Chapter 7 Business Continuity and Risk Management

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Chapter 7 Business Continuity and Risk Management"

Transcription

1 Chapter 7 Business Cntinuity and Risk Management Sectin 01 Business Cntinuity Management Initiating the Business Cntinuity Plan (BCP) Purpse: T establish the apprpriate level f business cntinuity management t sustain the peratin f critical business services fllwing a disaster r adverse event. 1. Agencies must maintain a business and disaster recvery plan with respect t infrmatin technlgy. Business and disaster recvery plans shall be prvided t the Office f the State CIO. 2. Agencies, thrugh their management, must implement and supprt an apprpriate infrmatin technlgy business cntinuity prgram t ensure the timely delivery f critical autmated business services t the State s citizens. 3. A management team cmpsed f representatives frm all the agency rganizatinal areas has primary leadership respnsibility t identify infrmatin technlgy risks and t determine what impact these risks have n business peratins. 4. Management must als plan fr business cntinuity, including disaster recvery, based n these risks and dcument cntinuity and recvery strategies and prcedures in a defined business cntinuity plan that is reviewed, apprved, tested and updated n an annual basis Business cntinuity planning framewrk Assessing the BCP Risk Purpse: T require that State agencies manage infrmatin technlgy risks apprpriately as required in GS Agencies shall identify the ptential risks that may adversely impact their business in rder t develp cntinuity and recvery strategies and justify the financial and human resurces required t prvide the apprpriate level f cntinuity initiatives and prgrams. 2. Agencies shall cnduct business risk impact analysis activities that include the fllwing: Define the agency s critical functins and services. Define the resurces (technlgy, staff and facilities) that supprt each critical functin r service. Identify key relatinships and interdependencies amng the agency s critical resurces, functins and services. Estimate the maximum elapsed time that a critical functin r service can be inperable withut a catastrphic impact. (See als Statewide Glssary fr Recvery Time Objective) Estimate the maximum amunt f infrmatin r data that can be lst withut a catastrphic impact t a critical functin r service. (See als Statewide Glssary fr Recvery Pint Objective) Dcument any critical events r services that are time-sensitive r predictable and require a higherthan-nrmal pririty (fr example, tax filing dates, reprting deadlines, etc.). 111

2 Identify any critical nn-electrnic media required t supprt the agency s critical functins r services. Identify any interim r wrkarund prcedures that exist fr the agency s critical functins r services. GUIDELINES The fllwing items shuld be cnsidered: Estimate the decline in effectiveness ver time f each critical functin r service. Estimate financial lsses ver time resulting frm the inperability f each critical functin r service. Estimate tangible (nn-financial) impacts ver time resulting frm the inperability f each critical functin r service. Estimate intangible impacts ver time resulting frm the inperability f each critical functin r service Business cntinuity and risk assessment Business cntinuity planning framewrk Develping the BCP Purpse: T require that the apprpriate level f infrmatin technlgy business cntinuity management is in place t sustain the peratin f critical infrmatin technlgy services t supprt the cntinuity f vital business functins. 1. Management shall develp a business cntinuity plan (BCP) that cvers all f the agency s essential and critical business activities and that includes references t prcedures t be used fr the recvery f systems that perfrm the agency s essential and critical business activities. 2. At a minimum, an agency s business cntinuity plan must: Help prtect the health and safety f the emplyees f the State f Nrth Carlina. Prtect the assets f the State and minimize financial, legal and/r regulatry expsure. Minimize the impact and reduce the likelihd f business disruptins. Create crisis teams and respnse plans fr threats and incidents. Include cmmunicatin tls and prcesses. Require that emplyees are aware f their rles and respnsibilities in the BCP and in plan executin. Include training and awareness prgrams. Require simulatins and tabletp exercises. Have a dcumented plicy statement utlining: Framewrk and requirements fr develping, dcumenting, and maintaining the plans. Requirements fr testing and exercising. Review, sign-ff and update cycles. 112

3 Require senir management versight and apprval. Assess the prfessinal capability f third parties and ensure that they prvide adequate cntact with the agencies. Review dependence n third parties and take actins t mitigate risk assciated with dealing with third parties. Prvide directin n synchrnizatin between any manual wrk data and the autmated systems that ccur during a recvery perid. Set frth prcedures t be fllwed fr restring critical systems t prductin. 3. Training and awareness prgrams shall be undertaken t ensure that the entire agency is cnfident, cmpetent and capable and understands the rles each individual within the agency must perfrm in a disaster/r adverse situatin. 4. The persn(s) designated as the agency business cntinuity plan (BCP) crdinatr(s) has the respnsibility f verseeing the individual plans and files that cnstitute the BCP and ensuring that they are current, meet these standards and are cnsistent with the agency s verall plan. At the directin f the State Chief Infrmatin Officer, an agency s BCP shall be reviewed annually by the Office f Infrmatin Technlgy Services and recmmendatins shall be made fr imprvement, if necessary. 5. The agency business cntinuity plan shall be tested annually, at a minimum. All critical applicatins shall be tested annually. GUIDELINES The fllwing methds are recmmended: Tabletp testing (walk-thrugh f business recvery arrangements using example interruptins). Simulatins (especially fr pst-incident / pst-crisis management rles). Technical recvery testing. Testing recvery at an alternate site. Testing f ht-site arrangements, cmplete rehearsal (testing rganizatin, persnnel, equipment, facilities and prcesses). Updating f plan as necessary. Additinal steps that may be taken include the repetitin f the test t validate any updated prcedure(s) and the additin r remval f applicatin backup prcedures. Agency management shuld define, dcument, and apprve what type f testing methdlgy t use Develping and implementing cntinuity plans including infrmatin security Business cntinuity planning framewrk Testing, maintaining and re-assessing business cntinuity plans Disaster Recvery and/r Restratin Purpse: T restre the perability f the systems supprting critical business prcesses and return t nrmal agency peratins as sn as pssible. The agency is respnsible fr maintaining its ability t recver in the event f an utage. Agencies must ensure that business cntinuity and/r disaster recvery plans are develped, maintained, tested n a prescribed basis and subjected t a cntinual update and imprvement prcess. Agencies shall cnduct the fllwing disaster recvery and/r restratin activities: 1. Define the agency s critical perating facilities and missin essential service(s) r functin(s). 113

