Vulnerability Management:

Size: px
Start display at page:

Download "Vulnerability Management:"

Transcription

1 Vulnerability Management: Creating a Prcess fr Results Kyle Snavely Veris Grup, LLC Summary Organizatins increasingly rely n vulnerability scanning t identify risks and fllw up with remediatin f thse risks. Hwever, in the absence f a cmplete Vulnerability Management prgram, rganizatins may fail t gain a cmplete and accurate assessment f their vulnerabilities. Likewise, rganizatins withut clear prcesses fr cmmunicating the assciated tasks and data f the scans may als fail t adequately execute patches, r they may nt track and archive the infrmatin required fr regulatry cmpliance. A Vulnerability Management prgram designed fr results takes int cnsideratin the cnfiguratin, crdinatin, and cmmunicatin necessary t successfully prtect critical data and reduce the risks t the rganizatin. WHY VULNERABILITY MANAGEMENT? Ensure prtectin f critical data Meet cmpliance regulatins Reduce risk r minimize impact by addressing vulnerabilities in a timely manner Prepare t meet future security needs f a grwing rganizatin What is Vulnerability Management? Vulnerability scanning is increasingly cmmn in rganizatins acrss industries, particularly thse wh must adhere t federal, industry, r ther regulatins regarding cybersecurity. The scans themselves are designed t discver risks thrughut the rganizatin s netwrks; hwever, scanning in the absence f a cmplete Vulnerability Management prgram can actually d as much harm as gd. Scans prduce data, but that data presents its wn set f questins, including: What updates and patches are available t the systems in the enterprise? Which devices were included in the scans? Which vulnerabilities shuld be remediated first? Wh is respnsible fr the remediatin? These questins, albeit nt an exhaustive list, cnfirm the many critical cmpnents f security that a cmprehensive vulnerability management prgram addresses. SANS Institute, an established cybersecurity training rganizatin, calls a cntinuus vulnerability assessment and remediatin prcess ne f the tp 20 Critical Security Cntrls. As much as the authr emphasizes the need fr vulnerability scanning, SANS further pints ut that if the scans are nt prperly maintained and regulated, attackers use

2 the scans as a pint f explitatin. While this may be an extreme example, it supprts a very imprtant pint: Vulnerability Management is abut much mre than scanning. Challenges f Vulnerability Management Fr many rganizatins, it is challenging enugh t implement scanning, let alne a cmplex Vulnerability Management prgram. Designing and implementing an effective prgram invlves many steps and decisin pints. The challenges begin in the planning phase, which usually assumes the existence f a thrugh and accurate device inventry. This is a large assumptin t make, since many rganizatins d nt accurately maintain an inventry f all enterprise assets. Tl selectin and cnfiguratin is a challenge at this stage as well, and it can impact the success f the Vulnerability Management prgram by freeing up resurces with autmated prcesses. VM STAKEHOLDERS CEO IT Directr Systems Administratrs Vulnerability Management Crdinatr Technical Team Supervisr Security Analysts Netwrk Engineers It is imprtant t carefully cntrl authenticated vulnerability scans and the assciated administratr accunt. Attackers will take ver ne machine with lcal privileges, and wait fr an authenticated scan t ccur against the machine. When the scanner lgs in with dmain admin privileges, the attacker either grabs the tken f the lgged-in scanning tl, r sniffs the challenge respnse and cracks it. Either way, the attacker then can pivt anywhere else in the rganizatin as dmain administratr. -SANS 1 The challenges cntinue thrughut the actual scanning prcess as all f the varius stakehlders attempt t discern wh is respnsible fr what actins, and what the pririty f a reprted vulnerability is. Once a patch is executed, the stakehlders rely n a system t track, check, and revisit the patches, as well as lg the varius firmware updates. Veris Grup has identified three critical cmpnents t cnsider fr rganizatins seeking t implement a successful and cst-effective Vulnerability Management prgram. Figure 1: VM Stakehlders The Three Cs f a Successful Vulnerability Management Prgram A Vulnerability Management prgram allws the rganizatin t plan fr the scans, but als fr the peple and the prcesses that lead t the success f the prgram. By cnfiguring the tls, resurces, and reprting mechanisms ahead f time, the prgram is ready t handle the data that the scans prduce. Hwever, thrugh the prper crdinatin f staffing and definitin f rles and respnsibilities, the rganizatin can ensure that the data results in the

3 crrect slutin in a timely manner. Finally, by cmmunicating the status, reprts, releases, and plicies assciated with the prgram, the stakehlders ensure that the data results in a secure and cmpliant rganizatin. Cnfiguratin Tls Detectin is the mst imprtant task f vulnerability management. Identifying the risks allws the rganizatin t be able t crrect the deficiency, prduce an accurate reprt fr a cmpliance audit, and reduce the level f risk. Hwever, it is imprtant t select the right tl fr the rganizatin. Sme tls, including the cmmercial detectrs Tenable Nessus, Rapid7 Nexpse, and eeye Retina with REM server integratin, have the ability t scale up depending n the size f the enterprise. Other tls will wrk better in smaller envirnment. The tl shuld als be able t utput in the specific reprting frmat required fr cmpliance purpses. The key t selecting a patch management suite is fr the sftware t supprt the majrity f the applicatins in the envirnment with the least amunt f verhead. Patching slutins (e.g., Micrsft SCCM and Altiris Patch Management) shuld als be strng in their ability t prduce status reprts and t autmate patch deplyment. The tls shuld help the rganizatin determine the manual and autmated prcesses, which are als dependent upn the type f platfrms invlved. If a tl des nt supprt a particular platfrm, remediatin n that platfrm becmes a manual prcess. Knwing this rati will help infrm the resurce needs. Prperly cnfigured remediatin and audit tls reduce the time and effrt needed t manually remediate and track enterprise vulnerabilities. Resurces COMMUNICATION Remediatin Status Mnthly & Mid- Cycle Reprts Plicy CONFIGURATION Tls Resurces Reprts COORDINATION Staffing Rles & Respnsibilities Apprpriate staffing is required fr a successful prgram. Resurce allcatin must include the verall management f the vulnerability prgram management, including auditing, as well as technical allcatins. The assigned resurces must have the crrect skillset t effectively interpret and remediate the findings in a timely manner. Figure 1: The Three Cs f VM

