Process Definition: Security Services
|
|
- Bryce Fisher
- 6 years ago
- Views:
Transcription
1 Process Definition: Services 1. SUMMARY Process Definition: Services 1.1. This document defines the processes provided by the Services team in detail The relationship between this Business Unit process and the other Business Unit processes within the Facilities and Services Division (F&S, or the Division) management system is illustrated in the process flow map included in the Quality Manual. 2. REVISION AND APPROVAL Rev. Date Nature of Changes Approved By 0 13/04/2017 Original Issue John Sullivan 3. PROCESS DEFINITION 3.1. The Services team provides services including, but not limited to: Patrolling the campus and property of the University 24/7, 365 days a year Providing assistance to students and staff members in relation to, security of physical infrastructure, personal security advice, escorts, first aid and response to duress calls Providing assistance to visitors to the campus Delivering VIP visit security and liaison with University Executive and the Colleges Provision of a Parking Infringement Officer to carry out parking control and enforcement at the University Responding to emergencies and managing the scene and reporting developments to the Crisis Management Team Monitoring and managing the maintenance and serviceability of the University s radio communications, security systems, access control, CCTV, and monitoring of the Building Management Alarms systems Promoting the UniSafe campus safety program, and On Campus on-demand bus and various activities in support of the student and staff communities Maintain communications with local emergency services organisations Managing all telephone enquiries to the University after hours Management of the Guarding Services Contract to ensure performance in accordance with agreed key performance indicators. 4. BUSINESS UNIT PROCESS OBJECTIVES AND METRICS 4.1. The Services process objectives and metrics have been derived from, and align with, the Goals detailed in the F&S 2017 Strategic Business Plan The objectives for the Services process are defined in detail below and reviewed during the conduct of quarterly management reviews; see the documented procedure Management Review. Page 1 of 6
2 Process Definition: Services 4.3. In addition, each process objective has at least one metric (or KPI) with which management can measure the effectiveness of the Business Unit process. These are also defined below and reviewed quarterly in records of management reviews. Goal 1 Provide detailed reporting to stakeholder groups on security activity and incident management (Meets F&S Divisional Goal 3, 4 & 5 ) Team Objective KPI Lead By By When Monthly reporting on Operations by service provider Monthly report on Electronic Access Control Systems and CCTV by service provider Relevant details to be provided to A/D Operations on contractual performance Detailed monthly report by Service provider iaw Services Contract Detailed monthly report by service provider iaw EACS/CCTV Contract Key data metrics from monthly reports to be uploaded to Operations Portfolio dashboard 2 nd week of each month 2nmd week of each month First week of each month Goal 2 Improved security services and coverage for the Acton Campus (Meets F&S Divisional Goal 1, 4 & 5 ) Team Objective KPI Lead By By When The development of a Service Level Charter that provides clarity on what services are provided by the ANU Section Review of Campus CCTV coverage and services to determine optimum solution Development of the charter in conjunction with the A/D Operations Report on introduction of CCTV and CARDAX software upgrade / Operations / Systems End 2 nd QTR 2017 End 2 nd QTR 2017 Page 2 of 6
3 Process Definition: Services 5. PROCESS OWNERS AND RESPONSIBLE PARTIES 5.1. The owner of this process is the The is responsible for: Managing and delivering services related to the development and implementation of the Divisions operational plan and associated documents. Lead a continual review of specific services relevant to portfolio areas and coordinate to improve outcomes and optimise efficiency. Manage and deliver the efficient provision of security services and systems. Lead the management team and other key stakeholders to ensure a safe and secure campus environment. Develop effective and professional working relationships with Division staff, Service Division Heads, College Heads and College General s and other key University staff. Explore and develop options to facilitate interaction between F&S and other units at the ANU. In consultation with senior officers of the University, ensure that resources are managed in accordance with legislation and University policy. Advise on and interpret legislation and University policies and procedures. Assist in the development of a robust policy framework for the Division to ensure Divisional and ANU objectives can be achieved. 6. TYPICAL PROCESS INPUTS 6.1. The typical required inputs for the security and guarding services team processes are: Technical information needed: Control Room report (verbal) Previous 24 hour activities and Incident Reports Emergency Services callouts Projected security requirement for the next 24 hours VIP visit requests Functions on Campus Protest or unscheduled activities Resources needed: Electronic and hardcopy access to SOPs ANUOK App ANU telephony system Handheld Radios Desktop PCs MS Office suite of software Gallagher EACS System Geuterbruk CCTV monitoring software Page 3 of 6
