Niche Studio Policies, Standards, and Procedures

Home
0. Security Program Overview
1. Security Architecture and Operating Model
2. Roles, Responsibilities and Training
3. Policy Management
4. Risk Management and Risk Assessment Process
5. Compliance Audits and External Communications
6. System Audits, Monitoring and Assessments
7. HR and Personnel Security
8. Access
9. Facility Access and Physical Security
10. Asset Inventory Management
11. Data Management
12. Data Protection
13. Secure Software Development and Product Security
14. Configuration and Change Management
15. Threat Detection and Prevention
16. Vulnerability Management
17. Mobile Device Security and Media Management
18. Business Continuity and Disaster Recovery
19. Incident Response
20. Breach Investigation and Notification
21. Third Party Security and Vendor Risk Management
22. Privacy Practice and Consent
23. Client Project Requirements
24. Addendum and References
Policies
Privacy Policy
Cookie Policy
Terms of Trade
Support Service Level Agreement (SLA)
Templates
Employee Handbook
Key Definitions
Approved Software
Approved Vendors
HIPAA Business Associate Agreement
GDPR Data Processing Agreement
Vendor Security Response Template
Controls
Control Mapping Overview
HIPAA Controls Mapping
NIST Controls Mapping
Log Retention Schedule

Home

Next

0. Security Program Overview
1. Security Architecture and Operating Model
2. Roles, Responsibilities and Training
3. Policy Management
4. Risk Management and Risk Assessment Process
5. Compliance Audits and External Communications
6. System Audits, Monitoring and Assessments
7. HR and Personnel Security
8. Access
9. Facility Access and Physical Security
10. Asset Inventory Management
11. Data Management
12. Data Protection
13. Secure Software Development and Product Security
14. Configuration and Change Management
15. Threat Detection and Prevention
16. Vulnerability Management
17. Mobile Device Security and Media Management
18. Business Continuity and Disaster Recovery
19. Incident Response
20. Breach Investigation and Notification
21. Third Party Security and Vendor Risk Management
22. Privacy Practice and Consent
23. Client Project Requirements
24. Addendum and References
Appendix A. Policies
Appendix B. Privacy Policy
Appendix C. Cookie Policy
Appendix D. Terms of Trade
Appendix E. Support Service Level Agreement (SLA)
Appendix F. Templates
Appendix G. Employee Handbook
Appendix H. Key Definitions
Appendix I. Approved Software
Appendix J. Approved Vendors
Appendix K. HIPAA Business Associate Agreement
Appendix L. GDPR Data Processing Agreement
Appendix M. Vendor Security Response Template
Appendix N. Controls
Appendix O. Control Mapping Overview
Appendix P. HIPAA Controls Mapping
Appendix Q. NIST Controls Mapping
Appendix R. Log Retention Schedule

0. Security Program Overview

Menu

Home 0. Security Program Overview 1. Security Architecture and Operating Model 2. Roles, Responsibilities and Training 3. Policy Management 4. Risk Management and Risk Assessment Process 5. Compliance Audits and External Communications 6. System Audits, Monitoring and Assessments 7. HR and Personnel Security 8. Access 9. Facility Access and Physical Security 10. Asset Inventory Management 11. Data Management 12. Data Protection 13. Secure Software Development and Product Security 14. Configuration and Change Management 15. Threat Detection and Prevention 16. Vulnerability Management 17. Mobile Device Security and Media Management 18. Business Continuity and Disaster Recovery 19. Incident Response 20. Breach Investigation and Notification 21. Third Party Security and Vendor Risk Management 22. Privacy Practice and Consent 23. Client Project Requirements 24. Addendum and References Policies Privacy Policy Cookie Policy Terms of Trade Support Service Level Agreement (SLA) Templates Employee Handbook Key Definitions Approved Software Approved Vendors HIPAA Business Associate Agreement GDPR Data Processing Agreement Vendor Security Response Template Controls Control Mapping Overview HIPAA Controls Mapping NIST Controls Mapping Log Retention Schedule

On This Page

shadcn theme provided by @asiffer