APPENDIX 2 GENERIC OPERATIONAL RISKS RISK TABLES & ADDITIONAL ACTION PLANS MONITORING REPORT MARCH 2006
|
|
- Dominic Barber
- 8 years ago
- Views:
Transcription
1 APPENDIX 2 GENERIC OPERATIONAL S TABLES ADDITIONAL ACTION PLANS MONITORING REPORT MARCH 2006
2 GENERIC S AFFECTING MOST OR ALL SERVICES OPERATIONAL S OF HYNDBURN BOROUGH COUNCIL PROFESSIONAL LIKELI- HOOD IMPACT RATING CONTROLS LIKELI- HOOD IMPACT RATING ACTIONS RESPONSIBLE PRIORITY Failing to recruit and retain suitably qualified staff Risk of inappropriate professional judgement or advice given by Officers FINANCIAL * Investors in People accreditation * Job Evaluation * Professional, Trained and Qualified staff * Investors in People * Maintain Review of conditions compare to external markets * Undertake a pay and grading review for implementation by March 2007 * Compare Market Rates * Recruitment and selection procedures * Continue training programmes and IIP * Support CPD Failure to monitor and ensure spending is within budgetary limitations Failure to manage projects effectively and ensure contracts are VFM Failure to properly budget for the termination or continuation of fixed term contract posts * Budget Statements issued to Heads of Service by Accountants * Competent/Qualified Staff * Contracts Standing Orders * Staff Training * Contract Specifications and monitoring * Cascade apply project management skills * HR Policies and Procedures * Accountancy Budget Advice * Improved Management Information * Ensure training updated as required * Review of Procurement Strategy * Ensure all Officers are aware of Standing Orders for Contracts * Dev. of PM Protocol * Budget Planning * Sourcing of continuation funds * Redeployment options if applicable New Financial Risk Failure to insure Council buildings for rebuild value in the event of fire or other incident * Limited Insurance Cover * Review Insurance Cover * Review process and security of buildings e.g. remote sites * Review sums insured by starting annual valuation review Corporate Property Manager
3 programme using specialist quantity surveyor support ( 5000 allocated for 2006/07 to re-start this programme) OPERATIONAL S ACTION PLAN GENERIC S AFFECTING MOST OR ALL SERVICES PROFESSIONAL Failing to recruit and retain suitably qualified staff Risk of inappropriate professional judgement or advice given by Officers FINANCIAL Failure to monitor and ensure spending is within budgetary limitations Failure to manage projects effectively and ensure contracts are VFM Failure to properly budget for the termination or continuation of fixed term contract posts ACTION PLAN Respond to the requirement to produce a Pay and Workforce Strategy (including Workforce Development Plan) by March 2007 Ensure that Hyndburn receives \ good CPA rating and its attractiveness as an authority is retained. Equal pay review needs to ensure that salaries remain attractive Taking Part in the National Graduate Development Programme Undertake Job Evaluation and make recommendations for Pay Policy and pay and reward arrangements Review Employee Benefit Schemes Implementation of Redeployment Policy to provide a commitment for fixed term workers Regular Supervision Meetings Appointment of appropriately trained and professionally qualified staff. Identify training and development needs at appraisals Professional Indemnity Cover Keep abreast of legislative change and CPD requirements via professional bodies Undertake Service Quality Questionnaires with internal service users Ensure that staff are fully trained through IIP appraisal process and that proper management lines of supervision are followed. Appropriate profiling of year s budget using efinancials system, and in-year re-profiling if/where appropriate, exist and need to be maintained and monitored. Improved financial information for service managers is a key corporate priority. New Service Managers in particular need training on financial and budget management Line Managers have role in this and E-Financials usage training can be obtained from the Service Accountant and Principal Accountant (Systems) Regular (monthly) budget monitoring and forecasting addressing under/overspends Devise coping strategy for services affected by financial changes Ensure Accountancy colleagues have opportunity to input into external funding bids to ensure staffing and related costs are properly identified. IT intention to develop own project management framework if corporate approach does not materialise. Use competent staff. Completion of the review of the procurement strategy Introduction of in-house project management methodology Recruiting managers to be made fully aware of the financial implications of recruiting to fixed term contract posts, with a view to making appropriate budgetary provision. The Redeployment Policy has been revised to make it clear that employees with at least 2 years continuous service are protected by the provisions of the RP, including redundancy entitlement. Colleagues with less than 2 years continuous service (and therefore no redundancy entitlement) will be considered for alternative posts without ring fenced protection. HR to provide a guidance and advisory note on the above New Financial Action Plan Failure to insure Council buildings for rebuild value in the event of fire or other incident Level of Insurance should be reviewed and consideration be given to insuring those premises deemed to be important or revenue generating for the Council Review security of remote buildings and consideration of alternatives to insurance also considered to ensure value for money in use of resources There is a possibility of insurance claims being prejudiced if insurance valuations are not monitored and reviewed as part of an annual valuation programme. This process has started and needs to be kept under review. OPERATIONAL S