4 Process Definition: Services Physical Control Room Patrol Vehicles On Campus On-demand Bus Radio Communications System CCTV and Electronic Access Control Systems Access to Building Management Control Systems Access to Fire Impairment Systems and Alarms Personnel needed: The Services team comprises four full-time positions, and variable fixedterm contact position for ANU UniSafe, as detailed below: Position Level ANU Officer Grade Senior Manger level 1 ANU Officer Grade level 8 ANU Officer 6/7 ANU Officer 6/7 ANU Officer 3 Position Title Operations Senior Control Room Officer Systems UniSafe Patrol Officers (12 x Casual Posts) Special training needed: Licence / Master Licence to be held by Operations Licence to be held by Senior Control Room Officer Licence CERT2 to be held by all security guards and UniSafe Officers Basic First Aid Drivers Licence MS Office suite of software Gallagher EACS System 7. TYPICAL PROCESS STEPS Geuterbruk CCTV monitoring software 7.1. processes align with the Standard Operating Procedures (SOPs) and responses for various incidents contained in the And Incident Response Manual. Page 4 of 6
5 Process Definition: Services 8. TYPICAL PROCESS OUTPUTS 8.1. The typical results (outputs) of the process are as follows: Product produced: Monthly reports (incl. F&S SMT Portfolio dashboard data metrics) Incident Reports Financial Reports Documents or technical information produced: Reports and logs of all incidents that occur during each shift UniSafe Committee Reports ANU Council Incident Reports Critical Incident Reports Records produced: Reports and logs of all incidents that occur during each shift Contractor Invoices VIP Requests On-Campus Bus usage Safety Escorts statistics Services produced: 9. RELATED RISKS Provision of Patrols to ANU campus buildings, external areas and Functions on Campus Monitoring of ANUOK App Emergency Incidents Onsite Point of Contact VIP visits liaison 24/7 monitoring of Building Management Systems and Alarms CCTV Monitoring Electronic Access Control Systems monitoring Safety presentations to new staff and students 9.1. The following risks are identified related to this process. Risks are varied in the circumstance of loss of staff, dependent upon staff position and capacity 9.2. Management may elect to conduct a formal risk assessment for any of these risks; the preferred method of risk assessment is indicated herein. Page 5 of 6
6 Process Definition: Services Risk Likelihood Consequence Assessment Score Mitigation Personnel not available for shift. Consequence increases with time that personnel are not available Loss of patrol vehicle. Consequence increases with time that vehicle is not available Possible Possible Moderate Minor Medium Low - Ability to draw on Wilson Roving Patrols to fill position until other staff are available - ANU Staff able to provide support until staff are available - Ability to request Wilson Roving patrol until vehicle replacement found - Able to use On Campus Bus for patrols if required - Foot patrols can still provide required coverage Failure of Control system software Possible Moderate Medium - Business Continuity Plan - SLA in place for support of operating systems for EACS and CCTV - Ability to record events in hard copy if required. Failure of Communications systems Possible Moderate Medium - Business Continuity Plan - Spare radios available - Mobile phones can be used if required - SLA - analogue phone in Control room Major Power Outage less than 4 hours Possible Moderate Medium - UPS systems on critical plant 4 hours maximum operation - manual process for recording of any information relating to incidents - Loss of EACS systems, would require manual securing of doors where possible - Loss of BMS notifications/ alarms Page 6 of 6
OUTSOURCED FACILITIES MANAGEMENT SERVICES CAPE TOWN
OUTSOURCED FACILITIES MANAGEMENT SERVICES CAPE TOWN LOCATION OF SERVICE REQUIRED 141 Voortrekker road Parow Cape Town Areas: Offices Entrance foyers Balcony Toilets Basements Conference rooms Store rooms
More informationEUROPEAN ICT PROFESSIONAL ROLE PROFILES VERSION 2 CWA 16458:2018 LOGFILE
EUROPEAN ICT PROFESSIONAL ROLE PROFILES VERSION 2 CWA 16458:2018 LOGFILE Overview all ICT Profile changes in title, summary, mission and from version 1 to version 2 Versions Version 1 Version 2 Role Profile