4 Supprt fr the prgram must als cme frm the rganizatin s management as a whle. The buy in f this key stakehlder ensures that the technical resurces are allcated the time necessary t manage the prgram and patches. Reprts Withut a system t rganize and interpret the data in the many reprts f a Vulnerability Management prgram, their value becmes mt. An effective prgram relies n an executive dashbard design t track trends and t prvide a current snapsht f the enterprise vulnerability status. This dashbard allws the Vulnerability Management crdinatr t chart available data pints, thereby prviding a different way t visualize the data. This dashbard makes it easier fr the crdinatr t spt trends and identify areas fr imprvement. In cmbinatin with this dashbard, reprting frm the detectin and patching tls delivers the mst accurate picture f an rganizatin's current risk level. The mnthly baseline enterprise scans create an nging and regularly ccurring reprt f the enterprise status. When prperly cnfigured, these reprts are generated by the tl itself and split accrding t device grupings. Frm there, the reprts either trigger an autmated respnse frm the system r signal fr persnnel t be deplyed fr the patch. Additinal scans prduce reprts that indicate the success f the patch. Mid-cycle vulnerability releases als have a rle in the reprt cnfiguratin. After a midcycle alert and subsequent remediatin, the next scheduled scan will cnfirm that the wrk is cmplete. Once remediatin, either resulting frm scan reprts r mid-cycle alerts, is cmplete, an imprtant aspect f cnfiguring the reprts is t prepare a prcess t frmat and archive the reprts fr tracking and auditability purpses. Wh is respnsible fr cmpleting these tasks is a cnnectin between this cmpnent and that f Crdinatin. Crdinatin Staffing Effective security requires cntinuus autmated mnitring f agency netwrks fr security prblems, immediate access t the Natinal Vulnerabilities Database t be able t identify prblems, and immediate mitigatin f prblems when they are fund. -CSIS, Apprpriate staffing is essential fr an effective Vulnerability Management prgram. The varius stakehlders must identify a Vulnerability Management crdinatr t versee the regularly ccurring prcesses and t becme familiar with the enterprise inventry. This persn is nt simply a technical resurce; the crdinatr will als facilitate the prcesses that help maintain the integrity f the Vulnerability Management prgram. Fr example, there may be instances where a vendr is unwilling t bring device sftware int cmpliance. The crdinatr will need t think thrugh a respnse and actin plan ahead f time t be prepared fr such a situatin. The crdinatr is als respnsible fr maintaining the executive dashbard, inventry prcess, reprt archives, and auditing dcuments. On the technical side, the respnding staff must be trained in the selected tl. They

5 shuld nt nly be able t administer the required patches, but they shuld have a slid understanding f the autmated prcesses as well. These staffing resurces als cntinuusly update the device inventry and carefully maintain recrds and tracking f remediatin actin, device updates, and device retirement. Even if all f these requirements are in place, the Vulnerability Management prgram will nt be effective if an adequate number f resurces are nt applied t the prgram. Rles & Respnsibilities Amng the Vulnerability Management stakehlders, there are varius different rles and respnsibilities. In a prgram that requires structure and cnsistency in rder t be successful, it is imprtant t define these rles (and clearly cmmunicate them, which links the "Crdinatin" cmpnent with the "Cmmunicatin" cmpnent) and the duties and tasks assciated with each. Even a simple Vulnerability Management prgram benefits frm a regularly updated prject plan that describes the varius rles and maps them t the scanning, reprting, and maintenance schedule. Particularly in an rganizatin where the resurces allcated t the Vulnerability Management prgram have ther respnsibilities, ensuring that their assigned tasks fr Vulnerability Management are clearly defined will supprt the cnsistency f the prgram. Fr example, certain resurces may be assigned t handle the scans and assciated autmated tasks while ther are respnsible fr facilitating vendr-released patches. The crdinatr may chse t be respnsible fr assigning risks r facilitating that task with senir leadership. The crdinatr may als maintain the executive dashbard and analyze the mnthly scanning reprts. Cmmunicatin Remediatin Status Once the prgram has prvided an rganizatin an assessment f its current risk level, the crdinatr can begin t clse any vulnerabilities that the detectin tls identified by implementing the selected patching tls. The cmmunicatin f the remediatin status ccurs via the Vulnerability Management dashbard. This centralized lcatin fr cmmunicating status allws all stakehlders t track which stage the remediatin is in the prcess frm detectin t risk determinatin and patching t the next successful scan. Timely and accurate cmmunicatin f remediatin status is especially imprtant t checking the success f the patch, whether manual r autmated, by the suspense date. Mnthly Reprts and Mid-Cycle Releases A cmplete picture f the Vulnerability Management prgram includes data frm the mnthly reprts and mid-cycle releases. The varius steps f the reprts and releases, explained in greater detail belw, create the infrmatin that directs the next steps in the Vulnerability Management prgram. Once again, timely and accurate cmmunicatin and tracking f the data in the reprts and releases is critical t the success f the entire prgram.

6 Plicy The Vulnerability Management prgram relies n plicies t ensure that the cnfiguratin, crdinatin, and cmmunicatin steps abve ccur as planned. Well-thught ut plicies plan fr user errrs and vendr issues. Hwever, plicies themselves d nt effect change. Effectively cmmunicating the plicies and subsequent plicy updates will ensure that the Vulnerability Management prgram runs accrding t plan. Enfrcing such plicies will als aide in preparatin fr cmpliance mnitring fr varius regulatry prgrams that require a Vulnerability Management prgram t be in place in an rganizatin. Vulnerability Management in Practice The cmpnents f the Vulnerability Management prgram base the mst critical decisins n the data frm mnthly baseline enterprise scans and mid-cycle vulnerability releases. Mnthly Baseline Enterprise Scans In the mnthly scans, the executive dashbard is ppulated with data as the prgram mves thrugh the fllwing steps: Enterprise Baseline Gruped Device Reprt Analysis f Next Steps Autmated Respnse Manual Respnse Validatin Scan Analysis Final Scan Archiving A baseline f the enterprise is created by the detectin tl based n the audits r signatures available at that pint in time. A reprt is generated thrugh the tl and is split in such a way where devices are gruped and assigned based upn the device type, gegraphical lcatin, r a cmbinatin f the tw. The reprt is sent t the respnsible persnnel fr actin. If there are autmated tls t aid with remediatin they are used t reduce the amunt f time required t patch. If n tls are deplyed in the enterprise r if the autmated tls cannt fully patch by the suspense date, persnnel are required t manually patch. After a predetermined amunt f time, a validatin scan is run against the devices which were determined t be vulnerable during the first baseline scan. Results are again passed n t the grups fr actin. A final scan is perfrmed after anther predetermined time perid. Any vulnerabilities must be patched as sn as pssible. If fr sme reasn a vulnerability cannt be remediated, the

