SMO Appendix 1: Terms of Reference (22 March 2018)
|
|
- Leonard Harrison
- 5 years ago
- Views:
Transcription
1 SMO Appendix 1: Terms of Reference (22 March 2018) ABOUT SCA The Swedish Committee for Afghanistan (SCA) is an aid organisation that has worked in Afghanistan since We carry out development projects in the area of education, healthcare, rural development and rehabilitation of persons with disabilities. SCA has about 5,500 employees, 99 per cent of whom are Afghans. Our operations are especially directed to the most vulnerable groups in the society and is always carried out in close cooperation with the local society. We mainly work in the poor rural areas of Afghanistan with special focus on women, children and persons with disabilities. The work with human rights and gender issues is central to SCA and permeates the entire organization. In Sweden SCA has about 12,000 members and monthly sponsors as well as an office in Stockholm with about 20 employees. SCA is a political and religiously independent aid organisation that is funded by thousands of individuals, SIDA, EC and the World Bank. The member based organization was established in BACKGROUND FOR THE SERVICE SCA is in need of an independent external auditor to evaluate its data centres, network infrastructure, and related logical and physical resources in Afghanistan. The goal is to evaluate how the current SCA ICT (Information and Communication Technology) infrastructure currently safeguard assets, maintains data system integrity and assists the organization in achieving overall goals and objectives. It is also important to know if SCA resources are used effectively and efficiently in regard to ICT. The current SCA ICT infrastructure in Afghanistan has different functions and services provided by 14 different servers to KMO and the five RMOs. There are potential risks associated with these data centres and systems which can impact the services provided in several ways. Page 1 of 6
2 SCA ORGANISATIONAL STRUCTURE SCA s organisational structure has two main branches based in Afghanistan and Sweden, respectively (see detailed organogram below). The Stockholm Management Office (SMO) is focused on coordinating and supporting strategic activities such as communications, advocacy, strategic financial management, managing donor grants and coordination with the SCA membership association. The ICT services for the chief executive officer of SCA, the Secretary General (SG) and the associated Secretary General s Secretariat (SGS), is also managed by SMO. The Kabul Management Office (KMO) is responsible for coordination, strategy and administrative as well as technical support of SCA s aid and development projects. Five Regional Management Offices (RMO) are responsible for the operationalisation of the aid projects in 14 different provinces in Afghanistan. As of December 2016, SMO had 21 employees while KMO and the five RMOs had 1,261 employees. A further 3,966 field staff were employed directly in the various aid projects. Out of a total of 5,262 staff, about 350 have work accounts (through Office 365 Outlook). At KMO, the Information and Communications Technology Unit (ICTU) is responsible for managing ICT systems and communication network systems for KMO and the RMOs. This includes support in procuring hardware and software, technical support to end users, security, developing policies and guidelines, etc. ICTU works in coordination with the Finance and Administration Unit (FIA) at SMO for cross-organizational ICT development and development of ICT policies. Page 2 of 6
3 SCA organogram Page 3 of 6
4 CURRENT SCA ICT INFRASTRUCTURE In Afghanistan, SCA has around 1000 physical devices at KMO and the five RMOs. These include printers, photocopiers, radio communication equipment (Codan, VHF), network hardware such as routers and switches, Active Directory Domain Controller (ADDC) and servers for hosting file sharing, user data backup, as well as server hosting for SCA s enterprise resource planning system (ERP) Epicor iscala and the HR system Visma Personec. The current total number of registered computers at SCA is 647 with the following distribution: KMO has 187 computers, plus 14 servers connected to the network with an internet bandwidth of 20/20 Mbps. This bandwidth is providing internet access to approximately 190 network nodes and connection to cloud services as well as RMO networks. Mazar-e-Sharif RMO has 85 computers connected to the network with the capacity of 6/6 Mbps. As part of this RMO is also a separate Kunduz Local Office that has 24 computers connected to the network with an internet bandwidth of 2/2 Mbps Wardak RMO has 76 computers connected to the network with an internet bandwidth of 3/3 Mbps. Jalalabad RMO has 79 computers connected to the network with an internet bandwidth of 5/5 Mbps. As part of this RMO organisationally is also the Mehtarlam Liasion Office (MLO) that has 41 computers connected to the network with an internet bandwidth of 2/2 Mbps. Taloqan RMO has 78 computers connected to the network with an internet bandwidth of 3/3 Mbps Ghazni RMO has 47 computers connected to the network with an internet bandwidth of 2/2 Mbps. In Stockholm, SMO has 30 computers connected to a network with an internet bandwidth of 100/100 Mbps. Internal ICT services KMO has a corporate network connected with the five RMOs. There are 14 servers available at KMO providing various services such as file storage and printing, Active Directory (AD), Additional Activate Directory, DHCP, WDS, WINS, Symantec backup exe server for user data and critical system server states, firewalls that filter all incoming and outgoing data traffic and provide KMO with connectivity to the RMOs. Each RMO has its own Kaspersky endpoint security