I. PROJECT BACKGROUND... 3 A. Background... 3 B. Objective of This Project... 3 C. Scope... 3 D. Approach... 3 II. EXECUTIVE SUMMARY...
|
|
- Arline Little
- 6 years ago
- Views:
Transcription
1 ZOCCAM Infrmatin Systems General Cntrls and Security Review April 1, 2016
2 I. PROJECT BACKGROUND... 3 A. Backgrund... 3 B. Objective f This Prject... 3 C. Scpe... 3 D. Apprach... 3 II. EXECUTIVE SUMMARY... 4 III. ZOCCAM BACKGROUND... 5 A. Prduct Platfrm Descriptin... 5 B. Operatins Platfrm Descriptin... 6 IV. CONTROL DESCRIPTIONS... 8 V. RESULTS... 10
3 I. PROJECT BACKGROUND A. BACKGROUND Security f technlgy assets is an imprtant pririty within the financial industry. As threats t data and systems have evlved, s have the requirements fr safeguarding client and rganizatin infrmatin. The prcesses and peple that supprt the security f technlgy are the key cmpnents in prtecting these valuable business assets. Likewise, it is imprtant t measure the security f technlgy assets t understand the ability t defend against threats. B. OBJECTIVE OF THIS PROJECT The primary bjective was t perfrm the infrmatin systems (IS) general cntrls and security review f ZOOCAM s internally managed and third-party managed applicatins. The management f ZOCCAM is respnsible fr establishing and maintaining internal cntrls. The bjective f this review is t prvide management an assessment n the design f their internal cntrls. In establishing cntrls related t IS, estimates and judgments by management are required t assess the expected benefits and related csts f cntrls. CONFIDENTIAL PRELIMINARY DRAFT Subject t Change Because f inherent limitatins in any cntrls, errrs r fraud may ccur and nt be detected. Als, prjectin f any evaluatin f the cntrls t future perids is subject t the risk that the cntrls may becme inadequate because f changes in the cntrl envirnment, r that the degree f cmpliance with the cntrls may deterirate. Duplicatin Prhibited C. SCOPE The IS general cntrls and security review included reviewing requested dcumentatin and interviewing ZOOCAM persnnel t assess IS general cntrls and security related t the ZOOCAM envirnment. The applicatins cnsidered in the scpe f the review included the fllwing: Managed by ZOCCAM Active Directry ZOCCAM Applicatin Third-Party Managed Jack Henry PrfitStars Micrsft Azure D. APPROACH T accmplish the bjective f this engagement, ZOCCAM cntrls were assessed t determine design apprpriateness and 3 rd party SOC reprts were reviewed t determine if thse reprts were qualified in nature, r cntained any significant cntrl deficiencies which culd impact ZOCCAM s custmers r clients.
4 II. EXECUTIVE SUMMARY Our IS general cntrls and security review was designed t answer the fllwing questins fr ZOCCAM: What is the assessment f ZOCCAM IS general cntrls? Based n a review f the results f ur activities, I believe verall, yur Infrmatin Security Prgram and IS general cntrls are satisfactry as f the date f the review. A satisfactry designatin indicates that while there may be cntrl imprvements identified, ZOOCAM appears t have taken apprpriate actin t ensure IS general cntrls are designed apprpriately. The prjectin f any evaluatin f these cntrls t future perids is subject t the risk that the cntrls may becme inadequate because f changes in the cntrl envirnment r that the degree f cmpliance with the cntrls may deterirate. N review f cntrls r security can ever prvide ttal assurance r 100 percent prtectin against pssible cntrl failures r security intrusins n yur systems. The ptential effectiveness f specific cntrls and security measures is subject t inherent limitatins and, accrdingly, errrs r fraud may ccur and nt be detected. Furthermre, infrmatin netwrks, applicatins and cntrl envirnments are extremely dynamic in nature and ur examinatin f yur cntrl and security methds and prcedures are cnducted and dcumented as f the fllwing specific perid in time: Assessment Service Start Date End Date IS General Cntrls and Security Review 03/28/ /01/2016 As a result, the prjectin f any cnclusins, based n ur examinatin, t future perids is subject t the risk that (1) changes are made t the systems r cntrls; (2) changes are made in prcessing requirements; (3) changes are required because f the passage f time; r (4) new security explits are discvered that may alter the validity f such cnclusins. Therefre, I take n respnsibility fr any lack f specific cntrls, cntrl failures, breach f security, r ther errrs r fraud related t any part f yur business envirnment. Any subsequent cntrl r security issues that may arise within thse areas examined r any cntrl r security issues that are present at the time f this examinatin, but that are utside the scpe f the examinatin, are slely the respnsibility f ZOCCAM.
