Hot Topics in Third Party Management. April 5, 2018 MEMBER OF ALLINIAL GLOBAL, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS
|
|
- Kory Taylor
- 6 years ago
- Views:
Transcription
1 Hot Topics in Third Party Management April 5, 2018 MEMBER OF ALLINIAL GLOBAL, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2018 Wolf & Company, P.C.
2 Before we get started Today s presentation slides can be downloaded at The session will last about 50 minutes, and we ll then have time for Q & A. Our audience will be muted during the session. Please send your questions in using the Questions Box located on the webinar s control panel. 2
3 About Wolf & Company, P.C. Established in 1911 Offers Audit, Tax, and Risk Management services Offices located in: Boston, Massachusetts Springfield, Massachusetts Albany, NY Livingston, NJ Over 200 professionals As a leading regional firm founded in 1911, we provide our clients with specialized industry expertise and responsive service.
4 Financial Institution Expertise Over 45 Risk Management Professionals: IT Assurance Services Group Internal Audit Services Group Regulatory Compliance Services Group WolfPAC Solutions Group Provide services to over 300 financial institutions: Approximately 85 FIs with assets > $1B Approximately 40 publicly traded FIs Constant regulatory review of our deliverables Provide Risk Management Services in 27 states and 2 U.S. territories 4
5 Meet Today s Presenter Jason T. Clinton IT Assurance Senior Consultant Phone: jclinton@wolfandco.com
6 Today s Agenda Fundamental Elements of a Vendor Management Program Office of Inspector General (OIG) Review Regulatory Expectations and Trends Completeness of Vendor Risk Assessments Usage of System and Organization Controls (SOC) Reports Subcontracting Arrangements 6
7 Fundamental Elements Risk Assessment Vendor Selection and Due Diligence Contract Structuring and Review Ongoing Monitoring 7
8 Risk Assessment 1. Strategic Risk 2. Reputation Risk 3. Operational Risk 4. Transaction Risk 5. Credit Risk 6. Compliance Risk 7. Other Risk Source: FDIC FIL , Guidance For Managing Third-Party Risk None of this is new 8
9 Regulatory Guidance FDIC FIL : Guidance for Managing Third- Party Risk OCC Bulletin : Third Party Relationships FFIEC BCP Appendix J: Strengthening the Resilience of Outsourced Technology Services Cybersecurity Assessment Tool (CAT) External Dependencies Information Technology Risk-based Exam (InTREx) OIG EVAL : Technology Service Provider Contracts with FDIC-Supervised Institutions 9
10 Office of Inspector General Review OIG reviewed Technology Service Provider (TSP) contracts of FDIC-supervised institutions Scope: 48 critical vendor contracts from 19 financial institutions Results published as EVAL in February 2017 Objective: Assess how clearly contracts with TSPs address: Business Continuity Planning Incident Response Handling 10
11 Evaluation Results Contracts provide FIs with limited assurance that TSPs: Could recover and resume critical operations timely and effectively if disrupted Appropriate steps would be taken to contain, manage, and report security incidents FFIEC took numerous steps to provide FIs with BCP, Cybersecurity, and Vendor Management guidance Many contracts are dated (pre-2015) and don t integrate new guidance Risk remains FIs may attempt to transfer their inherent responsibility for BCP and cybersecurity to TSPs 11
12 Recommendations and Response The FDIC should continue to reinforce with FIs the need to: Fully assess risks associated with TSPs Ensure contracts include specific, detailed provisions to address risks and protect FIs interests Clearly define contract terms around BCP and IRP The FDIC concurred with the recommendations and proposed actions responsive to the recommendations to be completed by October
13 Takeaways for Financial Institutions During contract structuring and review consider: Requiring the TSP to establish a BCP that considers supporting required processing and restoring services to multiple clients under adverse scenarios Defining clear performance standards for restoring services Defining clear responsibilities and expectations for handling security incidents Ensuring clear terminology so the responsibilities of both parties are not subjective and open to interpretation Ensure FI management is engaged in writing and negotiating contracts to avoid contracts where TSP rights are more protected than the FIs 13
14 Risk Assessment Accuracy and Completeness Growing trend of vendor risk assessments missing contracted service providers and/or including service providers that are no longer in use Review processes and procedures to ensure necessary personnel are notified of new and/or terminated relationships Implement a process to periodically reconcile the risk assessment against an independent source (e.g. accounts payable) 14