4 OF HYNDBURN BOROUGH COUNCIL GENERIC S AFFECTING MOST OR ALL SERVICES LEGAL LIKELI- HOOD IMPACT RATING CONTROLS LIKELI- HOOD IMPACT RATING ACTIONS RESPONSIBLE PRIORITY Risk of litigation arising from poor advice or work carried out by Officers or non-compliance with legislation PHYSICAL * Competent / Qualified Staff * Management Supervision of Staff * Staff Training * Continue existing processes * Ensure training kept up to date * Legislation reviews for updates Failure to comply with Health Safety Legislation both in and around the workplace. Risk on personal safety when dealing with members of the public both in, around or outside the workplace Loss or damage of facilities or buildings occupied by the Council by fire or other resulting in short to long term unavailability Failure to protect buildings from criminal damage Failure to deliver core business activities for several weeks due to high levels of staff absenteeism resulting from infectious disease, flu pandemic or similar * Health Safety Officers * Health safety is part of employee induction * Health Safety Policy Procedures * Health Safety Policy Procedures * Protocols for working alone * Protocols for dealing with the public *Fire alarms / equipment installed and regularly tested / maintained. *Trained Fire Marshalls Boarding up clearance property Intruder alarms CCTV Inspection * Regular Training * Implement Corporate HS plan of action agreed by Cabinet Dec04 * Annual Programme Health Safety refreshers * Continue existing arrangements * Programme of Risk Assessment Reviews appropriate to Service *Temporarily relocate staff into other accommodation. *Check maintenance contracts *Regular alarm tests and evacuation procedures. *Check feasibility of renting private office space. *Review insurance cover. * Devise disaster recover plan by April Clarify responsibility to protect Crime prevention surveys (cost implication) * Develop Business Continuity Strategy * Devise disaster recovery plan by April 2006 Service Managers
5 OPERATIONAL S ACTION PLAN GENERIC S AFFECTING MOST OR ALL SERVICES LEGAL Risk of litigation arising from poor advice or work carried out by Officers or non-compliance with legislation PHYSICAL Failure to comply with Health Safety Legislation both in and around the workplace. Risk on personal safety when dealing with members of the public both in, around or outside the workplace Loss or damage of facilities or buildings occupied by the Council by fire or other resulting in short to long term unavailability Failure to deliver core business activities for several weeks due to high levels of staff absenteeism resulting from infectious disease, flu pandemic or similar ACTION PLAN Appointment of appropriately trained and professionally qualified staff. Identify training and development needs at appraisals Professional Indemnity Cover Keep abreast of legislative change and CPD requirements via professional bodies Training for other technical staff authorised to issue enforcement notices e.g. Duty of Care s74 EPA (Environmental Health) Ensure that proper management advice and supervision is applied to all professional activity Annual Programme Health Safety Refreshers New premises risk assessments 2006 Joint initiative/partnership with HSE to improve corporate health and safety performance. Plan of action approved by Cabinet Dec 04. The Community Services Directorate manages Health Safety in accordance with Corporate Health Safety Policies. Through representation on CHAST, training needs for staff have been identified to strengthen knowledge particularly regarding risk assessment, COSHH and manual handling. Training courses arranged before March 04. Service site specific induction, new plant, equipment, vehicles and work practices training regimes in place. Continual review of training requirements and continuous review of risk assessments Ensure that regular Health Safety checks are carried out and action taken in case of non-compliance Programme of Risk Assessment Reviews appropriate to Service Arrangements for staff to move cars nearer building when working late / alone Site specific risk assessments give consideration to both employees and others who may be affected by the Council s operations Provision of suitable support, counselling and training Circulate and brief Team on guidance on dealing with disruptive members of the public Devise Disaster Recovery Plan by April 2006 Review Insurance cover annually Civil Contingencies Group preparing Service Continuity Planning arrangements. Draft Plan and Policy prepared together with response plans for critical services. Emphasis on planning for human flu pandemic. Progress reported quarterly to CMT. Draft SCP Plan and Policy submitted to CMT 6/12/06 Civil Contingencies Group preparing Service Continuity Planning arrangements. Draft Plan and Policy prepared together with response plans for critical services. Emphasis on planning for human flu pandemic. Progress reported quarterly to CMT. Draft SCP Plan and Policy submitted to CMT 6/12/06
6 OPERATIONAL S OF HYNDBURN BOROUGH COUNCIL GENERIC S AFFECTING MOST OR ALL SERVICES TECHNOLOGICAL Unexpected system failures impacting onto the delivery of services Lack of investment in technology refresh programme prevents compliance with minimum machine specifications dictated by software suppliers. Failure to adequately protect against IT abuse (e.g. virus infection, hacking, sabotage, accessing unsuitable material, unlicensed software, misuse of personal data, breach of law, theft, fraud) * Software Maintenance Contracts * IT Support * Backup Procedures * Emergency Plan * Competent/Qualified Staff * Purchase or otherwise utilise (by swapping) minimum number of machines required that confirm with suppliers software minimum specification when required * Refresh taking place based on essential users first * Virus protection software * Network protection * Internet monitoring * Communications Policy * IT Standards Guidelines * Good communications between System Owner, ICT and Software Company * Revise disaster recovery plan by September 2006, in liaison with Business Continuity Working Group * Regular reminder to CPWG and CMT to request that budget allocations are prioritised to this need * Ask Services to realign their own budgets to self fund any PC replacements required * Continue existing controls * Ongoing review of adequacy of controls and policies and guidelines * Improve software licensing arrangements and procedures Head of ICT Head of ICT Head of ICT With support from Legal Service Audit Services
