This is -- Scott Schnoll, Senior Program Manager, Office 365 Customer Experience
If this is the information you seek to properly implement or audit Microsoft Office 365, Go back to the source
We've thoroughly consumed this information because we are an Office 365 shop. If you have clients using 365, or if you are using Microsoft products, then you should too.
To effectively use this critical security content, you need to do two things; become a CIS member, (it costs nothing and offers tremendous value), and two, become a contributor and participant.
Center For Internet Security Critical Security Controls V.6.1
AICPA Service Organization Control Reports - SOC 2
“If your company currently uses third-party vendors to provide services that include the collection, processing and/or retention of sensitive information, you should consider inquiring into whether they have successfully completed a SOC 2 Type 2 audit, as it helps to ensure a higher standard for protecting your data.” Jeanne Madden, Vice President Operations, ADP Tax Credit Services
Can you translate your product or industry to the most current regulatory requirements? Can you map your capabilities to the compliance problems you solve? GRC is broken. We can fix it. We tie out your security investment to your security and risk response. With over 150 analyzed products, 5000 systems policies and current models for seven major sectors, you can resolve your most perplexing regulatory challenges in just months.
If you have hundreds of security products and you can't map them to your regulatory requirements, our methodology will make this relatively easy to accomplish. If you have a product and you can't explain its capabilities to the security and compliance market, give us a call. An investment of less than 15K USD will reap guaranteed results.
Networking and Security concepts are critical to assessing security policy in networked and cloud environments.
The foundations of Control Objectives for Information Technology, or Cobit, are especially useful in planning for or assessment of any governance program. Now superceded by Cobit 5, the Cobit 4 curriculum offers relevant learning. For more information about trainings in IT Governance, visit https://ISACA.org or http://ITpreneurs.com
Often those unfamiliar with building a comprehensive Business Continuity Program will not be aware that just downloading and filling in a template from the internet to check a task box is not the appropriate solution for protecting your business. Using the 12 components for Business Continuity Planning and maturing over time through exercising and continuous improvement practices will increase the chances of recovery in times of crisis.
Order 13636 requires accountability to assure cyber-security readiness, requiring Financial, Communications, Manufacturing, Defense, Energy, Emergency Services, Food and Agriculture, Healthcare, IT, Utilities, Chemical, Water, Nuclear Reactors, Materials, & Waste and Transportation sectors to initiate voluntary compliance with the NIST Cybersecurity Framework.
Cloud Computing is easily the highest rated topic in current technology design, implementation, and control. No successful enterprise will circumvent the use of virtualization.