PROPOSAL FOR KNF RECOMMENDATION D COMPLIANCE AUDIT

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "PROPOSAL FOR KNF RECOMMENDATION D COMPLIANCE AUDIT"

Transcription

1 PROPOSAL FOR KNF RECOMMENDATION D COMPLIANCE AUDIT relating to bank information technology management and security of IT infrastructure

2 INTRODUCTION Recommendation D is a collection of 22 recommendations issued by KNF and divided into the following areas: - strategy and organisation of information technology areas and...security of IT infrastructure - development of IT infrastructure - maintenance and operations of IT infrastructure - management of IT infrastructure security. The detailed scope relating to the areas mentioned above is set out below in Section 6 Recommendations List. Implementation of Recommendation D requires an initial process of thorough verification of the as-is situation relating to the maintenance of IT systems, followed by adjustment to meet KNF requirements. The aim of this proposal is to support your bank in the process of meeting these Recommendation D requirements. KNF requires banks to implement Recommendation D not later than by 31 December 2014.

3 DETAILS OF THE PROJECT The following scheme shows the main phases of a Recommendation D implementation project. Identification and documentation of AS IS situation Gap identification and analysis Proposal of a remedial process Monitoring of a remedial process implementation Audit report preparation and delivery

4 DETAILS OF THE PROJECT Phase 1 Identification and documentation of AS IS situation The goal of this phase is analysis of the AS IS processes relating to the development of applications and IT infrastructure, as well as the maintenance and security of IT systems. Phase 1 covers the collection of documentation currently operating in the bank, specifically procedures, processes, instructions, regulations and records proving that the procedures are used in daily practice. After the analysis of documentation, interviews with bank representatives from the units responsible for IT infrastructure as well as the business units that cooperate directly with IT (e.g. development units on every level of the organisational structure of the bank) will be conducted. Deliverable for Phase 1: A report describing AS IS analysis in IT concerning areas covered by Recommendation D. Phase 2 Gap identification and analysis The goal of this phase is to analyse the tools and procedures which are already implemented/currently functioning and compare these with the requirements of Recommendation D. Deliverable for Phase 2: A report describing gaps as compared to Recommendation D requirements and a Risk Analysis in the relevant IT areas. The report will address every Recommendation D requirement and evaluate the maturity of the process by reference to the Deming cycle illustrated below

5 DETAILS OF THE PROJECT The report will cover evaluation of every recommendation including existence of tools, their completeness and efficiency, evidence of the tools and procedures operation, and level of staff competences and consciousness. The result will be evaluation of specific areas on every level of the organisation in the bank. The Risk Analysis will be conducted based on a proven methodology of risk evaluation in the IT areas specified by Recommendation D. Phase 3 Proposal of the remedial process The goal of this phase is to plan a process to remedy the areas evaluated as not sufficient to meet Recommendation D requirements. Several scenarios of project realisation will be presented. Deliverable for Phase 3: A description of the remedy process realisation plan and a proposed project schedule. Phase 4 Monitoring of the remedial process implementation The goal of this phase is to support the project implementation through project management, security management and network security. Deliverable for Phase 4: Weekly reporting on the implementation progress. Phase 5 Audit report preparation and delivery The goal of this phase is to conduct efficiency verification of implemented tools in line with the requirements of Recommendation D. Deliverable for Phase 5: A final audit report.

6 PROJECT SCHEDULE No. Task name Duration 1 Identification and documentation of AS IS situation 3 weeks AS IS report 2 Gap identification and analysis 3 weeks Evaluation Report 3 Proposal of a remedial process 2 weeks Remedial Plan 4 Monitoring the remedial process implementation TBD depending on the accepted scope of the realisation 5 Final audit report 3 weeks PRICE OF SERVICES As the scope of work will be specific to every client, the price will be estimated after initial analysis and after agreeing the scope of a specific project. The price evaluation will be delivered within 4 working days after receiving all relevant information necessary to calculate the price.

7 COMPETENCES The team dedicated for the project realisation is composed of staff experienced in project implementations in banks in the following areas: IT security management IT project management IT maintenance IT architecture IT system administration Servers and database administration Network administration Access management The team composition is based on the individual requirements of a project. RECOMMENDATION LIST The following section sets out the list of recommendations required by KNF under Recommendation D. Strategy and organisation of IT infrastructure and security of IT infrastructure Recommendation 1 The Bank Supervisory Board should manage IT areas and IT infrastructure security, and the Bank Management Board should provide tools for efficient and correct management.

8 RECOMMENDATION LIST Recommendation 2 The bank should have an information management system in the area of IT and IT security, providing every recipient of such information with an adequate knowledge level of the area. Recommendation 3 The Bank should define and implement an IT and IT security strategy in accordance with the Bank s strategy. Recommendation 4 The Bank should define the rules of cooperation and the scope of responsibilities in the business, IT technology and IT security. This should provide an effective and safe level of resource for Bank IT infrastructure. Recommendation 5 Organisational solutions and HR resources in the area of IT infrastructure should be appropriate for the Bank s profile and should enable the Bank to accomplish tasks in these areas effectively. Development of IT infrastructure Recommendation 6 The Bank should have formal rules of conducting IT infrastructure projects appropriate for the scale and type of projects which are conducted. Recommendation 7 The Bank s IT systems should be developed and enhanced in a way which supports its operations and taking into account IT systems security.