7 OPERATIONAL S ACTION PLAN GENERIC S AFFECTING MOST OR ALL SERVICES TECHNOLOGICAL Unexpected system failures impacting onto the delivery of services Lack of investment in technology refresh programme prevents compliance with minimum machine specifications dictated by software suppliers. Failure to adequately protect against IT abuse (e.g. virus infection, hacking, sabotage, accessing unsuitable material, unlicensed software, misuse of personal data, breach of law, theft, fraud) Downtime definition to be agreed with customers to allow appropriate monitoring / reporting Help Desk system is monitoring responsiveness and driving improvement Customer interfaces to be given priority Ensure that files are saved regularly and that back-up copies are made of all important projects Investigate possibility of outsourcing data management Revise disaster recovery plan by September 2006, in liaison with Business Continuity Working Group Refresh is taking place on an essential need basis due to funding available. Priority is being given to the users of systems not being properly supported by existing PC s. This is issue will continue to be pursued with. The Head of Audit has access to and reviews the Surf Control reports to ensure compliance with the policy. a) Internet monitoring software b) Software inventory to be created (timescale to be agreed after hardware inventory finalised) c) Virus protection software d) Investigating new firewall technologies completed. A DMZ between outside world and back office systems created September 2005
8 OPERATIONAL S OF HYNDBURN BOROUGH COUNCIL GENERIC S AFFECTING MOST OR ALL SERVICES ENVIRONMENTAL Failure to conserve energy thus resulting in excess costs to the Council and a negative impact on the environment * Some use of energy efficient lighting * Increased use of energy efficient lighting * SAP rating of each Council building * Devise implement energy reduction plan as part of rationalisation of offices 2006 INFORMATION ] Failure to ensure that personal data is kept securely in accordance with Data Protection Act and Freedom of Information Act * Staff Training * Personal Data kept securely with access restricted * Data Protection Officer Registration * Freedom of Information Act Procedures * Maintain reviews of information held to ensure retention is in accordance with the Policy * Ensure that information is retrievable in accordance with the provision of the Freedom of Information Act * Review data sharing issues with transfer of functions to external agencies 2006 * Review FOI requirements with transfer of functions 2006
9 OPERATIONAL S ACTION PLAN GENERIC S AFFECTING MOST OR ALL SERVICES ENVIRONMENTAL Failure to conserve energy thus resulting in excess costs to the Council and a negative impact on the environment INFORMATION Failure to ensure that personal data is kept securely in accordance with Data Protection Act Freedom of Information Act Inter-departmental staff group Changing the Climate meets on regular basis to initiate and co-ordinate improved environmental performance. Group has secured plot energy audits of Town Hall and Cannon Street offices and drafted action plans for these buildings. Build sustainable resources into procurement process. Switch lights and pc s etc. off when leaving buildings Review energy supply contracts Brief staff through Newsround on energy efficiency measures. Service managers to monitor and remind. Awareness campaigns through budget savings. Devise Implement energy reduction plan as part of rationalisation of offices 2006 Management plans for control of contamination, asbestos, legionella etc Appropriate staff aware of responsibilities Ensure that staff are aware and all records kept in accordance with data Protection Legal staff available to advise about requirements for disclosure of some third party information under Freedom of Information Act 2000 Ensure good housekeeping in terms of clear information storage to allow retrieval for a FOI request and also ensure that information not required to be kept is properly disposed of. Review data sharing issues with transfer of functions to external agencies 2006 Review FOI requirements with transfer of functions 2006
BRENTWOOD BOROUGH COUNCIL BUSINESS CONTINUITY SERVICE RECOVERY PLAN FOR...
BRENTWOOD BOROUGH COUNCIL BUSINESS CONTINUITY SERVICE RECOVERY PLAN FOR... PHOTO Responsibility for this Plan Designation Name Business Continuity Plan Holder... Managers with responsibilities under this
More informationHow To Manage A Business Continuity Strategy
Business continuity strategy 2009 2012 Table of contents 1 Why this strategy is needed 3 2 Aim of the strategy 4 3 Our approach to business continuity 4 PROCESS 4 STRUCTURE 5 DOCUMENTATION 6 DISRUPTION
More informationInformation Security Policy September 2009 Newman University IT Services. Information Security Policy
Contents 1. Statement 1.1 Introduction 1.2 Objectives 1.3 Scope and Policy Structure 1.4 Risk Assessment and Management 1.5 Responsibilities for Information Security 2. Compliance 3. HR Security 3.1 Terms
More informationWEST LOTHIAN COUNCIL INFORMATION SECURITY POLICY
WEST LOTHIAN COUNCIL INFORMATION SECURITY POLICY DATA LABEL: PUBLIC INFORMATION SECURITY POLICY CONTENTS 1. INTRODUCTION... 3 2. MAIN OBJECTIVES... 3 3. LEGISLATION... 4 4. SCOPE... 4 5. STANDARDS... 4
More informationService Children s Education
Service Children s Education Data Handling and Security Information Security Audit Issued January 2009 2009 - An Agency of the Ministry of Defence Information Security Audit 2 Information handling and
More informationBusiness Continuity Policy and Business Continuity Management System
Business Continuity Policy and Business Continuity Management System Summary: This policy sets out the structure for ensuring that the PCT has effective Business Continuity Plans in place in order to maintain
More informationSalary: 45,000-50,000
JOB DESCRIPTION: Responsible to: Purpose of the Post: Business Support Manager Principal Business Support Manager Holds a key post of responsibility within the UTC. Reporting directly to the Principal,
More informationStratford on Avon District Council. The Human Resources Strategy
Stratford on Avon District Council The Human Resources Strategy Page 1 1 Purpose of The Human Resources (HR) Strategy The purpose of this document is to review the role and effectiveness of human resource
More informationRISK MANAGEMENT MATRIX FOR ACADEMIES. Contents. Introduction. Mission/objectives. Law and regulation. Governance and management.
