Sample IT Documents
The NOREX Document Resources area features 2500+ items which include working templates contributed by NOREX Members, NOREX event transcripts, Member polls, and Toolkits (collections of Member-contributed documents, transcripts, and polls on a specific topic). If you would like to request other documents, please contact firstname.lastname@example.org.
Non-Members: Click on the orange button above to complete a short form before downloading sample documents.
CHANGE MANAGEMENT PROCESS EXAMPLE
This guide outlines the resources and process steps required to manage changes to the production environment. 2 Pages | 20-1127
CHANGE MANAGEMENT POLICY
This policy describes how to document change management for security and protect information assets and systems from threats. 4 Pages | 20-1125
ENTERPRISE APPLICATION FOOTPRINT
These sample EA slides show examples of current and projected SaaS landscapes of sales and marketing, procurement, supply chain, concept, and more. 2 Pages | 50-360
EA COMPETENCY MATRIX
The strength of an Enterprise Architecture group can be measured using several metrics such as business, technology, strategy, security, and data management. 1 Page | 50-383
SAMPLE SCHEDULE ARCHITECTURE SERVICES
Sample Intelligent Business Process Management Suite (iBPMS), Robot Process Automation (RPA) Reference Architecture, and RPA SaaS workflows provide an outline of proposed services. 3 Pages | 50-358
CLOUD VENDOR FRAMEWORK
This template provides summaries of Cloud-hosted products and the business goals to be achieved when reviewing products and vendors. 9 Pages | 20-1093
SaaS SECURITY CHECKLIST
Aspects of Software as a Service such as vendor policies, compliance requirements, security safeguards, and documentation are part of this checklist. 2 Pages | 20-1095
IT SECURITY POLICY
This document is an overview of the security requirements of company systems. Additionally, it describes controls implemented to meet those requirements. 8 Pages | 20-1066
IT GOVERNANCE POLICY
This policy establishes the process for prioritization, requirements definition, user participation, and rollout for development and implementation of major and minor projects. 4 Pages | 20-1067
This Business Impact Analysis template includes timeline, impact, process, data records, and more. 30 Pages | 50-371
The goals of this Policy are to retain important records for reference and future use and delete or destroy records that are no longer necessary. 18 Pages | 20-1052
The following project management framework deliverables are presented in a matrix by RACI phase. 2 Pages | 20-1098
CONFIGURATION MANAGEMENT FRAMEWORK
This document provides a high-level or management view of the configuration management process. 17 Pages | 20-1026
IT VENDOR RISK MANAGEMENT
This procedure specifies security requirements for acquisition of IT products and services in which data is stored, processed, or transmitted by an entity not under direct control. 4 Pages | 20-1092
TRANSCRIPT: EMPLOYEE ONBOARDING / OFFBOARDING
NOREX Members discussed ownership of the new-hire onboarding process, metrics used to measure success, onboarding in a group setting, issues with remote and international employee onboarding / offboarding, hardware distribution and returns, manual and automating on / offboarding for access management, and lead time for tickets. 22 Pages | NV2388
TRANSCRIPT: POWER BI
NOREX Members discussed getting started with Power BI, experiences with building and executing, visualization services, mining capabilities, dashboard viewing, licensing agreements, backup and recovery strategies, deliverables, and alternative products. 15 Pages | NV2383
TRANSCRIPT: DISASTER RECOVERY
NOREX Members discussed best practices conducting Business Impact Analysis, addressing cyber-resilience for DR and BC, determining appropriate recovery time objectives and recovery point objectives, testing and training users, testing disaster recovery plans, and the use of vendors for DR. 16 Pages | NV2379
Non-Members: Click on the Toolkit title to view documents that are available in each Toolkit (make sure to note the title or number of the documents you want to request), then click on the orange button above to complete a short form with your request.
PROJECT MANAGEMENT | TK001
Includes documents related to project prioritization, project planning, project charters, and staffing; business case templates; NOREX event transcripts; and Member polls.
SECURITY | TK002
Includes documents related to framework, security awareness, risk assessment, incident management, encryption, electronic signature, anti-virus / malware, cybersecurity, PCI, mobile computing, eDiscovery, and vendor management; RFPs; contracts; policies; procedures; plans; manuals; security charters; NOREX event transcripts; and Member polls.
DISASTER RECOVERY & BUSINESS CONTINUITY | TK003
Includes documents related to vendor tools, DR requirements, BIA, emergency response, incident management, disaster recovery, pandemic response, business continuity, testing, and co-location; RFPs; NOREX event transcripts; and Member polls.
INFRASTRUCTURE | TK004
Includes documents related to ITIL / ITSM, asset management, data center, server management, storage, retention, and equipment disposal; RFPs; policies; procedures; NOREX event transcripts; and Member polls.
NETWORK MANAGEMENT & COMMUNICATIONS | TK005
Includes documents related to communication, networks, systems plans, email, record retention, social media, and video; quesionnaires; RFPs; NOREX event transcripts; and Member polls.
HELP DESK | TK006
Includes documents related to onboarding, offboarding, ticketing, tracking, incident management, and ITIL / ITSM; job descriptions; RFPs; guides and resources; scorecards and reports; service catalogs; NOREX event transcripts; and Member polls.
MOBILE DEVICE MANAGEMENT | TK007
Includes documents related to stipends, allowances, BYOD, and security; policies; evaluations; agreements; NOREX event transcripts; and Member polls.
MICROSOFT 365 | TK008
Includes documents related to Microsoft 365, OneDrive, patch management, SharePoint, Windows; job descriptions; NOREX event transcripts; and Member polls.
POLICIES & PROCEDURES | TK009
Includes documents related to acceptable use, Cloud computing, data management, email, equipment, HR, personnel, incident management, mobile computing, network access, password, project / change management, records management, remote access, security, social media, storage, work-from-home, and vendor management.
JOB DESCRIPTIONS | TK010
Includes job descriptions for Applications / Development, Business Analyst / Programmer, Business Intelligence, Business Relationship / Vendor Management, CIO / Director / IT Manager, Communications, Content Management, Database Administrator, Enterprise Architect, Enterprise Resource Planning (ERP), Help Desk / Service Desk, Network / Systems, Operations, Project Management, and Security; Training; documents related to Roles and Responsibilities; and Interview Templates.
HUMAN RESOURCES | TK011
Includes documents related to new employees, lifecycle, administrative, skills assessment, training, development, telecommuting, discipline, termination, attendance, conflict of interest, and whistleblowers; interview questionnaires; org charts; policies and procedures; RFPs; and NOREX event transcripts.
PROCUREMENT | TK012
Includes documents related to vendor management, vendor comparison, pricing, leasing, mergers, and acquisition; vendor scorecards and requirements; contracts and agreements; non-disclosure agreements; SLAs; SOWs; RFIs; RFQs; RFPs; and NOREX event transcripts.
CLOUD | TK013
Includes documents related to Cloud strategy, evaluation, and O365; policies; procedures; RFPs; contracts; NOREX event transcripts; and Member polls.
DIGITAL / HYBRID WORKSPACE | TK014
Includes NOREX Member-contributed documents, event transcripts, and polls on supporting a hybrid / remote workforce, remote work agreements and policies, creating a digital workplace, virtual collaboration, building culture, work-from-home best practices, post-COVID hybrid work strategies, Zoom meeting best practices, and more.
IT GOVERNANCE & COMPLIANCE | TK015
Includes plans, policies, and charters related to confidentiality, data classification, PCI, privacy, records management, risk assessment, and staffing.