9 RECOMMENDATION LIST IT infrastructure maintenance and operations Recommendation 8 The Bank should have formal rules of data management used in its banking activities, covering management of architecture, management of data quality and providing adequate support for the Bank s activity. Recommendation 9 The Bank should have formal rules for IT infrastructure management, so that its architecture, its components (configuration management), capacity management and documentation provide adequate support for banking activities and security of processed data. Recommendation 10 The bank should have formal rules of cooperation with external IT services providers, ensuring data security and correctness of IT infrastructure functioning, including also services provided by the units which are part of the Bank s holding capital. Recommendation 11 The Bank should have formal rules and technical mechanisms and tools providing an adequate level of logical access to data and information and physical access to the key IT infrastructure components. Recommendation 12 The Bank should provide an adequate level of IT infrastructure protection against malicious software. Recommendation 13 The Bank should provide internal users of IT systems with support in the scope of problem solving and incident management concerning maintenance and operations, specifically in the case of disruptions and unexpected events disrupting the normal usage of systems.

10 RECOMMENDATION LIST Recommendation 14 The Bank should take necessary steps in order to achieve and maintain an adequate level of staff qualifications in the context of IT infrastructure and data and information processed in the Bank. Recommendation 15 The Bank System for business continuity should cover conditions concerning IT infrastructure and data processed by these systems. Recommendation 16 If the Bank provides services by electronic channels, the Bank should have adequate technical and organisational solutions providing verification of identity and security of data and clients assets. The Bank should educate its clients about rules of safe usage of bank electronic channels. Recommendation 17 The Bank should have formal rules of desktop software management, efficiently securing and mitigating the risk related to software exploitation. Recommendation 18 The Bank should have a formal, efficient security management system, covering activities related to identification, evaluation, control, mitigation and reporting of risk in this scope. The security management system should be integrated with the reporting system in the Bank. Recommendation 19 The Bank should classify information and information systems in accordance with rules required for adequate security levels.

11 RECOMMENDATION LIST Recommendation 20 The Bank should have formal rules of security incident management, covering identification, registration, analysis, prioritisation, solution searching and taking remedial actions and removal of causes. Recommendation 21 The Bank should provide compatibility of IT infrastructure with legal requirements, internal and external regulations, signed contracts and standards adopted within the Bank. Recommendation 22 IT technology areas and IT security should be subject to regular independent audits.

12 ABOUT US We are a leading professional service firm of accountants, auditors, business and tax advisers and IT specialists. As independent members of Baker Tilly International, we are committed to providing the best possible service to our clients in Poland and beyond using our knowledge, experience and the global resources of Baker Tilly International. With over 400 professional staff serving multinational and domestic clients in Poland, the Czech Republic and Slovakia, we have earned an enviable reputation for our quality of services, proactive approach, technical excellence and focus on communication and reporting. We make sure to apply strategic thinking to get the best for every Client from every service. We Provide Solutions: In Poland from our offices across the country in Warsaw, Wrocław, Kraków and Łódz In Central Europe providing seamless integration of solutions in our Polish offices and also in Prague and Brno in the Czech Republic and in Bratislava in the Slovak Republic Globally as an independent member of Baker Tilly International. Contact us: Agnieszka Frommholz IT Group Director T DL M E Dariusz Stefaniuk Project Manager T DL M E Dawid Woś Account Manager T DL M E

13 Headquarter Baker Tilly Poland Sp. z o.o. ul. Hrubieszowska Warszawa Other offices Wrocław ul. Legnicka 51/ Wrocław Kraków ul. Smoleńsk 18/ Kraków Łódź ul. Nawrot Łódź T: F: T: F: T: F: T: F: Join our group

Employment in Poland 2012

Employment in Poland 2012 BRIEFING NOTE Employment in Poland 2012 1. Employment Cost 2. Legal System 3. Employer s obligations 4. Types of employment contract 5. Working time 6. Holiday 7. Sick pay 8. Parenthood rights 9. Mass

More information

BRIEFING NOTE. Taxation of factoring in Poland

BRIEFING NOTE. Taxation of factoring in Poland BRIEFING NOTE Taxation of factoring in Poland 1. Introduction 2. VAT rate 3. Financial services exemption 4. Factoring prior to 2011 5. EU Tribunal of Justice steps in 6. Factoring after the EU Tribunal

More information

ERP CONSULTING IT OUTSOURCING

ERP CONSULTING IT OUTSOURCING ERP CONSULTING IT OUTSOURCING IT Services www.bakertilly.pl ERP SYSTEMS ERP systems are mature tls managing resurces in every area f the cmpany management. The chice f this tl and a way f its implementatin

More information

Polish Financial Supervision Authority. Guidelines

Polish Financial Supervision Authority. Guidelines Polish Financial Supervision Authority Guidelines on the Management of Information Technology and ICT Environment Security for Insurance and Reinsurance Undertakings Warsaw, 16 December 2014 Table of Contents

More information

business process outsourcing

business process outsourcing business process outsourcing asbgroup.eu accounting and reporting. trust management services. company administration. shelf companies. payroll and HR services. company liquidation. business advisory. tax