More informationIT MANAGER PERMANENT SALARY SCALE: P07 (R ) Ref:AgriS042/2019 Information Technology Manager. Reporting to. Information Technology (IT)
DESIGNATION Reporting to Division Office Location IT MANAGER PERMANENT SALARY SCALE: P07 (R806 593.00) Ref:AgriS042/2019 Information Technology Manager CEO Information Technology (IT) Head office JOB PURPOSE
More informationLaguna Honda Hospital and Rehabilitation Center. Security Management Plan
Laguna Honda Hospital and Rehabilitation Center Security Management Plan 2018-2019 REFERENCES California Code of Regulations, Title 8, Sections 8 CCR 3203 et seq. California Code of Regulations, Title
More informationCorporate Security & Emergency Management Summary of Submitted 2015 Budget From Rates
Corporate Security & Emergency Management Summary of Submitted 2015 From Rates Service Expense 2014 2015 Revised Non Tax Revenue Net Tax Supported Expense Draft Non Tax Revenue Net Tax Supported Increase
More information(Office 365) Service Level Expectation
Email SLE Service Overview... 2 Service Features... 2 Service Warranty... 3 Support Model... 3 Support Hours and Initial Response Times... 4 Support Request Resolution Targets... 5 Service Request Fulfillment
More informationROLE DESCRIPTION IT SPECIALIST
ROLE DESCRIPTION IT SPECIALIST JOB IDENTIFICATION Job Title: Job Grade: Department: Location Reporting Line (This structure reports to?) Full-time/Part-time/Contract: IT Specialist D1 Finance INSETA Head
More informationPISMO BEACH COUNCIL AGENDA REPORT
PISMO BEACH COUNCIL AGENDA REPORT SUBJECT/TITLE: REVIEW OF INFORMATION TECHNOLOGY (IT) STATUS AND IT STRATEGIC PLAN IMPLEMENTATION UPDATE. RECOMMENDATION: 1. Receive the IT Status and Implementation Update.
More informationSecurity Director - VisionFund International
Security Director - VisionFund International Location: [Europe & the Middle East] [United Kingdom] Category: Security Job Type: Open-ended, Full-time *Preferred location: United Kingdom/Eastern Time Zone
More informationService Description: Cisco Technical Services Advantage (Releases 1.0 through 2.3)
Page 1 of 8 Service Description: Cisco Technical Services Advantage (Releases 1.0 through 2.3) This document describes Cisco Technical Services Advantage support services. Related Documents: This document
More informationTELECOMMUNICATIONS ACCESS POLICY 2011
TELECOMMUNICATIONS ACCESS POLICY 2011 The Vice Chancellor and Principal, as delegate of the Senate of the University of Sydney, adopts the following policy. Dated: 31 January 2011 Signature: Name: Michael
More informationComplaint Handling Procedure and Escalation Policy
Complaint Handling Procedure and Escalation Policy COPYRIGHT STATEMENT This document is the property of Nottingham Rehab Ltd. and may not, without our express written consent, be copied in whole or in
More informationBusiness continuity management and cyber resiliency
Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. Business continuity management and cyber resiliency Introductions Eric Wunderlich,
More informationStandard for Security of Information Technology Resources
MARSHALL UNIVERSITY INFORMATION TECHNOLOGY COUNCIL Standard ITP-44 Standard for Security of Information Technology Resources 1 General Information: Marshall University expects all individuals using information
More informationPolicy. Business Resilience MB2010.P.119
MB.P.119 Business Resilience Policy This policy been prepared by the Bi-Cameral Business Risk and Resilience Group and endorsed by the Management Boards of both Houses. It is effective from December to
More informationITSM20F_Umang. Number: ITSM20F Passing Score: 800 Time Limit: 120 min File Version: 4.0. Exin ITSM20F
ITSM20F_Umang Number: ITSM20F Passing Score: 800 Time Limit: 120 min File Version: 4.0 http://www.gratisexam.com/ Exin ITSM20F IT Service Management Foundation based on ISO/IEC 20000 (ITSM20F.EN) Version:
More informationMarshall University Information Technology Council. Procedure ITP-16 IT INFRASTRUCTURE AUTHORIZATION PROCEDURE
Marshall University Information Technology Council Procedure ITP-16 IT INFRASTRUCTURE AUTHORIZATION PROCEDURE General Information: 1.1 Scope: This procedure applies to all University employees, including
More informationSecurity and Fleet Manager
Security and Fleet Manager Location: [Europe & the Middle East] [Jordan] Town/City: Amman Category: Security Job Type: Open-ended, Full-time Position Title: Security and Fleet Manager PURPOSE OF POSITION:
More informationService Level Agreement Domain Registration Services
Domain Registration Services 15 th March 2016 Not just another IT company Why? Because we think, react and deliver differently. Advise, Build, Support & Protect. It s what we do best, simple as that. We
More informationUsing ITIL to Measure Your BCP
Using ITIL to Measure Your BCP 1 Agenda ITIL v3 Overview Why Use ITIL ITIL Continual Improvement Process Critical Success Factors and Key Performance Indicators Creating Metrics Scoring System Sample BCP