15 Subcontracting Arrangements Growing trend of FIs not explicitly defining the responsibilities of subcontractors or performing adequate due diligence/ monitoring Define in contracts if/what services may be subcontracted and expectations for monitoring Ensure the risk assessment for service providers considers the use of subcontractors Perform due diligence/ monitoring on subcontractors to obtain a level of comfort with their control environment. 15
16 Proper Usage of SOC Reports Identify the correct SOC Report(s) to obtain from your service providers SOC 1 (SSAE 18): A report on a service provider s controls relevant to financial reporting SOC 2: A report on a service provider s controls relevant to the selected Trust Services Criteria (i.e. Security, Availability, Confidentiality, Processing Integrity, and Privacy) These reports may be issued as either a Type I or Type II. A Type I (as of date) assesses only the design of the controls. A Type II (defined time period) assess the design and operating effectiveness of controls. 16
17 Proper Usage of SOC Reports Collect the correct reports from your service provider Ensure the collected report(s) cover all contracted services or products Ensure the service provider does not just forward the report(s) of their subcontractor(s) Review the reports for content and completeness SOC Reports are not a one-stop shop for fulfilling due diligence and monitoring requirements Use a checklist/ form to guide your review of the reports 17
18 Proper Usage of SOC Reports What should be done if you obtain the wrong reports or the reports do not include all relevant controls? Contact the service provider and assess if different reports may be available that are more relevant Request additional materials to assess the service provider s control environment (e.g. policies and procedures, internal audit reports, regulatory examinations, etc.) Send the service provider a questionnaire or setup a meeting with their management to discuss the control environment Add the vendor to an internal watch list and report the issue to a designated committee or management to determine an appropriate level of action (e.g. additional monitoring, updating the contractual requirements, or termination of the relationship) 18
19 Questions! Jason T. Clinton IT Assurance Senior Consultant Phone:
Navigating the Intersection of Vendor Management and Business Continuity
Navigating the Intersection of Vendor Management and Business Continuity MICHAEL BERMAN, J.D. Table of Contents Why are we here? Business Continuity and Vendor Management Primary Intersection BCP Each
More informationFMS New York/ New Jersey Chapter Meeting January 14, The Impact of Models. by: Scott Baranowski
FMS New York/ New Jersey Chapter Meeting January 14, 2015 The Impact of Models by: Scott Baranowski MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2010 Wolf & Company, P.C. About
More informationTHIRD-PARTY RISK MANAGEMENT
THIRD-PARTY RISK MANAGEMENT Beyond a Regulatory Requirement April 28, 2017 Ken Glascock, CPA, CAMS, CIA, CFSA, CRCM Director kglascock@bkd.com AGENDA Let s Break It Down What Is Third-Party Risk Management?
More informationVENDOR RISK MANAGEMENT FCC SERVICES
VENDOR RISK MANAGEMENT FCC SERVICES Introductions Chris Tait, CISA, CFSA, CCSK, CCSFP Principal, Financial Services Baker Tilly Russ Sommers, CPA, CISA Senior Manager, Financial Services Baker Tilly Agenda
More informationUS Business Continuity Safeguarding Your Business from a Disaster
US Business Continuity Safeguarding Your Business from a Disaster Juanita Hardin BMO Harris Bank Head TPS Risk and Compliance William Simmons BMO Harris Bank Vice President Business Continuity Management
More informationThird Party Risk Management ( TPRM ) Transformation
Third Party Risk Management ( TPRM ) Transformation September 20, 2017 Internal use only An introduction to TPRM What is a Third Party relationship? A Third Party relationship is any business arrangement
More informationYale University Business Continuity Planning Quick Start Guide
Yale University Business Continuity Planning Quick Start Guide Introduction A Business Continuity Plan (BCP) (previously referred to as Continuity of Operations Plan or COOP) is a collection of resources,
More informationRDC Audit & Compliance: Lessons from the Battlefield
RDC Audit & Compliance: Lessons from the Battlefield Kevin Olsen, AAP, NCP Payments Space Advisors September / October 2, 2014 Be sure to tweet about the #RDCSummit and mention @RDCTweet Disclaimer This