central server configured with different polices that protect individual workstations. They also house read-only domain controllers (RODC) that allow the RMOs to locally authenticate their domain accounts. External ICT services SCA uses as its main communication tool across the organization through a Microsoft Office 365 solution with an Azure AD for the administration in Afghanistan. For the administration in Sweden, the local AD and file servers are managed by Office Management, an external supplier based in Sweden. SMO uses Office 365 accounts with direct cloud access. The SMO file servers are not integrated or synchronised with file servers in the SCA Afghanistan offices. KMO s local AD is synchronized with the Azure AD through a virtual private network (VPN). As of July 2017, SCA had 461 E2-licensed Office 365 accounts and 32 E3-licensed accounts. With a handful of exceptions, the E2 licenses are used only by staff in Afghanistan while the E3 licenses are used by staff in Sweden. Page 4 of 6
5 General layout of SCA ICT infrastructure SCOPE OF THE SERVICE The Service should be an audit of SCA s ICT infrastructure verifies SCA s capacity to provide a secure and functional network infrastructure, communication, conference call through Skype for Business, data security, and other services shared and accessed over the network with other associated hardware equipment, including network outlets, routers, switches, etc. The Service is expected to include a physically verify the ICT infrastructure and to perform a penetration test on all data centres. The provider of the Service is expected to adopt a risk based approach to make the audit plan. The auditors should use the following internationally adopted frameworks and standards for the Service: The framework and standard introduced by IASACA (Information System Audit and Control Associate) ITIL (Information Technology Infrastructure Library) COBIT (Control Objectives for Information and related Technology) While the goal is that SCA operations in both Sweden and Afghanistan should be on a roughly equal level of capacity, the focus for this Service is on the Afghanistan operations since the vast majority of the workforce is located there, and because the overall ICT infrastructure of the country is not as developed as in Sweden. Page 5 of 6
6 Specific deliverables The Bidder should possess wide knowledge on and experience in ICT auditing and should perform the following: 1. An on-site audit at SCA s office in Kabul (Kabul Management Office, KMO). 2. Present an audit report containing conclusions relating to the areas mentioned below. The final report should include recommendations for improvements in any areas where risks are identified. 3. A preliminary draft for the final report should be submitted to SCA to allow for adjustments and corrections. After one round of comments from SCA have been addressed, a final version will be submitted to SCA for approval. The following areas should be specifically targeted for review in the final report: The internal and external connections to SCA ICT infrastructure. Integrity of SCA accounts and risks for unauthorized access (from internal or external parties) to accounts. SCA s capabilities for business continuity in terms of backup capabilities, disaster recovery and business continuity plans Usage of ICT resources in proper manner. Ensure that the ICT infrastructure is configured correctly in accordance with hardware and software specification, and identify any further opportunities to improve productivity and security. Analyze the network design and architecture. Identify any opportunities to improve performance and support response times of SCA s internal technical support. SCA s ICT policies and steering documents in regard to maintaining security and the integrity of SCA s business data. Overall ICT budget and assets management in relation to the size, scope and complexity of SCA s organisation and the needs to provide adequate supporting services to its operations. Management of ICT-related supplier contracts and their related service level agreements (SLA). The organisational structure, policies and procedures, technical standards and documentation of SCA ICT support. SCA management of software licenses. Control of access to and documentation of SCA-run data centres, databases and hosted ICT systems such as Visma Personec and Epicor iscala. If any obvious risks are identified during fulfilment of the Service in areas other than those mentioned above, SCA encourages the auditors to mention these in the final report. Page 6 of 6
REPORT 2015/149 INTERNAL AUDIT DIVISION
INTERNAL AUDIT DIVISION REPORT 2015/149 Audit of the information and communications technology operations in the Investment Management Division of the United Nations Joint Staff Pension Fund Overall results
More informationREPORT 2015/010 INTERNAL AUDIT DIVISION
INTERNAL AUDIT DIVISION REPORT 2015/010 Audit of information and communications technology strategic planning, governance and management in the Investment Management Division of the United Nations Joint
More informationROLE DESCRIPTION IT SPECIALIST
ROLE DESCRIPTION IT SPECIALIST JOB IDENTIFICATION Job Title: Job Grade: Department: Location Reporting Line (This structure reports to?) Full-time/Part-time/Contract: IT Specialist D1 Finance INSETA Head
More informationREPORT 2015/186 INTERNAL AUDIT DIVISION
INTERNAL AUDIT DIVISION REPORT 2015/186 Audit of information and communications technology operations in the Secretariat of the United Nations Joint Staff Pension Fund Overall results relating to the effective
More informationIT MANAGER PERMANENT SALARY SCALE: P07 (R ) Ref:AgriS042/2019 Information Technology Manager. Reporting to. Information Technology (IT)