5 III. ZOCCAM BACKGROUND A. PRODUCT PLATFORM DESCRIPTION Zccam s payment services platfrm cnsist f fur majr cmpnents laid ut in a three-tier architecture: (1) the mbile applicatin, (2) the web applicatin, (3) the web services, and (4) the database. 1. Mbile Applicatin (tier 1) The mbile applicatin runs n the end-users mbile device. We first identify the end user thrugh realtr license number f invitatin cde frm anther user and a device identificatin cde sent t the mbile number they prvide. The user creates a PIN fr subsequent lgin t the applicatin. User registratins are manually reviewed and accunts are disabled when the user requests terminatin f service. As its primary functin, the mbile applicatin captures real estate cntract metadata and images f the check t be depsited as part f the real estate transactin and passes this infrmatin securely t the ZOCCAM web services, but never stres this infrmatin n the mbile device. CONFIDENTIAL PRELIMINARY DRAFT As payment fr the transactin, the user prvides a credit card number and expiratin date which the app passes t ZOCCAM web services fr authenticatin and prcessing. Subject t Change Duplicatin Prhibited N persnal identifying infrmatin, payment infrmatin, r financial transactin infrmatin is ever stred n the device. 2. Web Applicatin (tier 1) Fr sme functins, users access the ZOCCAM applicatin website. All access t the website is secured with 2048 bit high-encryptin SSL. N user name/passwrd is required fr access t static prduct infrmatin. One-time-use cdes are issued thrugh ntificatins fr reference t transactin infrmatin and access t the site functins is nly allwed with these cde. The applicatin website is the user-facing tier f the applicatin besides the mbile applicatin. It is hsted n Micrsft Azure Platfrm-as-a-Service (PaaS) where Micrsft maintains the physical security f the servers, the currency and digital security f the platfrm, and Internet prtcl security (IPSec) f the applicatin, platfrm, and servers. N applicatin r user infrmatin is stred in the web applicatin. All infrmatin is maintained and prcessed by the secnd tier, the secure Web Services. 3. Web Services (tier 2) The mbile and web applicatins leverage the secnd tier, Web Services, t manage all business lgic prcessing and persistent data access. This cmpnent prvides an intermediary t access infrmatin and prvide any cre platfrm prcessing. The web services are als hsted n Micrsft Azure PaaS where Micrsft maintains full currency f the underlying hardware and sftware, physical and IP security, and
6 transparent ge-physical redundancy and recvery in the case f underlying hardware failure r even data center disaster. Access t the web services is secured using 2048 bit high-encryptin SSL cnnectins and prgrammatically authenticated with a tken issued upn user authenticatin in the mbile app with either mbile phne identificatin (SMS cde) r user ID & PIN cmbinatin. The web services (nt directly accessible by end users) cmprise the nly sftware cmpnent with direct access t the platfrm database. This tier als mediates secure cnnectins t ther service prvider including Jack Henry PrfitStars EPS (check prcessing), JetPay payment services (credit card prcessing), Ggle web services (ge calculatins and maps), Mandrill fr , and Twili fr SMS. Access t each f these ther services is secured with SSL and authenticated with private access keys that prevent misuse f ZOCCAM services accunts. The private access keys are stred securely in the Azure services prtal where they are prgrammatically accessed. Keys are rtated every six mnths r accrding t the service prvider plicies, whichever is mre frequent, by the ZOCCAM administratr. 