More informationNTGA Compliance & Operational Manager Due Diligence Process
NORTHERN TRUST 2010 PROGRAM SOLUTIONS CONFERENCE Investment Solutions in an Uncertain World: WHAT S NEXT? NTGA Compliance & Operational Manager Due Diligence Process Allison K. Fraser VP & Sr. Compliance
More informationBusiness Continuity Plan (BCP)
Business Continuity Plan (BCP) Emergency Contact Persons Our firm's emergency contact persons are: Michael Bremer Primary (973) 285-3686, mbremer@sfr1.com, FAX (973) 285-3670 Secondary (570) 575-3425 mbremer@sfr1.com,
More informationThe top five benefits of outsourcing B2B payments processing
fis integrated payables leave the check behind The top five benefits of outsourcing B2B payments processing Migrating away from checks to electronic payments can help companies reduce costs. However, many
More informationAudit Report. Audit of Contracting and Procurement Activities
Audit Report August 2012 Recommended for Approval to the Deputy Minister by the Departmental Audit Committee on October 12, 2012 Approved by the Deputy Minister on October 18, 2012 Table of Contents Table
More informationThe past, present and future of service organization control reporting
The past, present and future of service organization control reporting Key takeaways from EY s Annual SOCR Client Conference March 2016 Study the past if you would define the future. Confucius b 1 Conference
More informationRecommended Practices for Subcontractor Management
Recommended Practices for Subcontractor Management Athens PM Conference June 18, 2012 Christos Vassilicos Agenda Introduction & Context A Subcontractor Management Case Study Recommended practices across
More informationSharing experiences on audit quality. A selection of ideas and initiatives intended to assist the promotion of consistent audit quality in Australia
Sharing experiences on audit quality A selection of ideas and initiatives intended to assist the promotion of consistent audit quality in Australia About this paper This paper was prepared by staff at
More informationBCP Methodology Benefits realisation
www.pwc.com.cy BCP Methodology Benefits realisation Risk Assurance Consulting (RAC) Risk Assurance Consulting (RAC) helps management to make well informed decisions. The insight and independent assurance
More informationBusiness Continuity vs. Operational Risk Management vs. Business Resiliency. Karen Dye Oakley, CBCP, MBCI
Business Continuity vs. Operational Risk Management vs. Business Resiliency Karen Dye Oakley, CBCP, MBCI www.karendyeconsulting.com Background Most recently with Sun Microsystems, Inc. Director, Global
More informationFGFOA 2017 Focus on the Future
IT Modernization: Bringing Government from Obsolete to Cutting Edge FGFOA 2017 Focus on the Future Christine Horrocks, CPA/CFF, CGMA Brent Pruim, CPA Topics Covered State of the industry with respect to
More informationOFFICE OF INSPECTOR GENERAL PALM BEACH COUNTY AUDIT REPORT: 2012-A-0004 CHILDREN S SERVICES COUNCIL REPORT ON EXTERNAL QUALITY REVIEW
PALM BEACH COUNTY AUDIT REPORT: 2012-A-0004 CHILDREN S SERVICES COUNCIL REPORT ON EXTERNAL QUALITY REVIEW Sheryl G. Steckler Inspector General Enhancing Public Trust in Government SUMMARY RESULTS AT A
More informationDovico Timesheet Hosted - May 2014 BEST PRACTICES
Hosted - May 2014 Audience and Context This document is intended to help clients plan the configuration and use of Dovico Timesheet. It is to be used as a guide since the diversity of circumstances and
More informationVendor Risk Management Scoring PROCESSUNITY WEBINAR
Vendor Risk Management Scoring PROCESSUNITY WEBINAR Today s Presenters Gary Phipps Director of Risk Solutions Ed Thomas Vice President of Marketing 2 ProcessUnity, Inc. All Rights Reserved. About ProcessUnity
More informationISO Business Continuity Management. Your implementation guide
ISO 22301 Business Continuity Management Your implementation guide Build a robust and resilient organization with ISO 22301 It s never been more important to protect your business from the unexpected.
More informationCompliance Program Effectiveness Guide
Compliance Program Effectiveness Guide June 2017 This Guide is a comparison of: Compliance Program Elements New York State, Social Services Law 363-D Office of Inspector General (OIG) Compliance Program
More informationIBM Resilient Incident Response Platform On Cloud
IBM Terms of Use SaaS Specific Offering Terms IBM Resilient Incident Response Platform On Cloud The Terms of Use ( ToU ) is composed of this IBM Terms of Use - SaaS Specific Offering Terms ( SaaS Specific
More informationWhen Recognition Matters WHITEPAPER OCTAVE RISK ASSESSMENT WITH OCTAVE.