DESIGNATION Reporting to Division Office Location IT MANAGER PERMANENT SALARY SCALE: P07 (R806 593.00) Ref:AgriS042/2019 Information Technology Manager CEO Information Technology (IT) Head office JOB PURPOSE
More informationSenior Manager Information Technology (India) Duration of job
Role Profile Job Title Senior Manager Information Technology (India) Directorate or Region South Asia Department/Country Business Support Services, India Location of post Gurgaon Pay Band 6 / Grade G Assistant
More informationInformation Technology General Control Review
Information Technology General Control Review David L. Shissler, Senior IT Auditor, CPA, CISA, CISSP Office of Internal Audit and Risk Assessment September 15, 2016 Background Presenter Senior IT Auditor
More informationInformation Security Data Classification Procedure
Information Security Data Classification Procedure A. Procedure 1. Audience 1.1 All University staff, vendors, students, volunteers, and members of advisory and governing bodies, in all campuses and locations
More informationAdministration and Data Retention. Best Practices for Systems Management
Administration and Data Retention Best Practices for Systems Management Agenda Understanding the Context for IT Management Concepts for Managing Key IT Objectives Aptify and IT Management Best Practices
More informationSUBJECT: REQUEST FOR PROPOSALS FOR HARBOR DEPARTMENT CLOUD COMPUTING SERVICES
DATE: May 30, 2017 SUBJECT: REQUEST FOR PROPOSALS FOR HARBOR DEPARTMENT CLOUD COMPUTING SERVICES Pursuant to the Harbor Department Cloud Computing Services Request for Proposals (RFP), all proposers were
More informationApril Appendix 3. IA System Security. Sida 1 (8)
IA System Security Sida 1 (8) Table of Contents 1 Introduction... 3 2 Regulatory documents... 3 3 Organisation... 3 4 Personnel security... 3 5 Asset management... 4 6 Access control... 4 6.1 Within AFA
More informationASEAN REGIONAL COOPERATION ON DISASTER MANAGEMENT
ASEAN REGIONAL COOPERATION ON DISASTER MANAGEMENT Adelina Kamal, Head of Disaster Management & Humanitarian Assistance Division, ASEAN Socio Cultural Community Department, ASEAN Secretariat 11 th ASEAN
More informationInformation Technology Risks & Controls for Financial Systems PEM-PAL Treasury CoP Workshop 2011 Kristin Lado Tufan
Information Technology Risks & Controls for Financial Systems PEM-PAL Treasury CoP Workshop 2011 Kristin Lado Tufan 1 Introduction IT Risk and Compliance Officer in Information Management and Technology
More informationManagement Information Systems. B15. Managing Information Resources and IT Security
Management Information Systems Management Information Systems B15. Managing Information Resources and IT Security Code: 166137-01+02 Course: Management Information Systems Period: Spring 2013 Professor:
More informationORA HIPAA Security. All Affiliate Research Policy Subject: HIPAA Security File Under: For Researchers
All Affiliate Research Policy Subject: HIPAA File Under: For Researchers ORA HIPAA Issuing Department: Office of Research Administration Original Policy Date Page 1 of 5 Approved by: May 9,2005 Revision
More informationPosition Description IT Auditor
Position Title IT Auditor Position Number Portfolio Performance and IT Audit Location Victoria Supervisor s Title IT Audit Director Travel Required Yes FOR OAG HR USE ONLY: Approved Classification or Leadership
More informationNetwork Security Policy
Network Security Policy Date: January 2016 Policy Title Network Security Policy Policy Number: POL 030 Version 3.0 Policy Sponsor Policy Owner Committee Director of Business Support Head of ICU / ICT Business
More informationBotany IT Report. 1. Overview. 2. Background. 3. Actions. 3.1 Define the Mission. Prepared by Sean Shang March 8, 2013
Botany IT Report Prepared by Sean Shang March 8, 2013 1. Overview This report explains what we have done to improve IT support in the Department of Botany since July 2011. The previous status of Botany
More informationISO/IEC overview
ISO/IEC 20000 overview Overview 1. What is ISO/IEC 20000? 2. ISO/IEC 20000 and ITIL 2 BS 15000 BS15000 started in UK and first launched on July 1, 2003. Which was replaced by ISO/IEC 20000 after formal
More informationTECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES
TECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES Contents Introduction... 3 The Technical and Organizational Data Security Measures... 3 Access Control of Processing Areas (Physical)... 3 Access Control
More informationResolution adopted by the General Assembly. [on the report of the Second Committee (A/60/488/Add.3)]
United Nations A/RES/60/195 General Assembly Distr.: General 2 March 2006 Sixtieth session Agenda item 52 (c) Resolution adopted by the General Assembly [on the report of the Second Committee (A/60/488/Add.3)]
More informationEnterprise Cybersecurity Best Practices Part Number MAN Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationTURNING STRATEGIES INTO ACTION DISASTER MANAGEMENT BUREAU STRATEGIC PLAN
DISASTER MANAGEMENT BUREAU STRATEGIC PLAN 2005-2006 PREFACE Historical statistics would suggest that Bangladesh is one of the most disaster prone countries in the world with the greatest negative consequences
More informationGeneral Secretariat (SG)
General Secretariat (SG) Geneva, 22 February 2017 Ref: DM-17/1002 Contact: Ms Béatrice Pluchon Telephone: +41 22 730 6266 Telefax: +41 22 730 6627 E-mail: gbs@itu.int To Observer Member States of ITU Subject:
More informationCLOUD COMPUTING READINESS CHECKLIST
CLOUD COMPUTING READINESS DAVE WILLIS STEPHEN GOLDSMITH SUBJECT MATTER EXPERTS, CLOUD COMPUTING DENOVO DAVE WILLIS STEPHEN GOLDSMITH SUBJECT MATTER EXPERTS, CLOUD COMPUTING DENOVO 1 CONTENTS INTRODUCTION
More informationWhat is IT Governance and Why is it Important?