More informationISO STANDARD IMPLEMENTATION AND TECHNOLOGY CONSOLIDATION
ISO STANDARD IMPLEMENTATION AND TECHNOLOGY CONSOLIDATION Cathy Bates Senior Consultant, Vantage Technology Consulting Group January 30, 2018 Campus Orientation Initiative and Project Orientation Project
More informationEX0-101_ITIL V3. Number: Passing Score: 800 Time Limit: 120 min File Version: 1.0. Exin EX0-101
EX0-101_ITIL V3 Number: 000-000 Passing Score: 800 Time Limit: 120 min File Version: 1.0 http://www.gratisexam.com/ Exin EX0-101 ITIL Foundation V 3.0 & ITIL Foundation Version: 8.0 Exin EX0-101 Exam Topic
More informationThe Project Charter. Date of Issue Author Description. Revision Number. Version 0.9 October 27 th, 2014 Moe Yousof Initial Draft
The Project Charter Project Title: VDI Data Center Design and Build Project Sponsor: South Alberta Data Centers Inc. (SADC Inc.) Project Customer: The City of Calgary Project Manager: Moe Yousof Document
More informationState of Rhode Island Department of Administration Division of Information Technol
Division of Information Technol 1. Background Physical and environmental security controls protect information system facilities from physical and environmental threats. Physical access to facilities and
More informationCredit Card Data Compromise: Incident Response Plan
Credit Card Data Compromise: Incident Response Plan Purpose It is the objective of the university to maintain secure financial transactions. In order to comply with state law and contractual obligations,
More informationPort Facility Cyber Security
International Port Security Program Port Facility Cyber Security Cyber Security Assessment MAR'01 1 Lesson Topics ISPS Code Requirement The Assessment Process ISPS Code Requirements What is the purpose
More informationInformation Security Policy
Information Security Policy Author: Responsible Lead Executive Director: Endorsing Body: Governance or Assurance Committee Alan Ashforth Colin Sloey Implementation Date: September 2010 Version Number:
More informationService Description: CNS Federal High Touch Technical Support
Page 1 of 1 Service Description: CNS Federal High Touch Technical Support This service description ( Service Description ) describes Cisco s Federal High Touch Technical support (CNS-HTTS), a tier 2 in
More informationBUSINESS CONTINUITY MANAGEMENT PROGRAM OVERVIEW
BUSINESS CONTINUITY MANAGEMENT PROGRAM OVERVIEW EXECUTIVE SUMMARY CenturyLink is committed to ensuring business resiliency and survivability during an incident or business disruption. Our Corporate Business
More informationBuilding Automation & Control System Vulnerabilities
1 Building Automation & Control System Vulnerabilities by Is there an open door into your facility? Dave Brooks, PhD Associate Professor, Security Science School of Science 1 2 OVERVIEW Background of Research
More informationConfiguration Management Databases (CMDBs) and Configuration Management System (CMS) are both elements of what larger entity?
ITIL Foundation mock exam 3 1. Configuration Management Databases (CMDBs) and Configuration Management System (CMS) are both elements of what larger entity? A) The Asset Register B) The Service Knowledge
More informationCertificate III in Telecommunications Digital Reception Technology
ICT30410 Qualification Notes Certificate III in Telecommunications Digital Reception Technology Descriptor This qualification reflects the role of an individual in the telecommunications industry who can
More informationA. Facilities and critical systems employees subject to afterhours call out.
ADMINISTRATIVE PROCEDURE 6450: Mobile Communication Devices and Cellular Phones Purpose To establish procedures for the assignment of an allowance for cellular telephones and other wireless, handheld mobile
More informationUlster University Policy Cover Sheet
Ulster University Policy Cover Sheet Document Title DATA CENTRE ACCESS POLICY 3.2 Custodian Approving Committee Data Centre & Operations Manager ISD Committee Policy approved date 2017 09 08 Policy effective
More informationInformation Security Incident Response Plan
Information Security Incident Response Plan Purpose It is the objective of the university to maintain secure systems and data. In order to comply with federal, state, and local law and contractual obligations,
More informationPosition Description IT Auditor
Position Title IT Auditor Position Number Portfolio Performance and IT Audit Location Victoria Supervisor s Title IT Audit Director Travel Required Yes FOR OAG HR USE ONLY: Approved Classification or Leadership
More informationInformation Security Incident Response Plan
Information Security Incident Response Plan Purpose It is the objective of the university to maintain secure systems and data. In order to comply with federal, state, and local law and contractual obligations,
More informationFrontiers of Risk. Don t Be Afraid: Business Continuity Plan Development Only Hurts A Little!