When Recognition Matters WHITEPAPER OCTAVE RISK ASSESSMENT WITH OCTAVE www.pecb.com CONTENT 3 4 4 5 5 6 6 6 7 8 8 Introduction About OCTAVE History OCTAVE ALLEGRO RoadMap Steps How to use OCTAVE? Preparing
More informationSession 7: Corporate Governance
Session 7: Corporate Governance New York Bankers Association-Community Bank Auditors Group 2016 Internal Audit Training-June 6-8, 2016 MEMBER OF ALLINIAL GLOBAL, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS
More informationRFQ ATTACHMENT V: RESPONSE TEMPLATE
Instructions are provided in blue and may be deleted. Please complete your response in the template provided, and indicate clearly where separate documents are provided. Executive Summary 1. Applicant
More informationProtecting Information Assets - Week 9 - Business Continuity and Disaster Recovery Planning. MIS 5206 Protecting Information Assets
Protecting Information Assets - Week 9 - Business Continuity and Disaster Recovery Planning MIS5206 Week 9 Case study discussion Business Continuity Planning (BCP) and Disaster Recovery (DR) Planning Test
More informationGood Corporate Governance (GCG) Being a good corporate citizen is good risk management
Good Corporate Governance (GCG) Being a good corporate citizen is good risk management Margaret Jackson Chairman Qantas Airlines, March 2004 Being a good corporate citizen is good risk management Margaret
More informationProposed Attestation Requirements for FR Y-14A/Q/M reports. Overview and Implications for Banking Institutions
Proposed Attestation Requirements for FR Y-14A/Q/M reports Overview and Implications for Banking Institutions O Background n September 16, 2015, the Board of Governors of the Federal Reserve System ( Federal
More informationSafety Perception / Cultural Surveys
Safety Perception / Cultural Surveys believes in incorporating safety, health, environmental and system management principles that address total integration, thus ensuring continuous improvement, equal
More informationAn introduction to business continuity planning
An introduction to business continuity planning What is business continuity, and is it relevant to me? Business continuity planning is about identifying the critical functions and services your business
More informationSession 4C: Model Governance: What Could Possibly Go Wrong? (Part I) Moderator: Dwayne Allen Husbands, FSA, MAAA
Session 4C: Model Governance: What Could Possibly Go Wrong? (Part I) Moderator: Dwayne Allen Husbands, FSA, MAAA Presenters: James Russell Collingwood, ASA, MAAA David Paul, FCAS, MAAA Chad R. Runchey,
More informationBusiness Continuity Planning and Disaster Recovery Planning
4 Business Continuity Planning and Disaster Recovery Planning Learning Objectives To understand the concept of Business Continuity Management; To understand the key phases and components of a Business
More informationCitizens Property Insurance Corporation Business Continuity Framework
Citizens Property Insurance Corporation Framework Dated September 2015 Approvals: Risk Committee: September 17, 2015 (via email) Adopted by the Audit Committee: Page 1 of 12 Table of Contents 1 INTRODUCTION...
More informationRisk Advisory Services Developing your organisation s governance for competitive advantage
Advisory Services Developing your organisation s governance for competitive advantage The Deloitte Advisory Platform of Services can help you to govern your strategic plan to guide your operations measure
More informationABS GUIDELINES ON CONTROL OBJECTIVES & PROCEDURES FOR OUTSOURCED SERVICE PROVIDERS. FREQUENTLY ASKED QUESTIONS 15 June 2017.
ABS GUIDELINES ON CONTROL OBJECTIVES & PROCEDURES FOR OUTSOURCED SERVICE PROVIDERS FREQUENTLY ASKED QUESTIONS 15 June 2017 Contents 1. Objective and Benefits of the ABS Guidelines Page 2 2. Scope and Coverage
More informationMake money, save money and manage risk
Make money, save money and manage risk The benefits of well-designed environment, health, safety and sustainability programs EHS and sustainability The opportunities and risks associated with environment,
More informationAudit s Role in Risk Governance
Audit s Role in Risk Governance Presentation to: Auditors Forum Spokane, WA October 12-13, 2016 Jeremy Taylor, Co-CEO AuditOne, LLC Risk governance Takes in an expanding array of functions and responsibilities.
More informationHR OUT-TASKING: IS IT RIGHT FOR YOUR ORGANIZATION?
