IT Budget. Leslie Sgro OMB Capital Budget Manager
|
|
- Randall Holmes
- 8 years ago
- Views:
Transcription
1 IT Budget Leslie Sgro OMB Capital Budget Manager
2 Rates Committee Balanced Scorecards/Metrics Greg Wass BCCS Deputy Director
3 ERP Scott Harper Department of Natural Resources, CFO
4 Statewide Accounting, HR and Procurement Project Multi-agency project sponsored by Governor s Office, GOMB, and State CIO Goal is to replace aging and fractured administrative systems AND simplify state processes Financed (where possible) out of agency IT or lump sum budget lines
5 Statewide Accounting, HR and Procurement Project Current Status Project Team identified Project Management vendor selected Next Steps Verify requirements from process Interview agencies to verify and inform Conduct Software and services solicitations Find the best vendors for the state
6 Statewide Accounting, HR and Procurement Project Preparation for Meetings (role of CIOs) Any system maps would be helpful Any kind of list of systems that you maintain, or that you use from CMS We are looking for points of integration, both from a perspective of improvement, and from the perspective of potential interfaces we need to have within scope
7 Statewide Accounting, HR and Procurement Project Preparation for Meetings (role of CIOs) You all know the systems in many cases better than the users We would like you to come to the user meetings (send a system specialist if you can t personally attend) We will have functional meetings with 6-8 agencies represented at a time (need to have CIO representation at those meetings) Technical requirements ETL Data warehouse/ Data volumes; native database structure (DB2, SQL, etc.) Data dictionary; maps
8 Statewide Accounting, HR and Schedule Highlights Procurement Project Agency and Functional leadership interviews March 24 th April 18 Software RFP issued mid- May Software and services contracted end of August Start prototyping with Pilot agencies and early adopters early-september
9 epass Electronic Pay Stub System LouAnn Crain BCCS Enterprise Application Services Manager
10 RACF Processes & Procedures Pat Blair BCCS Security & Compliance Manager
11 Central Management Services Security and Compliance
12 RESOURCE ACCESS CONTROL FACILITY Resource Access Control Facility (RACF) Security Process 12
13 RESOURCE ACCESS CONTROL FACILITY RACF security software restricts access to defined systems, subsystems and mainframe applications. RACF enforces the individual s accountability over data and system resources. RACF technical and customer service administrators control access to the mainframe and associated applications. 13
14 RACF STAKEHOLDERS Stakeholder Agency Liaison Agency RACF Admin BIM CSC RACS ERATA User Stakeholder Description Proxy Agencies RACF contact authorized to make requests of BCCS Staff within the agency authorized to make RACF id changes, BCCS Identity Management Portal available to RACF users, CMS/BCCS Customer Solution Center RACF Admin Customer Support for Agency Admins Enterprise RACF Admin Technical Application (BCCS mainframe support group/level III support) Individual or Device or Function assigned an ID 14
15 ROLES AND RESPONSIBILITIES STAKEHOLDER RACF ID GROUP ACCESS VALIDATE Agency Liaison Request Request Request Approve Agency RACF Admin Create Delete Re-assign Revoke Connect Create Remove Connect Remove CSC & BIM Reset Password Enterprise RACF Admin Technical Application Create Delete Inform Re-assign Remove Revoke Connect Create Delete Inform Re-assign Remove Revoke Connect Create Delete Inform Re-assign Remove Revoke Approve Monitors Owner Authorize Approve Personnel Inform RACF Admin Customer Support Create Delete Re-assign Revoke Connect Create Delete Re-assign Revoke Connect Remove User Reset password Internal Monitor 15
16 RACF PROCESS Mainframe Security Request form used alone or with an ESR Mainframe Security Request indicates access required and proper approval Three purposes for the Mainframe Security Request Form: 1. New RACF id request 2. Modification to an existing RACF id 3. To accompany an Exit Form or other action requiring a deletion Reports Significant to the RACF Process: 1. Separation Reports 2. Security Reports day Stale Account Reports Password Resets 1. BIM 2. request to the Help Desk 16
17 Agency Responsibilities CIOs cannot grant CMS access to their Data CMS has no access to the Agency s programs CMS has no access to the Agency s Data Each agency and department shall establish standards and procedures by which the data entrusted under their purview is protected from misuse, unauthorized modification, or unauthorized disclosure. Each agency will identify to CMS/BCCS the individual(s) who may access security reports detailing uses and attempted RACF violations in reference to resources on CMS/BCCS mainframe. Periodically, copies of all security related lists will be mailed to the RACF Administrators for update purposes. Responding in a timely manner is most important. 17
18 Agency Disaster Recovery Requirements Each agency will establish a comprehensive plan to recover the information assets entrusted to it in the event of accidental or intentional destruction. Security reports are available to any agency that submits a written request to the CMS/BCCS Security Administrator designating individuals authorized to review that agency's security. RACF Contact: cms.racf@illinois.gov Manage Passwords: 18