4. Database (tier 3) The ZOCCAM database is the final lgical cmpnent and the third tier in the three-tier architecture. The database huses ZOCCAM user and applicatin infrmatin and run in a Micrsft SQL Azure deplyment with full autmatic backup and ge-replicatin fr disaster resiliency. The SQL Azure platfrm is fully maintained by Micrsft just as their ther PaaS prducts are. Access t the database is limited t applicatin and administrative accunts via ID/passwrd that are nt shared with anyne utside f key ZOCCAM persnnel. Direct database access is nly used fr special data inspectin r manipulatin fr custmer supprt purpses. All access t the database is lgged autmatically with the SQL Azure Audit Lgs feature. Audit event data is stred in a separate Azure Strage Table and retained fr 365 days. SQL Azure als emplys a white-list security mdel where even authrized users cannt access the database frm unknwn IP addresses. B. OPERATIONS PLATFORM DESCRIPTION 1. Business Platfrm The ZOCCAM business emplys a number f sftware-as-a-service (SaaS) prducts t perate efficiently. Each is managed by the ZOCCAM principals and maintained as needed t grant/revke end-user permissins t ther ZOCCAM representatives. The fllwing is a nn-exhaustive list. GDaddy.cm fr dmain hsting and SSL certificate issuance Micrsft Office 365 fr business prductivity sftware, hsting, dcument management, etc. Weebly fr website hsting ZenDesk fr custmer supprt functins PhneBth fr VOIP telephny & answering service
7 MailChimp fr marketing Micrsft Azure fr hsting the prduct/platfrm and cllecting analytics 2. Prduct Develpment Platfrm a. Sftware Develpment Lifecycle (SDLC) The ZOCCAM prduct develpment team fllws an agile Scrum methd fr planning and tracking wrk. In Scrum, wrk t be accmplished is first listed in a priritized backlg, then decmpsed int tasks that are tracked thrugh stages f wrk and cmpletin. The ZOCCAM prduct team grms the backlg and plans wrk fr each iteratin n a weekly basis. b. Tls and External Sevices The ZOCCAM technlgy team uses sme key tls and services t deliver its prduct. Each f these services is administered by ZOCCAM principals with end-user access granted t/revked frm ther ZOCCAM persnnel as required by business prcesses. Nte that publishing functins are accessed exclusively by ZOCCAM principals. CONFIDENTIAL PRELIMINARY DRAFT Micrsft Visual Studi Team Services (VSTS) fr wrk item management, surce cntrl, and team cmmunicatin. VSTS prvides web access with limited permissins where the ZOCCAM prduct manager updates the prduct backlg during planning, develpers and the prduct manager tgether create tasks t track wrk, and develpers check cde int surce cntrl where each cmmit is assciated with a task fr review and auditing purpses. Subject t Change Duplicatin Prhibited Micrsft Develper Netwrk (MSDN) fr access t develpment tls and knwledge base Apple Develper Cnsle fr creatin and distributin f publishing certificates Apple itunes Cnnect fr publishing ios applicatin binaries Ggle Play Develper Cnsle fr publishing Andrid applicatin binaries Micrsft Azure fr publishing web applicatin and service binaries Prduct publishing prcedures (withut passwrds) are dcumented in Micrsft OneNte files stred in the ZOCCAM Office 365 SharePint dcument management prtal. All service accunt administratin user IDs and passwrds are stred securely in Lastpass passwrd management tl in a managed flder nly accessible by ZOCCAM principals.