Giving organizations the ability to get professional assistance with particular human resource functions HR OUT-TASKING: IS IT RIGHT FOR YOUR ORGANIZATION? TABLE OF CONTENTS What is out-tasking?... 4 Profile
More informationSPECIFICATION NO. TxDOT * REVISED: AUGUST 2017 CRIMINAL BACKGROUND CHECKS
SPECIFICATION NO. TxDOT 961-30-16 * REVISED: AUGUST 2017 CRIMINAL BACKGROUND CHECKS PUBLICATION This specification is a product of the Texas Department of Transportation (TxDOT). This specification may
More informationHow Your Business Survival Depends On Disaster Recovery.
How Your Business Survival Depends On Disaster Recovery www.itgct.com 1 Business continuity and disaster recovery, known as BCDR or BC/DR, are essential for ensuring the survival of your business in the
More informationPCI Data Breach Preparedness How To Prevent Your Organization From Becoming the Next Data Breach Headline
PCI Data Breach Preparedness How To Prevent Your Organization From Becoming the Next Data Breach Headline Presented by the Bryan Cave Payments Team and Special Guest Speaker Andi Baritchi Agenda Introduction
More informationMODULE I: MEDICARE & MEDICAID GENERAL COMPLIANCE TRAINING
MODULE I: MEDICARE & MEDICAID GENERAL COMPLIANCE TRAINING 2 0 1 4 A Message From Our CEO and Compliance Officer At PacificSource, we pride ourselves on maintaining a culture of compliance and high ethical
More informationEcommerce & Accounting. Scott We Speak Ecommerce
Ecommerce & Accounting Scott Scharf @catchingclouds We Speak Ecommerce Agenda Ecommerce Businesses Ecommerce Overview Ecommerce Accounting Ecommerce Technology Ecommerce Businesses Lots of variety Ecommerce
More informationNETWORKING EVENTS. The SIG Webinar will begin shortly. Once the webinar begins, the sound will come from your computer speakers.
The SIG Webinar will begin shortly. Once the webinar begins, the sound will come from your computer speakers. In the meantime, please take a look at the upcoming SIG networking events listed on the right
More informationPOLICY MANUAL FOR ISO 9001:2008. Document: PM-9001:2008 Date: April 7, Uncontrolled Copy
POLICY MANUAL FOR ISO 9001:2008 Document: PM-9001:2008 Date: April 7, 2015 REVIEWED BY: Tim Powers DATE: 4-7-2015 APPROVED BY: C._Bickford Uncontrolled Copy DATE: 4-7-2015 1.0 GENERAL ISS: 1 REV: E Page:
More informationThe Sector Skills Council for the Financial Services Industry. National Occupational Standards. Risk Management for the Financial Sector
The Sector Skills Council for the Financial Services Industry National Occupational Standards Risk Management for the Financial Sector Final version approved April 2009 IMPORTANT NOTES These National Occupational
More informationLexis PSL Commercial. Transition in outsourcing
Transition in outsourcing 1 Please note that while this Practice Note is a comprehensive document, it does refer to some supplemental resources which are only available with a paid subscription to LexisPSL.
More informationIT Framework Memorandum. For. Supervised Institutions
CENTRALE BANK VAN CURAÇAO EN SINT MAARTEN (Central Bank) IT Framework Memorandum For Supervised Institutions WILLEMSTAD, Updated version April 2011 IT Framework Memorandum for Supervised Institutions 1.
More informationMadison Consulting Group. An Introduction to Our Compliance and Regulatory Consulting Services
An Introduction to Our Compliance and Regulatory Consulting Services January 2017 Who We Are Experience Financial Services Specialists Services Compliance and Regulatory Consulting Business and Operations
More informationCorporate Governance Management tool. Executing On Corporate Governance
Corporate Governance Management tool Executing On Corporate Governance Corporate Governance continues to be rated HIGH on the Regulatory priority for safety and soundness 2 Corporate Governance Guidance...