19 HB 1040 Christ Balich General Counsel to the State CIO
20 ARB Vaulting Services Windows 7 Deployment Steve Nation BCCS Infrastructure Services Chief
21 Questions?
FLORIDA ACCOUNTING INFORMATION RESOURCE SUBSYSTEM
REPORT NO. 2010-021 OCTOBER 2009 DEPARTMENT OF FINANCIAL SERVICES FLORIDA ACCOUNTING INFORMATION RESOURCE SUBSYSTEM Information Technology Operational Audit For the Period July 1, 2008, Through June 30,
More informationDepartment of Information Technology Remote Access Audit Final Report. January 2010. promoting efficient & effective local government
Department of Information Technology Remote Access Audit Final Report January 2010 promoting efficient & effective local government Background Remote access is a service provided by the county to the Fairfax
More informationWright State University Information Security
Wright State University Information Security Controls Policy Title: Category: Audience: Reason for Revision: Information Security Framework Information Technology WSU Faculty and Staff N/A Created / Modified
More informationPBGC Information Security Policy
PBGC Information Security Policy 1. Purpose. The Pension Benefit Guaranty Corporation (PBGC) Information Security Policy (ISP) defines the security and protection of PBGC information resources. 2. Reference.
More informationInformation Security Program CHARTER
State of Louisiana Information Security Program CHARTER Date Published: 12, 09, 2015 Contents Executive Sponsors... 3 Program Owner... 3 Introduction... 4 Statewide Information Security Strategy... 4 Information
More informationIT Coordinator Guide to BCCS Services
CENTRAL MANAGEMENT SERVICES Bureau of Communication and Computer Services IT Coordinator Guide to BCCS Services Connect to BCCS Website: http://www2.illinois.gov/bccs Revised: August 2011 Table of Contents
More informationOffice of the State Auditor. Audit Report
Office of the State Auditor Audit Report Department of the Treasury Office of Telecommunications and Information Systems River Road and Barrack Street Data enters March 6, 1995 to September 30, 1995 Department
More informationInformation Technology Division
Information Technology Division Findings on Reportable Conditions Finding Number 15: Access to Production and Utility Libraries Should Be More Restricted Although ITD has made a significant effort to restrict
More informationAutomated User Provisioning
Automated User Provisioning NOMINATING CATEGORY: ENTERPRISE IT MANAGEMENT INITIATIVES NOMINATOR: TONY ENCINIAS, CHIEF TECHNOLOGY OFFICER COMMONWEALTH OF PENNSYLVANIA 1 TECHNOLOGY PARK HARRISBURG, PA 17110
More informationVillage of Hastings-on-Hudson Electronic Policy. Internal and External Email Policies and Procedures
Village of Hastings-on-Hudson Electronic Policy Internal and External Email Policies and Procedures Effective February 2012 1 1. Table of Contents 1. General Policies... 3 1.1 Establishment and upkeep
More informationUniversity of Central Florida Class Specification Administrative and Professional. Information Security Officer
Information Security Officer Job Code: 2534 Serve as the information security officer for the University. Develop and computer security system standards, policies, and procedures. Serve as technical team
More informationDepartment of Information Technology
Department of Information Technology ISSUE DATE: 6/3/08 EFFECTIVE DATE: 9/1/08 Facilities TITLE: Physical Access Control for DoIT POLICY NUMBER: DOIT-773-3102-001-A REVISED DATE: NEXT REVIEW DATE: 9/1/09
More informationEnterprise Projects Fiscal Year 2009/2010 Third Quarter Report
Enterprise Projects Fiscal Year 2009/2010 Third Quarter Report Enterprise Projects Fiscal Year 2009/2010 - Third Quarter Report The Enterprise Program Investment Council (EPIC) is responsible for governance
More informationHACKED: Data Breach Scenario
HACKED: Data Breach Scenario John McCabe SVP & Chief Operating Officer, Liberty International Underwriters Andrew Methven Risk & Assurance Manager, City of Sydney Joe Perricone Experienced Chief Information