8 IV. CONTROL DESCRIPTIONS ZOCCAM Cntrls: Backup and recvery cntrls: Cntrl Objective BK1: Data has been backed-up and is recverable. Cntrl Descriptin BR-1: All prduct, peratinal, and develpment infrmatin stred in SaaS systems with frequent cyclical backup prcedures. Operatinal cntrls: Cntrl Objective OP1: Physical access t cmputer hardware is limited t apprpriate individuals. Cntrl Descriptin PS-1: Persnal cmputers are kept in lcked ffices. Develper laptps emply full-hard drive encryptin. Cntrl Objective OP2: Database access is mnitred. SDLC: Cntrl Descriptin PS-2: All access t the database is lgged autmatically. Audit event data is stred and retained fr 365 days. Cntrl Objective SD1: Changes are authrized. Cntrl Descriptin CM-1: Change requests are initiated and apprved by apprpriate members f management. Cntrl Objective SD2: Changes are tested. Cntrl Descriptin CM-2: All changes made t prductin prgrams, cnfiguratins and data are tested. Cntrl Objective SD3: Changes are apprved. Cntrl Descriptin CM-3: All changes made t prductin prgrams, cnfiguratins and data are apprved by apprpriate members f management befre being prmted t prductin. Access cntrls: Cntrl Objective AC1: Segregatin f duties/access t prductin prgrams. Cntrl Descriptin AM-1: Access t applicatin cnfiguratin parameters and data restricted t authrized persnnel. Cntrl Objective AC1: Segregatin f duties/access t prductin prgrams. Cntrl Descriptin AM-2: Access t databases is limited apprpriate members f IT.
9 Cntrl Objective AC3: Access t privileged IT functins is limited t apprpriate individuals. Cntrl Descriptin AM-3: Access rights f terminated emplyees are disabled n a timely basis. Cntrl Objective AC4: Access t privileged IT functins is limited t apprpriate individuals. Cntrl Descriptin AM-4: The number f peple with administratr privileges is limited apprpriately. Cntrl Objective AC5: User access is authrized and apprpriately established Cntrl Descriptin AM-5: Access rights f users and IT persnnel are dcumented and apprved by apprpriate members f management. Cntrl Objective AC6: Lgical access prcess is mnitred. CONFIDENTIAL Cntrl Descriptin AM-6: User and IT persnnel access rights are peridically reviewed and apprved by management. PRELIMINARY DRAFT Subject t Change Cntrl Objective AC7: User access is mnitred. Cntrl Descriptin AM-7: User registratins are manually reviewed and accunts are disabled when the user requests terminatin f service Duplicatin Prhibited 3 rd Party SOC Reprts: Jack Henry and Assciates, Inc. Reprt n JHA s Descriptin f its Systems related t Enterprise Payment Slutins Systems and the Suitability f the Design and Operatins Effectiveness f Cntrls fr the perid frm Octber 1, 2014 r September 30, Micrsft Azure Independent Service Auditr s Reprt fr the perid frm January 15, 2015 t July 31, Reprting We kept yu infrmed f ur prgress thrughut the engagement thrugh peridic frmal and infrmal status reprts and meetings as apprpriate. Upn cmpletin f the review, we prepared this written reprt f ur findings and recmmendatins.