More informationUnited Way of the Virginia Peninsula
Revised 10-12-16 United Way of the Virginia Peninsula 11820 Fountain Way, Suite 206 Newport News, VA 23606 How to Apply: Please send resume and cover letter to info@uwvp.org Job Title Reporting To: Department:
More informationThomson Reuters: Anti-Money Laundering Survey Insights
Thomson Reuters: Anti-Money Laundering Survey Insights 2 Introduction With rising regulatory pressure, increasing cost of compliance and disruptive technologies entering Know Your Customer (KYC) and Anti-Money
More informationbulletin By-laws and Regulations By-law 17.19, Business Continuity Planning
bulletin Contact: For distribution to relevant parties within your firm Maysar Al-Samadi Vice President, Professional Standards BULLETIN # 3442 (416) 943-6902 July 22, 2005 By-laws and Regulations By-law
More informationBusiness Continuity & Disaster Recovery
Business Continuity & Disaster Recovery Richard Long, Senior Advisory Consultant MHA Consulting Presented at CopperPoint SafetyWorks Aug & Sep, 2017 2017 MHA CONSULTING. ALL RIGHTS RESERVED. COMPANY BACKGROUND
More informationCLERK OF THE CIRCUIT COURT
Collier County Clerk of the Circuit Court Internal Audit Department Audit Report 2003 8 Water & Sewer Revenue Audit Collier County CLERK OF THE CIRCUIT COURT Collier County Clerk of the Circuit Court
More informationOFFICE OF INSPECTOR GENERAL CITY OF JACKSONVILLE AUDIT REPORT NO AR-0005
OFFICE OF INSPECTOR GENERAL CITY OF JACKSONVILLE AUDIT REPORT NO. 2016-AR-0005 Steven E. Rohan Interim Inspector General ISSUE DATE: DECEMBER 21, 2016 Enhancing Public Trust in Government AUDIT OF CELLPHONE
More informationInternal Controls: Need Them, Have Them, Love Them
Internal Controls: Need Them, Have Them, Love Them Tiffany R. Winters, Esquire twinters@bruman.com Brustein & Manasevit Fall Forum 2010 Why Do We Have Internal Controls? The Federal Managers Financial
More informationEvaluating Software Development Firms OUTSOURCING CHECKLIST
Evaluating Software Development Firms OUTSOURCING CHECKLIST Copyright Arcanys 2010 2017 INTRODUCTION Hiring an outsourced software development firm is a huge undertaking. If done properly, it can improve
More informationPRACTICE DEVELOPMENT STRATEGIES
PRACTICE DEVELOPMENT STRATEGIES CA Jiger Saiya 12 December 2014 Page 1 AGENDA CHANGING SCENARIO GENERALISATION VS SPECIALISATION INTERNATIONAL AFFILIATION PRACTICE MANAGEMENT IN CHANGING TIMES Page 2 CHANGING
More informationThe State of Banking Information Security Survey Copyright 2008 Information Security Media Group, Corp. Executive Overview
The State of Banking Information Security Survey 2008 Copyright 2008 Information Security Media Group, Corp. The State of Banking Information Security Survey, its results and the entire contents of this
More informationPrint and Mail Discovery Session for Profile, Systematics and IBS Core Customer. Mark Wilson and Brett Cameron
Print and Mail Discovery Session for Profile, Systematics and IBS Core Customer Mark Wilson and Brett Cameron Market Forces First-class mail volume has dropped from 97.7 billion pieces in 2006 to 62.4
More informationGet ready for robots: why planning makes the difference between success and disappointment
Get ready for robots: why planning makes the difference between success and disappointment Contents 2 4 6 Delivering Robotic Process Automation Top 10 common issues in failed RPA projects - Program issues
More informationAgenda. Procurement Services Contracts and Grants FY 14 Customer Satisfaction Survey Travel Program PCard
Agenda Procurement Services Contracts and Grants FY 14 Customer Satisfaction Survey Travel Program PCard 2 Procurement Services Contracts and Grants Value Proposition Strategic Sourcing is one of the fastest
More informationDesigning and Implementing The CMDB
Designing and Implementing The CMDB David Cuthbertson Square Mile Systems Enabling Best Practice in IT Infrastructure Management! david.cuthbertson@squaremilesystems.com www.squaremilesystems.com Tel +44
More informationISO Your implementation guide
ISO 55001 Your implementation guide Optimize the value from your assets with ISO 55001 Don t let the management of costly and complex assets become a burden to your organization.. ISO 55001 can help you
More informationSee your auditor clearly. Transparency report: How we perform quality audit engagements
See your auditor clearly. Transparency report: How we perform quality audit engagements February 2014 Table of contents 1) A message from the CEO and Managing Partner Assurance 2 2) Quality control policies
More informationProcess Improvement & Risk Management for ITES / KPO / BPO Industry. Riskpro, India
Process Improvement & Risk Management for ITES / KPO / BPO Industry Riskpro, India 1 Who is Riskpro Why us? ABOUT US Riskpro is an organisation of member firms around India devoted to client service excellence.