More informationReleased December 18 th, 2007
THE TEXAS A&M UNIVERSITY SYSTEM OFFICE STRATEGIC PLAN FY 2008-2012 Released December 18 th, 2007 (Updated as of June 16 th, 2008) Table of Contents Mission and Vision 3 Imperative 1: Customer Satisfaction
More informationAchieving PCI COMPLIANCE with the 2020 Audit & Control Suite. www.lepide.com/2020-suite/
Achieving PCI COMPLIANCE with the 2020 Audit & Control Suite 7. Restrict access to cardholder data by business need to know PCI Article (PCI DSS 3) Report Mapping How we help 7.1 Limit access to system
More informationSACRAMENTO CITY UNIFIED SCHOOL DISTRICT Position Description. DEPARTMENT: Technology Services SALARY: Range 13 Salary Schedule A
SACRAMENTO CITY UNIFIED SCHOOL DISTRICT Position Description TITLE: Database Administrator CLASSIFICATION: Non-Represented Management, Classified SERIES: Coordinator III FLSA: Exempt JOB CLASS CODE: 1972
More informationMICHIGAN AUDIT REPORT OFFICE OF THE AUDITOR GENERAL THOMAS H. MCTAVISH, C.P.A. AUDITOR GENERAL
MICHIGAN OFFICE OF THE AUDITOR GENERAL AUDIT REPORT THOMAS H. MCTAVISH, C.P.A. AUDITOR GENERAL ...The auditor general shall conduct post audits of financial transactions and accounts of the state and of
More informationSTATE OF NORTH CAROLINA
STATE OF NORTH CAROLINA INFORMATION SYSTEMS AUDIT OFFICE OF INFORMATION TECHNOLOGY SERVICES INFORMATION TECHNOLOGY GENERAL CONTROLS OCTOBER 2014 OFFICE OF THE STATE AUDITOR BETH A. WOOD, CPA STATE AUDITOR
More informationState of Illinois Department of Central Management Services GENERAL SECURITY FOR STATEWIDE IT RESOURCES POLICY
State of Illinois Department of Central Management Services GENERAL SECURITY FOR STATEWIDE IT RESOURCES POLICY Effective December 15, 2008 State of Illinois Department of Central Management Services Bureau
More informationINTERNAL AUDIT REPORT. Review of Software Change Management. Fairfax County Internal Audit Office
INTERNAL AUDIT REPORT Review of Software Change Management FAIRFAX COUNTY, VIRGINIA INTERNAL AUDIT OFFICE M E M O R A N D U M TO: Anthony H. Griffin DATE: May 2, 2002 County Executive FROM: SUBJECT: Ronald
More information10. Bureau of Information Technology
10. Bureau of Information Technology Act 6634 (a) There is established within the Office of the Governor, a Bureau of Information Technology (BIT). The Bureau shall be administered by a Director, who shall
More informationInformation Resources Security Guidelines
Information Resources Security Guidelines 1. General These guidelines, under the authority of South Texas College Policy #4712- Information Resources Security, set forth the framework for a comprehensive
More informationDepartment of Finance Department of Purchasing and Supply Management Fixed Assets System Audit Final Report
Department of Finance Department of Purchasing and Supply Management Fixed Assets System Audit Final Report November 2006 promoting efficient & effective local government Executive Summary The Department
More informationInformation Technology. House Appropriations Subcommittee on Information Technology February 14, 2013
Information Technology House Appropriations Subcommittee on Information Technology February 14, 2013 Budget Process Budget Subcommittee IT in North Carolina Definition History Legislation Project Management
More information".,!520%'$!#)!"#$%&!>#($!#)! <*+,-(./0!/+!567!5+:,($2,+$! @,'/(/#+(!
".,!520%'$!#)!"#$%&!>#($!#)!
More informationSpecial Item No. 132-51 Information Technology Professional Services. Government Site GSA Rate Effective March 6, 2015
Fixed Hourly Rates - Labor Category Contract Number: GS-35F-0278L Period Covered by Contract: March 7, 2001 through March 6, 2016 Amendment/Modification No.: PS-0011 dated March 4, 2011 Special Item No.
More informationCASE MANAGEMENT SYSTEM
REPORT NO. 2010-197 JUNE 2010 PUBLIC SERVICE COMMISSION CASE MANAGEMENT SYSTEM Information Technology Operational Audit For the Period December 2009 Through March 2010 and Selected Actions from January
More informationELECTRONIC INFORMATION SECURITY A.R.