7 subject matter expert must create a dcument which describes why the vulnerability cannt be remediated and a plan f actin t reduce risk alng with estimated dates remediatin can ccur. The VM crdinatr frmats and archives the reprting fr tracking and auditability purpses. If any plan f actin dcuments are pen, the crdinatr checks in with the respnsible teams fr status updates and t ensure that the plan is still accurate. Mid-Cycle Vulnerability Release Fr all prducts running in the enterprise, the vulnerability management crdinatr shuld receive alerts either frm the vendr r thrugh a third party service which prvides infrmatin n the latest identified issues. Vendr Vulnerability Alert Dashbard Updated Archiving Risk Assignment Next Scheduled Scan Analysis f Next Steps Suspense Date (r POA) Assests Affected Audit Cnfirmatin When a new vulnerability alert is received fr sftware r hardware, the vulnerability management crdinatr assigns a risk level and suspense date requirements t the alert fr reprting and remediatin. The alert is then disseminated t apprpriate team members fr actin. The team member respnds with the number f assets affected and a plan f actin if the time required t remediate will surpass the suspense date fr tracking purpses. The Vulnerability Management crdinatr ensures that the executive dashbard is updated with the numbers. The next scheduled scan with the mst current audit file will cnfirm the wrk has been successfully cmpleted and the pen items can be clsed ut in the tracker. If the subject matter expert is aware f any issues which wuld cause delays in remediatin f a mid-cycle vulnerability, the team member creates a plan f actin similar t the dcument referenced abve.

8 Clsing Summary Vulnerability scans are nly ne cmpnent in a successful Vulnerability Management prgram. The varius steps that ccur in the mnthly scans and mid-cycle releases must ccur within a framewrk that accunts fr the myriad ther activities assciated with identifying, remediating, and tracking the risks in any rganizatin. Specifically, balancing the cnfiguratin f tls, resurces, and reprts, the crdinatin f staffing, rles, and respnsibilities, and the cmmunicatin f remediatin status, reprts, and plicies is a careful and deliberate prcess requiring the supprt f leadership and the dedicatin f a team f qualified individuals. A high quality Vulnerability Management prgram is required fr cmpliance purpses, but it als is an indicatr f the integrity f the rganizatin as ne wh actively prtects its critical data. Kyle Snavely is a cybersecurity assciate at Veris Grup, LLC, a Vienna, VA-based cybersecurity firm and accredited FedRAMP 3PAO. Veris Grup, LLC Attn: Vulnerability Management 8229 Bne Blvd., Suite 750 Vienna, VA (703) SANS Institute (March 2013). The Critical Security Cntrls Reeder, F., Chenk, D., Evans, K., Lewis, J., and Paller, A. (Octber 2012). Updating U.S. Federal Cybersecurity Plicy and Guidance BOONE BLVD., SUITE 750 VIENNA, VA P: (703) F: (703)

Version: Modified By: Date: Approved By: Date: 1.0 Michael Hawkins October 29, 2013 Dan Bowden November 2013

Version: Modified By: Date: Approved By: Date: 1.0 Michael Hawkins October 29, 2013 Dan Bowden November 2013 Versin: Mdified By: Date: Apprved By: Date: 1.0 Michael Hawkins Octber 29, 2013 Dan Bwden Nvember 2013 Rule 4-004J Payment Card Industry (PCI) Patch Management (prpsed) 01.1 Purpse The purpse f the Patch

More information

Change Management Process

Change Management Process Change Management Prcess B1.10 Change Management Prcess 1. Intrductin This plicy utlines [Yur Cmpany] s apprach t managing change within the rganisatin. All changes in strategy, activities and prcesses

More information

CASSOWARY COAST REGIONAL COUNCIL POLICY ENTERPRISE RISK MANAGEMENT

CASSOWARY COAST REGIONAL COUNCIL POLICY ENTERPRISE RISK MANAGEMENT CASSOWARY COAST REGIONAL COUNCIL POLICY ENTERPRISE RISK MANAGEMENT Plicy Number: 2.20 1. Authrity Lcal Gvernment Act 2009 Lcal Gvernment Regulatin 2012 AS/NZS ISO 31000-2009 Risk Management Principles

More information

The Importance Advanced Data Collection System Maintenance. Berry Drijsen Global Service Business Manager. knowledge to shape your future

The Importance Advanced Data Collection System Maintenance. Berry Drijsen Global Service Business Manager. knowledge to shape your future The Imprtance Advanced Data Cllectin System Maintenance Berry Drijsen Glbal Service Business Manager WHITE PAPER knwledge t shape yur future The Imprtance Advanced Data Cllectin System Maintenance Cntents

More information

Mobile Device Manager Admin Guide. Reports and Alerts

Mobile Device Manager Admin Guide. Reports and Alerts Mbile Device Manager Admin Guide Reprts and Alerts September, 2013 MDM Admin Guide Reprts and Alerts i Cntents Reprts and Alerts... 1 Reprts... 1 Alerts... 3 Viewing Alerts... 5 Keep in Mind...... 5 Overview

More information

Information Services Hosting Arrangements

Information Services Hosting Arrangements Infrmatin Services Hsting Arrangements Purpse The purpse f this service is t prvide secure, supprted, and reasnably accessible cmputing envirnments fr departments at DePaul that are in need f server-based

More information

The AppSec How-To: Choosing a SAST Tool

The AppSec How-To: Choosing a SAST Tool The AppSec Hw-T: Chsing a SAST Tl Surce Cde Analysis Made Easy GIVEN THE WIDE RANGE OF SOURCE CODE ANALYSIS TOOLS, SECURITY PROFESSIONALS, AUDITORS AND DEVELOPERS ALIKE ARE FACED WITH THE QUESTION: Hw

More information

Chapter 7 Business Continuity and Risk Management

Chapter 7 Business Continuity and Risk Management Chapter 7 Business Cntinuity and Risk Management Sectin 01 Business Cntinuity Management 070101 Initiating the Business Cntinuity Plan (BCP) Purpse: T establish the apprpriate level f business cntinuity

More information

TrustED Briefing Series:

TrustED Briefing Series: TrustED Briefing Series: Since 2001, TrustCC has prvided IT audits and security assessments t hundreds f financial institutins thrugh ut the United States. Our TrustED Briefing Series are white papers

More information

1.2 Supporting References For information relating to the Company Hardware Request project, see the SharePoint web site.

1.2 Supporting References For information relating to the Company Hardware Request project, see the SharePoint web site. Hardware Request System Visin 1 Intrductin 1.1 Dcument Purpse and Scpe This dcument utlines the visin fr the Hardware Request system. The purpses f this dcument are t: Identify and agree n the prblems

More information

Personal Data Security Breach Management Policy

Personal Data Security Breach Management Policy Persnal Data Security Breach Management Plicy 1.0 Purpse The Data Prtectin Acts 1988 and 2003 impse bligatins n data cntrllers in Western Care Assciatin t prcess persnal data entrusted t them in a manner

More information

Data Protection Act Data security breach management

Data Protection Act Data security breach management Data Prtectin Act Data security breach management The seventh data prtectin principle requires that rganisatins prcessing persnal data take apprpriate measures against unauthrised r unlawful prcessing

More information

Professional Leaders/Specialists

Professional Leaders/Specialists Psitin Prfile Psitin Lcatin Reprting t Jb family Band BI/Infrmatin Manager Wellingtn Prfessinal Leaders/Specialists Band I Date February 2013 1. POSITION PURPOSE The purpse f this psitin is t: Lead and

More information

Research Report. Abstract: The Emerging Intersection Between Big Data and Security Analytics. November 2012

Research Report. Abstract: The Emerging Intersection Between Big Data and Security Analytics. November 2012 Research Reprt Abstract: The Emerging Intersectin Between Big Data and Security Analytics By Jn Oltsik, Senir Principal Analyst With Jennifer Gahm Nvember 2012 2012 by The Enterprise Strategy Grup, Inc.