4 2. Define the resurces (facilities, infrastructure, and essential systems) that supprt each missin critical service r functin. 3. Define explicit test bjectives and success criteria t enable an adequate assessment f the Disaster Recvery and/r Restratin Develping and implementing cntinuity plans including infrmatin security Sectin 02 Infrmatin Technlgy Risk Management Prgram Implementing a Risk Management Prgram Purpse: T ensure that state agencies manage risks apprpriately. Risk management includes the identificatin, analysis, and management f risks assciated with an agency s business, infrmatin technlgy infrastructure, the infrmatin itself, and physical security t prtect the state s infrmatin technlgy assets and vital business functins. 1. The State f Nrth Carlina recgnizes that each agency, thrugh its management, must implement an apprpriate Infrmatin Technlgy (IT) Risk Management Prgram t ensure the timely delivery f critical autmated business services t the state s citizens. 2. The risk management prgram must identify and classify risks and implement risk mitigatin as apprpriate. 3. The prgram must include the identificatin, classificatin, priritizatin and mitigatin prcesses necessary t sustain the peratinal cntinuity f missin critical infrmatin technlgy systems and resurces. 4. In general, risk is defined as a cnditin r actin that may adversely affect the utcme f a planned activity. Sme types f risk are as fllws: Business Risk The cst and/r lst revenue assciated with an interruptin t nrmal business peratins. Organizatinal Risk The direct r indirect lss resulting frm ne r mre f the fllwing: Inadequate r failed internal prcesses Peple Systems External events Infrmatin Technlgy Risk - The lss f an autmated system, netwrk r ther critical infrmatin technlgy resurce that wuld adversely affect business prcesses. Legal Parameters established by legislative mandates, federal and state regulatins, plicy directives and executive rders that impact delivery f prgram services. Reputatin General estimatin, by the public, n hw state services are delivered (integrity, credibility, trust, custmer satisfactin, image, media relatins, plitical invlvement.) Citizen Services - Prgram services mandated by charter, legislatin, r plicy that prvides fr the delivery f the state s business (educatin, human services, highways, law enfrcement, health and safety, unemplyment benefits, vital recrds, etc.) 114

5 GUIDELINES Agencies are encuraged t select and use guidelines that supprt industry best practices fr risk management relative t business cntinuity planning and security as apprpriate. Sme suggested guidelines are listed belw. Risk Management Prgram Activities: Agency risk management prgrams at a minimum shuld fcus n the fllwing fur types f activities: Identificatin f Risks: A cntinuus effrt t identify which risks are likely t affect business cntinuity and security functins and dcumenting their characteristics. Analysis f Risks: An estimatin f the prbability, impact, and timeframe f the risks, classificatin int sets f related risks, and priritizatin f risks relative t each ther. Mitigatin Planning: Decisins and actins that will reduce the impact f risks, limit the prbability f their ccurrence, r imprve the respnse t a risk ccurrence. Fr mderate r high rated risks, mitigatin plans shuld be develped, dcumented and assigned t managers. Plans shuld include assigned manager s signatures. Tracking and Cntrlling Risks: Cllectin and reprting f status infrmatin abut risks and their mitigatin plans, respnse t changes in risks ver time, and management versight f crrective measures taken in accrdance with the mitigatin plan. Business Cntinuity Risk Management Prcesses: Fr business cntinuity risk management, the fcus f risk management is an impact analysis fr thse risk utcmes that disrupt agency business. Agencies shuld identify the ptential impacts in rder t develp the strategies and justify the resurces required t prvide the apprpriate level f cntinuity initiatives and prgrams. Agencies shuld cnduct business risk impact analysis activities that include the fllwing: Define the agency s critical functins and services. Define the resurces (technlgy, staff, and facilities) that supprt each critical functin r service. Identify key relatinships and interdependencies amng the agency s critical resurces, functins, and services. Estimate the decline in effectiveness ver time f each critical functin r service. Estimate the maximum elapsed time that a critical functin r service can be inperable withut a catastrphic impact. Estimate the maximum amunt f infrmatin r data that can be lst withut a catastrphic impact t a critical functin r service. Estimate financial lsses ver time f each critical functin r service. Estimate tangible (nn-financial) impacts ver time f each critical functin r service. Estimate intangible impacts ver time f each critical functin r service. Dcument any critical events r services that are time-sensitive r predictable and require a higherthan-nrmal pririty. (Fr example - tax filing dates, reprting deadlines, etc.) Identify any critical nn-electrnic media required t supprt the agency s critical functins r services. Identify any interim r wrkarund prcedures that exist fr the agency s critical functins r services. 115

6 Security Risk Prcess: The fcus f security risk management is an assessment f thse security risk utcmes that may jepardize agency assets and vital business functins r services. Agencies shuld identify thse impacts in rder t develp the strategies and justify the resurces required t prvide the apprpriate level f preventin and respnse. It is imprtant t use the results f risk assessment t prtect critical agency functins and services in the event f a security incident. The lack f apprpriate security measures wuld jepardize agency critical functins and services. Security risk impact analysis activities include the fllwing: Identificatin f the Federal, State, and Lcal regulatry r legal requirements that address the security, cnfidentiality, and privacy requirements fr agency functins r services. Identificatin f cnfidential infrmatin stred in the agency s files and the ptential fr fraud, misuse, r ther illegal activity. Identificatin f essential access cntrl mechanisms used fr requests, authrizatin, and access apprval in supprt f critical agency functins and services. Identificatin f the prcesses used t mnitr and reprt t management n whatever applicatins, tls and technlgies the agency has implemented t adequately manage the risk as defined by the agency (i.e., baseline security reviews, review f lgs, use f IDs, lgging events fr frensics, etc.). Identificatin f the agency s IT Change Management and Vulnerability Assessment prcesses. Identificatin f what security mechanisms are in place t cnceal agency data (Encryptin, PKI, etc.). Fr mre infrmatin n implementing a risk management prgram, including the Risk Management Guide and the Risk Assessment Questinnaire, please refer t the Risk Management Services page fund n the Enterprise Security and Risk Management Office (ESRMO) web site: Assessing security risks 4.2 Treating security risks 116

POLICY 1390 Information Technology Continuity of Business Planning Issued: June 4, 2009 Revised: June 12, 2014