A.R. Number: 2.6 Effective Date: 2/1/2009 Page: 1 of 7 I. PURPOSE In recognition of the critical role that electronic information systems play in City of Richmond (COR) business activities, this policy
More informationFAYETTEVILLE STATE UNIVERSITY POLICY ON INFORMATION SECURITY
FAYETTEVILLE STATE UNIVERSITY POLICY ON INFORMATION SECURITY Authority: Category: Applies to: Chancellor, Fayetteville State University University-wide Faculty, Staff, and Students History: Approved on
More informationState of Iowa REQUEST FOR INFORMATION. RFI #1217005002 State of Iowa ERP System Maintenance, Upgrades and Services
State of Iowa REQUEST FOR INFORMATION RFI #1217005002 State of Iowa ERP System Maintenance, Upgrades and Services Section 1- Background and Objectives 1.1 Purpose The objective of this Request for Information
More informationDepartment of Public Utilities Customer Information System (BANNER)
REPORT # 2010-06 AUDIT of the Customer Information System (BANNER) January 2010 TABLE OF CONTENTS Executive Summary..... i Comprehensive List of Recommendations. iii Introduction, Objective, Methodology
More information1 Building an Identity Management Business Case. 2 Agenda. 3 Business Challenges
1 Building an Identity Management Business Case Managing the User Lifecycle Across On-Premises and Cloud-Hosted Applications Justifying investment in identity management automation. 2 Agenda Business challenges
More informationCHAPTER 2016-138. Committee Substitute for Committee Substitute for Committee Substitute for House Bill No. 1033
CHAPTER 2016-138 Committee Substitute for Committee Substitute for Committee Substitute for House Bill No. 1033 An act relating to information technology security; amending s. 20.61, F.S.; revising the
More informationRe: RFP # 08-X-39202 MOTOR VEHICLE AUTOMATED TRANSACTION SYSTEM (MATRX) FOR MVC ADDENDUM #10
State of New Jersey DEPARTMENT OF THE TREASURY JON S. CORZINE DIVISION OF PURCHASE AND PROPERTY BRADLEY I. ABELOW Governor PURCHASE BUREAU State Treasurer P.O. BOX 230 TRENTON, NEW JERSEY 08625-0230 September
More informationDHHS Information Technology (IT) Access Control Standard
DHHS Information Technology (IT) Access Control Standard Issue Date: October 1, 2013 Effective Date: October 1,2013 Revised Date: Number: DHHS-2013-001-B 1.0 Purpose and Objectives With the diversity of
More informationComputer Security Roles and Responsibilities and Training Should Remain Part of the Computer Security Material Weakness.
Computer Security Roles and Responsibilities and Training Should Remain Part of the Computer Security Material Weakness September 2004 Reference Number: 2004-20-155 This report has cleared the Treasury
More informationInformation Technology Services Guidelines
Page 1 of 10 Table of Contents 1. Purpose... 2 2. Entities Affected by This Guideline... 2 3. Definitions... 2 4. Guidelines... 3 4.1 Requesting Data Center or... 3 4.2 Requirements for Data Center or...
More informationDHHS Directive Number II-12
DHHS Directive Number II-12 Title: Delegation of Authority to the Director, Division of Information Resource Management Effective Date: November 3, 2008 Revision History: January 1, 2002 Authority: G.S.
