Sensitive Information Policy - CIO Productivity Bundle

 

Does your enterprise protect its customers' Credit Card information?

New laws and regulations mandate that enterprises protect customers' Credit Card information, employee confidential data, and enterprise business records.  Not only does section 404 of Sarbanes-Oxley impose strict rules on this, but the disclosure reporting requirements of several states, including California, mandate the immediate disclosure of unauthorized intrusions into that data. 

Credit card companies place very strict requirements on how data relating to credit card transactions can be captured,  storage and enciphering requirements, length of time data is retained, and how this data is accessed.  If these rules are not followed, the credit card companies can and do eliminate enterprise's processing and access privileges to the credit card processing system. 

 

Does your enterprise have the RIGHT policies and procedures in place?

Protect your enterprise and get the CIO productivity bundle or at least get the Sensitive Information policy.  An update service is available so when there are changes in regulations these tools will remain current.

CIO Productivity Bundle

The CIO productivity bundles contains everything needed to comply with Sarbanes-Oxley and the immediate disclosure laws.  The bundle contains:

  • 202 job description in word format

  • Disaster Recovery Template which is Sarbanes Oxley compliant

  • Security Template which is Sarbanes Oxley compliant

  • IT Service Management Template (Change Management, Help Desk, and Service Requests)

  • Sensitive Information Policy (Protect  Credit Card Card and Personal Information)

  • Disk Monitor software

  • Metrics for Internet and IT (metric kit)

  • Service Level Policy Agreement Policy Template (metric kit)

The advanced version of this bundle come with metrics and a service level agreement template.

Sensitive Information Policy Template

 

The Sensitive Information Policy templates defines how to treat Credit Card, Social Security, Employee, and Customer Data.  The policy is 15 pages in length. This policy complies with Sarbanes Oxley Section 404.

 

This policy applies to the entire enterprise, its vendors, its suppliers (including outsourcers) and co-location providers and facilities regardless of the methods used to store and retrieve sensitive information (e.g. online processing, outsourced to a third party, Internet, Intranet or swipe terminals). 

 

 

  Sarbanes Oxley Compliance Disaster Recovery Plan TemplateSecurity Manual Template - Sarbanes-OxleyIT Service Management ITIL

 

© 2006 Janco Associates, Inc. - ALL RIGHTS RESERVED -- Revised: 10/04/06.