RISK MANAGEMENT MATRIX FOR ACADEMIES Contents A B C D E F G H K J Introduction Mission/objectives Law and regulation Governance and management External factors Operational factors Human resources Environmental
More informationF I N A N C I A L R E G U L A T I O N S
F I N A N C I A L R E G U L A T I O N S South Downs National Park Authority March 2014 Page 0 of 17 F I N A N C I A L R E G U L A T I O N S Contents Page 1 INTRODUCTION Purpose of Financial Regulations
More informationHow To Manage A University Computer System
PC asset management policy Name of policy, procedure or regulation Purpose of policy, procedure or regulation PC asset management policy To provide a policy framework in relation to PC asset management
More informationINFORMATION SECURITY MANAGEMENT SYSTEM. Version 1c
INFORMATION SECURITY MANAGEMENT SYSTEM Version 1c Revised April 2011 CONTENTS Introduction... 5 1 Security Policy... 7 1.1 Information Security Policy... 7 1.2 Scope 2 Security Organisation... 8 2.1 Information
More informationPUBLIC REALM COMMUNITY SAFETY, ECONOMIC DEVELOPMENT AND REGENERATION OVERVIEW AND SCRUTINY COMMITTEE
PUBLIC REALM COMMUNITY SAFETY, ECONOMIC DEVELOPMENT AND REGENERATION OVERVIEW AND SCRUTINY COMMITTEE 19 FEBRUARY 2013 SHARED SERVICE FOR PARKING WITH THE LONDON BOROUGH OF BROMLEY 1 SHARED SERVICES BACKGROUND
More informationSouth West Lincolnshire NHS Clinical Commissioning Group Business Continuity Policy
South West Lincolnshire NHS Clinical Commissioning Group Business Continuity Policy Reference No: CG 01 Version: Version 1 Approval date 18 December 2013 Date ratified: 18 December 2013 Name of Author
More informationBusiness Continuity Plan
Version Control: Document Name: Version: Version 1.0 Author: Approved by: Corporate Support Manager Management Board/Executive Committee Date Approved: Review Date November 2016 Introduction The aim of
More informationOAKPARK SECURITY SYSTEMS LIMITED. Health & Safety Policy. Requests or suggestions for amendment to this procedure
OAKPARK SECURITY SYSTEMS LIMITED Requests or suggestions for amendment to this procedure should be submitted to the owner of the process PROCESS OWNER: MANAGEMENT TEAM Current version: PREVIOUS VERSION
More informationDacorum Borough Council Final Internal Audit Report
Dacorum Borough Council Final Internal Audit Report ICT Change Management Distribution list: Chris Gordon Group Manager Neil Telkman - Information, Security and Standards Officer Gary Osler ICT Service
More informationSMS0045 Construction Health and Safety Policy and Procedures
SMS0045 Construction Health and Safety Policy and Procedures March 2015 Version 8 Please note that for projects utilising a CDM Co-ordinator under the transitional arrangements of CDM 2015 (between 6 April
More informationInformation Services Strategy 2011-2013
Information Services Strategy Issue 1 1 Introduction The States of Jersey public sector is facing significant pressure for efficiencies and savings. This has created the context to take a fresh look at
More informationDefinition document for colleges of further education
Freedom of Information Act Definition document for colleges of further education For the avoidance of doubt, this document covers further education colleges in England, Wales and Northern Ireland that
More informationBUSINESS CONTINUITY PLAN 1 DRAFTED BY: INTEGRATED GOVERNANCE MANAGER 2 ACCOUNTABLE DIRECTOR: DIRECTOR OF QUALITY AND SAFETY 3 APPLIES TO: ALL STAFF
BUSINESS CONTINUITY PLAN 1 DRAFTED BY: INTEGRATED GOVERNANCE MANAGER 2 ACCOUNTABLE DIRECTOR: DIRECTOR OF QUALITY AND SAFETY 3 APPLIES TO: ALL STAFF 4 COMMITTEE & DATE APPROVED: GOVERNING BODY, 5 MARCH
More information(Audit Committee 23 September 2010)
Somerset County Council Audit Committee - 23 September 2010 (Audit Committee 23 September 2010) Paper E Item No. 9 Business Continuity and Disaster Recovery Corporate Director: Sonia Davidson Grant Lead
More informationDerbyshire Trading Standards Service Quality Manual
Derbyshire Trading Standards Service Quality Manual This Quality Manual has been developed to give a broad outline of how the Trading Standards Division s range of services comply with the requirements
More informationRecords Management & Data Quality in the Contact Centre. Internal Audit Report 2013/14
Records Management & Data Quality in the Report 2013/14 Records Management & Data Quality in the Ann Kirk & Julie Ball 19 May 2014 Contents Audit: Auditor: Records Management & Data Quality in the Ann
More informationInformation Governance Policy (incorporating IM&T Security)
(incorporating IM&T Security) ONCE PRINTED OFF, THIS IS AN UNCONTROLLED DOCUMENT. PLEASE CHECK THE INTRANET FOR THE MOST UP TO DATE COPY Target Audience: All staff employed or working on behalf of the
More informationInformation Governance Strategy. Version No 2.0
Plymouth Community Healthcare CIC Information Governance Strategy Version No 2.0 Notice to staff using a paper copy of this guidance. The policies and procedures page of PCH Intranet holds the most recent
More informationHow To Become A School Business Manager
Headteacher: Tom Sherrington MSc 8 Highbury Grove London N5 2EQ 020 7288 8900 admin@highburygrove.islington.sch.uk www.highburygrove.islington.sch.uk October 2015 Dear Applicant School Business Manager
More informationCorporate Information Security Policy
Corporate Information Security Policy. A guide to the Council s approach to safeguarding information resources. September 2015 Contents Page 1. Introduction 1 2. Information Security Framework 2 3. Objectives
More informationReview of the Management of Sickness Absence Conwy County Borough Council
Audit 2004/2005 Date: December 2005 Authors: Ros Adams and George Jones Ref: 1072A2005 Review of the Management of Sickness Absence Conwy County Borough Council Contents Summary Report Introduction 3 Background
More informationCorporate Health and Safety Policy
Corporate Health and Safety Policy November 2013 Ref: HSP/V01/13 EALING COUNCIL Table of Contents PART 1: POLICY STATEMENT... 3 PART 2: ORGANISATION... 4 2.1 THE COUNCIL:... 4 2.2 ALLOCATION OF RESPONSIBILITY...