POLICY 1390 Information Technology Continuity of Business Planning Issued: June 4, 2009 Revised: June 12, 2014 State f Michigan POLICY 1390 Infrmatin Technlgy Cntinuity f Business Planning Issued: June 4, 2009 Revised: June 12, 2014 SUBJECT: APPLICATION: PURPOSE: CONTACT AGENCY: Plicy fr Infrmatin Technlgy (IT)

More information

Personal Data Security Breach Management Policy

Personal Data Security Breach Management Policy Persnal Data Security Breach Management Plicy 1.0 Purpse The Data Prtectin Acts 1988 and 2003 impse bligatins n data cntrllers in Western Care Assciatin t prcess persnal data entrusted t them in a manner

More information

Systems Support - Extended

Systems Support - Extended 1 General Overview This is a Service Level Agreement ( SLA ) between and the Enterprise Windws Services t dcument: The technlgy services the Enterprise Windws Services prvides t the custmer. The targets

More information

CASSOWARY COAST REGIONAL COUNCIL POLICY ENTERPRISE RISK MANAGEMENT

CASSOWARY COAST REGIONAL COUNCIL POLICY ENTERPRISE RISK MANAGEMENT CASSOWARY COAST REGIONAL COUNCIL POLICY ENTERPRISE RISK MANAGEMENT Plicy Number: 2.20 1. Authrity Lcal Gvernment Act 2009 Lcal Gvernment Regulatin 2012 AS/NZS ISO 31000-2009 Risk Management Principles

More information

CMS Eligibility Requirements Checklist for MSSP ACO Participation

CMS Eligibility Requirements Checklist for MSSP ACO Participation ATTACHMENT 1 CMS Eligibility Requirements Checklist fr MSSP ACO Participatin 1. General Eligibility Requirements ACO participants wrk tgether t manage and crdinate care fr Medicare fee-fr-service beneficiaries.

More information

Session 9 : Information Security and Risk

Session 9 : Information Security and Risk INFORMATION STRATEGY Sessin 9 : Infrmatin Security and Risk Tharaka Tennekn B.Sc (Hns) Cmputing, MBA (PIM - USJ) POST GRADUATE DIPLOMA IN BUSINESS AND FINANCE 2014 Infrmatin Management Framewrk 2 Infrmatin

More information

Accident Investigation

Accident Investigation Accident Investigatin APPLICABLE STANDARD: 1960.29 EMPLOYEES AFFECTED: All emplyees WHAT IS IT? Accident investigatin is the prcess f determining the rt causes f accidents, n-the-jb injuries, prperty damage,

More information

Internal Audit Charter and operating standards

Internal Audit Charter and operating standards Internal Audit Charter and perating standards 2 1 verview This dcument sets ut the basis fr internal audit: (i) the Internal Audit charter, which establishes the framewrk fr Internal Audit; and (ii) hw

More information

GUIDANCE FOR BUSINESS ASSOCIATES

GUIDANCE FOR BUSINESS ASSOCIATES GUIDANCE FOR BUSINESS ASSOCIATES This Guidance fr Business Assciates dcument is intended t verview UPMCs expectatins, as well as t prvide additinal resurces and infrmatin, t UPMC s HIPAA business assciates.

More information

Business Continuity Management Policy

Business Continuity Management Policy The Public Trustee Business Cntinuity Management Plicy Octber 2015 Business Cntinuity Management Plicy Octber 2015 Page 1 f 6 Dcument Infrmatin Apprved Name Psitin Signature Date Mark Crftn A/Public Trustee

More information

Security Services. Service Description Version 1.00. Effective Date: 07/01/2012. Purpose. Overview

Security Services. Service Description Version 1.00. Effective Date: 07/01/2012. Purpose. Overview Security Services Service Descriptin Versin 1.00 Effective Date: 07/01/2012 Purpse This Enterprise Service Descriptin is applicable t Security Services ffered by the MN.IT Services and described in the

More information

HIPAA HITECH ACT Compliance, Review and Training Services

HIPAA HITECH ACT Compliance, Review and Training Services Cmpliance, Review and Training Services Risk Assessment and Risk Mitigatin: The first and mst imprtant step is t undertake a hlistic risk assessment that examines the risks and cntrls related t fur critical

More information

Risk Management Policy AGL Energy Limited

Risk Management Policy AGL Energy Limited Risk Management Plicy AGL Energy Limited AUGUST 2014 Table f Cntents 1. Abut this Dcument... 2 2. Plicy Statement... 2 3. Purpse... 2 4. AGL Risk Cntext... 3 5. Scpe... 3 6. Objectives... 3 7. Accuntabilities...

More information

Key Steps for Organizations in Responding to Privacy Breaches

Key Steps for Organizations in Responding to Privacy Breaches Key Steps fr Organizatins in Respnding t Privacy Breaches Purpse The purpse f this dcument is t prvide guidance t private sectr rganizatins, bth small and large, when a privacy breach ccurs. Organizatins

More information

TrustED Briefing Series:

TrustED Briefing Series: TrustED Briefing Series: Since 2001, TrustCC has prvided IT audits and security assessments t hundreds f financial institutins thrugh ut the United States. Our TrustED Briefing Series are white papers

More information

ENTERPRISE RISK MANAGEMENT ENTERPRISE RISK MANAGEMENT POLICY

ENTERPRISE RISK MANAGEMENT ENTERPRISE RISK MANAGEMENT POLICY ENTERPRISE RISK MANAGEMENT POLICY Plicy N. 10014 Review Date Octber 1, 2014 Effective Date March 1, 2014 Crss- Respnsibility Vice President, Reference Administratin Apprver Executive Cuncil 1. 1. Plicy

More information

GUIDELINE INFORMATION MANAGEMENT (IM) PROGRAM PLAN

GUIDELINE INFORMATION MANAGEMENT (IM) PROGRAM PLAN Gvernment f Newfundland and Labradr Office f the Chief Infrmatin Officer Infrmatin Management Branch GUIDELINE INFORMATION MANAGEMENT (IM) PROGRAM PLAN Guideline (Definitin): OCIO Guidelines derive frm

More information

Business Continuity Management Policy

Business Continuity Management Policy Business Cntinuity Management Plicy Versin: 1.0 Last Amendment: Apprved by: Library Cuncil f New Suth Wales Plicy wner/spnsr: Directr, Operatins and Chief Financial Officer Plicy Cntact Officer: Senir