More information

ITALY POLAND JOINT SCIENCE AND TECHNOLOGY COOPERATION CALL FOR JOINT PROJECT PROPOSALS CLOSING DATE: 10/06/2015

ITALY POLAND JOINT SCIENCE AND TECHNOLOGY COOPERATION CALL FOR JOINT PROJECT PROPOSALS CLOSING DATE: 10/06/2015 ITALY POLAND JOINT SCIENCE AND TECHNOLOGY COOPERATION CALL FOR JOINT PROJECT PROPOSALS CLOSING DATE: 10/06/2015 BACKGROUND In the framework of the Scientific and Technological Cooperation Agreement between

More information

Service Support. 2005 Kasse Initiatives, LLC. ITIL Configuration Management - 1. version 2.0

Service Support. 2005 Kasse Initiatives, LLC. ITIL Configuration Management - 1. version 2.0 Service Support Configuration Management ITIL Configuration Management - 1 Goals of Configuration Management The goals of Configuration Management are to: Account for all the IT assets and configurations

More information

Shell s Health, Safety and Environment (HSE) management system (see Figure 11-1) provides the framework for managing all aspects of the development.

Shell s Health, Safety and Environment (HSE) management system (see Figure 11-1) provides the framework for managing all aspects of the development. Section 11.1 APPLICATION FOR APPROVAL OF THE DEVELOPMENT PLAN FOR NIGLINTGAK FIELD PROJECT DESCRIPTION INTRODUCTION 11.1.1 HSE MANAGEMENT SYSTEM Shell s Health, Safety and Environment (HSE) management

More information

Ernst & Young Poland University of Warsaw, 18 July 2012

Ernst & Young Poland University of Warsaw, 18 July 2012 Ernst & Young Poland University of Warsaw, 18 July 2012 Adam Kowalik, Agnieszka A. Szczepaniak Agenda Who we are Our achivements Our values Our CSR activities Whyjoin Ernst & Young? Page 2 Who we are Ernst

More information

UoD IT Job Description

UoD IT Job Description UoD IT Job Description Role: Projects Portfolio Manager HERA Grade: 8 Responsible to: Director of IT Accountable for: Day to day leadership of team members and assigned workload Key Relationships: Management

More information

Cloud Infrastructure Security Management

Cloud Infrastructure Security Management www.netconsulting.co.uk Cloud Infrastructure Security Management Visualise your cloud network, identify security gaps and reduce the risks of cyber attacks. Being able to see, understand and control your

More information

Microsoft Services Premier Support. Security Services Catalogue

Microsoft Services Premier Support. Security Services Catalogue Microsoft Services Premier Support Security Services Catalogue 2014 Microsoft Services Microsoft Services helps you get the most out of your Microsoft Information Technology (IT) investment with integrated

More information

Enterprise Security Architecture

Enterprise Security Architecture Enterprise Architecture -driven security April 2012 Agenda Facilities and safety information Introduction Overview of the problem Introducing security architecture The SABSA approach A worked example architecture

More information

PATCH MANAGEMENT. February 2008. The Government of the Hong Kong Special Administrative Region

PATCH MANAGEMENT. February 2008. The Government of the Hong Kong Special Administrative Region PATCH MANAGEMENT February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without

More information

KPMG in India s Software testing services Test consulting case studies

KPMG in India s Software testing services Test consulting case studies KPMG in India s Software testing services Test consulting case studies 0 Software test consulting case study 1 Key Activities Outcome IT consulting to assess, evaluate the core banking solution and existing

More information

CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT

CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT JANUARY 2008 GUIDELINE ON BUSINESS CONTINUITY GUIDELINE CBK/PG/14

More information

REPORT of the Supervisory Board of Mediatel S.A. for the period from 1 January 2009 to 31 December 2009

REPORT of the Supervisory Board of Mediatel S.A. for the period from 1 January 2009 to 31 December 2009 REPORT of the Supervisory Board of Mediatel S.A. for the period from 1 January 2009 to 31 December 2009 I. Assessment of the work of the Supervisory Board Composition of the Supervisory Board In 2009 the

More information

ESKISP6055.01 Manage security testing

ESKISP6055.01 Manage security testing Overview This standard covers the competencies concerning with managing security testing activities. Including managing resources activities and deliverables. This includes planning, conducting and reporting

More information

Sample pages provided by: MarketResearch.com

Sample pages provided by: MarketResearch.com Sample pages provided by: MarketResearch.com Contact us: Call 1.800.298.5699 OR +1.240.747.3093 Int l Fax 240.747.3004 Email customerservice@marketresearch.com Our Offices: Headquarters Rockville, MD 11200

More information

UMHLABUYALINGANA MUNICIPALITY PATCH MANAGEMENT POLICY/PROCEDURE

UMHLABUYALINGANA MUNICIPALITY PATCH MANAGEMENT POLICY/PROCEDURE UMHLABUYALINGANA MUNICIPALITY PATCH MANAGEMENT POLICY/PROCEDURE Originator Patch Management Policy Approval and Version Control Approval Process: Position or Meeting Number: Date: Recommended by Director

More information

Rick Taylor, CISA. An Independent Member of Baker Tilly International 1

Rick Taylor, CISA. An Independent Member of Baker Tilly International 1 Rick Taylor, CISA 1 An Independent Member of Baker Tilly International 1 http://expandedramblings.com/index.php/resource howmany people use the top social media/ Facebook: 1.06 billion monthly active users,