More informationCaedmon College Whitby
Caedmon College Whitby Data Protection and Information Security Policy College Governance Status This policy was re-issued in June 2014 and was adopted by the Governing Body on 26 June 2014. It will be
More informationwww.lawsociety.org.uk/lexcel Lexcel England and Wales v6 Standard for legal practices Excellence in legal practice management and client care
www.lawsociety.org.uk/lexcel Lexcel England and Wales v6 Standard for legal practices Excellence in legal practice management and client care Lexcel England and Wales v6 Contents About Lexcel... 3 Glossary
More informationIM&T Infrastructure Security Policy. Document author Assured by Review cycle. 1. Introduction...3. 2. Policy Statement...3. 3. Purpose...
IM&T Infrastructure Security Policy Board library reference Document author Assured by Review cycle P070 Information Security and Technical Assurance Manager Finance and Planning Committee 3 Years This
More informationInformation Governance Policy
Information Governance Policy Version: 4 Bodies consulted: Caldicott Guardian, IM&T Directors Approved by: MT Date Approved: 27/10/2015 Lead Manager: Governance Manager Responsible Director: SIRO Date
More informationBUSINESS CONTINUITY STRATEGY
BUSINESS CONTINUITY STRATEGY January 2009 CONTENTS Page BACKGROUND 1 OVERVIEW 1 AIM AND OBJECTIVES 1 CORE BUSINESS OF THE COUNCIL 2 ORGANISATION STRUCTURE 2 RISK IDENTIFICATION AND MITIGATION STRATEGIES
More informationRotherham CCG Network Security Policy V2.0
Title: Rotherham CCG Network Security Policy V2.0 Reference No: Owner: Author: Andrew Clayton - Head of IT Robin Carlisle Deputy - Chief Officer D Stowe ICT Security Manager First Issued On: 17 th October
More informationPolicy for the Management of Asbestos in Council Premises (Corporate and Housing)
Policy for the Management of Asbestos in Council Premises (Corporate and Housing) Page 1 of 14 1. Policy Statement 1.1 This policy is designed to provide a clear acknowledgement of the responsibilities
More informationAylesford School. and Sixth Form College. wonder aspiration respect discipline RISK MANAGEMENT POLICY. Finance and Premises Committee
Aylesford School and Sixth Form College wonder aspiration respect discipline RISK MANAGEMENT POLICY Written: January 2015 Review Date: January 2017 Lead: Site Manager Via: Finance and Premises Committee
More informationBusiness Continuity Business Impact Analysis arrangements
Aberdeen City Council Internal Audit Report 2012/2013 for Aberdeen City Council May 2013 Business Continuity Business Impact Analysis arrangements Final Report Contents Section Page 1. Executive Summary
More informationLONDON BOROUGH OF HARROW. Overview & Scrutiny Committee
LONDON BOROUGH OF HARROW Meeting: Overview & Scrutiny Committee Date: 27 April 2004 Subject: Internal Audit Plan 2004/05 Key Decision: Responsible Chief Officer: No Executive Director, Business Connections
More informationInformation Security Policy. Information Security Policy. Working Together. May 2012. Borders College 19/10/12. Uncontrolled Copy
Working Together Information Security Policy Information Security Policy May 2012 Borders College 19/10/12 1 Working Together Information Security Policy 1. Introduction Borders College recognises that
More informationInformation Governance and Assurance Framework Version 1.0
Information Governance and Assurance Framework Version 1.0 Page 1 of 19 Document Control Title: Original Author(s): Owner: Reviewed by: Quality Assured by: Meridio Location: Approval Body: Policy and Guidance
More informationICT Business Continuity & Disaster Recovery for Local Authorities. White Paper
ICT Business Continuity & Disaster Recovery for Local Authorities White Paper Contents 1 Introduction...3 1.1 What Constitutes a Disaster?...3 1.2 Phases...3 1.3 Overall Contingency Planning...3 2 Discovery
More informationUniversity of Sunderland Business Assurance Information Security Policy
University of Sunderland Business Assurance Information Security Policy Document Classification: Public Policy Reference Central Register Policy Reference Faculty / Service IG 003 Policy Owner Assistant
More informationLexcel England and Wales v6 Standard for in-house legal departments Excellence in legal practice management and client care
www.lawsociety.org.uk/lexcel Lexcel England and Wales v6 Standard for in-house legal departments Excellence in legal practice management and client care Lexcel England and Wales v6 Contents About Lexcel...