What is IT Governance and Why is it Important? 5th Performance Seminar of the INTOSAI IT Standing Committee Richard Brisebois & Greg Boyd Oman, 3 March 2007 Agenda IT Governance What Is It? Why IT Governance
More informationAUDIT UNITED NATIONS VOLUNTEERS PROGRAMME INFORMATION AND COMMUNICATION TECHNOLOGY. Report No Issue Date: 8 January 2014
UNITED NATIONS DEVELOPMENT PROGRAMME AUDIT OF UNITED NATIONS VOLUNTEERS PROGRAMME INFORMATION AND COMMUNICATION TECHNOLOGY Report No. 1173 Issue Date: 8 January 2014 Table of Contents Executive Summary
More informationIDAHO STATE UNIVERSITY POLICIES AND PROCEDURES (ISUPP) ITS Responsible Use of Telephone, Telecommunications, and Networking Resources ISUPP 2280
IDAHO STATE UNIVERSITY POLICIES AND PROCEDURES (ISUPP) ITS Responsible Use of Telephone, Telecommunications, and Networking Resources ISUPP 2280 POLICY INFORMATION Policy Section: Information Technology
More informationICT OPERATING SYSTEM SECURITY CONTROLS POLICY
ICT OPERATING SYSTEM SECURITY CONTROLS POLICY TABLE OF CONTENTS 1. INTRODUCTION... 3 2. LEGISLATIVE FRAMEWORK... 3 3. OBJECTIVE OF THE POLICY... 4 4. AIM OF THE POLICY... 4 5. SCOPE... 4 6. BREACH OF POLICY...
More informationISSA Guidelines on Information and Communication Technology: Overview
ISSA Guidelines on Information and Communication Technology: Overview Raul Ruggia-Frick ISSA Secretariat ISSA Guidelines Information and Communication Technology 2 Outline Context The Guidelines on Information
More informationThis document is a preview generated by EVS
INTERNATIONAL STANDARD ISO/IEC 27011 Second edition 2016-12-01 Information technology Security techniques Code of practice for Information security controls based on ISO/IEC 27002 for telecommunications
More informationTodmorden High School Job Description
Todmorden High School Job Description Post Title: ICT Manager. Salary: SO2 ( 28,485-30,153) Hours: 37 hours, Full time Annual Leave: 30 days plus standard bank holidays. Holidays must be taken during school
More informationLegal framework of ensuring of cyber security in the Republic of Azerbaijan
Legal framework of ensuring of cyber security in the Republic of Azerbaijan Bakhtiyar N.Mammadov Ministry of Communications and Information Technologies Head of Legal and HR Department ITU WSIS Thematic
More informationTECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES
TECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES Contents Introduction... 3 The Technical and Organizational Data Security Measures... 3 Access Control of Processing Areas (Physical)... 3 Access Control
More informationThe Common Controls Framework BY ADOBE
The Controls Framework BY ADOBE The following table contains the baseline security subset of control activities (derived from the Controls Framework by Adobe) that apply to Adobe s enterprise offerings.