More information

Job Description. Radiography Services Manager

Job Description. Radiography Services Manager Job Description Radiography Services Manager Professionally accountable to: Head of Nursing and Clinical Services Key working relationships: Key reporting relationships: All Radiographers, Consultant Radiologists,

More information

Data Classification Technical Assessment

Data Classification Technical Assessment Data Classification Update: February 13th, 2015 Statement of Confidentiality This Confidential Information is being provided to Customer ABC as a deliverable of this consulting engagement. The sole purpose

More information

Market Overview Poland 2014

Market Overview Poland 2014 Shared Services Centres Business Process Outsourcing Introduction Page Personnel Shared Services Centres in Poland specializes in recruitment for the SSC/BPO area. As PageGroup, we deliver mass- or single-recruitment

More information

STAFF VACANCIES Ref. 1507CAFGIV

STAFF VACANCIES Ref. 1507CAFGIV 27 March 2015 STAFF VACANCIES Ref. 1507CAFGIV The European Insurance and Occupational Pensions Authority (EIOPA) is currently inviting applications for a position as IT Business Analyst for its Headquarters

More information

{Add company name} {Add geographical location} {Add/edit as required} Enterprise Architect. {Add local information}

{Add company name} {Add geographical location} {Add/edit as required} Enterprise Architect. {Add local information} Job Description Business Analyst Organisation: Location: Reports to: Supervises: Working conditions: Last updated: {Add company name} {Add geographical location} {Add/edit as required} Enterprise Architect

More information

Defining direction. Poland Audit Business Process Outsourcing HR Consulting Legal Tax

Defining direction. Poland Audit Business Process Outsourcing HR Consulting Legal Tax Defining direction Poland Audit Business Process Outsourcing HR Consulting Legal Tax Defining direction As the leading country in Central and Eastern Europe, Poland sets the course of development. Small

More information

Cyber Security Consultancy Standard. Version 0.2 Crown Copyright 2015 All Rights Reserved. Page 1 of 13

Cyber Security Consultancy Standard. Version 0.2 Crown Copyright 2015 All Rights Reserved. Page 1 of 13 Cyber Security Consultancy Standard Version 0.2 Crown Copyright 2015 All Rights Reserved Page 1 of 13 Contents 1. Overview... 3 2. Assessment approach... 4 3. Requirements... 5 3.1 Service description...

More information

ITIL. Lifecycle. www.alctraining.com.my. ITIL Intermediate: Continual Service Improvement. Service Strategy. Service Design. Service Transition

ITIL. Lifecycle. www.alctraining.com.my. ITIL Intermediate: Continual Service Improvement. Service Strategy. Service Design. Service Transition Take your ITIL skills to the next level ITIL Lifecycle ITIL Intermediate: Part of the complete ITIL Education Program Advance your career Add value to your organisation Gain credits towards ITIL Expert

More information

Car in business Accounting and tax aspects

Car in business Accounting and tax aspects Car in business Accounting and tax aspects Poland Slovakia Czech Republic Overview of the main tax and accounting rules applicable when purchasing and using a car for business purposes in Poland, Slovakia

More information

Email Router and Vetting G-Cloud Service Definition

Email Router and Vetting G-Cloud Service Definition Email Router and Vetting G-Cloud Service Definition 2013 General Dynamics Information Technology. All rights reserved 1 In partnership with Government and industry-leading technology partners, General

More information

Certification Report

Certification Report Certification Report EAL 2+ Evaluation of Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme 2008 Government of Canada, Communications

More information

Annual Report 2007 COMMERCIAL FINANCE WWW.INGCOMFIN.PL

Annual Report 2007 COMMERCIAL FINANCE WWW.INGCOMFIN.PL 2007 Annual Report 2007 COMMERCIAL FINANCE WWW.INGCOMFIN.PL It is with pleasure that I present to you the Annual Report of 2007 which describes the activity of ING Commercial Finance Polska S.A. Last year

More information

Cisco Unified Computing. Optimization Service

Cisco Unified Computing. Optimization Service Improve your unified compute so it remains a competitive resource with the Cisco Unified Computing Optimization Service. Cisco Unified Computing Optimization Service Increase Agility and Performance with

More information

Cyber Essentials Scheme. Protect your business from cyber threats and gain valuable certification

Cyber Essentials Scheme. Protect your business from cyber threats and gain valuable certification Cyber Essentials Scheme Protect your business from cyber threats and gain valuable certification Why you need it Cybercrime appears in the news on an almost daily basis - but it s not just the large and

More information

Application Support Solution

Application Support Solution Application Support Solution White Paper This document provides background and administration information on CAI s Legacy Application Support solution. PRO00001-MNGMAINT 080904 Table of Contents 01 INTRODUCTION

More information

IT Services Management Service Brief

IT Services Management Service Brief IT Services Management Service Brief Service Continuity (Disaster Recovery Planning) Prepared by: Rick Leopoldi May 25, 2002 Copyright 2002. All rights reserved. Duplication of this document or extraction

More information

Derbyshire Constabulary

Derbyshire Constabulary h Derbyshire Constabulary Job Description Closing Date Wednesday 28 October 205 at midday HR Service Centre Contact Rachael Stone Tel int 733 00 Extl 0300 330 330 Role Title Technical Support Manager Grade

More information

Salary Guide 2012 Czech 2012 Republic

Salary Guide 2012 Czech 2012 Republic Executive recruitment speciaists Salary Guide 2012 Czech 2012 Republic reedglobal.cz reedglobal.com.cz Market Overview The new year saw the agenda for many companies in the Czech Republic revolve around

More information

Begin with the end in mind

Begin with the end in mind Begin with the end in mind Is your business vision driving your software purchases? Or is it the other way around? Organisations can be paying 25-35% too much for software, support and maintenance costs.