More information

Audit Committee Charter

Audit Committee Charter Audit Cmmittee Charter Membership The Audit Cmmittee (the "Cmmittee") f the Bard f Directrs (the "Bard") f Philip Mrris Internatinal Inc. (the "Cmpany") shall cnsist f at least three directrs all f whm

More information

Request for Resume (RFR) CATS II Master Contract. All Master Contract Provisions Apply

Request for Resume (RFR) CATS II Master Contract. All Master Contract Provisions Apply Sectin 1 General Infrmatin RFR Number: (Reference BPO Number) Functinal Area (Enter One Only) F50B3400026 7 Infrmatin System Security Labr Categry A single supprt resurce may be engaged fr a perid nt t

More information

Avaya Business Continuity Plan Overview

Avaya Business Continuity Plan Overview Avaya Business Cntinuity Plan Overview 1 Crprate Business Cntinuity Prgram Mdel at Avaya At Avaya the versight f the Business Cntinuity Prgram belngs t the Crprate Business Cntinuity Management Team. This

More information

FY 2014 Senior Level (SL) and Scientific or Professional (ST) Performance Appraisal System Opening Guidance

FY 2014 Senior Level (SL) and Scientific or Professional (ST) Performance Appraisal System Opening Guidance Office f Executive Resurces Office f the Chief Human Capital Officer U.S. Department f Energy FY 2014 Senir Level (SL) and Scientific r Prfessinal (ST) Perfrmance Appraisal System Opening Guidance Table

More information

Change Management Process

Change Management Process Change Management Prcess B1.10 Change Management Prcess 1. Intrductin This plicy utlines [Yur Cmpany] s apprach t managing change within the rganisatin. All changes in strategy, activities and prcesses

More information

CDC UNIFIED PROCESS PRACTICES GUIDE

CDC UNIFIED PROCESS PRACTICES GUIDE Dcument Purpse The purpse f this dcument is t prvide guidance n the practice f Risk Management and t describe the practice verview, requirements, best practices, activities, and key terms related t these

More information

Appendix H. Annual Risk Assessment and Audit Plan 2013/14

Appendix H. Annual Risk Assessment and Audit Plan 2013/14 Annual Risk Assessment and Audit Plan 2013/14 Internal Audit Department September 25, 2013 Table f Cntents Intrductin.. 3 Risk Assessment Prcess... 4 Page 2 Intrductin Each year, the Internal Audit Department

More information

Audit Committee Charter. St Andrew s Insurance (Australia) Pty Ltd St Andrew s Life Insurance Pty Ltd St Andrew s Australia Services Pty Ltd

Audit Committee Charter. St Andrew s Insurance (Australia) Pty Ltd St Andrew s Life Insurance Pty Ltd St Andrew s Australia Services Pty Ltd Audit Cmmittee Charter St Andrew s Insurance (Australia) Pty Ltd St Andrew s Life Insurance Pty Ltd St Andrew s Australia Services Pty Ltd Versin 2.0, 22 February 2016 Apprver Bard f Directrs St Andrew

More information

THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM

THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM 1. Prgram Adptin The City University f New Yrk (the "University") develped this Identity Theft Preventin Prgram (the "Prgram") pursuant

More information

RATIONALE TERMS OF REFERENCE FOR THE QUALITY COMMITTEE UNDER THE EXCELLENT CARE FOR ALL ACT. Authority

RATIONALE TERMS OF REFERENCE FOR THE QUALITY COMMITTEE UNDER THE EXCELLENT CARE FOR ALL ACT. Authority RATIONALE With the intrductin f the Excellent Care fr All Act, hspital bards must nw have a quality cmmittee that reprts t the bard. The template prvides sample terms f references fr rganizatins t adapt

More information

UNIVERSITY OF CALIFORNIA MERCED PERFORMANCE MANAGEMENT GUIDELINES

UNIVERSITY OF CALIFORNIA MERCED PERFORMANCE MANAGEMENT GUIDELINES UNIVERSITY OF CALIFORNIA MERCED PERFORMANCE MANAGEMENT GUIDELINES REFERENCES AND RELATED POLICIES A. UC PPSM 2 -Definitin f Terms B. UC PPSM 12 -Nndiscriminatin in Emplyment C. UC PPSM 14 -Affirmative

More information

Service Level Agreement Distributed Hosting and Distributed Database Hosting

Service Level Agreement Distributed Hosting and Distributed Database Hosting Office f Infrmatin Technlgy Services Service Level Agreement Distributed Hsting and Distributed Database Hsting Nvember 12, 2013 Service Descriptin Distributed Hsting and Distributed Database Hsting Service

More information

System Business Continuity Classification

System Business Continuity Classification Business Cntinuity Prcedures Business Impact Analysis (BIA) System Recvery Prcedures (SRP) System Business Cntinuity Classificatin Cre Infrastructure Criticality Levels Critical High Medium Lw Required

More information

FAFSA / DREAM ACT COMPLETION PROGRAM AGREEMENT

FAFSA / DREAM ACT COMPLETION PROGRAM AGREEMENT FAFSA / DREAM ACT COMPLETION PROGRAM AGREEMENT If using US Pstal Service, please return t: Califrnia Student Aid Cmmissin Prgram Administratin & Services Divisin ATTN: Institutinal Supprt P.O. Bx 419028

More information

INTERNATIONAL STANDARD ON AUDITING 265 COMMUNICATING DEFICIENCIES IN INTERNAL CONTROL TO THOSE CHARGED WITH GOVERNANCE AND MANAGEMENT CONTENTS

INTERNATIONAL STANDARD ON AUDITING 265 COMMUNICATING DEFICIENCIES IN INTERNAL CONTROL TO THOSE CHARGED WITH GOVERNANCE AND MANAGEMENT CONTENTS INTERNATIONAL STANDARD ON AUDITING 265 COMMUNICATING DEFICIENCIES IN INTERNAL CONTROL TO THOSE CHARGED WITH GOVERNANCE AND MANAGEMENT (Effective fr audits f financial statements fr perids beginning n r

More information

Version: Modified By: Date: Approved By: Date: 1.0 Michael Hawkins October 29, 2013 Dan Bowden November 2013

Version: Modified By: Date: Approved By: Date: 1.0 Michael Hawkins October 29, 2013 Dan Bowden November 2013 Versin: Mdified By: Date: Apprved By: Date: 1.0 Michael Hawkins Octber 29, 2013 Dan Bwden Nvember 2013 Rule 4-004J Payment Card Industry (PCI) Patch Management (prpsed) 01.1 Purpse The purpse f the Patch