More informationInformation Security Policy
Information Security Policy Author: Responsible Lead Executive Director: Endorsing Body: Governance or Assurance Committee Alan Ashforth Alan Lawrie ehealth Strategy Group Implementation Date: September
More informationJOB TITLE: Data Quality/IT Manager
JOB DESCRIPTION JOB TITLE: Data Quality/IT Manager RESPONSIBLE TO: PRACTICE MANAGER PARTNERS SALARY: Starting From 25000 HOURS: 35 Hours The post-holder will need to become familiar with all functions
More informationFINAL May 2005. Guideline on Security Systems for Safeguarding Customer Information
FINAL May 2005 Guideline on Security Systems for Safeguarding Customer Information Table of Contents 1 Introduction 1 1.1 Purpose of Guideline 1 2 Definitions 2 3 Internal Controls and Procedures 2 3.1
More informationBusiness Continuity Planning in IT
Introduction: Business Continuity Planning in IT The more your business relies on its IT systems, the more you need to consider how unexpected disruptions might affect your business. These disruptions
More informationUniversity of Brighton School and Departmental Information Security Policy
University of Brighton School and Departmental Information Security Policy This Policy establishes and states the minimum standards expected. These policies define The University of Brighton business objectives
More information1.0 Policy Statement / Intentions (FOIA - Open)
Force Policy & Procedure Reference Number Business Continuity Management D269 Policy Version Date 23 July 2015 Review Date 23 July 2016 Policy Ownership Portfolio Holder Links or overlaps with other policies
More informationRESOURCES MANAGEMENT FINANCE AND PURCHASING, STAFF, FACILITIES, ENVIRONMENTAL MANAGEMENT AND LEARNING AND RESEARCH INFORMATION SERVICES
RESOURCES MANAGEMENT FINANCE AND PURCHASING, STAFF, FACILITIES, ENVIRONMENTAL MANAGEMENT AND LEARNING AND RESEARCH INFORMATION SERVICES Records about: Retention period Rationale Sector Function: Financial
More informationAuditing data protection a guide to ICO data protection audits
Auditing data protection a guide to ICO data protection audits Contents Executive summary 3 1. Audit programme development 5 Audit planning and risk assessment 2. Audit approach 6 Gathering evidence Audit
More informationAberdeen City Council IT Asset Management
Aberdeen City Council IT Asset Management Internal Audit Report 2014/2015 for Aberdeen City Council January 2015 Terms or reference agreed 4 weeks prior to fieldwork Target Dates per agreed Actual Dates
More informationBOARD OF DIRECTORS PAPER COVER SHEET. Meeting date: 22 February 2006. Title: Information Security Policy
BOARD OF DIRECTORS PAPER COVER SHEET Meeting date: 22 February 2006 Agenda item:7 Title: Purpose: The Trust Board to approve the updated Summary: The Trust is required to have and update each year a policy
More informationJOB DESCRIPTION. Team Leader Fleet Engineering. Environment & Sustainable Communities / Highways. Transport Operations / Vehicle Fleet & Depot
JOB DESCRIPTION JOB TITLE: DIRECTORATE: SECTION: GRADE: Team Leader Fleet Engineering Environment & Sustainable Communities / Highways Transport Operations / Vehicle Fleet & Depot BBCU11 DATE PREPARED:
More informationWest Dunbartonshire Council. Follow-up data protection audit report
West Dunbartonshire Council Follow-up data protection audit report Auditors: Lee Taylor (Audit Team Manager) Jonathan Kay (Engagement Lead Auditor) Data controller contacts: Michael Butler (Data Protection/Information
More informationLocking Stumps Community Primary School. School Business Manager Job Description
Locking Stumps Community Primary School School Business Manager Job Description JOB DESCRIPTION Job Title: School Business and Development Manager Terms and Conditions Term Time Only Annual leave Holidays
More informationICT Strategy 2010-2013
ICT Strategy 2010-2013 If you would like to receive this publication in an alternative format (large print, tape format or other languages) please contact us on 01832 742000. East Northamptonshire Council
More informationInformation Governance Framework
Information Governance Framework March 2014 CONTENT Page 1 Introduction 1 2 Strategic Aim 2 3 Purpose, Values and Principles 2 4 Scope 3 5 Roles and Responsibilities 3 6 Review 5 Appendix 1 - Information
More informationGovernance and Audit Committee 23 November 2015
Agenda Item 7 Governance and Audit Committee 23 November 2015 Welland Internal Audit Consortium Internal Audit Plan & Performance Update 2015/16 Purpose of report: To provide Members with information on
More informationELMBRIDGE BOROUGH COUNCIL BUSINESS CONTINUITY PLAN
ELMBRIDGE BOROUGH COUNCIL BUSINESS CONTINUITY PLAN Author: Gill Marchbank Date of Original: May 2012 Date of issue: Version Number: Authorised by: 1 CONTENTS Page 1 INTRODUCTION 1.1 The need for a business
More informationINTERNAL Audit Manual DETAILED GUIDANCE ON SPECIFIC AUDIT AREAS
INTERNAL Audit Manual PART 4 DETAILED GUIDANCE ON SPECIFIC AUDIT AREAS Contents 1. INTRODUCTION 2. AUDIT OF THE BUDGET CYCLE 3. REVIEW OF HUMAN RESOURCES MANAGEMENT 4. REVIEW OF CASH COLLECTION AND BANK
More informationOperational Risk Publication Date: May 2015. 1. Operational Risk... 3
OPERATIONAL RISK Contents 1. Operational Risk... 3 1.1 Legislation... 3 1.2 Guidance... 3 1.3 Risk management process... 4 1.4 Risk register... 7 1.5 EBA Guidelines on the Security of Internet Payments...