More information

STAFF VACANCIES Ref. 1527TAAST4

STAFF VACANCIES Ref. 1527TAAST4 2 October 2015 STAFF VACANCIES Ref. 1527TAAST4 The European Insurance and Occupational Pensions Authority (EIOPA) is currently inviting applications for a position as IT Specialist for its Headquarters

More information

Cisco Nexus Planning and Design Service

Cisco Nexus Planning and Design Service Cisco Nexus Planning and Design Service Efficiently migrate to a 10GbE environment. Create a more scalable, efficient, and resilient data center architecture with Cisco Nexus Planning and Design Service.

More information

Decision on adequate information system management. (Official Gazette 37/2010)

Decision on adequate information system management. (Official Gazette 37/2010) Decision on adequate information system management (Official Gazette 37/2010) Pursuant to Article 161, paragraph (1), item (3) of the Credit Institutions Act (Official Gazette 117/2008, 74/2009 and 153/2009)

More information

Contact Centre Integration Assessment

Contact Centre Integration Assessment Contact Centre Integration Assessment How well are your business objectives aligned with the right contact centre technologies? Knowing how the technology in your contact centre supports service delivery

More information

IBM Sterling Order Management

IBM Sterling Order Management IBM Sterling Order Management Service Definition 1 1. Summary 1.1 Service Description IBM Sterling Order Management provides a centralised inventory, order promising and fulfilment hub facilitating omni-channel

More information

Our consultancy team will provide guidance throughout the process helping you to produce the necessary documentation and raise staff awareness.

Our consultancy team will provide guidance throughout the process helping you to produce the necessary documentation and raise staff awareness. Service Definition Business Continuity Plan Overview of Service Sapphire provides a bespoke service, working with your organisation to develop a comprehensive Business Continuity Plan (BCP) designed to

More information

Audit Report. Effectiveness of IT Controls at the Global Fund Follow-up report. GF-OIG-15-20b 26 November 2015 Geneva, Switzerland

Audit Report. Effectiveness of IT Controls at the Global Fund Follow-up report. GF-OIG-15-20b 26 November 2015 Geneva, Switzerland Audit Report Effectiveness of IT Controls at the Global Fund Follow-up report GF-OIG-15-20b Geneva, Switzerland Table of Contents I. Background and scope... 3 II. Executive Summary... 4 III. Status of

More information

Certification as a model of recognising and improving personnel s competences in OSH

Certification as a model of recognising and improving personnel s competences in OSH Certification as a model of recognising and improving personnel s competences in OSH Strengthening OSH knowledge and innovation as driver of EU smart growth 7 November 2011, Warsaw, Poland Witold Gacek,

More information

Qulliq Energy Corporation Job Description

Qulliq Energy Corporation Job Description Qulliq Energy Corporation Job Description Position Title Senior Enterprise Systems Specialist Unionized Reports to: Manager, Information Technology Reporting to this Position Enterprise Systems Specialist

More information

State of Oregon. State of Oregon 1

State of Oregon. State of Oregon 1 State of Oregon State of Oregon 1 Table of Contents 1. Introduction...1 2. Information Asset Management...2 3. Communication Operations...7 3.3 Workstation Management... 7 3.9 Log management... 11 4. Information

More information

ITIL: Service Operation

ITIL: Service Operation ITIL: Service Operation Course Course Chapter 01 - Course Lesson: Course Organization Welcome to the Course! Mentoring Community s Why Are You Here? Using Bloom s Taxonomy What do you Expect? Housekeeping

More information

Role Profile Job Description .NET Senior Analyst Developer Purpose of job: Context and environment: Global Business Services Our mission:

Role Profile Job Description .NET Senior Analyst Developer Purpose of job: Context and environment: Global Business Services Our mission: Role Profile Job Description Job Title.NET Senior Analyst Developer Directorate or Region UK Department/Country GIS / Poland Location of post Warsaw Pay Band 8 Reports to Aleksandra Bogdanov Duration of

More information

Characteristics. Partner of the program. Studies curriculum and duration

Characteristics. Partner of the program. Studies curriculum and duration Cracow School of Business at Cracow University of Economics in co-operation with Stockholm University School of Business invite you to take part in prestigious studies: EXECUTIVE MASTER OF BUSINESS ADMINISTRATION

More information

Polish Agency for Enterprise Development

Polish Agency for Enterprise Development 2012 Polish Agency for Enterprise Development We support good governance Management is an imposition of order on chaos Henry M. Boettinger The Polish Agency for Enterprise Development (PARP) is a state

More information

BANK ZACHODNI WBK S.A. WROCŁAW, RYNEK 9/11 FINANCIAL STATEMENTS FOR THE 2015 FINANCIAL YEAR WITH AUDITOR S OPINION AND AUDIT REPORT