Don t Be Afraid: Business Only Hurts A Little! Frontiers of Risk Community College Risk Management Consortium July 20-21, 2017 JILL MCEWEN - FOX VALLEY TECHNICAL COLLEGE JOE DESPLAINES DISTRICTS MUTUAL
More informationService Description: Advanced Services Fixed Price Cisco WebEx Advise and Implement Service (0-5,000 Users) (ASF- WBXS-UC-PDIBSE)
Page 1 of 9 Service Description: Advanced Services Fixed Price Cisco WebEx Advise and Implement Service (0-5,000 Users) (ASF- WBXS-UC-PDIBSE) This document describes Advanced Services Fixed Price Cisco
More informationCenteris Data Centers - Security Procedure. Revision Date: 2/28/2018 Effective Date: 2/28/2018. Site Information
Section 01 Document Information Creation Date: 12/1/2016 Centeris Data Centers - Security Procedure Revision Date: 2/28/2018 Effective Date: 2/28/2018 Section 02 Site Information Site Information Document
More informationINFORMATION SECURITY- DISASTER RECOVERY
Information Technology Services Administrative Regulation ITS-AR-1505 INFORMATION SECURITY- DISASTER RECOVERY 1.0 Purpose and Scope The objective of this Administrative Regulation is to outline the strategy
More informationBusiness Continuity and Disaster Recovery
Business Continuity and Disaster Recovery Index Section Title 1. Executive Summary 2. Policy Statement 3. Strategy 4. Governance 5. Key Documentation 6. Testing 1 Executive Summary Business Continuity
More informationWeb Hosting: Mason Home Page Server (Jiju) Service Level Agreement 2012
Web Hosting: Mason Home Page Server (Jiju) Service Level Agreement 2012 Table of Contents 1 General Overview... 2 2 Service Description... 2 2.1 Service Scope... 2 2.1.1 Eligibility Requirements... 2 2.1.2
More informationService Improvement Review of Guarding:
Appendix 1 Service Improvement Review of Guarding: Management Summary August 2005 Not Protectively Marked Protective Marking Not Protectively Marked Publication Scheme Y/N Title N SIR - PO4/251b Version
More information: Course CDFOM : Certified Data Centre Facilities Operations Manager
Module Title Duration : Course CDFOM : Certified Data Centre Facilities Operations Manager : 3 days Course Description Managing the facilities of today s hi-end and hi-availability data centres is an extremely
More informationOKhahlamba Local Municipality
Document Reference Number Version Number Effective Date Review Date OKhahlamba Local Municipality DRAFT 2016/2017 Information and Communication Technology (ICT) Strategy Document Owner Thami Makhubu IT
More informationCorporate Information Security Policy
Overview Sets out the high-level controls that the BBC will put in place to protect BBC staff, audiences and information. Audience Anyone who has access to BBC Information Systems however they are employed
More informationPenetration Testing and Team Overview
ATO Trusted Access Penetration Testing and Team Overview PRESENTED BY Name: Len Kleinman Director ATO Trusted Access Australian Taxation Office 18 May 2011 What is Vulnerability Management? The on-going
More informationService Description: Software Support
Page 1 of 6 Service Description: Software Support This document describes the service offers under Cisco Software Support. This includes Software Support Service (SWSS), Software Support Basic, Software
More informationService Description: Software Support
Page 1 of 1 Service Description: Software Support This document describes the service offers under Cisco Software Support. This includes Software Support Service (SWSS), Software Support Basic, Software
More informationGoogle Cloud & the General Data Protection Regulation (GDPR)
Google Cloud & the General Data Protection Regulation (GDPR) INTRODUCTION General Data Protection Regulation (GDPR) On 25 May 2018, the most significant piece of European data protection legislation to
More informationNORTHPINE COMMUNITY IMPROVEMENT DISTRICT IMPLEMENTATION PLAN 01 st July th June 2022
1 Convene meeting Nominate and elect NCID board PROGRAM 1 MANAGEMENT, COMMUNICATION & OPERATIONS SRA Steering Committee Once at Inception Phase 1 N/A N/A N/A N/A Minutes of meeting and list of elected
More informationManagement s Response to the Auditor General s Review of Management and Oversight of the Integrated Business Management System (IBMS)
APPENDI 2 ommendation () () 1. The City Manager in consultation with the Chief Information Officer give consideration to the establishment of an IBMS governance model which provides for senior management
More information1. You should attempt all 40 questions. Each question is worth one mark.