More information

Gravesham Borough Council

Gravesham Borough Council Classificatin: Part 1 Public Key Decisin: Please specify - N Gravesham Brugh Cuncil Reprt t: Perfrmance and Administratin Cmmittee Date: 12 Nvember 2015 Reprting fficer: Subject: Crprate Perfrmance Manager

More information

MSB FINANCIAL CORP. MILLINGTON BANK AUDIT COMMITTEE CHARTER

MSB FINANCIAL CORP. MILLINGTON BANK AUDIT COMMITTEE CHARTER MSB FINANCIAL CORP. MILLINGTON BANK AUDIT COMMITTEE CHARTER This Audit Cmmittee Charter has been amended as f July 17, 2015. The Audit Cmmittee shall review and reassess this Charter annually and recmmend

More information

System Business Continuity Classification

System Business Continuity Classification System Business Cntinuity Classificatin Business Cntinuity Prcedures Infrmatin System Cntingency Plan (ISCP) Business Impact Analysis (BIA) System Recvery Prcedures (SRP) Cre Infrastructure Criticality

More information

PADUA COLLEGE LIMITED ACN 072 693 700 ABN 20 072 693 700

PADUA COLLEGE LIMITED ACN 072 693 700 ABN 20 072 693 700 PADUA COLLEGE LIMITED ACN 072 693 700 ABN 20 072 693 700 Plicy Title Versin Number Date Issued Critical Incident Management Plicy 2.0 Nvember 2007 Reviewed April 2010 June 2015 Definitin Critical incidents

More information

Data Protection Act Data security breach management

Data Protection Act Data security breach management Data Prtectin Act Data security breach management The seventh data prtectin principle requires that rganisatins prcessing persnal data take apprpriate measures against unauthrised r unlawful prcessing

More information

nbn is committed to identifying hazards, preventing workplace accidents and minimising dangerous health safety and environment incidents.

nbn is committed to identifying hazards, preventing workplace accidents and minimising dangerous health safety and environment incidents. Incident & Hazard Reprting Overview At nbn we are safe, disciplined and reliable. nbn is cmmitted t preventing injury, illness and envirnmental harm by prviding a safe and healthy wrking envirnment fr

More information

EJttilb Health. The University of Texas Medical Branch Audit Services. Audit Report. Epic In-Basket Management Audit. Engagement Number 2015-008

EJttilb Health. The University of Texas Medical Branch Audit Services. Audit Report. Epic In-Basket Management Audit. Engagement Number 2015-008 ',. -... : t'f" ' EJttilb Health The University f Texas Medical Branch Audit Reprt Audit Engagement Number 2015-008 July 2015 nie University f Texas Medical Branch 301 University Bulevard, Suite 4.100

More information

PENETRATION TEST OF THE INDIAN HEALTH SERVICE S COMPUTER NETWORK

PENETRATION TEST OF THE INDIAN HEALTH SERVICE S COMPUTER NETWORK Department f Health and Human Services OFFICE OF INSPECTOR GENERAL PENETRATION TEST OF THE INDIAN HEALTH SERVICE S COMPUTER NETWORK Inquiries abut this reprt may be addressed t the Office f Public Affairs

More information

Environmental, Health & Safety Management System (EHSMS) Training, Awareness and Competency Procedure Revision Number: 7

Environmental, Health & Safety Management System (EHSMS) Training, Awareness and Competency Procedure Revision Number: 7 Envirnmental, Health & Safety Management System (EHSMS) Dcument Number: 00122 Issue Date: 05/07/2014 Training, Awareness and Cmpetency Prcedure Revisin Number: 7 Prepared By: Stalcup, Bryce Apprved By:

More information

FINANCIAL SERVICES FLASH REPORT

FINANCIAL SERVICES FLASH REPORT FINANCIAL SERVICES FLASH REPORT Draft Regulatry Cmpliance Management Guideline Released by the Office f the Superintendent f Financial Institutins May 5, 2014 On April 30, 2014, the Office f the Superintendent

More information

OITS Service Level Agreement

OITS Service Level Agreement OITS Service Level Agreement Objective A Service Level Agreement (SLA) describes the IT Service, dcuments Service Level Targets, and specifies the respnsibilities f the IT Service Prvider and the Custmer.

More information

Sources of Federal Government and Employee Information

Sources of Federal Government and Employee Information Inf Surce Surces f Federal Gvernment and Emplyee Infrmatin Ridley Terminals Inc. TABLE OF CONTENTS General Infrmatin Intrductin t Inf Surce Backgrund Respnsibilities Institutinal Functins, Prgram and Activities

More information

Information Security Incident Response Plan

Information Security Incident Response Plan Infrmatin Security Incident Respnse Plan Agency: Date: Cntact: 1 TABLE OF CONTENTS Intrductin... 3 Authrity... 4 Terms and Definitins... 4 Rles and Respnsibilities... 5 Prgram... 6 Educatin and Awareness...

More information

High Level Meeting on National Drought Policy (HMNDP) CICG, Geneva 11-15 March 2013

High Level Meeting on National Drought Policy (HMNDP) CICG, Geneva 11-15 March 2013 High Level Meeting n Natinal Drught Plicy (HMNDP) CICG, Geneva 11-15 March 2013 Plicy Dcument: Natinal Drught Management Plicy United Natins Cnventin t Cmbat Desertificatin (UNCCD) Fd and Agriculture Organizatin

More information

Maintain a balanced budget primarily the General & Park Funds

Maintain a balanced budget primarily the General & Park Funds EXHIBIT B City f Chic Budget Cntingency Plan P The purpse f the Budget Cntingency Plan is t establish a guideline and general apprach t respnd t adverse financial and ecnmic cnditins that culd negatively

More information

MANITOBA SECURITIES COMMISSION STRATEGIC PLAN 2013-2016

MANITOBA SECURITIES COMMISSION STRATEGIC PLAN 2013-2016 MANITOBA SECURITIES COMMISSION STRATEGIC PLAN 2013-2016 The Manitba Securities Cmmissin (the Cmmissin) is a divisin f the Manitba Financial Services Agency (MFSA). The ther divisin is the Financial Institutins

More information

BIBH Duty Statements and Governance chart reviewed and approved April 2014. BIBH Executive Governance & Management Arrangements

BIBH Duty Statements and Governance chart reviewed and approved April 2014. BIBH Executive Governance & Management Arrangements BIBH Duty Statements and Gvernance chart reviewed and apprved April 2014 BIBH Executive Gvernance & Management Arrangements BIBH COMMITTEE CEO - Paul O Cnnell Executive Secretary - Brian Firth Executive

More information

University of Texas at Dallas Policy for Accepting Credit Card and Electronic Payments

University of Texas at Dallas Policy for Accepting Credit Card and Electronic Payments University f Texas at Dallas Plicy fr Accepting Credit Card and Electrnic Payments Cntents: Purpse Applicability Plicy Statement Respnsibilities f a Merchant Department Prcess t Becme a Merchant Department

More information

Presentation: The Demise of SAS 70 - What s Next?