More informationInternal Audit Report DATA CENTER LOGICAL SECURITY
Internal Audit Report DATA CENTER LOGICAL SECURITY Report No. SC 12 06 June 2012 David Lane Principal IT Auditor Jim Dougherty Principal Auditor Approved Barry Long, Director Internal Audit & Advisory
More informationMemorandum of Understanding between the Central LHIN and the Toronto Central LHIN to establish a Joint ehealth Program
Memorandum of Understanding between the Central LHIN and the Toronto Central LHIN to establish a Joint ehealth Program Purpose This Memorandum of Understanding (MOU) defines the terms of a joint ehealth
More informationPrivate Sector Development Hub Call for Consultancy services
Hosted by ECCSA Private Sector Development Hub Call for Consultancy services Supported by SIDA Terms of Reference For ECCSA IT System Upgrading Need Assessment To Capacity Building for Sustainability of
More informationUse of Mobile Devices on Voice and Data Networks Policy
World Agroforestry Centre Policy Series MG/C/4/2012 Use of Mobile Devices on Voice and Data Networks Policy One of the policies on information security and business continuity which will be audited by
More informationINTERNAL AUDIT DIVISION REPORT 2018/064
INTERNAL AUDIT DIVISION REPORT 2018/064 Audit of governance, operations and security of information and communications technology at the United Nations Framework Convention on Climate Change Control enhancements
More informationAT FIRST VIEW C U R R I C U L U M V I T A E. Diplom-Betriebswirt (FH) Peter Konrad. Executive Partner Senior Consultant
Our Contact Details IT-SCAN GMBH c/o: DOCK3 Hafenstrasse 25-27 68159 Mannheim E: info@it-scan.de W: www.it-scan.de Nationalität Berufserfahrung C U R R I C U L U M V I T A E Diplom-Betriebswirt (FH) Peter
More informationVirginia State University Policies Manual. Title: Information Security Program Policy: 6110
Purpose Virginia State University (VSU) uses information to perform the business services and functions necessary to fulfill its mission. VSU information is contained in many different mediums including
More informationMetropolitan Washington Airports Authority PROCUREMENT AND CONTRACTS DEPT. AMENDMENT OF SOLICITATION
Metropolitan Washington Airports Authority PROCUREMENT AND CONTRACTS DEPT. AMENDMENT OF SOLICITATION Metropolitan Washington Airports Authority Procurement and Contracts Dept., MA-29 2733 Crystal Drive
More informationNew York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines
New York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines New York Department of Financial Services ( DFS ) Regulation 23 NYCRR 500 requires that entities
More information79th OREGON LEGISLATIVE ASSEMBLY Regular Session. Senate Bill 90
th OREGON LEGISLATIVE ASSEMBLY-- Regular Session Senate Bill 0 Printed pursuant to Senate Interim Rule. by order of the President of the Senate in conformance with presession filing rules, indicating neither
More informationManagement s Response to the Auditor General s Review of Management and Oversight of the Integrated Business Management System (IBMS)
APPENDI 2 ommendation () () 1. The City Manager in consultation with the Chief Information Officer give consideration to the establishment of an IBMS governance model which provides for senior management
More informationResolution adopted by the General Assembly. [without reference to a Main Committee (A/62/L.30 and Add.1)]
United Nations A/RES/62/91 General Assembly Distr.: General 8 February 2008 Sixty-second session Agenda item 71 (a) Resolution adopted by the General Assembly [without reference to a Main Committee (A/62/L.30
More informationAcademic Program Review at Illinois State University PROGRAM REVIEW OVERVIEW
Academic Program Review at Illinois State University PROGRAM REVIEW OVERVIEW For Research and Service Centers Submitting Self-Study Reports Fall 2017 INTRODUCTION Primary responsibility for maintaining
More informationSession 5: Business Continuity, with Business Impact Analysis
Session 5: Business Continuity, with Business Impact Analysis By: Tuncay Efendioglu, Acting Director Internal Oversight Division, WIPO Pierre-François Gadpaille, Audit Specialist (Information Systems),
More informationIT SECURITY RISK ANALYSIS FOR MEANINGFUL USE STAGE I
Standards Sections Checklist Section Security Management Process 164.308(a)(1) Information Security Program Risk Analysis (R) Assigned Security Responsibility 164.308(a)(2) Information Security Program
More informationFDIC InTREx What Documentation Are You Expected to Have?
FDIC InTREx What Documentation Are You Expected to Have? Written by: Jon Waldman, CISA, CRISC Co-founder and Executive Vice President, IS Consulting - SBS CyberSecurity, LLC Since the FDIC rolled-out the
More informationSCHEME OF DELEGATION (Based on the model produced to the National Governors Association)
SCHEME OF DELEGATION (Based on the model produced to the National Association) THE PURPOSE OF A SCHEME OF DELEGATION: A scheme of delegation (SoD) is the key document defining which functions have been
More informationIt applies to personal information for individuals that are external to us such as donors, clients and suppliers (you, your).