Sample Paper D Question Booklet Multiple Choice Exam Duration: 60 minutes Instructions 1. You should attempt all 40 questions. Each question is worth one mark. 2. Mark your answers on the answer sheet
More informationEA-ISP Business Continuity Management and Planning Policy
Technology & Information Services EA-ISP-002 - Business Continuity Management and Planning Policy Owner: Adrian Hollister Author: Paul Ferrier Date: 06/03/2017 Document Security Level: PUBLIC Document
More informationStrategic Security Analyst
Strategic Security Analyst Location: [North America] [United States] Town/City: Monrovia Category: Security Job Type: Fixed term, Full-time *Preferred location: USA, UK or Australia where WVI is registered*
More informationDETAILED POLICY STATEMENT
Applies To: HSC Responsible Office: HSC Information Security Office Revised: New 12/2010 Title: HSC-200 Security and Management of HSC IT Resources Policy POLICY STATEMENT The University of New Mexico
More informationBoard Assurance Framework and Corporate Risk Register Report
Trust Board Meeting in Public: Wednesday 9 th November 20 Title Board Assurance Framework and Corporate Risk Register Report Status History For discussion The full BAF and CRR was reported to the: Audit
More informationBUSINESS CONTINUITY. Topics covered in this checklist include: General Planning
BUSINESS CONTINUITY Natural and manmade disasters are happening with alarming regularity. If your organization doesn t have a great business continuity plan the repercussions will range from guaranteed
More informationInformation backup - diagnostic review Abertawe Bro Morgannwg University Health Board. Issued: September 2013 Document reference: 495A2013
Information backup - diagnostic review Abertawe Bro Morgannwg University Health Board Issued: September 2013 Document reference: 495A2013 Status of report This document has been prepared for the internal
More informationThe University of Sheffield CCTV and Body worn cameras (BWC) Privacy Impact Assessment
The University of Sheffield CCTV and Body worn cameras (BWC) Privacy Impact Assessment 1. INTRODUCTION 1.1 This Privacy Impact Assessment (PIA) CCTV and BWC is recommended in The Surveillance Camera Code
More informationInformation Technology Disaster Recovery Planning Audit Redacted Public Report
1200, Scotia Place, Tower 1 10060 Jasper Avenue Edmonton, Alberta T5J 3R8 edmonton.ca/auditor Information Technology Disaster Recovery Planning Audit Redacted Public Report June 12, 2018 City of Edmonton
More informationData Center Access Policies and Procedures
Data Center Access Policies and Procedures Version 2.0 Tuesday, April 6, 2010 1 Table of Contents UITS Data Center Access Policies and Procedures!3 Introduction!3. Overview!3 Data Center Access!3 Data
More informationASD CERTIFICATION REPORT
ASD CERTIFICATION REPORT Amazon Web Services Elastic Compute Cloud (EC2), Virtual Private Cloud (VPC), Elastic Block Store (EBS) and Simple Storage Service (S3) Certification Decision ASD certifies Amazon
More informationApril Appendix 3. IA System Security. Sida 1 (8)
IA System Security Sida 1 (8) Table of Contents 1 Introduction... 3 2 Regulatory documents... 3 3 Organisation... 3 4 Personnel security... 3 5 Asset management... 4 6 Access control... 4 6.1 Within AFA
More informationRequest the Creation and Changes to Security Access Groups
Electronic Records Management System (ERMS) ERMS Process Guide 5 Request the Creation and Changes to Security Access Groups 1. Purpose This Process Guide describes the process for requesting the creation
More informationNational College for High Speed Rail DATA BREACH NOTIFICATION PROCEDURE
National College for High Speed Rail DATA BREACH NOTIFICATION PROCEDURE Document Reference Version Author Owner Workstream / Business area Classification Approval Level Version approval date Review schedule
More informationIT Information Security Manager Job Description
IT Information Security Manager Job Description IT Information Security Manager Responsible to: Accountable to: IT Service Manager Head of IT Services Overall Purpose To provide effective response, protection
More informationAndrew Durant/Ellen Sullivan
AGENDA ITEM: 3.5 INFORMATION MANAGEMENT, TECHNOLOGY AND GOVERNANCE COMMITTEE DATE OF MEETING: 2 OCTOBER 2018 Subject : Approved and Presented by: Prepared by: Other Committees and meetings considered at:
More informationCommunications Room Policy
Information Security Policies Communications Room Policy Author : David Rowbotham Date : 01/07/2014 Version : 1.1 Status : Initial Release MAG Information Security IT Policies Page: 1 1 Table of contents
More informationUniversity of Texas Arlington Data Governance Program Charter
University of Texas Arlington Data Governance Program Charter Document Version: 1.0 Version/Published Date: 11/2016 Table of Contents 1 INTRODUCTION... 3 1.1 PURPOSE OF THIS DOCUMENT... 3 1.2 SCOPE...