More informationTABLE OF CONTENTS. 2006.1259 Information Systems Security Handbook. 7 2006.1260 Information Systems Security program elements. 7
PART 2006 - MANAGEMENT Subpart Z - Information Systems Security TABLE OF CONTENTS Sec. 2006.1251 Purpose. 2006.1252 Policy. 2006.1253 Definitions. 2006.1254 Authority. (a) National. (b) Departmental. 2006.1255
More informationOffice of Inspector General
DEPARTMENT OF HOMELAND SECURITY Office of Inspector General Security Weaknesses Increase Risks to Critical United States Secret Service Database (Redacted) Notice: The Department of Homeland Security,
More informationDepartment of Purchasing and Supply Management Contract Management Audit Final Report. August 2011. promoting efficient & effective local government
Department of Purchasing and Supply Management Contract Management Audit Final Report August 2011 promoting efficient & effective local government Introduction The Purchasing and Supply Management Department
More informationDraft Document STATE OF MICHIGAN. SACWIS Planning Department of Human Services Strategic Implementation Plan: Project Staffing
STATE OF MICHIGAN SACWIS Planning Department of Human Services Strategic Implementation Plan: Project Staffing Executive Summary The State of Michigan has dedicated integrated team of resources for the
More informationMOBILE DEVICE SECURITY POLICY
State of Illinois Department of Central Management Services MOBILE DEVICE SECURITY Effective: October 01, 2009 State of Illinois Department of Central Management Services Bureau of Communication and Computer
More informationAUDIT OF SBA S LOAN APPLICATION TRACKING SYSTEM AUDIT REPORT NUMBER 4-18 APRIL 5, 2004
AUDIT OF SBA S LOAN APPLICATION TRACKING SYSTEM AUDIT REPORT NUMBER 4-18 APRIL 5, 2004 This report may contain proprietary information subject to the provisions of 18 USC 1905 and must not be released
More informationInformation System Audit. Arkansas Administrative Statewide Information System (AASIS) General Controls
Information System Audit Arkansas Administrative Statewide Information System (AASIS) General Controls ARKANSAS DIVISION OF LEGISLATIVE AUDIT April 12, 2002 April 12, 2002 Members of the Legislative Joint
More informationBUDGET LETTER 05-03 PEER-TO-PEER FILE SHARING 4841.1, 4841.2, EXECUTIVE ORDER S-16-04
BUDGET LETTER SUBJECT: PEER-TO-PEER FILE SHARING REFERENCES: STATE ADMINISTRATIVE MANUAL SECTIONS 4819.2, 4840.4, 4841.1, 4841.2, EXECUTIVE ORDER S-16-04 NUMBER: 05-03 DATE ISSUED: March 7, 2005 SUPERSEDES:
More informationWHITEPAPER Complying with HIPAA LogRhythm and HIPAA Compliance
WHITEPAPER Complying with HIPAA LogRhythm and HIPAA Compliance Complying With HIPAA The Department of Health and Human Services (HHS) enacted the Health Insurance Portability and Accountability Act of
More informationCITY UNIVERSITY OF HONG KONG Information Security Incident Management Standard
CITY UNIVERSITY OF HONG KONG Information Security Incident Management Standard (Approved by the Information Strategy and Governance Committee in December 2013; revision 1.1 approved by Chief Information
More informationCyber Side-Effects: How Secure is the Personal Information Entered into the Flawed Healthcare.gov? Statement for the Record
Cyber Side-Effects: How Secure is the Personal Information Entered into the Flawed Healthcare.gov? Statement for the Record Roberta Stempfley Acting Assistant Secretary for Cybersecurity and Communications
More informationPRIVILEGED IDENTITY MANAGEMENT CASE STUDY. Barak Feldman, Cyber-Ark Software Seth Fogie, Lancaster General Health
PRIVILEGED IDENTITY MANAGEMENT CASE STUDY Barak Feldman, Cyber-Ark Software Seth Fogie, Lancaster General Health November 10, 2011 Cyber-Ark Overview! Established in 1999, HQ Boston, MA Strategic Partnerships!
More informationBEFORE THE BOARD OF COUNTY COMMISSIONERS FOR MULTNOMAH COUNTY, OREGON RESOLUTION NO. 05-050
BEFORE THE BOARD OF COUNTY COMMISSIONERS FOR MULTNOMAH COUNTY, OREGON RESOLUTION NO. 05-050 Adopting Multnomah County HIPAA Security Policies and Directing the Appointment of Information System Security
More informationInformation Security Policy September 2009 Newman University IT Services. Information Security Policy
Contents 1. Statement 1.1 Introduction 1.2 Objectives 1.3 Scope and Policy Structure 1.4 Risk Assessment and Management 1.5 Responsibilities for Information Security 2. Compliance 3. HR Security 3.1 Terms
More informationEnterprise Resource Planning
Enterprise Resource Planning Organizational Readiness & Risk Assessment Workbook Prepared for: Copyright S.S. Inc. 1986 2009 Table of Contents OVERVIEW... 2 SECTION A: EXECUTIVE MANAGEMENT S GOALS & COMMITMENT...