More informationSHEFFIELD TEACHING HOSPITALS NHS FOUNDATION TRUST EXECUTIVE SUMMARY REPORT TO THE TRUST HEALTHCARE GOVERNANCE COMMITTEE
SHEFFIELD TEACHING HOSPITALS NHS FOUNDATION TRUST EXECUTIVE SUMMARY REPORT TO THE TRUST HEALTHCARE GOVERNANCE COMMITTEE I TO BE HELD ON MONDAY 26 NOVEMBER 2012 Subject: Supporting Director: Author: Status
More informationPrincipal Designer Guidance
Principal Designer Five or more employees 1 CONTENTS INTRODUCTION 3 Further reading / additional resources 3 QUESTION 1: POLICY AND ORGANISATION 4 4 4 QUESTION 2: ARRANGEMENTS/PROCEDURES FOR HEALTH AND
More informationJOB DESCRIPTION. Clinical Nurse Manager 2 (CNM2) Staff Nurses, Health Care Assistants, Administration staff, Student Nurses and all hospital staff.
Job Title: JOB DESCRIPTION Clinical Nurse Manager 2 (CNM2) Professionally accountable to: Key working relationships: Key Reporting relationship: Director of Nursing Clinical Nurse Managers, Medical Staff,
More informationCompliance Officer DIRECTORATE: Corporate Services
JOB TITLE: Compliance Officer DIRECTORATE: Corporate Services GRADE: DIVISION: Property and Asset Management 1 JOB PURPOSE Under the general direction of the Principal Commercial and Compliance Officer
More informationHow To Protect Decd Information From Harm
Policy ICT Security Please note this policy is mandatory and staff are required to adhere to the content Summary DECD is committed to ensuring its information is appropriately managed according to the
More informationBest Value toolkit: Information management
Best Value toolkit: Information management Prepared by Audit Scotland July 2010 Contents Introduction 2 The Audit of Best Value 2 The Best Value toolkits 4 Using the toolkits 4 Auditors evaluations 5 Best
More informationBUSINESS CONTINUITY MANAGEMENT FRAMEWORK
BUSINESS CONTINUITY MANAGEMENT FRAMEWORK Document Author: Civil Contingencies Service - Authorised by the CCS Joint Management Board - Version 1.0. Issued December 2012 Page 1 FRAMEWORK STATEMENT Business
More informationSUBJECT: REPLACEMENT OF CORPORATE ELECTRONIC DATA STORAGE, BACKUP AND DISASTER RECOVERY SOLUTIONS
REPORT TO CABINET TO BE HELD ON 15 SEPTEMBER 2015 Key Decision No Forward Plan Ref No 23K Corporate Priority The proposals in this report contribute to the delivery of all the Council s priorities Cabinet
More informationJOB DESCRIPTION. Tatchbury Mount base and other Southern Health Sites as required
JOB DESCRIPTION Job Title: Band: Hours: Location: Accountable to: Lead Manager for Workforce Planning & Resourcing 8a 37.5 per week Tatchbury Mount base and other Southern Health Sites as required Deputy
More informationICT Policy. Executive Summary. Date of ratification Executive Team Committee 22nd October 2013. Document Author(s) Collette McQueen
ICT Policy THCCGIT20 Version: 01 Executive Summary This document defines the Network Infrastructure and File Server Security Policy for Tower Hamlets Clinical Commissioning Group (CCG). The Network Infrastructure
More informationGUIDELINES FOR THE MANAGEMENT OF OPERATIONAL RISK FOR CREDIT UNIONS
SUPERVISORY AND REGULATORY GUIDELINES Guidelines Issued: 22 December 2015 GUIDELINES FOR THE MANAGEMENT OF OPERATIONAL RISK FOR CREDIT UNIONS 1. INTRODUCTION 1.1 The Central Bank of The Bahamas ( the Central
More informationBedfordshire Fire and Rescue Authority Corporate Services Policy and Challenge Group 16 September 2015 Item No. 11
For Publication REPORT AUTHOR(S): Bedfordshire Fire and Rescue Authority Corporate Services Policy and Challenge Group 16 September 2015 Item No. 11 ASSISTANT CHIEF OFFICER (HUMAN RESOURCES AND ORGANISATIONAL
More informationRole Profile. C248a. Grade H. Not required. Band/Band Range- (for career grades) Job Title Senior Asset Registrar Job No.
Role Profile Job Title Senior Asset Registrar Job No. (Office Use) C248a Band/Band Range- (for career grades) Grade H Directorate Corporate Support Department Finance Assets and Efficiency Division Capital
More informationHuman Resources & Facilities Services. Service Delivery Plan 2014/15. Overview of the Human Resources Service
Human Resources & Facilities Services Service Delivery Plan 2014/15 Overview of the Human Resources Service The role of the HR Service is to support the Council in achieving its corporate objectives, priorities
More informationUK SBS Physical Security Policy
UK SBS Physical Security Policy Version Date Author Owner Comments 1.0 16 June 14 Head of Risk, Information and Security Compliance (Mel Nash) Senior Information Risk Owner (Andy Layton) Ist Issue following
More informationNHS Business Services Authority Records Management Audit Framework
NHS Business Services Authority Records Management Audit Framework NHS Business Services Authority Corporate Secretariat NHSBSARM019 Issue Sheet Document Reference Document Location Title Author Issued
More informationHow To Write A Health Care Security Rule For A University
INTRODUCTION HIPAA Security Rule Safeguards Recommended Standards Developed by: USF HIPAA Security Team May 12, 2005 The Health Insurance Portability and Accountability Act (HIPAA) Security Rule, as a
More informationCloud Computing and Records Management
GPO Box 2343 Adelaide SA 5001 Tel (+61 8) 8204 8773 Fax (+61 8) 8204 8777 DX:336 srsarecordsmanagement@sa.gov.au www.archives.sa.gov.au Cloud Computing and Records Management June 2015 Version 1 Version
More informationASX SETTLEMENT OPERATING RULES Guidance Note 10
BUSINESS CONTINUITY AND DISASTER RECOVERY The purpose of this Guidance Note The main points it covers To assist participants to understand the disaster recovery and business continuity arrangements they
More informationHow To Ensure Network Security
NETWORK SECURITY POLICY Policy approved by: Assurance Committee Date: 3 December 2014 Next Review Date: December 2016 Version: 1.0 Page 1 of 12 Review and Amendment Log/Control Sheet Responsible Officer:
More informationCorporate Health and Safety Policy
Corporate Health, Safety & Wellbeing Service Corporate Health and Safety Policy Contents 1. Introduction... 2 2. Policy Statement... 2 3. Scope... 3 4. Definition of Manager... 4 5. Responsibilities...