10 V. RESULTS ZOCCAM Cntrls: IT general cntrls listed abve were fund t be designed apprpriately as f April 1, rd Party SOC Reprt Review: Jack Henry The SOC reprt fr the perid tested was reviewed and fund t be unqualified in nature and cntained n exceptins nted fr any f the cntrl bjectives tested by the independent auditr. Micrsft Azure - The SOC reprt fr the perid tested was reviewed and fund t be unqualified in nature. The independent auditr nted that fr the perid tested, reasnable assurance was prvided that The system was prtected against unauthrized access, use r mdificatin, The system was available fr peratin and use as cmmitted r agreed, Infrmatin within the system, designated as cnfidential, was prtected as cmmitted r agreed, and The system prcessing was cmplete, valid, accurate, timely, and authrized
11 April 1, 2016 Ashley Ck, CEO ZOCCAM 5950 Berkshire Lane, Suite 1460 Dallas, Texas Dear Ms. Ck: This reprt cntains the results related t the infrmatin technlgy (IS) general cntrls and security review perfrmed fr ZOCCAM. N assessment f cntrls r security can ever prvide ttal assurance r 100 percent prtectin against pssible cntrl failures r security intrusins n yur systems. The ptential effectiveness f specific cntrls and security measures is subject t inherent limitatins and, accrdingly, errrs r fraud may ccur and nt be detected. Furthermre, infrmatin netwrks, applicatins and cntrl envirnments are extremely dynamic in nature and ur examinatin f yur cntrl and security methds and prcedures are cnducted and dcumented as f the fllwing specific perid in time: CONFIDENTIAL PRELIMINARY DRAFT Subject t Change Assessment Service Start Date End Date IS General Cntrls and Security Review 03/28/ /01/2016 Duplicatin Prhibited As a result, the prjectin f any cnclusins, based n ur examinatin, t future perids is subject t the risk that (1) changes are made t the systems r cntrls; (2) changes are made in prcessing requirements; (3) changes are required because f the passage f time; r (4) new security explits are discvered that may alter the validity f such cnclusins. Therefre, I take n respnsibility fr any lack f specific cntrls, cntrl failures, breach f security, r ther errrs r fraud related t any part f yur business envirnment. Any subsequent cntrl r security issues that may arise within thse areas examined r any cntrl r security issues that are present at the time f this examinatin, but that are utside the scpe f the examinatin, are slely the respnsibility f ZOCCAM. This reprt is intended slely fr use by the management f ZOCCAM. I appreciate the curtesies and cperatin extended t me during this prject and the pprtunity t be f service t ZOCCAM. Please cntact Matthew Sargent at if yu have any questins regarding this reprt. Sincerely, Matthew Sargent, CFE, CISSP, CISA, CRISC
12
Epicor Commerce Connect (ECC) Services Specification
Epicr Cmmerce Cnnect (ECC) Services Specificatin This Epicr Cmmerce Cnnect Services Specificatin ( Specificatin ) utlines the services and services levels assciated with Epicr s delivery f its Epicr Cmmerce
More informationGuidance on the Privacy and Electronic Communications (EC Directive) Regulations
Infrmatin Security Guidance Title: Status: Guidance n the Privacy and Electrnic Cmmunicatins (EC Directive) Regulatins Released 1. Purpse This guidance n the Privacy and Electrnic Cmmunicatins (EC Directive)
More informationA method of securing cellular services information is being implemented under the
Cellular Telephne Service Descriptin The Cellular Telephne service plan prvides cellular telephne service and equipment frm a number f cellular telephne service prviders. The plan is intended t cver the
More informationIsetan Personal Data Protection Policy (PDPP)
Isetan Persnal Data Prtectin Plicy (PDPP) ISETAN OF JAPAN SDN BHD (IOJ) and ICJ DEPARTMENT STORE (M) SDN BHD (ICJ) are cmmitted t ensure that Custmer s privacy is prtected in accrdance t the Persnal Data
More informationIESBA Meeting (March 2013) Agenda Item
Agenda Item 7-A Backgrund Lng Assciatin f Senir Persnnel (Including Partner Rtatin) with an Audit Client Matters fr Cnsideratin 1. Paragraph 290.150 f the IESBA Cde f Ethics fr Prfessinal Accuntants (the
More informationIn this Document: EMV 3-D Secure General and Testing FAQs. EMV 3-D Secure General FAQs
In this Dcument: EMV 3-D Secure General and Testing FAQs 1. What is EMV 3-D Secure? EMV 3-D Secure General FAQs EMV Three-Dmain Secure (3DS) is a messaging prtcl develped by EMVC t enable cnsumers t authenticate
More informationRMH SECURITY GUIDE. Retail Management Hero (RMH) Copyright 2016, Retail Management Hero. All Rights Reserved.