More information

POLICY 1390 Information Technology Continuity of Business Planning Issued: June 4, 2009 Revised: June 12, 2014

POLICY 1390 Information Technology Continuity of Business Planning Issued: June 4, 2009 Revised: June 12, 2014 State f Michigan POLICY 1390 Infrmatin Technlgy Cntinuity f Business Planning Issued: June 4, 2009 Revised: June 12, 2014 SUBJECT: APPLICATION: PURPOSE: CONTACT AGENCY: Plicy fr Infrmatin Technlgy (IT)

More information

Médecins Sans Frontières Australia Job Description

Médecins Sans Frontières Australia Job Description Médecins Sans Frntières Australia Jb Descriptin POSITION DESCRIPTION Psitin Lcatin: Reprting t: Supervising: Status: Service Centre Technical Crdinatr Sydney (Bradway) Service Centre Manager N/A 6-mnths

More information

Army DCIPS Employee Self-Report of Accomplishments Overview Revised July 2012

Army DCIPS Employee Self-Report of Accomplishments Overview Revised July 2012 Army DCIPS Emplyee Self-Reprt f Accmplishments Overview Revised July 2012 Table f Cntents Self-Reprt f Accmplishments Overview... 3 Understanding the Emplyee Self-Reprt f Accmplishments... 3 Thinking Abut

More information

INTERNATIONAL STANDARD ON AUDITING 265 COMMUNICATING DEFICIENCIES IN INTERNAL CONTROL TO THOSE CHARGED WITH GOVERNANCE AND MANAGEMENT CONTENTS

INTERNATIONAL STANDARD ON AUDITING 265 COMMUNICATING DEFICIENCIES IN INTERNAL CONTROL TO THOSE CHARGED WITH GOVERNANCE AND MANAGEMENT CONTENTS INTERNATIONAL STANDARD ON AUDITING 265 COMMUNICATING DEFICIENCIES IN INTERNAL CONTROL TO THOSE CHARGED WITH GOVERNANCE AND MANAGEMENT (Effective fr audits f financial statements fr perids beginning n r

More information

Request for Resume (RFR) CATS II Master Contract. All Master Contract Provisions Apply

Request for Resume (RFR) CATS II Master Contract. All Master Contract Provisions Apply Sectin 1 General Infrmatin RFR Number: (Reference BPO Number) Functinal Area (Enter One Only) F50B3400026 7 Infrmatin System Security Labr Categry A single supprt resurce may be engaged fr a perid nt t

More information

Getting Started Guide

Getting Started Guide AnswerDash Resurces http://answerdash.cm Cntextual help fr sales and supprt Getting Started Guide AnswerDash is cmmitted t helping yu achieve yur larger business gals. The utlined pre-launch cnsideratins

More information

ITIL Release Control & Validation (RCV) Certification Program - 5 Days

ITIL Release Control & Validation (RCV) Certification Program - 5 Days ITIL Release Cntrl & Validatin (RCV) Certificatin Prgram - 5 Days Prgram Overview ITIL is a set f best practices guidance that has becme a wrldwide-adpted framewrk fr Infrmatin Technlgy Services Management

More information

Configuring, Monitoring and Deploying a Private Cloud with System Center 2012 Boot Camp

Configuring, Monitoring and Deploying a Private Cloud with System Center 2012 Boot Camp Cnfiguring, Mnitring and Deplying a Private Clud with System Center 2012 Bt Camp Length: 5 Days Technlgy: Micrsft System Center 2012 Delivery Methd: Instructr-led Hands-n Audience Prfile This curse is

More information

BUSINESS NEED SUMMARY TABLE: # Need P Concerns Current Solution Proposed Solution

BUSINESS NEED SUMMARY TABLE: # Need P Concerns Current Solution Proposed Solution EXTRACT FRO BUSINESS REQUIREENTS DOCUENT KEY BUSINESS NEEDS Business case drivers, prduct definitin dcumentatin, legal/regulatry, and ther stated requirements r needs that must be met by the final slutin

More information

Project Startup Report Presented to the IT Committee June 26, 2012

Project Startup Report Presented to the IT Committee June 26, 2012 Prject Name: SOS File 2.0 Agency: Secretary f State Business Unit/Prgram Area: Secretary f State Prject Spnsr: Al Jaeger Prject Manager: Beverly Maitland Prject Startup Reprt Presented t the IT Cmmittee

More information

Multi-Year Accessibility Policy and Plan for NSF Canada and NSF International Strategic Registrations Canada Company, 2014-2021

Multi-Year Accessibility Policy and Plan for NSF Canada and NSF International Strategic Registrations Canada Company, 2014-2021 Multi-Year Accessibility Plicy and Plan fr NSF Canada and NSF Internatinal Strategic Registratins Canada Cmpany, 2014-2021 This 2014-21 accessibility plan utlines the plicies and actins that NSF Canada

More information

MaaS360 Cloud Extender

MaaS360 Cloud Extender MaaS360 Clud Extender Installatin Guide Cpyright 2012 Fiberlink Cmmunicatins Crpratin. All rights reserved. Infrmatin in this dcument is subject t change withut ntice. The sftware described in this dcument

More information

BIBH Duty Statements and Governance chart reviewed and approved April 2014. BIBH Executive Governance & Management Arrangements

BIBH Duty Statements and Governance chart reviewed and approved April 2014. BIBH Executive Governance & Management Arrangements BIBH Duty Statements and Gvernance chart reviewed and apprved April 2014 BIBH Executive Gvernance & Management Arrangements BIBH COMMITTEE CEO - Paul O Cnnell Executive Secretary - Brian Firth Executive

More information

State Fleet Card Oversight Usage and Responsibilities

State Fleet Card Oversight Usage and Responsibilities State Fleet Card Oversight Usage and Respnsibilities Intrductin The Department f General Services (DGS), Office f Fleet and Asset Management (OFAM) administers a statewide ne-prvider payment system cntract

More information

Research Report. Abstract: Advanced Malware Detection and Protection Trends. September 2013