More informationRecommendations which have been implemented have been removed from this report. The original numbering of recommendations has been retained.
Audit Committee, 9 October 2014 Internal audit Review of recommendations Executive summary and recommendations At its meeting on 29 September 2011, the Committee agreed that it should receive a paper at
More informationICT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY
ICT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY Version 1.0 Ratified By Date Ratified Author(s) Responsible Committee / Officers Issue Date Review Date Intended Audience Impact Assessed CCG Committee
More informationAn Approach to Records Management Audit
An Approach to Records Management Audit DOCUMENT CONTROL Reference Number Version 1.0 Amendments Document objectives: Guidance to help establish Records Management audits Date of Issue 7 May 2007 INTRODUCTION
More informationJ O B S P E C I F I C A T I O N
J O B S P E C I F I C A T I O N DIRECTORATE: People DIVISION/SECTION/UNIT: Adult Services (Social Services) UNIT MANAGER: Principal Officer (Resources) POST TITLE: Business Support Manager JOB FAMILY &
More informationAnnual Report of Internal Audit 2012/13
Open Decision Item 4 Audit & Governance Committee 19 th June 2013 Annual Report of Internal Audit 2012/13 SYNOPSIS To report on Internal Audit s opinion of the overall adequacy and effectiveness of the
More informationData Breach Management Policy and Procedures for Education and Training Boards
Data Breach Management Policy and Procedures for Education and Training Boards POLICY on DATA BREACHES in SCHOOLS/COLLEGES and OTHER EDUCATION and ADMINISTRATIVE CENTRES UNDER the REMIT of TIPPERARY EDUCATION
More informationJob Description. contribute to the development and successful implementation of ATM s plans.
Job Description Position: Curriculum and Operations Manager Salary Range: 34,295 to 38599 Reporting to: Director of Operations and Performance Responsible for: Programme Leader, Advance Teaching Practitioner,
More informationDURHAM COUNTY COUNCIL CORPORATE RECORDS MANAGEMENT POLICY
DURHAM COUNTY COUNCIL CORPORATE RECORDS MANAGEMENT POLICY Version 3.0 February 2015 Table of Contents 1. Purpose...3 2. Background... 4 3. Legislative Arena... 4 4. Scope...5 5. Aim and Objectives... 6
More informationAPPENDIX A TRAINING AND DEVELOPMENT STRATEGY
TRAINING AND DEVELOPMENT STRATEGY 1 CHESTER-LE-STEEET DISTRICT COUNCIL TRAINING AND DEVELOPMENT STRATEGY 1 INTRODUCTION Chester-le-Street District Council continues to change and must constantly adapt
More informationROLE KEY RESPONSIBILITIES GROSS REVENUE BUDGET FTE STAFF REPORTS
READING BOROUGH COUNCIL MANAGERS PAID MORE THAN 50K 2014 /15 ROLE KEY RESPONSIBILITIES GROSS REVENUE BUDGET FTE STAFF REPORTS Acting Housing Needs Manager Adult Social Care Solicitor Assistant Chief Accountant
More informationCOUNCIL TAX REDUCTION, DISCOUNT & EXEMPTION ANTI- FRAUD POLICY
COUNCIL TAX REDUCTION, DISCOUNT & EXEMPTION ANTI- FRAUD POLICY December 2014 1 Contents Section Page Council Tax Reduction, Discount & Exemption Anti-Fraud Policy 1 Introduction 3 2 Definition of Council
More informationHUMAN RESOURCES SERVICES SERVICE LEVEL AGREEMENT
HUMAN RESOURCES SERVICES SERVICE LEVEL AGREEMENT (Schools) 1 April 2008-31 March 2011 HUMAN RESOURCES SERVICES TO SCHOOLS 1. INTRODUCTION CONTENTS 1.1 Status of Agreement 3 1.2 Standard Conditions 3 1.3
More informationBusiness Continuity Policy
Business Continuity Policy Summary: This policy sets out the structure for ensuring that the PCT has effective Business Continuity Plans in place in order to maintain its essential business functions during
More informationLondon Borough of Merton
London Borough of Merton STRATEGIC BUSINESS CONTINUITY PLAN April 2014 Distribution List: Name Ged Curran Caroline Holland Yvette Stanley Simon Williams Chris Lee Title Chief Executive Director of Corporate
More informationPOLICY ON HEALTH AND SAFETY (GENERAL)
POLICY ON HEALTH AND SAFETY (GENERAL) General Statement It is the policy of Serenity Homecare Limited to ensure, so far as is reasonably practicable, the health, safety and welfare of its employees and
More information