RMH SECURITY GUIDE Retail Management Her (RMH) rmhsupprt@rrdisti.cm www.rmhps.cm Cpyright 2016, Retail Management Her. All Rights Reserved. Revisin Versin Date Draft 3.1 12/01/2016 Disclaimer Infrmatin
More informationExecutive Summary European Union s General Data Protection Regulation (EU GDPR) January 2018
Executive Summary Eurpean Unin s General Data Prtectin Regulatin (EU GDPR) January 2018 Legal Disclaimer The infrmatin in this presentatin is cnfidential and prprietary t SAP and may nt be disclsed withut
More informationSage 300 ERP Payroll Sage HRMS Link Integration Guide. April 2014
Sage 300 ERP Payrll Sage HRMS Link Integratin Guide April 2014 This is a publicatin f Sage Sftware, Inc. Dcument versin: April 16, 2014 Cpyright 2014. Sage Sftware, Inc. All rights reserved. Sage, the
More informationOffer Description: Cisco ServiceGrid Software as a Service
Page 1 f 12 Offer Descriptin: Cisc ServiceGrid Sftware as a Service This dcument describes Cisc ServiceGrid sld as a sftware-as-a-service ffer (the Offer ). Related Dcuments: This Offer Descriptin shuld
More informationProject Charter. Current 8/23/2006. Version 2
Prject Charter Current 8/23/2006 Versin 2 Dcument Cntrl Dcument Title: Authr(s): Prject Charter CMS Prject Team Date By Actin Versin Pages 8/23/06 SKC Template applied 1.0 All 9/13/06 KKee Updated TOC
More information0XXX: Meter Reading Submission for Advanced & Smart Metering. Stage 01: Request
Stage 01: Request 0XXX: Meter Reading Submissin fr Advanced & Smart Metering At what stage is this dcument in the prcess? The rllut f Advanced and Smart Metering delivers the pprtunity t utilise mre frequent
More informationFrequently asked questions:
Frequently asked questins: Standardized pre/pst surveys fr grw grant results Versin 2.0 May 10, 2017 Cntents HelpDesk Cntact Infrmatin... 2 General Questins... 2 Why is OTF using these surveys?... 2 Wh
More informationRecords Management Policy
Recrds Management Plicy Main Authr: Cnsultatin Rute: Apprved By: Date f Issue: Applicable: Organisatinal wide Versin: 1.0 Review Date: February 2011 Versin 1.0: February 2010 Change Cntrl Versin Change
More informationRESTRICTED JOB SPECIFICATION. Senior Software Developer
JOB SPECIFICATION FUNCTION JOB TITLE REPORTING TO GRADE WORK PATTERN LOCATION TRAVEL REQUIRED ROLE ID IT & Digital Senir Sftware Develper Develpment Manager Band E Full-time Birmingham Occasinally TBC
More informationMEVION SOURCING STRATEGY SUPPLIER CODE OF CONDUCT
MEVION SOURCING STRATEGY The MEVION S250, while being the mst cmpact prtn therapy system in the wrld, is still a relatively large and cmplex prduct. As such, ur supply chain utilizes a high-mix, lw vlume
More informationMicrosoft Windows 7 Migration
Micrsft Windws 7 Migratin Hw utilizing SaaS slutins frm Dell can ease the prcess Dell IT Management Sftware as a Service 1 Applicatins Business Prcess Cnsulting Infrastructure Supprt Windws 7 is here t
More informationReport on Inspection of Grant Thornton LLP (Headquartered in Chicago, Illinois) Public Company Accounting Oversight Board
1666 K Street, N.W. Washingtn, DC 20006 Telephne: (202) 207-9100 Facsimile: (202) 862-8433 www.pcabus.rg Reprt n 2013 (Headquartered in Chicag, Illinis) Issued by the Public Cmpany Accunting Oversight
More informationP&H Mining Equipment. P&H Response to Surface Mining Association for Research & Technology (SMART) Scope of Vision
P&H Mining Equipment P&H Respnse t Surface Mining Assciatin fr Research & Technlgy (SMART) Scpe f Visin SMART Summit Meeting Vancuver, BC, Canada May 8, 2010 SMART Scpe f Visin The Surface Mining Assciatin
More informationSAP Note Planning & Consolidation 10 for Microsoft SP10 Central Note
Nte Language: English Versin: 1 Validity: Valid Since 28.12.2012 Summary Symptm Central Nte fr SAP Business Planning and Cnslidatin 10.0 SP10, versin fr the Micrsft platfrm Other terms Reslved issues,
More informationDeployment planning guidelines
Ratinal Asset Manager Versin 7.2 Deplyment planning guidelines By Bruce Besch, IBM Ratinal Asset Manager Cnsultant Befre using this infrmatin and the prduct it supprts, read the infrmatin in the Ntices
More informationCompany Accounts are identified by a 4-5 digit account number and can be used in all company stores nationally.