BANK ZACHODNI WBK S.A. WROCŁAW, RYNEK 9/11 FINANCIAL STATEMENTS FOR THE 2015 FINANCIAL YEAR WITH AUDITOR S OPINION AND AUDIT REPORT WROCŁAW, RYNEK 9/11 FINANCIAL STATEMENTS FOR THE 2015 FINANCIAL YEAR WITH AUDITOR S OPINION AND AUDIT REPORT TABLE OF CONTENTS AUDITOR S OPINION... 3 REPORT ON THE AUDIT OF THE FINANCIAL STATEMENTS OF

More information

TOGETHER WE CAN DO MORE

TOGETHER WE CAN DO MORE B3System S.A. is a leading provider of IT system and service management solutions ensuring optimized IT infrastructure performance, availability and security within businesses. The company has been operating

More information

BANK OCHRONY ŚRODOWISKA S.A. WARSZAWA, UL. ŻELAZNA 32 FINANCIAL STATEMENTS FOR THE 2014 FINANCIAL YEAR WITH AUDITOR S OPINION AND AUDIT REPORT

BANK OCHRONY ŚRODOWISKA S.A. WARSZAWA, UL. ŻELAZNA 32 FINANCIAL STATEMENTS FOR THE 2014 FINANCIAL YEAR WITH AUDITOR S OPINION AND AUDIT REPORT WARSZAWA, UL. ŻELAZNA 32 FINANCIAL STATEMENTS FOR THE 2014 FINANCIAL YEAR WITH AUDITOR S OPINION AND AUDIT REPORT TABLE OF CONTENTS AUDITOR S OPINION... 3 REPORT ON THE AUDIT OF THE FINANCIAL STATEMENTS

More information

ISO 27001 Information Security Management Services (Lot 4)

ISO 27001 Information Security Management Services (Lot 4) ISO 27001 Information Security Management Services (Lot 4) CONTENTS 1. WHY LEICESTERSHIRE HEALTH INFORMATICS SERVICE?... 3 2. LHIS TECHNICAL ASSURANCE SERVICES... 3 3. SERVICE OVERVIEW... 4 4. EXPERIENCE...

More information

SALARY REPORT 2014. Shared Services Centres Business Process Outsourcing. Temporary & permanent recruitment www.pagepersonnel.pl

SALARY REPORT 2014. Shared Services Centres Business Process Outsourcing. Temporary & permanent recruitment www.pagepersonnel.pl SALARY REPORT 2014 Temporary & permanent recruitment www.pagepersonnel.pl Contents SALARY REPORT 2014 Introduction... 3 Market overview... 4 About Page Personnel... 5 Methodology and additional information...

More information

The Cadence Partnership Service Definition

The Cadence Partnership Service Definition The Cadence Partnership Service Definition About Cadence The Cadence Partnership is an independent management consultancy, specialising in working with a wide range of organisations, solving complex issues

More information

We are Passionate about Total Security Management Architecture & Infrastructure Optimisation Review

We are Passionate about Total Security Management Architecture & Infrastructure Optimisation Review We are Passionate about Total Security Management Architecture & Infrastructure Optimisation Review The security threat landscape is constantly changing and it is important to periodically review a business

More information

Car in business Accounting and tax aspects

Car in business Accounting and tax aspects Car in business Accounting and tax aspects Poland Slovakia Czech Republic Overview of the main tax and accounting rules applicable when purchasing and using a car for business purposes in Poland, Slovakia

More information

Mariusz-Jan Radło, Ph.D.

Mariusz-Jan Radło, Ph.D. Offshoring and outsourcing of services: Evidence from Poland Mariusz-Jan Radło, Ph.D. ========================= Warsaw School of Economics, associate professor head of the Postgraduate Studies of Business

More information

Understanding Vulnerability Management Life Cycle Functions

Understanding Vulnerability Management Life Cycle Functions Research Publication Date: 24 January 2011 ID Number: G00210104 Understanding Vulnerability Management Life Cycle Functions Mark Nicolett We provide guidance on the elements of an effective vulnerability

More information

A SECURITY ARCHITECTURE FOR AGENT-BASED MOBILE SYSTEMS. N. Borselius 1, N. Hur 1, M. Kaprynski 2 and C.J. Mitchell 1

A SECURITY ARCHITECTURE FOR AGENT-BASED MOBILE SYSTEMS. N. Borselius 1, N. Hur 1, M. Kaprynski 2 and C.J. Mitchell 1 A SECURITY ARCHITECTURE FOR AGENT-BASED MOBILE SYSTEMS N. Borselius 1, N. Hur 1, M. Kaprynski 2 and C.J. Mitchell 1 1 Royal Holloway, University of London 2 University of Strathclyde ABSTRACT Future mobile

More information

Information Management Advice 35: Implementing Information Security Part 1: A Step by Step Approach to your Agency Project

Information Management Advice 35: Implementing Information Security Part 1: A Step by Step Approach to your Agency Project Information Management Advice 35: Implementing Information Security Part 1: A Step by Step Approach to your Agency Project Introduction This Advice provides an overview of the steps agencies need to take

More information

Overview of EAM Services. A Fully Integrated Global EAM Service Provider

Overview of EAM Services. A Fully Integrated Global EAM Service Provider A Fully Integrated Global EAM Service Provider Table of Contents Strategy & Process Services Overview... p. 3 Asset Reliability Services Overview... p. 4 Systems & Technology Services Overview... p. 7