More informationGuidelines for Information Asset Management: Roles and Responsibilities
Guidelines for Information Asset Management: Roles and Responsibilities Document Version: 1.0 Document Classification: Public Published Date: April 2017 P a g e 1 Contents 1. Overview:... 3 2. Audience...
More informationGUIDELINES. Corporate Compliance. Kenneth D. Gibbs President & Chief Executive. Martin A. Cammer Senior Vice President & Corporate Compliance Officer
GUIDELINES Corporate Compliance Kenneth D. Gibbs President & Chief Executive Martin A. Cammer Senior Vice President & Corporate Compliance Officer Joyce Leahy Executive Vice President for Legal Affairs
More informationSUITABLE FOR FNSBKG401. Financial Services Training
Financial Services Training Unit of Competency FNSBKG401A FNSBKG401ADevelop and implement policies and procedures relevant to bookkeeping activities Unit Descriptor This unit describes the performance
More informationDisaster Preparedness & Your Supply Chain
Disaster Preparedness & Your Supply Chain Scott Teel, Agility Recovery Today s session will be recorded. Links to the archived recording will be emailed to all registrants automatically tomorrow. For copies
More informationTriple C Housing, Inc. Compliance Plan
Triple C Housing, Inc. Compliance Plan Adopted by Board of Directors on draft November 13, 2014 Overview Triple C Housing, Inc. is committed to its consumers, employees, contractual providers, vendors,
More informationEmerging Technology and Security Update
Emerging Technology and Security Update February 13, 2015 Jordan Reed Managing Director Agenda 2015 Internal Audit Capabilities and Needs Survey 2014 IT Priorities Survey Results 2014 IT Security and Privacy
More informationRisk-Focused Examinations
Risk-Focused Examinations Session 704 IASA 86 TH ANNUAL EDUCATIONAL CONFERENCE & BUSINESS SHOW Understanding the Examination Process In order to be able to maximize examination efficiency and have examiners
More informationGrow Your Practice With Bill.com for QuickBooks Online
QuickBooks Accounting Software Training Grow Your Practice With Bill.com for QuickBooks Online Presented by: Bonnie Nagayama, CPA 925-247-0100 x 106 Bonnie@AccountingSoftwareSecrets.com Using GoToWebinar
More informationEY Center for Board Matters. Leading practices for audit committees
EY Center for Board Matters for audit committees As an audit committee member, your role is increasingly complex and demanding. Regulators, standard-setters and investors are pressing for more transparency
More informationPRACTICAL EXPERIENCE CERTIFICATE FOR INTERNATIONALLY TRAINED CANDIDATES
PRACTICAL EXPERIENCE CERTIFICATE FOR INTERNATIONALLY TRAINED CANDIDATES Please read the following information prior to completing the experience certification form as an applicant applying for admission
More informationGUIDANCE NOTE FOR DEPOSIT TAKERS (Class 1(1) and Class 1(2))
GUIDANCE NOTE FOR DEPOSIT TAKERS (Class 1(1) and Class 1(2)) Operational Risk Management MARCH 2017 STATUS OF GUIDANCE The Isle of Man Financial Services Authority ( the Authority ) issues guidance for
More informationEnhancing Audit Committee Excellences through Internal Audit. 21 November 2017
Enhancing Audit Committee Excellences through Internal Audit 21 November 2017 Sharpen and Strengthen Excellences of Audit Committee Recent Trends and Emerging Challenges Global and Emerging Trends Roles
More information2017 North American Pulse of Internal Audit. Public Sector Focus. Courageous Leadership: Instilling Confidence from Within
2017 North American Pulse of Internal Audit Public Sector Focus Courageous Leadership: Instilling Confidence from Within Agenda Pulse Overview Topics Communications Not Traditionally Subject to Assurance
More informationSOLUTION BRIEF EU GENERAL DATA PROTECTION REGULATION COMPLIANCE WITH RSA ARCHER
EU GENERAL DATA PROTECTION REGULATION COMPLIANCE WITH RSA ARCHER ARRIVAL OF GDPR IN 2018 The European Union (EU) General Data Protection Regulation (GDPR), which takes effect in 2018, will bring changes
More informationA Guide to Professional Standards
A Guide to Professional Standards Jones Lang LaSalle Incorporated LaSalle Investment Management Table of Contents Introduction; Purpose of this Guide... 3 Resources... 4 Specific Actions to Promote Professional
More information2011 CFS Salary Guide
2011 CFS Salary Guide Creative Financial Staffing www.cfstaffing.com Welcome to the 2011 CFS Salary Guide The 2011 CFS Salary Guide consists of the following sections: National Salary Data Local Market
