program that complies with GLBA.


Health Insurance Portability and Accountability Policy Samples
Subpart C Section 164.306 (c) of the Health Insurance Portability and Accountability Act (HIPAA) requires covered entities to comply with specific security standards with respect to all electronic protected health information. This section highlights the templates from the Best Practice Policy Framework library (for example, policy and standards controls) that are needed to create, implement, and maintain an Information Security Program that complies with HIPAA.


International Organization for Standardization Security Standard Policy Samples
The International Organization for Standardization Security Standard (ISO 17799) is an internationally recognized information Security Management standard consisting of security clauses, controls, and objectives comprising best practices in information security. This section highlights the templates from the Best Practice Policy Framework library (for example, policy and standards controls)that are needed to create, implement, and maintain an Information Security Program that complies with ISO 17799.

--Mdpeters 08:14, 14 July 2006 (EDT)