Our Privacy Policy 1 Purpose Mission Australia is required by law to comply with the Privacy Act 1988 (Cth) (the Act), including the Australian Privacy Principles (APPs). We take our privacy obligations
More informationCloud Computing Standard 1.1 INTRODUCTION 2.1 PURPOSE. Effective Date: July 28, 2015
Cloud Computing Standard Effective Date: July 28, 2015 1.1 INTRODUCTION Cloud computing services are application and infrastructure resources that users access via the Internet. These services, contractually
More informationManager, Infrastructure Services. Position Number Community Division/Region Yellowknife Technology Service Centre
IDENTIFICATION Department Position Title Infrastructure Manager, Infrastructure Services Position Number Community Division/Region 32-11488 Yellowknife Technology Service Centre PURPOSE OF THE POSITION
More informationUNIVERSITY OF RWANDA VACANCY ANNOUNCEMENT
UNIVERSITY OF RWANDA VACANCY ANNOUNCEMENT The University of Rwanda informs the public that it would like to recruit qualified administrative staff to fill the following positions: N o Job Title Minimum
More informationIT Managed Services. Schedule 1 Specification 11/07/18
` IT Managed Services Schedule 1 Specification 11/07/18 IT Managed Service ITT Schedule 1 Specification Table of Contents 1.0 Introduction... 2 1.1 Overview... 2 2.0 Scope... 2 3.0 Vendor Response Requirements...
More informationJob Description. ICT Systems Administrator
Job Description Job Title: Directorate: Responsible to: Job Purpose: ICT Systems Administrator Finance & ICT Directorate ICT Infrastructure Manager Support and assist the provision of a high quality and
More information2.4. Target Audience This document is intended to be read by technical staff involved in the procurement of externally hosted solutions for Diageo.
Diageo Third Party Hosting Standard 1. Purpose This document is for technical staff involved in the provision of externally hosted solutions for Diageo. This document defines the requirements that third
More informationSubject: University Information Technology Resource Security Policy: OUTDATED
Policy 1-18 Rev. 2 Date: September 7, 2006 Back to Index Subject: University Information Technology Resource Security Policy: I. PURPOSE II. University Information Technology Resources are at risk from
More informationThe Multi Cloud Journey
The Multi Cloud Journey GLOBAL OFFICES? WE VE GOT THE COVERAGE Presence in 69 countries 242,000 employees Offices in 42 countries regions 120 cities Largest DC provider Network coverage in 196 countries
More informationA guide for assembling your Jira Data Center team
A guide for assembling your Jira Data Center team Contents 01 Getting started 02 Helpful roles for your Jira Data Center team 03 Helpful expertise for your Jira Data Center team 04 Pro tips & best practices
More informationNetworks - Technical specifications of the current networks features used vs. those available in new networks.
APPENDIX V TECHNICAL EVALUATION GUIDELINES Where applicable, the following guidelines will be applied in evaluating the system proposed by a service provider: TABLE 1: HIGH LEVEL COMPONENTS Description
More informationUniversity of Pittsburgh Security Assessment Questionnaire (v1.7)
Technology Help Desk 412 624-HELP [4357] technology.pitt.edu University of Pittsburgh Security Assessment Questionnaire (v1.7) Directions and Instructions for completing this assessment The answers provided
More informationHIPAA Security and Privacy Policies & Procedures
Component of HIPAA Security Policy and Procedures Templates (Updated for HITECH) Total Cost: $495 Our HIPAA Security policy and procedures template suite have 71 policies and will save you at least 400
More informationResolution adopted by the General Assembly on 14 December [without reference to a Main Committee (A/61/L.44 and Add.1)]
United Nations A/RES/61/132 General Assembly Distr.: General 1 March 2007 Sixty-first session Agenda item 69 (a) Resolution adopted by the General Assembly on 14 December 2006 [without reference to a Main
More informationIT risks and controls
Università degli Studi di Roma "Tor Vergata" Master of Science in Business Administration Business Auditing Course IT risks and controls October 2018 Agenda I IT GOVERNANCE IT evolution, objectives, roles
More informationSolution Pack. Managed Services Virtual Private Cloud Security Features Selections and Prerequisites
Solution Pack Managed Services Virtual Private Cloud Security Features Selections and Prerequisites Subject Governing Agreement DXC Services Requirements Agreement between DXC and Customer including DXC
More informationKENYA SCHOOL OF GOVERNMENT EMPLOYMENT OPORTUNITY (EXTERNAL ADVERTISEMENT)
KENYA SCHOOL OF GOVERNMENT EMPLOYMENT OPORTUNITY (EXTERNAL ADVERTISEMENT) 1. DIRECTOR, LEARNING & DEVELOPMENT - LOWER KABETE Reporting to the Director General, Campus Directors will be responsible for
More informationUNITED NATIONS INDUSTRIAL DEVELOPMENT ORGANIZATION. The National Quality Infrastructure Project for Nigeria (NQIP) Project ID
UNITED NATIONS INDUSTRIAL DEVELOPMENT ORGANIZATION The National Quality Infrastructure Project for Nigeria (NQIP) Project ID 130220 Terms of Reference for the Lead Auditor/ Training of Trainers (ToT) Courses
More informationISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045
Solution Brief 8815 Centre Park Drive, Columbia MD 21045 About delivers business critical software and services that transform high-volume cryptic log data into actionable, prioritized intelligence that
More informationNJC SP ( 22,658-25,951) plus final salary scheme pension.