Research Report. Abstract: Advanced Malware Detection and Protection Trends. September 2013 Research Reprt Abstract: Advanced Malware Detectin and Prtectin Trends By Jn Oltsik, Senir Principal Analyst With Jennifer Gahm, Senir Prject Manager September 2013 2013 by The Enterprise Strategy Grup,

More information

Internet and E-Mail Policy User s Guide

Internet and E-Mail Policy User s Guide Internet and E-Mail Plicy User s Guide Versin 2.2 supprting partnership in mental health Internet and E-Mail Plicy User s Guide Ver. 2.2-1/5 Intrductin Health and Scial Care requires a great deal f cmmunicatin

More information

Seattle Police Department

Seattle Police Department Seattle Plice Department Prpsed develpment f a Business Intelligence System December 2013 Versin: FINAL Executive Summary Executive Summary 1. Intrductin The United States and the City f Seattle have entered

More information

IN-HOUSE OR OUTSOURCED BILLING

IN-HOUSE OR OUTSOURCED BILLING IN-HOUSE OR OUTSOURCED BILLING Medical billing is ne f the mst cmplicated aspects f running a medical practice. With thusands f pssible cdes fr diagnses and prcedures, and multiple payers, the ability

More information

Service Management - Framework 2013

Service Management - Framework 2013 Service - Framewrk 2013 Getting Started Right with Service System Netwrk Firewall Sftware Service App With the right framewrk, enterprises f almst any size small t large can implement effective functinal

More information

Introduction LIVE MAPS UNITY PORTAL / INSTALLATION GUIDE. 2015 Savision B.V. savision.com All rights reserved.

Introduction LIVE MAPS UNITY PORTAL / INSTALLATION GUIDE. 2015 Savision B.V. savision.com All rights reserved. Rev 7.5.0 Intrductin 2 LIVE MAPS UNITY PORTAL / INSTALLATION GUIDE 2015 Savisin B.V. savisin.cm All rights reserved. This manual, as well as the sftware described in it, is furnished under license and

More information

COPIES-F.Y.I., INC. Policies and Procedures Data Security Policy

COPIES-F.Y.I., INC. Policies and Procedures Data Security Policy COPIES-F.Y.I., INC. Plicies and Prcedures Data Security Plicy Page 2 f 7 Preamble Mst f Cpies FYI, Incrprated financial, administrative, research, and clinical systems are accessible thrugh the campus

More information

How to Reduce Project Lead Times Through Improved Scheduling

How to Reduce Project Lead Times Through Improved Scheduling Hw t Reduce Prject Lead Times Thrugh Imprved Scheduling PROBABILISTIC SCHEDULING & BUFFER MANAGEMENT Cnventinal Prject Scheduling ften results in plans that cannt be executed and t many surprises. In many

More information

Data Warehouse Scope Recommendations

Data Warehouse Scope Recommendations Rensselaer Data Warehuse Prject http://www.rpi.edu/datawarehuse Financial Analysis Scpe and Data Audits This dcument describes the scpe f the Financial Analysis data mart scheduled fr delivery in July

More information

RATIONALE TERMS OF REFERENCE FOR THE QUALITY COMMITTEE UNDER THE EXCELLENT CARE FOR ALL ACT. Authority

RATIONALE TERMS OF REFERENCE FOR THE QUALITY COMMITTEE UNDER THE EXCELLENT CARE FOR ALL ACT. Authority RATIONALE With the intrductin f the Excellent Care fr All Act, hspital bards must nw have a quality cmmittee that reprts t the bard. The template prvides sample terms f references fr rganizatins t adapt

More information

State of Wisconsin. File Server Service Service Offering Definition

State of Wisconsin. File Server Service Service Offering Definition State f Wiscnsin File Server Service Service Offering Definitin Dcument Revisin Histry Date Versin Creatr Ntes 2/16/2008 1.0 JD Urfer First pass 2/16/2008 2.0 Tm Runge Editing changes 2/19/2009 2.1 Tm

More information

MANAGED VULNERABILITY SCANNING

MANAGED VULNERABILITY SCANNING Abut SensePst SensePst is an independent and bjective rganisatin specialising in infrmatin security cnsulting, training, security assessment services and IT Vulnerability Management. SensePst is abut security.

More information

FINANCIAL SERVICES FLASH REPORT

FINANCIAL SERVICES FLASH REPORT FINANCIAL SERVICES FLASH REPORT Draft Regulatry Cmpliance Management Guideline Released by the Office f the Superintendent f Financial Institutins May 5, 2014 On April 30, 2014, the Office f the Superintendent

More information

Aim The aim of a communication plan states the overall goal of the communication effort.

Aim The aim of a communication plan states the overall goal of the communication effort. Develping a Cmmunicatin Plan- Aim Aim The aim f a cmmunicatin plan states the verall gal f the cmmunicatin effrt. Determining the Aim Ask yurself r yur team what the verall gal f the cmmunicatin plan is.

More information

General Information Project Title. Enterprise Service Management Reporting 7/3/2012 Project Manager Phone Email

General Information Project Title. Enterprise Service Management Reporting 7/3/2012 Project Manager Phone Email Prject Charter General Infrmatin Prject Title Date Enterprise Service Management Reprting 7/3/2012 Prject Phne Email Jdi Muller 415.476.2821 Jdi.Muller@ucsf.edu Executive Spnsr Phne Email Opinder Bawa

More information

Getting Started Guide

Getting Started Guide Getting Started Guide AnswerDash is cmmitted t helping yu achieve yur larger business gals. The utlined pre-launch cnsideratins are key t setting up yur implementatin s yu can make pwerful imprvements

More information

Improved Data Center Power Consumption and Streamlining Management in Windows Server 2008 R2 with SP1

Improved Data Center Power Consumption and Streamlining Management in Windows Server 2008 R2 with SP1 Imprved Data Center Pwer Cnsumptin and Streamlining Management in Windws Server 2008 R2 with SP1 Disclaimer The infrmatin cntained in this dcument represents the current view f Micrsft Crpratin n the issues

More information

SaaS Listing CA Cloud Service Management

SaaS Listing CA Cloud Service Management SaaS Listing CA Clud Service Management 1. Intrductin This dcument prvides standards and features that apply t the CA Clud Service Management (CSM) SaaS ffering prvided t the Custmer and defines the parameters

More information

SECTION J QUALITY ASSURANCE AND IMPROVEMENT PROGRAM

SECTION J QUALITY ASSURANCE AND IMPROVEMENT PROGRAM Audit Manual Sectin J SECTION J QUALITY ASSURANCE AND IMPROVEMENT PROGRAM Ref. Plicy and Practice Requirements IIA Standards and Other references J 1 Plicy: The Head f Internal Audit shall develp and maintain

More information

Support Services. v1.19 / 2015-07-02

Support Services. v1.19 / 2015-07-02 Supprt Services v1.19 / 2015-07-02 Intrductin - Table f Cntents 1 Intrductin... 3 2 Definitins... 4 3 Supprt Prgram Feature Overview... 5 4 SLA fr the Supprt Services... 6 4.1 Standard Supprt... 6 4.2

More information

Research Report. Abstract: Security Management and Operations: Changes on the Horizon. July 2012

Research Report. Abstract: Security Management and Operations: Changes on the Horizon. July 2012 Research Reprt Abstract: Security Management and Operatins: Changes n the Hrizn By Jn Oltsik, Senir Principal Analyst With Kristine Ka and Jennifer Gahm July 2012 2012, The Enterprise Strategy Grup, Inc.