More information

Technology and Cyber Resilience Benchmarking Report 2012. December 2013

Technology and Cyber Resilience Benchmarking Report 2012. December 2013 Technology and Cyber Resilience Benchmarking Report 2012 December 2013 1 Foreword by Andrew Gracie Executive Director, Special Resolution Unit, Bank of England On behalf of the UK Financial Authorities

More information

Security Assessment and Compliance Services

Security Assessment and Compliance Services Security Assessment and Compliance Services Despite the best efforts of IT security teams, hackers and malicious code continue to find their way into corporate networks. Adding to the pressure is the fact

More information

Rulebook on Information Security Incident Management General Provisions Article 1

Rulebook on Information Security Incident Management General Provisions Article 1 Pursuant to Article 38 of the Law on State Administration (Official Gazette of the Republic of Montenegro 38/03 from 27 June 2003, 22/08 from 02 April 2008, 42/11 from 15 August 2011), The Ministry for

More information

Practitioner Certificate Software Asset Management Syllabus. Version 2.0

Practitioner Certificate Software Asset Management Syllabus. Version 2.0 Practitioner Certificate Software Asset Management Syllabus Version 2.0 June 2010 Practitioner Certificate in Software Asset Management The ISEB Practitioner Certificate in Software Asset Management (SAM)

More information

Information Services Strategy 2011-2013

Information Services Strategy 2011-2013 Information Services Strategy Issue 1 1 Introduction The States of Jersey public sector is facing significant pressure for efficiencies and savings. This has created the context to take a fresh look at

More information

Intel Security Certified Product Specialist Security Information Event Management (SIEM)

Intel Security Certified Product Specialist Security Information Event Management (SIEM) Intel Security Certified Product Specialist Security Information Event Management (SIEM) Why Get Intel Security Certified? As technology and security threats continue to evolve, organizations are looking

More information

In a Search for Regulations on Risk Management, Internal Control and Internal Audit

In a Search for Regulations on Risk Management, Internal Control and Internal Audit In a Search for Regulations on Risk Management, Internal Control and Internal Audit Jacek Socha IAS Conference 17 October 2006 pwc Agenda Background Sarbanes-Oxley Act lessons learnt and benefits EU response

More information

Service Definition Document

Service Definition Document Service Definition Document QinetiQ Secure Cloud Protective Monitoring Service (AWARE) QinetiQ Secure Cloud Protective Monitoring Service (DETER) Secure Multi-Tenant Protective Monitoring Service (AWARE)

More information

White Paper CLINICAL RESEARCH IN POLAND AN INTRODUCTION

White Paper CLINICAL RESEARCH IN POLAND AN INTRODUCTION White Paper CLINICAL RESEARCH IN POLAND AN INTRODUCTION Table of Contents 1. Healthcare Landscape in Poland... 3 2. Clinical Research Activity in Poland... 3 3. References... 6 4. About the Author... 6

More information

Corporate Incident Response. Why You Can t Afford to Ignore It

Corporate Incident Response. Why You Can t Afford to Ignore It Corporate Incident Response Why You Can t Afford to Ignore It Whether your company needs to comply with new legislation, defend against financial loss, protect its corporate reputation or a combination

More information

IT Services Management Service Brief

IT Services Management Service Brief IT Services Management Service Brief Release Management Prepared by: Rick Leopoldi May 25, 2002 Copyright 2002. All rights reserved. Duplication of this document or extraction of content is strictly forbidden.

More information

Doing Business in Slovakia

Doing Business in Slovakia January 2015 PREFACE This guide on Doing Business in Slovakia has been prepared by TGC Corporate Lawyers s.r.o. It is designed to provide information on a number of subjects important to those contemplating

More information

About the Studio. Outsourcing Offer May 9 th, 2016 2/10. About the Studio. Artificial Intelligence. Backend and Networking.

About the Studio. Outsourcing Offer May 9 th, 2016 2/10. About the Studio. Artificial Intelligence. Backend and Networking. Outsourcing Offer Raving Bots is a team of talented and motivated people, whose goal is to forge their raving ideas into raving games that they wish to play while raving. However, it is a long-term undertaking

More information

Implementation of ANSI/AAMI/IEC 62304 Medical Device Software Lifecycle Processes.

Implementation of ANSI/AAMI/IEC 62304 Medical Device Software Lifecycle Processes. Implementation of ANSI/AAMI/IEC 62304 Medical Device Software Lifecycle Processes.. www.pharmout.net Page 1 of 15 Version-02 1. Scope 1.1. Purpose This paper reviews the implementation of the ANSI/AAMI/IEC

More information

PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA

PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA 1 Chapter-4: Business Continuity Planning and Disaster Recovery Planning PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA Learning Objectives 2 To understand the concept of Business Continuity Management To understand

More information

ABB in Poland Always at the forefront

ABB in Poland Always at the forefront ABB in Poland Always at the forefront 2 ABB in Poland ABB in Poland is a part of the ABB Group a global leader in power and automation technologies that enable utility and industry customers to improve

More information

Company Presentation CONTACT CENTER

Company Presentation CONTACT CENTER Company Presentation CONTACT CENTER 1 About Contact Center Our offer Our clients Benefits from cooperation with us Case studies References Contact 2 3 About Contact Center About Contact Center Who are

More information

THE TAURON POLSKA ENERGIA S.A. CAPITAL GROUP KATOWICE, ULICA KS. PIOTRA ŚCIEGIENNEGO 3 CONSOLIDATED FINANCIAL STATEMENTS FOR THE FINANCIAL YEAR 2014

