Regulations and Standards Before 9-11 September Eleven Attacks (1991-2001)
- Consumer Credit Protection Act
- OMB Circular A-130
- FEMA Guidance Document
- Paperwork Reduction Act
- FFIEC BCP Handbook
- Computer Security Act
- 12 CFR Part 18
- Presidential Decision Directive 67
- FDA Guidance on Computerized Systems used in Clinical Trials
- ANSI/NFPA Standard 1600
- Turnbull Report (UK)
- ANAO Best Practice Guide (Australia)
- SEC Rule 17 a-4

Regulations and Standards After 9-11 September Eleven Attacks (2002-2004)
- Sarbanes-Oxley Act of 2002
- HIPAA, Final Security Rule

Download Free Information Risk Management Policy Template

Purpose
The purpose of this policy is to ensure that risks to University information are identified, analyzed, and managed so that they are maintained at acceptable levels. Risks to the confidentiality, integrity, and availability of university information are considered.

Scope
This policy applies to all University departments and functions that collect, transmit, or retain non-public University information in any form.

Download Free Network Vulnerability Assessment and Performance Analysis Audit Templates

This document outlines the requirement for Network Vulnerability Assessment and Network Performance Analysis - Audit. The goal of the project is two-fold:
- Assess all security vulnerabilities of the INFINET network and recommend solutions for identified vulnerabilities
- Assess INFINET's ability to meet the performance requirements related to traffic and transactions carried over it and to recommend solutions for improving the performance
Information assurance is an integral part of the IDRBT 's mission. Our challenge is to make needed services available to authorized users concurrently with minimizing both the amount of information we disclose to others as well as minimizing the attack profile we present to others. The current level of security can be identified by assessing the performance, identifying the vulnerabilities & then developing appropriate steps for mitigation.

Statement of purpose

Download Free Major Incident and Disaster Recovery Plan (DRP)

The University has recognised the need to produce a comprehensive Plan (Disaster Recovery Plan) to deal with the immediate consequences and aftermath of a major incident situation.

The Disaster Recovery Plan (DRP) concentrates on dealing with major incidents involving physical damage to University assets.

Download Free ITIL Testing Process Management Plan and Testing Strategy Templates

Testing Process Management Plan Templates can be used as SDLC (Software Development Lifecycle Process) Review or Improvement Process
Introduction
This test approach document describes the appropriate strategies, process, workflows and methodologies used to plan, organize, execute and manage testing of software projects within caBIG.

Scope
Describe the current test approach scope based on your role and project objectives.