More information

Critical Success Factors for FedRAMP Assessments A 3PAO Perspective

Critical Success Factors for FedRAMP Assessments A 3PAO Perspective Creating Mre Effective and Strategic Slutins Critical Success Factrs fr FedRAMP Assessments A 3PAO Perspective David Svec Veris Grup, LLC Summary Clud Security Prviders (CSPs) fr the gvernment have a strategic

More information

Succession Planning & Leadership Development: Your Utility s Bridge to the Future

Succession Planning & Leadership Development: Your Utility s Bridge to the Future Successin Planning & Leadership Develpment: Yur Utility s Bridge t the Future Richard L. Gerstberger, P.E. TAP Resurce Develpment Grup, Inc. 4625 West 32 nd Ave Denver, CO 80212 ABSTRACT A few years ag,

More information

Software Quality Assurance

Software Quality Assurance Sftware Quality Assurance Is it the same as Testing? Teji Chpra, Senir Test Cnsultant Planit Sftware Testing Abstract This paper attempts t dispel sme cmmn miscnceptins regarding the rles f Testing and

More information

9 ITS Standards Specification Catalog and Testing Framework

9 ITS Standards Specification Catalog and Testing Framework New Yrk State ITS Standards Specificatin Develpment Guide 9 ITS Standards Specificatin Catalg and Testing Framewrk This chapter cvers cncepts related t develpment f an ITS Standards Specificatin Catalg

More information

LINCOLNSHIRE POLICE Policy Document

LINCOLNSHIRE POLICE Policy Document LINCOLNSHIRE POLICE Plicy Dcument 1. POLICY IDENTIFICATION PAGE POLICY TITLE: ICT CHANGE & RELEASE MANAGEMENT POLICY POLICY REFERENCE NO: PD 186 POLICY OWNERSHIP: ACPO Cmmissining Officer: Prtfli / Business-area

More information

Nuance Healthcare Services Project Delivery Methodology

Nuance Healthcare Services Project Delivery Methodology NUANCE PROFESSIONAL SERVICES Nuance Healthcare Services 2008 Nuance Cmmunicatins, Inc. All rights reserved. Nuance Healthcare Services 1 INTRODUCTION This dcument describes the prject management methdlgy

More information

Chris Chiron, Interim Senior Director, Employee & Management Relations Jessica Moore, Senior Director, Classification & Compensation

Chris Chiron, Interim Senior Director, Employee & Management Relations Jessica Moore, Senior Director, Classification & Compensation TO: FROM: HR Officers & Human Resurces Representatives Chris Chirn, Interim Senir Directr, Emplyee & Management Relatins Jessica Mre, Senir Directr, Classificatin & Cmpensatin DATE: May 26, 2015 RE: Annual

More information

Job Profile Data & Reporting Analyst (Grant Fund)

Job Profile Data & Reporting Analyst (Grant Fund) Jb Prfile Data & Reprting Analyst (Grant Fund) Directrate Lcatin Reprts t Hurs Finance Slihull Finance Directr Nminally 37 hurs but peratinally available at all times t meet Cmpany requirements Cntract

More information

Online Service Reservations for Enterprise Agreements

Online Service Reservations for Enterprise Agreements MAY 2016 Service Center Online Service Reservatins fr Enterprise Agreements 2 Online Service Reservatins fr Enterprise Agreements MICROSOFT VOLUME LICENSING SERVICE CENTER TASKS 3 Online Services Custmer

More information

Organisational self-migration guide an overview V1-5 April 2014

Organisational self-migration guide an overview V1-5 April 2014 Organisatinal self-migratin guide an verview V1-5 April 2014 Cpyright 2013, Health and Scial Care Infrmatin Centre. 1 Self Migratin t NHSmail an verview fr rganisatins Cntents Intrductin 3 1. Initial preparatins

More information

Christchurch Polytechnic Institute of Technology Access Control Security Standard

Christchurch Polytechnic Institute of Technology Access Control Security Standard CPIT Crprate Services Divisin: ICT Christchurch Plytechnic Institute f Technlgy Access Cntrl Security Standard Crprate Plicies & Prcedures Sectin 1: General Administratin Dcument CPP121a Principles Infrmatin

More information

IT Help Desk Service Level Expectations Revised: 01/09/2012

IT Help Desk Service Level Expectations Revised: 01/09/2012 IT Help Desk Service Level Expectatins Revised: 01/09/2012 Overview The IT Help Desk team cnsists f six (6) full time emplyees and fifteen (15) part time student emplyees. This team prvides supprt fr 25,000+

More information

System Business Continuity Classification

System Business Continuity Classification Business Cntinuity Prcedures Business Impact Analysis (BIA) System Recvery Prcedures (SRP) System Business Cntinuity Classificatin Cre Infrastructure Criticality Levels Critical High Medium Lw Required

More information

MANITOBA SECURITIES COMMISSION STRATEGIC PLAN 2013-2016

MANITOBA SECURITIES COMMISSION STRATEGIC PLAN 2013-2016 MANITOBA SECURITIES COMMISSION STRATEGIC PLAN 2013-2016 The Manitba Securities Cmmissin (the Cmmissin) is a divisin f the Manitba Financial Services Agency (MFSA). The ther divisin is the Financial Institutins

More information

CMS Eligibility Requirements Checklist for MSSP ACO Participation

CMS Eligibility Requirements Checklist for MSSP ACO Participation ATTACHMENT 1 CMS Eligibility Requirements Checklist fr MSSP ACO Participatin 1. General Eligibility Requirements ACO participants wrk tgether t manage and crdinate care fr Medicare fee-fr-service beneficiaries.

