Sarbanes-Oxley (SOX)Resource Compliance Kit

Mandated Requirements

The SOX kit contains all of the tools that are need to comply with the Sarbanes-Oxley legislation.  This tool kit has been used successfully by over 500 publicly traded companies.

 

Order SOX compliance Kit  Download Selected SOX Pages

ITIL and "Best Practices" are no longer sufficient to conform to the Sarbanes Oxley and COBIT requirements. There are many products on the market that claim they can track changes, that they can control/manage changes or that they can audit the use of products and the changes made to systems.

Almost all of the Change Management products are either "Electronic Paper" (i.e. they cannot prevent unauthorized changes from being made) or they react after the event based on cyclic comparisons of the various data sets. The time between the cyclic comparisons is an open door for anyone trying to manipulate the systems, and paper based systems offer no protection at all.

Sarbanes-Oxley Section 404 requires that:

• Enterprises have an enterprise wide security policy;
• Enterprises have enterprise wide classification of data for security, risk, and business impact;
• Enterprises have security related standards and procedures;
• Enterprises have formal security based documentation, auditing, and testing in place;
• Enterprise enforce separation of duties; and
• Enterprises have policies and procedures in place for Change Management, Help Desk, Service Requests, and changes to applications, policies, and procedures.

To meet these needs the Sarbanes Oxley Kit, which comes in four editions (Standard, Silver, Gold, and Platinum) contains:

• Security Policies (all editions);
• Threat & Vulnerability Assessment Tool (all editions);
• Business & IT Impact Questionnaire Risk Assessment Tool (all editions);
• Safety Program Template (all editions);
• Disaster Recovery Template (all editions);
• Outsourcing guide update to reflect what you vendors need to do (all editions);
• Software tool to monitor key data files (all editions);
• Internet and IT Job Descriptions (Silver, Gold, and Platinum Editions) and;
• IT Service Management Template (Platinum Edition).

The tools provided in these kits address not only the needs of Sarbanes-Oxley, COBIT and ISO -- they also provide a vehicle to comply with the IT Governance requirements.

 

---

 

Security Manual

The plan is 178 pages and includes everything needed to customize the Internet and Information Technology Security Manual to fit your specific requirement.  The electronic document includes proven written text and examples for your security plan.

 

Disaster Recovery Plan (DRP)

 

This Disaster Recovery Plan (DRP) can be used as a template for any enterprise.   DRP is sent to you via e-mail in WORD and/or PDF format. Included is a 13 page Business Impact Questionnaire as well as a 3 page Job Description for the Disaster Recovery Manager. 

Internet and  IT Job Descriptions 

                           

The Internet and IT Position Descriptions are in Word for Windows format.  Includes positions from CIO and CTO to Wireless and Metrics Managers. 

 

The IT Service Management Template

The  IT Service Management Template contains policies, standards,  procedures and metrics for Change Control, Help Desk and Service Request processing.  ITSM template also contains several easy to implement forms and conforms with ITIL.

 Practical Guide for IT Outsourcing

 

The guide is 91 packed pages and includes everything needed to plan for, negotiate, and manage an outsourcing process within an enterprise. 

 

 Safety Program Template

                               

The plan is 60 pages and includes everything needed to customize the Safety Program to fit your specific requirement.  The Safety was updated in December of 2004 and reflects the latest issues associated with the most recent legislation (Sarbanes Oxley).