Job Description POST: RESPONSIBLE TO: SALARY: KEY RELATIONSHIPS: LOCATION: WORKING PATTERN: DISCLOSURE: JOB PURPOSE: 2 nd Line Support Technician IT Service Desk Manager: Oasis Centre NJC SP 25-29 ( 22,658-25,951)
More informationGeneral Secretariat (SG)
General Secretariat (SG) Geneva, 22 February 2017 Ref: DM-17/1003 Regional Telecommunication Organizations Contact: Ms Béatrice Pluchon - Asia-Pacific Telecommunity (APT); Telephone: +41 22 730 6266 -
More informationThe Development of. ICT in Thailand. by Thaweesak Koanantakool, Ph.D.
The Development of ICT in Thailand by Thaweesak Koanantakool, Ph.D. Director National Electronics and Computer Technology Center (NECTEC) National Science and Technology Development Agency (NSTDA) Ministry
More informationINTERNAL AUDIT DIVISION REPORT 2017/138
INTERNAL AUDIT DIVISION REPORT 2017/138 Audit of business continuity in the United Nations Organization Stabilization Mission in the Democratic Republic of the Congo There was a need to implement the business
More informationDecentralized IT General Controls Review: Student Affairs Systems Group
Review: Student Affairs Systems Group December 2015 FY15 - #13 Submitted to: Kasandra Kay Urquidez, Vice President, Enrollment Management/Student Affairs Advancement and Dean, Undergraduate Admissions
More informationRequest for tenders proposing hosting arrangements for the ECPGR Secretariat/EURISCO
Request for tenders proposing hosting arrangements for the ECPGR Secretariat/EURISCO Dear National Coordinators, Based on the outcome of the External Independent Review of the ECPGR Programme, the ECPGR
More informationSecurity Standardization
ISO-ITU ITU Cooperation on Security Standardization Dr. Walter Fumy Chairman ISO/IEC JTC 1/SC 27 Chief Scientist, Bundesdruckerei GmbH, Germany 7th ETSI Security Workshop - Sophia Antipolis, January 2012
More informationENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE
ENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE INTRODUCTION In line with commercial industry standards, the data center used by EndNote employs a dedicated security team to protect our
More informationAdministrative & Operations Network Security Assessment
TAMPA-HILLSBOROUGH COUNTY EXPRESSWAY AUTHORITY Letter of Clarification No. 1 FOR REQUEST FOR QUALIFICATIONS (RFQ) Administrative & Operations Network Security Assessment RFQ No. O-00418 Page 1 of 15 Letter
More informationThe University of Texas at El Paso. Information Security Office Minimum Security Standards for Systems
The University of Texas at El Paso Information Security Office Minimum Security Standards for Systems 1 Table of Contents 1. Purpose... 3 2. Scope... 3 3. Audience... 3 4. Minimum Standards... 3 5. Security
More informationThe CIA Challenge Exam. August 2018
The CIA Challenge Exam August 2018 The IIA is committed to providing a clearly defined, professionally relevant suite of global certifications to support internal auditors as they progress through their
More informationSTATE OF NORTH CAROLINA OFFICE OF THE STATE AUDITOR BETH A. WOOD, CPA FAYETTEVILLE STATE UNIVERSITY
STATE OF NORTH CAROLINA OFFICE OF THE STATE AUDITOR BETH A. WOOD, CPA FAYETTEVILLE STATE UNIVERSITY INFORMATION TECHNOLOGY GENERAL CONTROLS INFORMATION SYSTEMS AUDIT JANUARY 2016 EXECUTIVE SUMMARY PURPOSE
More informationCITY OF MONTEBELLO SYSTEMS MANAGER
CITY OF MONTEBELLO 109A DEFINITION Under general administrative direction of the City Administrator, provides advanced professional support to departments with very complex computer systems, programs and
More informationITSM20F_Umang. Number: ITSM20F Passing Score: 800 Time Limit: 120 min File Version: 4.0. Exin ITSM20F
ITSM20F_Umang Number: ITSM20F Passing Score: 800 Time Limit: 120 min File Version: 4.0 http://www.gratisexam.com/ Exin ITSM20F IT Service Management Foundation based on ISO/IEC 20000 (ITSM20F.EN) Version:
More information1 Introduction. 2 Background. 2.1 Organisational context
REQUEST FOR PROPOSAL RFP NO: RFP/SASSETA/1718/009 SPECIFICATION ( TERMS OF REFERENCES) FOR THE INFRASTRUCTURE UPGRADE BASED ON HYDRID AND OR CLOUD COMPUTING FOR SASSETA 1 Introduction SASSETA is established