More information

Audit Committee Charter. St Andrew s Insurance (Australia) Pty Ltd St Andrew s Life Insurance Pty Ltd St Andrew s Australia Services Pty Ltd

Audit Committee Charter. St Andrew s Insurance (Australia) Pty Ltd St Andrew s Life Insurance Pty Ltd St Andrew s Australia Services Pty Ltd Audit Cmmittee Charter St Andrew s Insurance (Australia) Pty Ltd St Andrew s Life Insurance Pty Ltd St Andrew s Australia Services Pty Ltd Versin 2.0, 22 February 2016 Apprver Bard f Directrs St Andrew

More information

CS 360 Software Development Spring 2008 Tuesdays and Thursdays 3:30 p.m. 4:45 p.m.

CS 360 Software Development Spring 2008 Tuesdays and Thursdays 3:30 p.m. 4:45 p.m. CS 360 Sftware Develpment Spring 2008 Tuesdays and Thursdays 3:30 p.m. 4:45 p.m. Instructr: Ingrid Russell Office: Dana 343 email: irussell@hartfrd.edu http://uhaweb.hartfrd.edu/irussell Curse Descriptin:

More information

TO: Chief Executive Officers of all National Banks, Department and Division Heads, and all Examining Personnel

TO: Chief Executive Officers of all National Banks, Department and Division Heads, and all Examining Personnel AL 96-7 Subject: Credit Card Preapprved Slicitatins TO: Chief Executive Officers f all Natinal Banks, Department and Divisin Heads, and all Examining Persnnel PURPOSE The purpse f this advisry letter is

More information

Systems Support - Extended

Systems Support - Extended 1 General Overview This is a Service Level Agreement ( SLA ) between and the Enterprise Windws Services t dcument: The technlgy services the Enterprise Windws Services prvides t the custmer. The targets

More information

UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION. Statement of Thomas F. O Brien. Vice President & Chief Information Officer

UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION. Statement of Thomas F. O Brien. Vice President & Chief Information Officer UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION Revised Critical Infrastructure Prtectin Reliability Standards Dcket N. RM15-14-000 Statement f Thmas F. O Brien Vice President & Chief Infrmatin

More information

Cloud Services Frequently Asked Questions FAQ

Cloud Services Frequently Asked Questions FAQ Clud Services Frequently Asked Questins FAQ Revisin 1.0 6/05/2015 List f Questins Intrductin What is the Caradigm Intelligence Platfrm (CIP) clud? What experience des Caradigm have hsting prducts like

More information

ONGOING FEEDBACK AND PERFORMANCE MANAGEMENT. A. Principles and Benefits of Ongoing Feedback

ONGOING FEEDBACK AND PERFORMANCE MANAGEMENT. A. Principles and Benefits of Ongoing Feedback ONGOING FEEDBACK AND PERFORMANCE MANAGEMENT A. Principles and Benefits f Onging Feedback While it may seem like an added respnsibility t managers already "full plate," managers that prvide nging feedback

More information

PROTIVITI FLASH REPORT

PROTIVITI FLASH REPORT PROTIVITI FLASH REPORT The PCI Security Standards Cuncil Releases PCI DSS Versin 3.2 May 9, 2016 On April 28, 2016, the PCI Security Standards Cuncil (PCI SSC) released PCI Data Security Standard (PCI

More information

Symantec User Authentication Service Level Agreement

Symantec User Authentication Service Level Agreement Symantec User Authenticatin Service Level Agreement Overview and Scpe This Symantec User Authenticatin service level agreement ( SLA ) applies t Symantec User Authenticatin prducts/services, such as Managed

More information

Network Security Trends in the Era of Cloud and Mobile Computing

Network Security Trends in the Era of Cloud and Mobile Computing Research Reprt Abstract: Netwrk Security Trends in the Era f Clud and Mbile Cmputing By Jn Oltsik, Senir Principal Analyst and Bill Lundell, Senir Research Analyst With Jennifer Gahm, Senir Prject Manager

More information

Legacy EMR Data Conversions

Legacy EMR Data Conversions Legacy EMR Data Cnversins Agenda Abut us Drivers fr EMR Replacement Things t Cnsider Tp 5 Reasns EMR Cnversins Fail Optins fr Legacy EMR Cnversin Case Study Abut Us Health efrmatics is a healthcare IT

More information

ENTERPRISE RISK MANAGEMENT ENTERPRISE RISK MANAGEMENT POLICY

ENTERPRISE RISK MANAGEMENT ENTERPRISE RISK MANAGEMENT POLICY ENTERPRISE RISK MANAGEMENT POLICY Plicy N. 10014 Review Date Octber 1, 2014 Effective Date March 1, 2014 Crss- Respnsibility Vice President, Reference Administratin Apprver Executive Cuncil 1. 1. Plicy

More information

South Australia Police POSITION INFORMATION DOCUMENT

South Australia Police POSITION INFORMATION DOCUMENT Suth Australia Plice POSITION INFORMATION DOCUMENT Stream: Career Grup: Discipline: Classificatin: Service: Branch: Psitin Title: Administrative Services Cnsultancy and Infrmatin AO ASO-6 Infrmatin Systems

More information

Gravesham Borough Council

Gravesham Borough Council Classificatin: Part 1 Public Key Decisin: Please specify - N Gravesham Brugh Cuncil Reprt t: Perfrmance and Administratin Cmmittee Date: 12 Nvember 2015 Reprting fficer: Subject: Crprate Perfrmance Manager

More information

VCU Payment Card Policy

VCU Payment Card Policy VCU Payment Card Plicy Plicy Type: Administrative Respnsible Office: Treasury Services Initial Plicy Apprved: 12/05/2013 Current Revisin Apprved: 12/05/2013 Plicy Statement and Purpse The purpse f this

More information

Web Development the Next Steps

Web Development the Next Steps Web Develpment the Next Steps Significant prgress has been made n the redesign f the Western Washingtn University hme page. The ATUS Web Services team has wrked hard in cllabratin with the University Cmmunicatins

More information

Appendix A Page 1 of 5 DATABASE TECHNICAL REQUIREMENTS AND PRICING INFORMATION. Welcome Baby and Select Home Visitation Programs Database

Appendix A Page 1 of 5 DATABASE TECHNICAL REQUIREMENTS AND PRICING INFORMATION. Welcome Baby and Select Home Visitation Programs Database Appendix A Page 1 f 5 The items in the list f database technical requirements belw was develped thrugh several meetings between First 5 LA Research and Evaluatin, Infrmatin Technlgy, and Prgram Develpment

More information

SPECIFICATION. Hospital Report Manager Connectivity Requirements. Electronic Medical Records DRAFT. OntarioMD Inc. Date: September 30, 2010

SPECIFICATION. Hospital Report Manager Connectivity Requirements. Electronic Medical Records DRAFT. OntarioMD Inc. Date: September 30, 2010 OntariMD Inc. Electrnic Medical Recrds SPECIFICATION Hspital Reprt Manager Cnnectivity Requirements DRAFT Date: September 30, 2010 Versin: 1.0 2007-2010 OntariMD Inc. All rights reserved HRM EMR Cnnectivity