Presentation: The Demise of SAS 70 - What s Next? Presentatin: The Demise f SAS 70 - What s Next? September 15, 2011 1 Presenters: Jeffrey Ziplw - Partner BlumShapir Jennifer Gerasimv Senir Manager Delitte. SAS 70 Backgrund and Overview Purpse f a SAS

More information

ISO Management Systems. Guidance on understanding the benefits of an ISO Management System

ISO Management Systems. Guidance on understanding the benefits of an ISO Management System ISO Management Systems Guidance n understanding the benefits f an ISO Management System Welcme & Intrductins 4031 University Drive, 206, Fairfax, VA 22030 3 Grant Square, 243, Hinsdale, IL 60521 www.radiancmpliance.cm

More information

Symantec User Authentication Service Level Agreement

Symantec User Authentication Service Level Agreement Symantec User Authenticatin Service Level Agreement Overview and Scpe This Symantec User Authenticatin service level agreement ( SLA ) applies t Symantec User Authenticatin prducts/services, such as Managed

More information

CUSTOMER Information Security Audit Report

CUSTOMER Information Security Audit Report CUSTOMER Infrmatin Security Audit Reprt Versin 1.0 Date Wednesday, 18 January 2006 SafeCms Internet: www.safecms.cm Email: mailt:inf@safecms.cm 2001 Chartered Square Building. 20 th Fl, 152 Nrth Sathrn

More information

Malpractice and Maladministration Policy

Malpractice and Maladministration Policy TR340 Malpractice and Maladministratin Plicy This plicy aims t: Define malpractice and maladministratin in the cntext f CIM/CAM studying members, Accredited study centres (ASCs), examinatin centres, invigilatrs

More information

UNIVERSITY INCIDENT PLANNING COMMITTEE TERMS OF REFERENCE

UNIVERSITY INCIDENT PLANNING COMMITTEE TERMS OF REFERENCE 1. TITLE OF COMMITTEE UNIVERSITY INCIDENT PLANNING COMMITTEE University Incident Planning Cmmittee (IPC) 2. ESTABLISHMENT TERMS OF REFERENCE The University Incident Planning Cmmittee is established in

More information

Fraud Prevention Techniques for Higher Education

Fraud Prevention Techniques for Higher Education Fraud Preventin Techniques fr Higher Educatin Speakers: Brenda Buetw, Crwe Hrwath LLP Jennifer Richards, Crwe Hrwath LLP David English, Augustana Cllege Date: Octber 6, 2014 Sessin Gals Identify the different

More information

LINCOLNSHIRE POLICE Policy Document

LINCOLNSHIRE POLICE Policy Document LINCOLNSHIRE POLICE Plicy Dcument 1. POLICY IDENTIFICATION PAGE POLICY TITLE: ICT CHANGE & RELEASE MANAGEMENT POLICY POLICY REFERENCE NO: PD 186 POLICY OWNERSHIP: ACPO Cmmissining Officer: Prtfli / Business-area

More information

17 Construction environmental management plan (CEMP)

17 Construction environmental management plan (CEMP) 17 Cnstructin envirnmental management plan (CEMP) Bur Happld Cntents 17 Cnstructin Envirnmental Management Plan (CEMP) 17-1 17.1 Intrductin 17-1 17.2 Intrductin t EMS 17-1 17.2.1 Plicy 17-2 17.2.2 Planning

More information

COPIES-F.Y.I., INC. Policies and Procedures Data Security Policy

COPIES-F.Y.I., INC. Policies and Procedures Data Security Policy COPIES-F.Y.I., INC. Plicies and Prcedures Data Security Plicy Page 2 f 7 Preamble Mst f Cpies FYI, Incrprated financial, administrative, research, and clinical systems are accessible thrugh the campus

More information

Process for Responding to Privacy Breaches

Process for Responding to Privacy Breaches Prcess fr Respnding t Privacy Breaches 1. Purpse 1.1 This dcument sets ut the steps that ministries must fllw when respnding t a privacy breach. It must be read in cnjunctin with the Infrmatin Incident

More information

Human Resources Policy pol-020

Human Resources Policy pol-020 Human Resurces Plicy pl-020 Versin: 2.00 Last amendment: Jul 2014 Next Review: Jul 2017 Apprved By: Cuncil Date: 04 May 2005 Cntact Officer: Directr, Office f Human Resurce Services INTRODUCTION The University

More information

HIPAA Compliance 101. Important Terms. Pittsburgh Computer Solutions 724-942-1337

HIPAA Compliance 101. Important Terms. Pittsburgh Computer Solutions 724-942-1337 HIPAA Cmpliance 101 Imprtant Terms Cvered Entities (CAs) The HIPAA Privacy Rule refers t three specific grups as cvered entities, including health plans, healthcare clearinghuses, and health care prviders

More information

7/25/14 FAIRFAX COUNTY PUBLIC SCHOOLS SUPPORT EMPLOYEE PERFORMANCE ASSESSMENT HANDBOOK

7/25/14 FAIRFAX COUNTY PUBLIC SCHOOLS SUPPORT EMPLOYEE PERFORMANCE ASSESSMENT HANDBOOK 7/25/14 FAIRFAX COUNTY PUBLIC SCHOOLS SUPPORT EMPLOYEE PERFORMANCE ASSESSMENT HANDBOOK A Resurce Fr Supprt Emplyees Cpyright 2014, Fairfax Cunty Public Schls http://www.fcps.edu/hr/epd/evaluatins/supprt.shtml