More informationNetwork Security Policy
Network Security Policy I. PURPOSE Attacks and security incidents constitute a risk to the University's academic mission. The loss or corruption of data or unauthorized disclosure of information on campus
More informationReport of Audit OFFICE OF INSPECTOR GENERAL. Information Technology Infrastructure Project Management A-07-02. Tammy Rapp Auditor-in-Charge
OFFICE OF INSPECTOR GENERAL Report of Audit Information Technology Infrastructure Project Management A-07-02 Tammy Rapp Auditor-in-Charge FARM CREDIT ADMINISTRATION Memorandum Office of Inspector General
More informationComputer Security Incident Reporting and Response Policy
SECTION: 3.8 SUBJECT: Computer Security Incident Reporting and Response Policy AUTHORITY: Executive Director; Chapter 282.318, Florida Statutes - Security of Data and Information Technology Resources;
More informationTeam A SaaS Strategy
Team A SaaS Strategy What is a strategy? Strategy is the direction and scope of an organization over the long-term term: : which achieves advantages for the organization through its configuration of resources
More informationBusiness-Driven, Compliant Identity Management
SAP Solution in Detail SAP NetWeaver SAP Identity Management Business-Driven, Compliant Identity Management Table of Contents 3 Quick Facts 4 Business Challenges: Managing Costs, Process Change, and Compliance
More informationData Security Incident Response Plan. [Insert Organization Name]
Data Security Incident Response Plan Dated: [Month] & [Year] [Insert Organization Name] 1 Introduction Purpose This data security incident response plan provides the framework to respond to a security
More informationSecurity It s an ecosystem thing
Security It s an ecosystem thing Joseph Alhadeff Vice President Global Public Policy, Chief Privacy Strategist The Security challenge in the before time. Today s Threat Environment
More informationStandard: Information Security Incident Management
Standard: Information Security Incident Management Page 1 Executive Summary California State University Information Security Policy 8075.00 states security incidents involving loss, damage or misuse of
More informationFiscal Year 2015-16 Information Technology Request
PROGRAM PLAN STATUS and OIT BEST PRACTICES 2015-046 Approved Program Plan? N/A Date Approved: DOR and OIT collaborated in developing the project RFP including the business, technical, and security specifications.
More informationMemorandum. ACTION: Report on Computer Security Controls of Financial Management System, FTA FE-2000-098. May 23, 2000.
U.S. Department of Transportation Office of the Secretary of Transportation Office of Inspector General Memorandum ACTION: Report on Computer Security Controls of Financial Management System, FTA FE-2000-098
More informationDATA BREACH NOTIFICATION POLICY
State of Illinois Department of Central Management Services DATA BREACH NOTIFICATION POLICY Effective December 1, 2007 State of Illinois Department of Central Management Services Bureau of Communication
More informationinformation systems security policy...
sales assessment.com information systems security policy... Approved: 2nd February 2010 Last updated: 2nd February 2010 sales assessment.com 2 index... 1. Policy Statement 2. IT Governance 3. IT Management
More informationIT SYSTEM LIFE-CYCLE AND PROJECT MANAGEMENT
United States Department of Agriculture Agricultural Marketing Service Directive 3130.8 IT SYSTEM LIFE-CYCLE AND PROJECT MANAGEMENT I. PURPOSE... 1 II. POLICY... 1 III. DEFINITIONS... 1 IV. DOCUMENTATION
More informationensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster
Security Standards Symantec shall maintain administrative, technical, and physical safeguards for the Symantec Network designed to (i) protect the security and integrity of the Symantec Network, and (ii)
More informationDATA CENTER OPERATIONS
REPORT NO. 2011-082 JANUARY 2011 NORTHWOOD SHARED RESOURCE CENTER DATA CENTER OPERATIONS Information Technology Operational Audit EXECUTIVE DIRECTOR OF THE NORTHWOOD SHARED RESOURCE CENTER Pursuant to
More informationThe Commonwealth of Massachusetts
A. JOSEPH DeNUCCI AUDITOR The Commonwealth of Massachusetts AUDITOR OF THE COMMONWEALTH ONE ASHBURTON PLACE, ROOM 1819 BOSTON, MASSACHUSETTS 02108 TEL. (617) 727-6200 No. 2008-1308-4T OFFICE OF THE STATE
More information1 TABLE OF CONTENTS. 10-2015 Page 1
1 TABLE OF CONTENTS 1 Prerequisites: SWIFT Access and Data Warehouse Access... 2 2 Accessing OBIEE through the SWIFT Administrative Portal... 2 2.1 Navigate to the SWIFT Administrative Portal website...