More informationCanada Life Cyber Security Statement 2018
Canada Life Cyber Security Statement 2018 Governance Canada Life has implemented an Information Security framework which supports standards designed to establish a system of internal controls and accountability
More informationREPORTING INFORMATION SECURITY INCIDENTS
INFORMATION SECURITY POLICY REPORTING INFORMATION SECURITY INCIDENTS ISO 27002 13.1.1 Author: Owner: Organisation: Document No: Chris Stone Ruskwig TruePersona Ltd SP-13.1.1 Version No: 1.0 Date: 1 st
More informationNumber: USF System Emergency Management Responsible Office: Administrative Services
POLICY USF System USF USFSP USFSM Number: 6-010 Title: USF System Emergency Management Responsible Office: Administrative Services Date of Origin: 2-7-12 Date Last Amended: 8-24-16 (technical) Date Last
More informationInformation Security Governance and IT Governance
Information Security Governance and IT Governance Overview NC State is redesigning its IT governance process (see external document, NC State IT Governance Redesign at http://go.ncsu.edu/it-governance-redesign-final
More informationIBM Resilient Incident Response Platform On Cloud
Service Description IBM Resilient Incident Response Platform On Cloud This Service Description describes the Cloud Service IBM provides to Client. Client means the contracting party and its authorized
More informationBusiness Continuity Management Standards A Side-by-Side Comparison
Business Continuity Standards A Side-by-Side Comparison By Brian Zawada (CBCP) & Jared Schwartz (CBCP) Whether your organization has begun a grassroots initiative to develop a business continuity plan
More informationINFORMATION TECHNOLOGY NETWORK ADMINISTRATOR ANALYST Series Specification Information Technology Network Administrator Analyst II
Adopted: July 2000 Revised : April 2004; August 2009; June 2014; February 2018 INFORMATION TECHNOLOGY NETWORK ADMINISTRATOR ANALYST Series Specification Information Technology Network Administrator Analyst
More informationPROGRAM 1 MANAGEMENT, COMMUNICATION & OPERATIONS ACTION STEPS RESPONSIBLE FREQUENCY per year
VREDEKLOOF COMMUNITY IMPROVEMENT DISTRICT 5 YEAR IMPLEMENTATION PLAN 1st July 2018 to 30th June 2019 PROGRAM 1 MANAGEMENT, COMMUNICATION & OPERATIONS 1. Successful day-to-day management and operations
More informationIn addition to the currently approved version of the Chapter s Bylaws roles and responsibilities:
1 VICE PRESIDENT COMMUNICATIONS The Vice President - Communications is responsible for all internal and external publications and announcements distributed by the Chapter to members and the outside community,
More informationChapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS
Chapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS The Saskatchewan Power Corporation (SaskPower) is the principal supplier of power in Saskatchewan with its mission to deliver power
More informationData Centers and Mission Critical Facilities Access and Physical Security Procedures
Planning & Facilities Data Centers and Mission Critical Facilities Access and Physical Security Procedures Attachment B (Referenced in UW Information Technology Data Centers and Mission Critical Facilities
More informationPOWER AND WATER CORPORATION POLICY MANAGEMENT OF EXTERNAL SERVICE PROVIDERS
POWER AND WATER CORPORATION POLICY MANAGEMENT OF EXTERNAL SERVICE PROVIDERS Prepared by: Approved by: Chief Procurement Officer John Baskerville Chief Executive File number: D2015/65737 June 2015 MANAGEMENT
More informationElectronic Emergency Lockdown procedures (Gallagher Configuration Client and Command Centre)
Electronic Emergency Lockdown procedures (Gallagher Configuration Client and Command Centre) Version 1.2 TRIM file number Short description Relevant to Authority Responsible officer Responsible office
More informationGuidance for IT staff on priorities to be used when logging incidents.