More informationRequest for Proposal For: 2018 American Bar Association Temporary Services
Table of Contents Bid Timetable [2] 1.0 General Bid Information [3] 2.0 Proposal Requirements [5] 3.0 Criteria for Selection [7] 4.0 Specifications and Work Statement [7] Appendix A: Bidder Response Sheet
More informationBusiness Continuity Management for Singapore s Logistics Sector. By Singapore Business Federation and Singapore Logistics Association
Business Continuity Management for Singapore s Logistics Sector By Singapore Business Federation and Singapore Logistics Association Are You Ready? In today s highly connected business landscape, disruptions
More informationPresent and functioning: Fine-tuning your ICFR using the COSO update
Present and functioning: Fine-tuning your ICFR using the COSO update November 2014 With the COSO s 1992 Control Framework being superseded by the 2013 updated edition on December 15, 2014, now is the time
More informationMeasured through results Your accounts are just a click away. Bookkeeping Services. For small and medium size customers via the web
Click Accounts Measured through results Your accounts are just a click away Bookkeeping Services For small and medium size customers via the web Better Easier Cheaper Faster We can save you more than 50%
More informationLaunch of the SM&CR and the interaction with MiFID II
Launch of the SM&CR and the interaction with MiFID II 29 June 2017 www.moorestephens.co.uk PRECISE. PROVEN. PERFORMANCE. Agenda 1. Introduction - Kelly Sheppard, Partner 2. Overview of the SM&CR - Teresa
More informationBusiness Continuity Management An Auditor s Perspective July 25, 2017
NASPL 2017 Professional Development Seminar Nashville, TN Business Continuity Management An Auditor s Perspective July 25, 2017 Presented by Mark Caiazzo, Principal Agenda Business Continuity Process BCM
More informationQuickstart Guide Online Payroll
Quickstart Guide Online Payroll It s easy to get started with Online Payroll. Just follow these simple steps. First, sign on to Online Cash Manager.* Go to suntrust.com and click on Business Banking. You
More informationEnterprise Content Management and Business Process Management
Enterprise Content Management and Business Process Management You Don t Have to Own IT to Control IT SM The changing business needs for Enterprise Content Management (ECM) and Business Process Management
More informationGDPR and Canadian organizations: Addressing key challenges GDPR and Canadian organizations: Addressing key challenges
GDPR and Canadian organizations: Addressing key challenges GDPR and Canadian organizations: Addressing key challenges Cyber Risk 1 GDPR and Canadian organizations: Addressing key challenges The regulation
More informationSupply Chain Management within Business Continuity
Supply Chain Management within Business Continuity Al Berman Executive Director DRI International DRI International Who Are We? A Non-Profit Organization Committed to: Promoting a base of common knowledge
More informationRequirements Analysis and Design Definition. Chapter Study Group Learning Materials
Requirements Analysis and Design Definition Chapter Study Group Learning Materials 2015, International Institute of Business Analysis (IIBA ). Permission is granted to IIBA Chapters to use and modify this
More informationRole of Operational Risk in the Product Lifecycle Presented By: Chris Nestore, SVP Head of Operational Risk Management, TD Bank
Role of Operational Risk in the Product Lifecycle Presented By: Chris Nestore, SVP Head of Operational Risk Management, TD Bank Product Governance Overview Regulatory agencies have increased interest and
More informationApplying Integrated Assurance Management Scenarios for Governance Capability Assessment
Applying Integrated Assurance Management Scenarios for Governance Capability Assessment János Ivanyos Trusted Business Partners Ltd, Budapest, Hungary, ivanyos@trusted.hu Abstract. The well established
More informationQUALITY MANAGEMENT SYSTEM POLICIES AND PROCEDURES
Your Company Name QUALITY MANAGEMENT SYSTEM POLICIES AND PROCEDURES Origination Date: XXXX Document Identifier: Date: Document Revision: QMS-00 QMS Policies and Procedures Latest Revision Date Abstract:
More informationCFPB Readiness Series: Consumer Complaint Resolution and Tracking
CFPB Readiness Series: Consumer Complaint Resolution and Tracking Who is KirkpatrickPrice? KirkpatrickPrice is a licensed CPA firm, providing assurance services to over 300 clients in more than 40 states,
More information