TRADE ACCOUNTS (This sectin is t be read in cnjunctin with Custmer Orders V2) POLICY Beacn Lighting seeks t fster custm with all relevant streams f the Building Industry. Team Members must carefully fllw
More informationEXHIBIT B, MODIFICATION PS-0006, CONTRACT GS-10F-0114T LABOR CATEGORY DESCRIPTIONS
Prgram Manager 871-1 Strategic Planning fr Technlgy Prgrams / Activity Electrical Engineering 871-2 Cncept Develpment and Requirements Analysis Electrical Engineering 871-3 System Design, Engineering and
More informationIBM Global Services. Server Optimization ... Trends and Value Proposition That Can Drive Efficiencies and Help Businesses Gain A Competitive Edge
IBM Glbal Services Server Optimizatin.......... Trends and Value Prpsitin That Can Drive Efficiencies and Help Businesses Gain A Cmpetitive Edge Intrductin A typical rganizatin s success and ability t
More informationSolution Development Guide: SAP Business One
2006 English Slutin Develpment Guide: SAP Business One Versin Status Date SAP AG Dietmar-Hpp-Allee 16 69190 Walldrf Germany Cntents Intrductin...3 Overview...3 SAP Business One Sftware Develpment Kit...3
More informationUNC 0594R: Meter Reading Submission for Advanced & Smart Metering. UNC Request Workgroup Report
UNC Request Wrkgrup Reprt At what stage is this dcument in the prcess? UNC 0594R: Meter Reading Submissin fr Advanced & Smart Metering The rllut f Advanced and Smart Metering delivers the pprtunity t utilise
More informationAdministrative Portal Data Management
Administrative Prtal Data Management Reference Guide fr Prgram Managers, Prject Managers, and Supervisrs This guide is intended t supprt staff wh perfrm administrative tasks within the SAS system using
More informationWhite Paper. SharePoint and the Consumerization of IT: Considerations for BYOD Success. Authors: Aseem Pandit and Prateek Bhargava
White Paper SharePint and the Cnsumerizatin f IT: Cnsideratins fr BYOD Success Authrs: Aseem Pandit and Prateek Bhargava The Evlutin f IT Cnsumerizatin & BYOD BYOD refers t the plicy f permitting emplyees
More informationB&B Food Distributors Data Synchronization Initiative
B&B Fd Distributrs Data Synchrnizatin Initiative Frequently Asked Questins fr B&B Fd Distributrs Suppliers Versin 1 Cpyright 2012. All Rights Reserved. FAQs fr B&B Fds Distributrs Suppliers REVISION HISTORY
More informationHEALTH AND SAFETY POLICY MISSION STATEMENT
HEALTH AND SAFETY POLICY MISSION STATEMENT IPLOCA is ttally cmmitted t the prmtin f health and safety in all areas f its influence and subscribes t the philsphy that all accidents are preventable. Therefre
More informationCORE INVENTORY MANAGEMENT
RSM TECHNOLOGY ACADEMY Syllabus and Agenda CORE INVENTORY MANAGEMENT FOR MICROSOFT DYNAMICS AX Curse Details 3 Audience 3 At Curse Cmpletin 3 Curse Cancellatin Plicy 4 Guaranteed t Run 4 Travel Guide 6
More informationUniversity of Adelaide Induction Framework
University f Adelaide Inductin Framewrk Inductin at the University f Adelaide Inductin is the prcess thrugh which new staff members are welcmed t the University and prvided with the essential infrmatin