More information

Database Services - Extended

Database Services - Extended 1 General Overview This is a Service Level Agreement ( SLA ) between and Database Services t dcument: The technlgy services Database Services prvides t the custmer. The targets fr respnse times, service

More information

Professional Leaders/Specialists

Professional Leaders/Specialists Psitin Prfile Psitin Lcatin Reprting t Jb family Band BI/Infrmatin Manager Wellingtn Prfessinal Leaders/Specialists Band I Date February 2013 1. POSITION PURPOSE The purpse f this psitin is t: Lead and

More information

IT CONTROL ENVIRONMENT ASSESSMENT AND RECOMMENDATIONS REPORT

IT CONTROL ENVIRONMENT ASSESSMENT AND RECOMMENDATIONS REPORT Chairpersn and Subcmmittee Members AUDIT AND RISK SUBCOMMITTEE 6 AUGUST 2015 Meeting Status: Public Purpse f Reprt: Fr Infrmatin IT CONTROL ENVIRONMENT ASSESSMENT AND RECOMMENDATIONS REPORT PURPOSE OF

More information

OFFICIAL JOB SPECIFICATION. Network Services Analyst. Network Services Team Manager

OFFICIAL JOB SPECIFICATION. Network Services Analyst. Network Services Team Manager JOB SPECIFICATION FUNCTION JOB TITLE REPORTING TO GRADE WORK PATTERN LOCATION IT & Digital Netwrk Services Analyst Netwrk Services Team Manager Band D Full-time Birmingham TRAVEL REQUIRED Occasinally ROLE

More information

Supersedes: DPS Policy 10.09 - Internet and Use Of The DPSnet, July 14, 2000 Effective: February 15, 2005 Pages: 1 of 5

Supersedes: DPS Policy 10.09 - Internet and Use Of The DPSnet, July 14, 2000 Effective: February 15, 2005 Pages: 1 of 5 Plicy: 13.01 SUBJECT: INTERNET USAGE Supersedes: DPS Plicy 10.09 - Internet and Use Of The DPSnet, July 14, 2000 Effective: February 15, 2005 Pages: 1 f 5 1.0 POLICY PURPOSE Detrit Public Schls (DPS) Internet

More information

OE PROJECT MANAGEMENT GLOSSARY

OE PROJECT MANAGEMENT GLOSSARY OE PROJECT MANAGEMENT GLOSSARY ACCEPTANCE CRITERIA : thse criteria, including perfrmance requirements and essential cnditins that must be met befre the prject deliverables are accepted. ACTIVITY: an actin

More information

Change Management Process For [Project Name]

Change Management Process For [Project Name] Management Prcess Fr [Prject Name] i 1 Intrductin The is fllwed during the Executin phase f the Prject Management Life Cycle, nce the prject has been frmally defined and planned. 1.1 What is a Management

More information

Florida Healthcare Coalition Task Force Healthcare Coalition Requirements

Florida Healthcare Coalition Task Force Healthcare Coalition Requirements Flrida Healthcare Calitin Task Frce Healthcare Calitin Requirements HEALTHCARE COALITION REQUIREMENTS The fllwing is a list f requirements fr healthcare calitins (HCC) t cmplete if participating in grant

More information

HEALTH INFORMATION EXCHANGE GRANTS CRITERIA

HEALTH INFORMATION EXCHANGE GRANTS CRITERIA 1 HEALTH INFORMATION EXCHANGE GRANTS CRITERIA INTRODUCTION On August, 20 th, the federal Office f the Natinal Crdinatr fr Health Infrmatin Technlgy (ONC) released an pprtunity fr states t apply fr between

More information

Service Level Agreement (SLA) Hosted Products. Netop Business Solutions A/S

Service Level Agreement (SLA) Hosted Products. Netop Business Solutions A/S Service Level Agreement (SLA) Hsted Prducts Netp Business Slutins A/S Cntents 1 Service Level Agreement... 3 2 Supprt Services... 3 3 Incident Management... 3 3.1 Requesting service r submitting incidents...

More information

FAYETTEVILLE STATE UNIVERSITY

FAYETTEVILLE STATE UNIVERSITY FAYETTEVILLE STATE UNIVERSITY IDENTITY THEFT PREVENTION (RED FLAGS RULE) Authrity: Categry: Issued by the Fayetteville State University Bard f Trustees. University-Wide Applies t: Administratrs Faculty

More information

Business Continuity Management Systems Foundation Training Course

Business Continuity Management Systems Foundation Training Course Certificatin criteria fr Business Cntinuity Management Systems Fundatin Training Curse CONTENTS 1. INTRODUCTION 2. LEARNING OBJECTIVES 3. ENABLING OBJECTIVES KNOWLEDGE & SKILLS 4. TRAINING METHODS 5. COURSE

More information

Template on written coordination and cooperation arrangements of the supervisory college established for the <XY> Group/<A> Institution

Template on written coordination and cooperation arrangements of the supervisory college established for the <XY> Group/<A> Institution COORDINATION AND COOPERATION ARRANGEMENTS EBA/RTS/2014/16 EBA/ITS/2014/07 Annex II Template n written crdinatin and cperatin arrangements f the supervisry cllege established fr the Grup/ Institutin

More information

Information Services Hosting Arrangements

Information Services Hosting Arrangements Infrmatin Services Hsting Arrangements Purpse The purpse f this service is t prvide secure, supprted, and reasnably accessible cmputing envirnments fr departments at DePaul that are in need f server-based

More information

June 29, 2009 Incident Review Dallas Fort Worth Data Center Review Dated: July 8, 2009

June 29, 2009 Incident Review Dallas Fort Worth Data Center Review Dated: July 8, 2009 The purpse f this dcument is t capture the events and subsequent respnse t the incident that tk place in the DFW datacenter n 29 June, 2009. I. Executive Summary On 29 June, an area f the Rackspace DFW

More information

Privacy Breach and Complaint Protocol

Privacy Breach and Complaint Protocol Privacy Breach and Cmplaint Prtcl Effective: December 31, 2012 Apprved by: Le McKenna, CFO 1.0 General Privacy breaches and privacy cmplaints will be handled in accrdance with this prtcl. This prtcl is

More information

Information Technology Services. University of Maine System. Version 0.07. December 20, 2012

Information Technology Services. University of Maine System. Version 0.07. December 20, 2012 IT PROJECT MANAGEMENT OFFICE (PMO) CHARTER Infrmatin Technlgy Services University f Maine System Versin 0.07 December 20, 2012 Prepared by: Rbin Sherman Authrized by: [1] Table f Cntents EXECUTIVE SUMMARY...