More information

Licensing the Core Client Access License (CAL) Suite and Enterprise CAL Suite

Licensing the Core Client Access License (CAL) Suite and Enterprise CAL Suite Vlume Licensing brief Licensing the Cre Client Access License (CAL) Suite and Enterprise CAL Suite Table f Cntents This brief applies t all Micrsft Vlume Licensing prgrams. Summary... 1 What s New in This

More information

A96 CALA Policy on the use of Computers in Accredited Laboratories Revision 1.5 August 4, 2015

A96 CALA Policy on the use of Computers in Accredited Laboratories Revision 1.5 August 4, 2015 A96 CALA Plicy n the use f Cmputers in Accredited Labratries Revisin 1.5 August 4, 2015 A96 CALA Plicy n the use f Cmputers in Accredited Labratries TABLE OF CONTENTS TABLE OF CONTENTS... 1 CALA POLICY

More information

Installation Guide Marshal Reporting Console

Installation Guide Marshal Reporting Console Installatin Guide Installatin Guide Marshal Reprting Cnsle Cntents Intrductin 2 Supprted Installatin Types 2 Hardware Prerequisites 2 Sftware Prerequisites 3 Installatin Prcedures 3 Appendix: Enabling

More information

HIPAA 5010 Implementation FAQs for Health Care Professionals

HIPAA 5010 Implementation FAQs for Health Care Professionals HIPAA 5010 Implementatin FAQs fr Health Care Prfessinals Updated September 27, 2012 Key Messages In January 2009, the Department f Health and Human Services published the final rule cntaining the requirements

More information

Session 9 : Information Security and Risk

Session 9 : Information Security and Risk INFORMATION STRATEGY Sessin 9 : Infrmatin Security and Risk Tharaka Tennekn B.Sc (Hns) Cmputing, MBA (PIM - USJ) POST GRADUATE DIPLOMA IN BUSINESS AND FINANCE 2014 Infrmatin Management Framewrk 2 Infrmatin

More information

GUIDANCE FOR BUSINESS ASSOCIATES

GUIDANCE FOR BUSINESS ASSOCIATES GUIDANCE FOR BUSINESS ASSOCIATES This Guidance fr Business Assciates dcument is intended t verview UPMCs expectatins, as well as t prvide additinal resurces and infrmatin, t UPMC s HIPAA business assciates.

More information

Volume THURSTON COUNTY CLERK S OFFICE. e-file SECURE FTP Site (January 2011) User Guide

Volume THURSTON COUNTY CLERK S OFFICE. e-file SECURE FTP Site (January 2011) User Guide Vlume 1 THURSTON COUNTY CLERK S OFFICE e-file SECURE FTP Site (January 2011) User Guide Table f Cntents C H A P T E R 1 FTP e-filing SERVICE 1 Dcument Requirements 1 Scanners 2 File naming cnventin 2 e-file

More information

Installation Guide Marshal Reporting Console

Installation Guide Marshal Reporting Console INSTALLATION GUIDE Marshal Reprting Cnsle Installatin Guide Marshal Reprting Cnsle March, 2009 Cntents Intrductin 2 Supprted Installatin Types 2 Hardware Prerequisites 3 Sftware Prerequisites 3 Installatin

More information

Online Learning Portal best practices guide

Online Learning Portal best practices guide Online Learning Prtal Best Practices Guide best practices guide This dcument prvides Micrsft Sftware Assurance Benefit Administratrs with best practices fr implementing e-learning thrugh the Micrsft Online

More information

Loss Share Data Specifications Change Management Plan

Loss Share Data Specifications Change Management Plan Lss Share Data Specificatins Change Management Plan Last Updated: 2/27/2013 Table f Cntents I. Purpse... 3 II. Change Management Apprach... 3 III. Categries f Revisins... 4 IV. Help and Supprt... 6 Lss

More information

CSAT Account Management

CSAT Account Management CSAT Accunt Management User Guide March 2011 Versin 2.1 U.S. Department f Hmeland Security 1 CSAT Accunt Management User Guide Table f Cntents 1. Overview... 1 1.1 CSAT User Rles... 1 1.2 When t Update

More information

Software and Hardware Change Management Policy for CDes Computer Labs

Software and Hardware Change Management Policy for CDes Computer Labs Sftware and Hardware Change Management Plicy fr CDes Cmputer Labs Overview The cmputer labs in the Cllege f Design are clsely integrated with the academic needs f faculty and students. Cmputer lab resurces

More information

Licensing Windows Server 2012 for use with virtualization technologies

Licensing Windows Server 2012 for use with virtualization technologies Vlume Licensing brief Licensing Windws Server 2012 fr use with virtualizatin technlgies (VMware ESX/ESXi, Micrsft System Center 2012 Virtual Machine Manager, and Parallels Virtuzz) Table f Cntents This

More information

MSB FINANCIAL CORP. MILLINGTON BANK AUDIT COMMITTEE CHARTER

MSB FINANCIAL CORP. MILLINGTON BANK AUDIT COMMITTEE CHARTER MSB FINANCIAL CORP. MILLINGTON BANK AUDIT COMMITTEE CHARTER This Audit Cmmittee Charter has been amended as f July 17, 2015. The Audit Cmmittee shall review and reassess this Charter annually and recmmend

More information

Maintain a balanced budget primarily the General & Park Funds

Maintain a balanced budget primarily the General & Park Funds EXHIBIT B City f Chic Budget Cntingency Plan P The purpse f the Budget Cntingency Plan is t establish a guideline and general apprach t respnd t adverse financial and ecnmic cnditins that culd negatively

More information

Comparison of Enterprise Architecture Concepts between the TOGAF framework and Macroscope

Comparison of Enterprise Architecture Concepts between the TOGAF framework and Macroscope Cmparisn f Enterprise Architecture Cncepts between the framewrk and Macrscpe Versin 1.0 June 2014 Macrscpe is a registered trademark f Fujitsu Cnsulting (Canada) Inc. Fujitsu and the Fujitsu lg are registered

More information

CDC UNIFIED PROCESS PRACTICES GUIDE

CDC UNIFIED PROCESS PRACTICES GUIDE Dcument Purpse The purpse f this dcument is t prvide guidance n the practice f Risk Management and t describe the practice verview, requirements, best practices, activities, and key terms related t these

More information

National Australia Bank Limited Group Disclosure & External Communications Policy

National Australia Bank Limited Group Disclosure & External Communications Policy Natinal Australia Bank Limited Grup Disclsure & External Cmmunicatins Plicy Grup Disclsure & External Cmmunicatins Plicy Page 2 f 7 Grup Disclsure & External Cmmunicatins Plicy ( the Plicy ) 1. Overview

More information