Information Technology IT Incident Criteria Guidance for IT staff on priorities to be used when logging incidents. Version Control... 2 Introduction... 3 Definitions (ITIL)... 3 Response time... 3 Resolution
More informationVOCATIONAL QUALIFICATIONS ENTRY CODES 2017/18. ocr.org.uk
VOCATIONAL QUALIFICATIONS ENTRY CODES 2017/18 ocr.org.uk Contents Introduction 1 Key to forms of assessment 1 Version control 2 1 Skills for Business 3 1.1 Administration (Business Professional) 3 1.2
More informationSecurity Annex for Firewalls Additional Terms for Firewall Service
CONTENTS 1 Glossary of Terms & Definitions... 2 2 Service Description... 2 2.1 Firewall Service... 2 2.2 Provisioning... 2 3 Firewall throughput... 3 4 Vendor Change... 3 5 Charges... 3 5.1 Charges payable
More informationAudit Report. The Chartered Institute of Personnel and Development (CIPD)
Audit Report The Chartered Institute of Personnel and Development (CIPD) 24 February 2015 Contents 1 Background 1 1.1 Scope 1 1.2 Audit Report and Action Plan Timescales 2 1.3 Summary of Audit Issues and
More informationManaged NIDS Care Services
Managed NIDS Care Services This Service Guide ( SG ) sets forth a description of CenturyLink Managed NIDS Care Service ( Service ) offerings including technical details and additional requirements or terms,
More informationEXAM PREPARATION GUIDE
EXAM PREPARATION GUIDE PECB Certified ISO/IEC 38500 Lead IT Corporate Governance Manager The objective of the PECB Certified ISO/IEC 38500 Lead IT Corporate Governance Manager examination is to ensure
More informationSecurity and Privacy Governance Program Guidelines
Security and Privacy Governance Program Guidelines Effective Security and Privacy Programs start with attention to Governance. Governance refers to the roles and responsibilities that are established by
More informationIBM Case Manager on Cloud
Service Description IBM Case Manager on Cloud This Service Description describes the Cloud Service IBM provides to Client. Client means and includes the company, its authorized users or recipients of the
More informationClient Services Procedure Manual
Procedure: 85.00 Subject: Administration and Promotion of the Health and Safety Learning Series The Health and Safety Learning Series is a program designed and delivered by staff at WorkplaceNL to increase
More informationIT Security Standard Operating Procedure
IT Security Standard Operating Procedure Notice: This document has been made available through the Police Service of Scotland Freedom of Information Publication Scheme. It should not be utilised as guidance
More informationREVISION HISTORY DATE AMENDMENT DESCRIPTION OF AMENDMENT
REVISION HISTORY DATE AMENDMENT DESCRIPTION OF AMENDMENT IFC SERVICE DESCRIPTION 17 OCTOBER 2016 Page 1 of 9 SERVICE DESCRIPTION 2-14: INTERNATIONAL FALCON CONNECTION SERVICE (IFC Service) 1. THE SERVICE
More informationMassMutual Business Continuity Disclosure Statement
MassMutual Business Continuity Disclosure Statement Overview Resiliency is a high priority at Massachusetts Mutual Life Insurance Company ( MassMutual or the Company ). To that end, significant investments
More informationCardiff University Security & Portering Services (SECTY) CCTV Code of Practice
Cardiff University Security & Portering Services (SECTY) CCTV Code of Practice Document history Author(s) Date S Gamlin 23/05/2018 Revision / Number Date Amendment Name Approved by BI annual revision Date
More informationTSA/FTA Security and Emergency Management Action Items for Transit Agencies
TSA/FTA Security and Emergency Management Action Items for Transit Agencies AACTION ITEM LIST Management and Accountability 1. Establish Written System Security Programs and Emergency Management Plans:
More informationIQ Level 4 Award in Understanding the External Quality Assurance of Assessment Processes and Practice (QCF) Specification
IQ Level 4 Award in Understanding the External Quality Assurance of Assessment Processes and Practice (QCF) Specification Regulation No: 600/5528/5 Page 1 of 15 Contents Page Industry Qualifications...
More informationADDITIONAL TERMS FOR HOSTED IP TELEPHONY SERVICES SCHEDULE 2K(B)
ADDITIONAL TERMS FOR HOSTED IP TELEPHONY SERVICES SCHEDULE 2K(B) CONTENTS 1. Service Description... 3 2. Definitions... 3 3. Service Terms... 3 4. IP Phones... 4 5. Customer Obligations... 4 6. Access
More information