THE TAURON POLSKA ENERGIA S.A. CAPITAL GROUP KATOWICE, ULICA KS. PIOTRA ŚCIEGIENNEGO 3 CONSOLIDATED FINANCIAL STATEMENTS FOR THE FINANCIAL YEAR 2014 THE POLSKA ENERGIA S.A. CAPITAL GROUP KATOWICE, ULICA KS. PIOTRA ŚCIEGIENNEGO 3 CONSOLIDATED FINANCIAL STATEMENTS FOR THE FINANCIAL YEAR 2014 WITH AUDITOR S OPINION AND AUDIT REPORT TABLE OF CONTENTS AUDITOR

More information

-Blue Print- The Quality Approach towards IT Service Management

-Blue Print- The Quality Approach towards IT Service Management -Blue Print- The Quality Approach towards IT Service Management The Qualification and Certification Program in IT Service Management according to ISO/IEC 20000 TÜV SÜD Akademie GmbH Certification Body

More information

Security Awareness Training Solutions

Security Awareness Training Solutions DATA SHEET Security Awareness Training Solutions A guide to available Dell SecureWorks services At Dell SecureWorks, we strive to be a trusted security advisor to our clients. Part of building this trust

More information

Information on the appointed Members of the Supervisory Board:

Information on the appointed Members of the Supervisory Board: GETIN Holding S.A. ul. Gwiaździsta 66, 53-413 Wrocław tel. +48 71 797 77 77, fax +48 71 797 77 16 KRS 0000004335 District Court in Wrocław, the 6th Commercial Division of the National Court Register Getin

More information

Data Sheet: Endpoint Security Symantec Network Access Control Comprehensive Endpoint Enforcement

Data Sheet: Endpoint Security Symantec Network Access Control Comprehensive Endpoint Enforcement Comprehensive Endpoint Enforcement Overview is a complete, end-to-end network access control solution that enables organizations to efficiently and securely control access to corporate networks through

More information

Data Administrator. (Salary as advertised) Havering 15 per week Permanent 1. Main purpose of the role. 2. Reporting and working relationships

Data Administrator. (Salary as advertised) Havering 15 per week Permanent 1. Main purpose of the role. 2. Reporting and working relationships Data Administrator (Salary as advertised) Havering 15 per week Permanent 1. Main purpose of the role The post holder will be integral to ensuring a high quality service that promotes recovery across the

More information

BEFORE THE BREACH: Why Penetration Testing is Critical to Healthcare IT Security

BEFORE THE BREACH: Why Penetration Testing is Critical to Healthcare IT Security BEFORE THE BREACH: Why Penetration Testing is Critical to Healthcare IT Security August 2014 w w w.r e d s p in.c o m Introduction This paper discusses the relevance and usefulness of security penetration

More information

Overview TECHIS60851. Manage information security business resilience activities

Overview TECHIS60851. Manage information security business resilience activities Overview Information security business resilience encompasses business continuity and disaster recovery from information security threats. As well as addressing the consequences of a major security incident,

More information

Niš case study... Implementation of the first e-government in Serbia in City of Niš

Niš case study... Implementation of the first e-government in Serbia in City of Niš case study... Implementation of the first e-government in Serbia in City of Niš Belgrade Bratislava Bucharest Budapest Prague Warsaw Assessments: Changing old and retrograde telephone PBX system in City

More information

CAPABILITY MATURITY MODEL & ASSESSMENT

CAPABILITY MATURITY MODEL & ASSESSMENT ENTERPRISE DATA GOVERNANCE CAPABILITY MATURITY MODEL & ASSESSMENT www.datalynx.com.au Data Governance Data governance is a key mechanism for establishing control of corporate data assets and enhancing

More information

Sound Transit Internal Audit Report - No. 2014-6

Sound Transit Internal Audit Report - No. 2014-6 Sound Transit Internal Audit Report - No. 2014-6 Maturity Assessment: Information Technology Division Disaster Recovery Planning Report Date: June 5, 2015 Table of Contents Page Executive Summary 2 Background

More information

Auditing your institution's cybersecurity incident/breach response plan. Baker Tilly Virchow Krause, LLP

Auditing your institution's cybersecurity incident/breach response plan. Baker Tilly Virchow Krause, LLP Auditing your institution's cybersecurity incident/breach response plan Objectives > Provide an overview of incident/breach response plans and their intended benefits > Describe regulatory/legal requirements

More information

IT Security. Securing Your Business Investments

IT Security. Securing Your Business Investments Securing Your Business Investments IT Security NCS GROUP OFFICES Australia Bahrain China Hong Kong SAR India Korea Malaysia Philippines Singapore Sri Lanka Securing Your Business Investments! Information

More information

Centralne Biuro Antykorupcyjne. Al. Ujazdowskie 9 00-583 Warszawa www.cba.gov.pl. Cover design, graphics Wioleta Kaczańska

Centralne Biuro Antykorupcyjne. Al. Ujazdowskie 9 00-583 Warszawa www.cba.gov.pl. Cover design, graphics Wioleta Kaczańska Centralne Biuro Antykorupcyjne Al. Ujazdowskie 9 00-583 Warszawa www.cba.gov.pl Cover design, graphics Wioleta Kaczańska Computer composition, proofreading, print Wydawnictwo Centrum Szkolenia Policji

More information