The Compliance Solution Accelerators team has just released valuable extensions to the IT Compliance Management Series. And with “Companies now spend(ing) about 8.5 percent of their IT budgets on compliance needs," says French Caldwell, an analyst at Gartner (CIO Magazine, Sept 2007), these couldn’t be more timely. These new offerings provide specific technical guidance and resources for Windows 7, Windows Server 2008 and Windows Server 2008 R2.
The IT Compliance Management Series will help you shift the burden of your IT governance, risk, and compliance (GRC) efforts from people to IT systems and implement controls to address IT GRC requirements that apply to your organization. This series is intended for IT managers and IT professionals who must plan, implement, or configure Microsoft products and who want to ensure that IT GRC requirements are addressed efficiently and effectively.
In addition to the already released IT Compliance Management Guide, the series now includes Beta versions of IT Compliance Management: Windows 7 and IT Compliance Management: Windows Server 2008 and Windows Server 2008 R2. Reviewers are asked to provide feedback on this collection of guides, resources, and compliance baselines that provide direction on how to enable Windows 7, Windows Server 2008, and Windows Server 2008 R2 to support your organization’s key IT GRC initiatives by taking advantage of features and technology inherent in the operating systems.
The IT Compliance Management Series Beta review program includes IT Compliance Management: Windows 7 and IT Compliance Management: Windows Server and Windows Server 2008 R2.
The IT Compliance Management for Windows 7.zip file includes the following files:
- IT Compliance Management Guide: Windows 7.docx. This guide will help your organization identify and implement GRC controls in Windows 7.
- IT Compliance Management Resources: Windows 7.xlsx. This Microsoft Excel workbook will allow you to configure Windows 7 in accordance with your organization’s configuration and change control practices. The Instructions tab provides reader instructions; users can filter the workbook by IT GRC grouping or control activity type.
The IT Compliance Management for Windows Server 2008 and Windows Server 2008 R2.zip file includes the following files:
- IT Compliance Management Guide: Windows Server 2008 and Windows Server 2008 R2.docx. This guide will help your organization identify and implement IT GRC controls in Windows Server 2008 and Windows Server 2008 R2.
- IT Compliance Management Resources: Windows Server 2008 and Windows Server 2008 R2.xlsx. This Microsoft Excel workbook will allow you to configure Windows Server 2008 and Windows Server 2008 R2 in accordance with your organization’s configuration and change control practices. The Instructions tab provides reader instructions; users can filter the workbook by IT GRC control grouping or control activity type.
- IT Compliance Configuration Packs—DCM Baselines for Windows Server 2008. Three DCM Configuration Packs for Windows Server 2008 are included for you to use with the DCM feature in Configuration Manager 2007 R2. These packs assist in validating the configurations prescribed in the IT Compliance Management Resources workbook.
Note: This Beta review period will run November 9, 2009 to December 9, 2009. Please take advantage of this opportunity to provide feedback and influence the development of these new compliance offerings. Feedback and questions for these Beta releases will be conducted via a brief survey and on the Compliance Management Forum. Visit the forum for complete instructions and the survey link.
The previously released IT Compliance Management Guide.zip file includes the following files:
- IT Compliance Management Guide.docx. This guide will prepare you for a conversation with GRC subject matter experts such as attorneys, auditors, specialists, and consultants working for your organization. It introduces an approach based on Microsoft Operations Framework (MOF) 4.0 that can help you address compliance requirements as well as organization-wide governance initiatives.
- IT Compliance Management Resources.xlsx. This Microsoft Excel workbook contains four worksheets. The Instructions worksheet provides reader instructions on the use of the tabs within this workbook. The GRC Control Objectives worksheet contains high-level objectives applicable to an IT department assigned GRC duties. The GRC Configuration Job Aids worksheet contains GRC objectives and associated Microsoft product configuration guidance to meet these objectives. The GRC Management Inventory worksheet contains GRC management guidance and additional product guidance for the management of a GRC solution.
This Solution Accelerator also includes the following files:
- Release Notes.rtf. Provides information about updates and changes to the IT Compliance Management Guide.
- IT Compliance Management Guide data sheet.docx. A two-page overview of the IT Compliance Management Guide that describes its purpose and provides other relevant information for IT managers and IT professionals.
Note: The IT Compliance Management Guide replaces the Regulatory Compliance Planning Guide version 1.0, published July 7, 2006.
To ask questions or provide feedback, subscribe to the Compliance Management Forum. This forum also provides the ability to join discussions and collaborate on GRC-related compliance management issues with your peers.
During this Beta period, reviewers are being asked to provide feedback on guides, resources, and compliance baselines that provide direction on how to enable Windows 7, Windows Server 2008, and Windows Server 2008 R2 to support your organization’s key IT GRC initiatives by taking advantage of features and technology inherent in the operating systems. Successful implementation of these recommendations will allow organizations to simplify the enforcement and management of their IT GRC objectives.
Looking for other Windows 7 resources from the Solution Accelerators team? Check out the Windows Desktop Solution Accelerators page.
Want more Windows Server 2008 R2 resources? Visit the Windows Server 2008 R2 Solution Accelerators page.
kurtsh
Kurt Shintaku's Blog 