The NOREX Document Library features over 2500+ items which include working templates contributed by NOREX Members, WebForum transcripts, Member polls, and Toolkits (collections of Member-contributed documents, transcripts, and polls on a specific topic). If you would like to request other documents, please contact firstname.lastname@example.org.
Non-Members: Click on the orange button above to complete a short form before downloading sample documents.
ACCESS CONTROL POLICY
This compilation of future implementations centers on user authentication, access control, identification procedures, and more. 12 Pages | 20-486
CLOUD SECURITY FRAMEWORK
This framework of steps procures a cloud service that meets information security policies, standards, and baselines. 7 Pages | 50-347
IT USE POLICY
This policy governs the security, availability, and acceptable use of computing equipment, data & network access, and general-purpose technology. 12 Pages | 20-485
MASTER SERVICES AGREEMENT: CLOUD-BASED SERVICES
This template is for the request of services related to a cloud-based environment. 23 Pages | 20-088
BUSINESS CONTINUITY PLAN
This plan outlines procedures to take in the event of a serious business disruption affecting business functions, to ensure employee safety and provide a framework to ensure business continuity. 27 Pages | 20-963
CIO: IT’S ROLE IN BUSINESS SUCCESS
Senior IT leaders share strategies for aligning IT with business objectives during this July 2020 WebForum. Topics include Cloud computing, staffing, project prioritization, and business intelligence tool recommendations. 20 Pages | CV075
CLOUD JOURNEY & COE DEVELOPMENT
Cloud Center of Excellence (COE), strategy review, and Cloud structure foundation architecture are presented in this PowerPoint. 22 Pages | 50-334
COVID-19 PANDEMIC GUIDE
This guide provides COVID-19 health and hygiene information and summarizes related policies. 13 Pages | 20-940
DATA GOVERNANCE PROGRAM CHARTER
This document provides requirements and guidelines for data management, processes, ownership, data types, classification, and retention of data. 13 Pages | 50-343
INCIDENT RESPONSE PROCEDURE
This document outlines a policy for incident response capabilities that are used to monitor security incidents, determine the magnitude of the threat, and respond to these incidents. 4 Pages | 20-922
ELECTRONIC COMMUNICATIONS POLICY
This policy guides the use of company computers, phones, email, software, applications, smart devices, removable media, internet use, and protection of information on company systems. 5 Pages | 50-322
HOW TO USE MICROSOFT TEAMS
This document provides instruction for first-time users of Microsoft Teams for a chat-based workspace in O365. 16 Pages | 50-329
MS TEAMS STANDARDS
This document establishes standards and guidelines for the usage of Microsoft Teams. 4 Pages | 20-919
SAFE WORK ACTION MANUAL
This document includes practical recommendations based on guidelines from the Centers for Disease Control & Prevention and World Health Organization that could be tailored to address various scenarios you may face when returning to work. 32 Pages | 20-910
SKILLS INVENTORY WORKSHEET
This questionnaire asks IT personnel to identify proficiency levels in several areas. 5 Pages | 20-993
THIRD-PARTY TECHNICAL RISK ASSESSMENT
This software service questionnaire for third-party providers covers technical assessment, IT governance / development, architecture, security, and support. 7 Pages | 50-325
VENDOR SECURITY QUESTIONNAIRE
Issues such as compliance, risk assessment, incident management, and requirements are itemized in this vendor survey. 3 Pages | 20-887
WEBFORUM TRANSCRIPT: MICROSOFT TEAMS GOVERNANCE
NOREX Members and guests share their experience, questions, and ideas on Microsoft Teams. This WebForum explored issues including best practices, migration, retention, managing groups, naming conventions, guest access, add-ins, and creation and archiving of Teams. 49 Pages | NV2322
WEBFORUM TRANSCRIPT: CYBERSECURITY
NOREX Members share cybersecurity best practices and tool recommendations during this July 2020 WebForum. 19 Pages | NV2331
Non-Members: Click on the Toolkit title to view documents that are available in each Toolkit (make sure to note the title or number of the documents you want to request), then click on the orange button above to complete a short form with your request.
PROJECT MANAGEMENT | TK001
Includes documents related to project prioritization, project planning, project charters, and staffing; business case templates; WebForum transcripts; and Member polls.
SECURITY | TK002
Includes documents related to framework, security awareness, risk assessment, incident management, encryption, electronic signature, anti-virus / malware, cybersecurity, PCI, mobile computing, eDiscovery, and vendor management; RFPs; contracts; policies; procedures; plans; manuals; security charters; WebForum transcripts; and Member polls.
DISASTER RECOVERY & BUSINESS CONTINUITY | TK003
Includes documents related to vendor tools, DR requirements, BIA, emergency response, incident management, disaster recovery, business continuity, testing, and co-location; RFPs; WebForum transcripts; and Member polls.
INFRASTRUCTURE | TK004
Includes documents related to ITIL / ITSM, asset management, data center, server management, storage, retention, and equipment disposal; RFPs; policies; procedures; WebForum transcripts; and Member polls.
NETWORK MANAGEMENT & COMMUNICATIONS | TK005
Includes documents related to communication, networks, systems plans, email, record retention, social media, and video; quesionnaires; RFPs; WebForum transcripts; and Member polls.
HELP DESK | TK006
Includes documents related to onboarding, offboarding, ticketing, tracking, incident management, and ITIL / ITSM; job descriptions; RFPs; guides and resources; scorecards and reports; service catalogs; WebForum transcripts; and Member polls.
MOBILE DEVICE MANAGEMENT | TK007
Includes documents related to stipends, allowances, BYOD, and security; policies; evaluations; agreements; WebForum transcripts; and Member polls.
MICROSOFT OFFICE | TK008
Includes documents related to O365, OneDrive, patch management, SharePoint, Windows; job descriptions; WebForum transcripts; and Member polls.
POLICIES & PROCEDURES | TK009
Includes documents related to acceptable use, Cloud computing, data management, email, equipment, HR, personnel, incident management, mobile computing, network access, password, project / change management, records management, remote access, security, social media, storage, work-from-home, and vendor management.
JOB DESCRIPTIONS | TK010
Includes job descriptions for Applications / Development, Business Analyst / Programmer, Business Intelligence, Business Relationship / Vendor Management, CIO / Director / IT Manager, Communications, Content Management, Database Administrator, Enterprise Architect, Enterprise Resource Planning (ERP), Help Desk / Service Desk, Network / Systems, Operations, Project Management, and Security; Training; documents related to Roles and Responsibilities; and Interview Templates.
HUMAN RESOURCES | TK011
Includes documents related to new employees, lifecycle, administrative, skills assessment, training, development, telecommuting, discipline, termination, attendance, conflict of interest, and whistleblowers; interview questionnaires; org charts; policies and procedures; RFPs; and WebForum transcripts.
PROCUREMENT | TK012
Includes documents related to vendor management, vendor comparison, pricing, leasing, mergers, and acquisition; vendor scorecards and requirements; contracts and agreements; non-disclosure agreements; SLAs; SOWs; RFIs; RFQs; RFPs; and WebForum transcripts.
CLOUD | TK013
Includes documents related to Cloud strategy, evaluation, and O365; policies; procedures; RFPs; contracts; WebForum transcripts; and Member polls.
PANDEMIC PREPAREDNESS | TK014
Includes pandemic and business continuity plans, documents on crisis management and safety, work-from-home policies, WebForum transcripts, and Member polls.
IT GOVERNANCE & COMPLIANCE | TK015
Includes plans, policies, and charters related to confidentiality, data classification, PCI, privacy, records management, risk assessment, and staffing.