More informationNew York City Budget -audit
Audit Report on User Access Controls at the Department of Finance 7A03-133 June 26, 2003 THE CITY OF NEW YORK OFFICE OF THE COMPTROLLER 1 CENTRE STREET NEW YORK, N.Y. 10007-2341 ------------- WILLIAM C.
More informationGAO INFORMATION SYSTEMS. The Status of Computer Security at the Department of Veterans Affairs. Report to the Secretary of Veterans Affairs
GAO United States General Accounting Office Report to the Secretary of Veterans Affairs October 1999 INFORMATION SYSTEMS The Status of Computer Security at the Department of Veterans Affairs GAO/AIMD-00-5
More informationFIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.
1. Obtain previous workpapers/audit reports. FIREWALL CHECKLIST Pre Audit Checklist 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review. 3. Obtain current network diagrams
More informationOakland County Department of Information Technology Project Scope and Approach
Oakland County Department of Information Technology Project Scope and Approach Project Name: Configuration Management Reqts & RFP Project ID: DH6181CR Leadership Group: Internal Services Department: Information
More informationMICHIGAN AUDIT REPORT OFFICE OF THE AUDITOR GENERAL. Doug A. Ringler, C.P.A., C.I.A. AUDITOR GENERAL ENTERPRISE DATA WAREHOUSE
MICHIGAN OFFICE OF THE AUDITOR GENERAL AUDIT REPORT PERFORMANCE AUDIT OF THE ENTERPRISE DATA WAREHOUSE DEPARTMENT OF TECHNOLOGY, MANAGEMENT, AND BUDGET August 2014 Doug A. Ringler, C.P.A., C.I.A. AUDITOR
More informationStaffingForce direct and interim staffing services are available throughout the U.S. and in 45 other countries on six continents.
StaffingForce Information Technology Solutions Our search, recruitment and staffing services are specifically designed to reduce your cost per hire while expediting the time it takes to fill your direct
More informationReduce IBM i Help Desk Costs with Self Service Password Reset
Reduce IBM i Help Desk Costs with Self Service Password Reset Increased productivity, repaired relationships, reduced security & audit risks, & lower IT costs Contents Executive Summary 2 Introduction
More informationA McKnight Associates, Inc. White Paper: Effective Data Warehouse Organizational Roles and Responsibilities
A McKnight Associates, Inc. White Paper: Effective Data Warehouse Organizational Roles and Responsibilities Numerous roles and responsibilities will need to be acceded to in order to make data warehouse
More informationDefender Delegated Administration. User Guide
Defender Delegated Administration User Guide 2012 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished
More informationADMINISTRATIVE PROCEDURE #15 OFFICE OF INFORMATION TECHNOLOGY SERVICES (OITS) SERVICE REQUEST METHODOLOGY
ADMINISTRATIVE PROCEDURE #15 OFFICE OF INFORMATION TECHNOLOGY SERVICES (OITS) SERVICE REQUEST METHODOLOGY Section 15.1 Purpose 15.2 Definitions 15.3 Request for Enterprise Service 15.4 Request for Access
More informationDepartment of Defense MANUAL. Procedures for Ensuring the Accessibility of Electronic and Information Technology (E&IT) Procured by DoD Organizations
Department of Defense MANUAL NUMBER 8400.01-M June 3, 2011 ASD(NII)/DoD CIO SUBJECT: Procedures for Ensuring the Accessibility of Electronic and Information Technology (E&IT) Procured by DoD Organizations
More informationIntegrating Hitachi ID Suite with WebSSO Systems
Integrating Hitachi ID Suite with WebSSO Systems 2015 Hitachi ID Systems, Inc. All rights reserved. Web single sign-on (WebSSO) systems are a widely deployed technology for managing user authentication
More informationCalifornia State University, Sacramento INFORMATION SECURITY PROGRAM
California State University, Sacramento INFORMATION SECURITY PROGRAM 1 I. Preamble... 3 II. Scope... 3 III. Definitions... 4 IV. Roles and Responsibilities... 5 A. Vice President for Academic Affairs...