More information

Creating an Ethical Culture and Protecting Your Bottom Line:

Creating an Ethical Culture and Protecting Your Bottom Line: Creating an Ethical Culture and Prtecting Yur Bttm Line: Best Practices fr Crprate Cdes f Cnduct Nte: The infrmatin belw and all infrmatin n this website is nt meant t be taken as legal advice. Please

More information

VCU Payment Card Policy

VCU Payment Card Policy VCU Payment Card Plicy Plicy Type: Administrative Respnsible Office: Treasury Services Initial Plicy Apprved: 12/05/2013 Current Revisin Apprved: 12/05/2013 Plicy Statement and Purpse The purpse f this

More information

Unified Communications

Unified Communications Office f Infrmatin Technlgy Services Service Level Agreement Unified Cmmunicatins Nvember 7, 2013 v2.2 Service Descriptin Unified Cmmunicatins Service Descriptin ITS Unified Cmmunicatins ffers a number

More information

Revised October 27, 2011 Page 1 of 6

Revised October 27, 2011 Page 1 of 6 Keystne STARS Accreditatin Applicatin Philsphy The Keystne STARS prgram is Pennsylvania s QRIS which began in 2002. There are fur quality levels frm STAR 1 t STAR 4, each level building n the prir levels;

More information

RUTGERS POLICY. Responsible Executive: Vice President for Information Technology and Chief Information Officer

RUTGERS POLICY. Responsible Executive: Vice President for Information Technology and Chief Information Officer RUTGERS POLICY Sectin: 70.1.1 Sectin Title: Infrmatin Technlgy Plicy Name: Acceptable Use Plicy fr Infrmatin Technlgy Resurces Frmerly Bk: N/A Apprval Authrity: Senir Vice President fr Administratin Respnsible

More information

TO: Chief Executive Officers of all National Banks, Department and Division Heads, and all Examining Personnel

TO: Chief Executive Officers of all National Banks, Department and Division Heads, and all Examining Personnel AL 96-7 Subject: Credit Card Preapprved Slicitatins TO: Chief Executive Officers f all Natinal Banks, Department and Divisin Heads, and all Examining Persnnel PURPOSE The purpse f this advisry letter is

More information

FY 2014 Senior Executive Service Performance Appraisal System Opening Guidance

FY 2014 Senior Executive Service Performance Appraisal System Opening Guidance Office f Executive Resurces Office f the Chief Human Capital Officer U.S. Department f Energy FY 2014 Senir Executive Service Perfrmance Appraisal System Opening Guidance Table f Cntents Cntents I. eperformance

More information

The Town of Fort Frances

The Town of Fort Frances The Twn f Frt Frances PERFORMANCE APPRAISAL POLICY SECTION HUMAN RESOURCES REVISED August 2002 Reslutin N. Supercedes Reslutin N. Plicy Number 3.3 PAGE 1 f 9 1. PURPOSE: The purpse f supprt staff perfrmance

More information

SecurityNational Mortgage Company Vendor Management Program

SecurityNational Mortgage Company Vendor Management Program SecurityNatinal Mrtgage Cmpany Vendr Management Prgram CONTENTS OVERVIEW... 1 VENDOR RISKS... 3 Strategic Risk... 3 Reputatin Risk... 3 Operatinal Risk... 3 Transactin Risk... 4 Credit Risk... 4 Cmpliance

More information

DISASTER RECOVERY PLAN TEMPLATE

DISASTER RECOVERY PLAN TEMPLATE www.disasterrecveryplantemplate.rg The bjective f a disaster recvery plan is t ensure that yu can respnd t a disaster r ther emergency that affects infrmatin systems and minimize the effect n the peratin

More information

UBC Incident Response Plan V1.5

UBC Incident Response Plan V1.5 UBC Incident Respnse Plan V1.5 Cntents 1. Ratinale... 2 2. Objective... 2 3. Applicatin... 2 4. Reprting a Cmputer Security Incident... 2 5. Managing the Security Incident... 2 5.1. All Incidents... 2

More information

CHARTER OF THE COMPENSATION COMMITTEE OF THE BOARD OF DIRECTORS OF UPLAND SOFTWARE, INC.

CHARTER OF THE COMPENSATION COMMITTEE OF THE BOARD OF DIRECTORS OF UPLAND SOFTWARE, INC. CHARTER OF THE COMPENSATION COMMITTEE OF THE BOARD OF DIRECTORS OF UPLAND SOFTWARE, INC. PURPOSE The purpse f the Cmpensatin Cmmittee f the Bard f Directrs (the Bard ) f Upland Sftware, Inc. (the Cmpany

More information

0820.02 Workers Disability Compensation Claims Procedures Issued: January 1, 1994 Revised: March 29, 2012

0820.02 Workers Disability Compensation Claims Procedures Issued: January 1, 1994 Revised: March 29, 2012 State f Michigan Administrative Guide t State Gvernment 0820.02 Wrkers Disability Cmpensatin Claims Prcedures Issued: January 1, 1994 Revised: March 29, 2012 SUBJECT: APPLICATION: PURPOSE: CONTACT AGENCY:

More information

State of California California Technology Agency. Software Management Plan Guidelines

State of California California Technology Agency. Software Management Plan Guidelines State f Califrnia Califrnia Technlgy Agency Sftware Management Plan Guidelines Revised April 2011 Sectin 1 1.0 Overview INTRODUCTION TO SOFTWARE MANAGEMENT PLANNING The State Administrative Manual (SAM)

More information

Version Date Comments / Changes 1.0 January 2015 Initial Policy Released

Version Date Comments / Changes 1.0 January 2015 Initial Policy Released Page 1 f 6 Vice President, Infrmatics and Transfrmatin Supprt APPROVED (S) REVISED / REVIEWED SUMMARY Versin Date Cmments / Changes 1.0 Initial Plicy Released INTENT / PURPOSE The Infrmatin and Data Gvernance

More information

CPIT Aoraki Communications and Operations Management

CPIT Aoraki Communications and Operations Management This security standard refers t CPIT, which is the current legal name fr the new rganisatin established 1 January 2016 bringing tgether CPIT and Araki Plytechnic. Knwn as CPIT Araki the new rganisatin

More information