More informationINFORMATION SECURITY PRINCIPLES OF THE UNIVERSITY OF JYVÄSKYLÄ
INFORMATION SECURITY PRINCIPLES OF THE UNIVERSITY OF JYVÄSKYLÄ JYVÄSKYLÄN YLIOPISTO Introduction With the principles described in this document, the management of the University of Jyväskylä further specifies
More informationCASE STUDY IZO TM PRIVATE CLOUD HELPS FULFIL MISSION TO DELIVER FIVE MILLION SCHOOL MEALS DAILY BY 2020
CASE STUDY IZO TM PRIVATE CLOUD HELPS FULFIL MISSION TO DELIVER FIVE MILLION SCHOOL MEALS DAILY BY 2020 TATA COMMUNICATIONS FURTHERS BUSINESS TRANSFORMATION FOR AKSHAYA PATRA TO ENSURE THAT CHILDREN S
More informationPowered by TCPDF (
Powered by TCPDF (www.tcpdf.org) 1 FINANCE AND ACCOUNTING FOR NON-FINANCIAL PROFESSIONALS 28th Feb - 3rd Mar, 2017 1st - 4th Aug, 2017 2 MODERN APPROACHES TO CORPORATE AND INDIVIDUAL TAX COMPLIANCE 28th
More informationPosition Title: IT Security Specialist
Position Title: IT Security Specialist SASRIA SOC LIMITED Sasria, a state-owned company, is the only short-term insurer in South Africa that provides affordable voluntary cover against special risks such
More informationTexas Health Resources
Texas Health Resources POLICY NAME: Remote Access Page 1 of 7 1.0 Purpose: To establish security standards for remote electronic Access to Texas Health Information Assets. 2.0 Policy: Remote Access to
More informationITG. Information Security Management System Manual
ITG Information Security Management System Manual This manual describes the ITG Information Security Management system and must be followed closely in order to ensure compliance with the ISO 27001:2005
More informationTHE KENYA HEALTH DATA COLLABORATIVE EXPERIENCE AND WAYFORWARD
THE KENYA HEALTH DATA COLLABORATIVE EXPERIENCE AND WAYFORWARD www.health.go.ke 11 th September 2017 OUTLINE Introduction /background Kenya Heath data collaborative Launch The commitments Governance of
More informationGoverning Body Geneva, November 2007 PFA/ICTS FOR DECISION. Updated Information Technology Strategy ( ) INTERNATIONAL LABOUR OFFICE
INTERNATIONAL LABOUR OFFICE 300th Session Governing Body Geneva, November 2007 Information and Communications Technology Subcommittee PFA/ICTS FOR DECISION FIRST ITEM ON THE AGENDA Updated Information
More informationYOUR QUALITY PARTNER FOR SOFTWARE SOLUTIONS TMA SOLUTIONS
YOUR QUALITY PARTNER FOR SOFTWARE SOLUTIONS TMA SOLUTIONS Security & Intellectual Property Protection Overview Certified ISO 27001:2013 Meet security requirements from global clients Passed all security
More informationResolution adopted by the General Assembly. [on the report of the Second Committee (A/56/561/Add.2)]
United Nations A/RES/56/195 General Assembly Distr.: General 21 January 2002 Fifty-sixth session Agenda item 98 (b) Resolution adopted by the General Assembly [on the report of the Second Committee (A/56/561/Add.2)]
More informationMOTION NO. M Contract Amendment for Technology Software, Hardware, and Related Maintenance Services
MOTION NO. M2017-67 Contract Amendment for Technology Software, Hardware, and Related Maintenance Services MEETING: DATE: TYPE OF ACTION: STAFF CONTACT: Operations and Administration Committee 05/04/2017
More informationTIPS FOR AUDITING CYBERSECURITY
TIPS FOR AUDITING CYBERSECURITY Dr. Vilius Benetis, ISACA Lithuania Chapter, NRD CS 18 October 2016 TODAY S SPEAKER Dr. Vilius Benetis Cybersecurity Practice Leader Norway Registers Development (NRD Cybersecurity)
More informationSecurity In A Box. Modular Security Services Offering - BFSI. A new concept to Security Services Delivery.
Modular Security Services Offering - BFSI Security In A Box A new concept to Security Services Delivery. 2017 Skillmine Technology Consulting Pvt. Ltd. The information in this document is the property
More informationAnnexure 08 (Profile of the Project Team)
Annexure 08 (Profile of the Project Team) 1. Project Director (1) 2. Transition / Delivery Manager (1) 3. Project Manager Software (1) 4. Project Manager SLA (1) 5. Project Manager Information Security
More information