More informationSERVICE ORIENTED EVENT ASSESSMENT CLOSING THE GAP OF COMPLIANCE MANAGEMENT
IBM Software Group SERVICE ORIENTED EVENT ASSESSMENT CLOSING THE GAP OF COMPLIANCE MANAGEMENT Dieter Riexinger IT Architect 09.10.2009 2009 IBM Corporation Agenda Introduction Legal obligations and regulations
More informationPierce County Policy on Computer Use and Information Systems
Pierce County Policy on Computer Use and Information Systems Pierce County provides a variety of information technology resources such as computers, software, printers, scanners, copiers, electronic mail
More informationPresentation to House Committee on Technology: HHS System Identity & Access Management
Presentation to House Committee on Technology: HHS System Identity & Access Management Bowden Hight Deputy Executive Commissioner Information Technology Services Health and Human Services Commission May
More informationCONSOLIDATED RECORDS MANAGEMENT SYSTEM (CRMS) USER AGREEMENT
CONSOLIDATED RECORDS MANAGEMENT SYSTEM (CRMS) USER AGREEMENT I. PURPOSE STATEMENT The TENNESSEE FUSION CENTER (TFC) is an initiative of the Tennessee Bureau of Investigation (TBI) and the Department of
More informationTREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION
TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION Private Collection Agencies Adequately March 26, 2008 Reference Number: 2008-20-078 This report has cleared the Treasury Inspector General for Tax Administration
More informationTable of Contents. State/Territory Name: Florida. State Plan Amendment (SPA)#: 14-004. This file contains the following documents in the order listed:
State/Territory Name: Florida Table of Contents State Plan Amendment (SPA)#: 14-004 This file contains the following documents in the order listed: 1) Approval Letter 2) Summary Form (with 179-like data)
More informationFor additional assistance, contact the CEDI Help Desk at 866-311-9184 or via e-mail at ngs.cedihelpdesk@anthem.com.
CEDI offers a Gateway Self-Service Password to allow Trading Partners the ability to change or reset their password used to connect to the CEDI Gateway. For additional assistance, contact the CEDI Help
More information6. AUDIT CHECKLIST FOR NETWORK ADMINISTRATION AND SECURITY AUDITING
6. AUDIT CHECKLIST FOR NETWORK ADMINISTRATION AND SECURITY AUDITING The following is a general checklist for the audit of Network Administration and Security. Sl.no Checklist Process 1. Is there an Information
More informationInformation Technology Policy
ITP Number ITP-SEC024 Category Security Contact RA-ITCentral@pa.gov Information Technology Policy IT Security Incident Policy Effective Date August 2, 2012 Supersedes Scheduled Review Annual 1. Purpose
More informationSecuring Data in Oracle Database 12c
Securing Data in Oracle Database 12c Thomas Kyte http://asktom.oracle.com/ Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes
More informationCHAPTER 1 COMPUTER SECURITY INCIDENT RESPONSE TEAM (CSIRT)
CHAPTER 1 COMPUTER SECURITY INCIDENT RESPONSE TEAM (CSIRT) PURPOSE: The purpose of this procedure is to establish the roles, responsibilities, and communication procedures for the Computer Security Incident
More informationThe American Academy of Actuaries' mission is to serve the public and the United States actuarial profession. To accomplish this:
REQUEST FOR PROPOSAL (RFP) Retirement Plan and Related Consulting Services May 12, 2011 American Academy of Actuaries 1850 M Street, NW Suite 300 Washington, DC 20036 ATTN: Steve Knell Tel (202) 785-6933
More informationSchool of Medicine Guide to New Web Design
School of Medicine Guide to New Web Design Page 1 Contents 1 Engagement Process... 3 1.1 Process Chart Description... 4 A. Project Planning RFP... 4 B. System Requirements Analysis / Scope... 4 C. System
More informationHengtian Information Security White Paper
Hengtian Information Security White Paper March, 2012 Contents Overview... 1 1. Security Policy... 2 2. Organization of information security... 2 3. Asset management... 3 4. Human Resources Security...
More informationCITY UNIVERSITY OF HONG KONG Business Continuity Management Standard
PUBLIC Version: 1.0 CITY UNIVERSITY OF HONG KONG Business Continuity Management Standard (Approved by the Information Strategy and Governance Committee in December 2013; revision 1.1 approved by Chief
More informationDEPARTMENT OF TAXATION AND FINANCE SECURITY OVER PERSONAL INFORMATION. Report 2007-S-77 OFFICE OF THE NEW YORK STATE COMPTROLLER
Thomas P. DiNapoli COMPTROLLER OFFICE OF THE NEW YORK STATE COMPTROLLER DIVISION OF STATE GOVERNMENT ACCOUNTABILITY Audit Objectives... 2 Audit Results - Summary... 2 Background... 2 Audit Findings...
More information