search:
               

• Say What You Do Products
• Effective Technical Communication
• Inclusive modeling -- how to diagram your processes
• Audience, clarity, logic, and brevity
• Word choices
• Does you use correct grammar?
• Eats, shoots, and leaves
• Frameworks
• The major frameworks used for establishing IT controls
• Analyzing the acceptance of framework controls
• A guideline for scoping controls
• Why it is a bad idea to cut and paste from the standards
• How capability maturity relates to frameworks
• Policies
• Effective Technical Communication
• Creating policies
• Should we (and do we) label media appropriately?
• Procedures
• Documenting your procedures
• Standards
• Documenting organizational standards
• Authors
• Rebecca Herold, CISSP, CISA, CISM, FLMI
• Dorian J. Cougias
• Marcelo Halpern
• Say What You Do eBook bundle
• Free IT policy guide
• Say What You Do eBook Edition
• Forms, Templates, and Samples
• Say What You Do toolkit
• Systems and Information Classification Standards
• Change Management
• Information Assurance Compliance Maturity Model Index (IACMMI)
• The Language of Compliance
• Systems and Info Classification

Say What You Do: Building a framework of controls, policies, standards, and procedures The Language of Compliance: A glossary of acronyms, terms, and extended definitions

$55.93 30% off combined item price 2 Downloadable PDFs

Use the Unified Compliance Framework approach to rational policy and procedure management

No other policy and procedure management framework is based on only the regulatory and contractual provisions that actually apply to you. This guide and glossary will help you to: - Eliminate redundant, conflicting, and underperforming IT policies and procedures - Measure the results of your policies in terms of actual legal and business requirements - Use industry-standard terminology, with more than 3,500 definitions of compliance terms and acronyms harmonized across hundreds of internationally recognized standards and regulations

Contents: Say What You Do

Defining your compliance framework: What it means to comply with authority documents such as regulations, standards, guidelines, contracts. List of major IT control frameworks.

Building your compliance framework: Determining which authority documents do and don't apply to your organization. Bringing in stakeholders and documenting your processes. Determining your current level of compliance with each applicable authority document. Determining and documenting processes and roles. Process review and approval. Measuring success.

Regulatory and industry guidelines on IT compliance: Key rules and steps for creating IT controls, as mandated by major authority documents.

Products and services for managing policies and procedures: Available forms, samples, and templates for policies and procedures. Sample compliance framework for assessing the status of your compliance controls. Reviews of policy and procedure management software.

Contents: The Language of Compliance

Terms: Harmonized definitions of terms used in HIPAA, SOX, GLB, CobiT, ISO 17799 and 27001, PCAOB, BCI, BSI, ISSF, the Sedona Conference documents, PCI-DSS, and many more

IT acronyms: ACF2, CSIRC, IPAC, MSL, and others

Titles: SA, CCMO; role definitions such as Change Advisory Board Emergency Committee

Organizations: ISACA, NIAP, SWIFT, IIA, BCI, CISC, and others

Extended definitions: Extra coverage of complex concepts such as accountability and responsibility and how to use a Responsible, Accountable, Consulted, Informed (RACI) chart

Additional resources and updates: Available online for registered users

More products Say What You Do toolkit Change management toolkit Free policy writing guide

Say What You Do and The Language of Compliance $55.93 30% off combined item price 2 Downloadable PDFs