PO3.3:

From HORSE - Holistic Operational Readiness Security Evaluation.

Contents 1 PO 3.3 Monitoring of Future Trends and Regulations 2 Control Objective: 3 Applicability: 4 Risk Association Control Activities: 5 Implementation Guide: 6 Process Narrative 7 Process Illustration 8 Control Commentary 9 Control Exception Commentary 10 Evidence Archive Location 11 Control Status and Auditors Commentary 12 Remediation Plan 13 Supplemental Information: 14 Implementation guidance

[edit] PO 3.3 Monitoring of Future Trends and Regulations

[edit] Control Objective:

Establish a process to monitor business sector/industry, technology, infrastructure, legal and regulatory environment trends. Incorporate the consequences of these trends into the development of the IT technology infrastructure plan.

[edit] Applicability:

Sarbanes-Oxley

HIPAA

GLBA

PCI

FISMA

NIST SP 800-66

Ditscap

Control Exception

User Defined

[edit] Risk Association Control Activities:

[edit] Implementation Guide:

[edit] Process Narrative

Insert a description of the process narration that is applicable to the existing control statement this narrative refers to.

[edit] Process Illustration

Insert a process diagram, flowchart or other visual representation here to illustrate the process narrative.

Image:Someimage.jpg

[edit] Control Commentary

Insert a description of the control that is applicable to the existing control statement this commentary refers to.

[edit] Control Exception Commentary

Insert a description of the control exception that is applicable to the existing control statement this commentary refers to.

[edit] Evidence Archive Location

Insert Evidence Description Here.

[edit] Control Status and Auditors Commentary

Describe the condition of the applicable control and its effectiveness. Set the color icon to a redlock.jpg, yellowlock.jpg or greenlock.jpg.

Image:Redlock.jpg

[edit] Remediation Plan

Insert remediation plan, applicability, or any information that indicates what needs to be done.

[edit] Supplemental Information:

ITIL Service Delivery, Capacity Management.

ITIL 6.3 Activities in capacity management Service Delivery, Availability Management.

ITIL 8.5 Availability planning.

ITIL ICT Infrastructure Management, 3 Deployment.

ISO 17799 5.2 Information classification.

ISO 17799 11.1 Aspects of business continuity management.

[edit] Implementation guidance

Insert guidance in this section if it helps to elaborate upon the subject matter. Examples of evidence that would help guide the end user is desirable.