More informationDIRECTV POLICY Corrective Action Home Services Workforce Management
DIRECTV POLICY Wrkfrce Management DIRECTV Cmpany Plicy July 2015 Scpe... 3 Definitins... 3 Respnsibilities... 4 Emplyees... 4 Supervisrs... 4 Human Resurces... 4 Crrective Actin Categries... 4 Crrective
More informationGeorgetown University PCI DSS Handbook
Prcedures fr Payment Card Prcessing: Guidance fr Departments and Card Prcessrs March 2017 Table f Cntents Sectin 1: Missin Statement... 4 Sectin 2: PCI DSS Overview... 4 Sectin 3. University Plicies and
More informationInstitutional Knowledge Management: Leveraging Your Firm's Most Valuable Asset
Fr several decades the wrld s best knwn frecasters f scietal change have predicted the emergence f a new ecnmy in which brainpwer, nt machine pwer, is the critical resurce. But the future has already turned
More informationWhat is the deadline to sign up for Rockwell Automation TechED EMEA? What is the cost to register for the Rockwell Automation TechED EMEA event?
Registratin Questins What is the deadline t sign up fr Rckwell Autmatin TechED EMEA? When sessin registratin pens in July 2017, yu may register t attend, select sessins and/r change yur sessin selectin
More informationSeattle Public Schools The Office of Internal Audit
Seattle Public Schls The Office f Internal Audit Internal Audit Reprt September 1, 2013 thrugh August 31, 2016 Issue Date: June 13, 2017 Backgrund Infrmatin Executive Summary The District emplys apprximately
More informationCertificate in Construction Project Management
Certificate in Cnstructin Prject Management Duratin: 6 Mnths Distance Learning Prgramme Language: English RICS Member: 895.00 + VAT Nn RICS Member 1075.00 + VAT Curse Summary This prgramme explres the
More informationSystem Implementation Project Approach
System Implementatin Prject Apprach Phase I Current State Analysis Gal: Dcument current state peratins and categrize current state prcedures and reprting assets as: Deliverables: Mandatry Internal Reprting
More informationBLACKBOARD LEARN MANAGED HOSTING TERMS, SPECIFICATIONS & SERVICE LEVELS
TERMS APPLICABLE TO BLACKBOARD MANAGED HOSTING SERVICE Belw are certain terms and cnditins applicable t the managed hsting Services. Definitins used but nt defined herein shall have the meanings ascribed
More informationReport on Inspection of PricewaterhouseCoopers LLP (Headquartered in New York, New York) Public Company Accounting Oversight Board
1666 K Street, N.W. Washingtn, DC 20006 Telephne: (202) 207-9100 Facsimile: (202) 862-8433 www.pcabus.rg Reprt n 2014 (Headquartered in New Yrk, New Yrk) Issued by the Public Cmpany Accunting Oversight
More informationROYAL BANK OF CANADA ONLINE APPLICATION TERMS AND CONDITIONS
` ROYAL BANK OF CANADA ONLINE APPLICATION TERMS AND CONDITIONS Please review the fllwing Ryal Bank f Canada Online Applicatin Terms and Cnditins (the "Terms"). Yu must read them alng with yur Accunt Disclsures
More informationService Description: Advanced Services Fixed Price: Cisco UCCE Branch and Mobile Advise and Implement Services (ASF-CX-G-REBMPB-CE)
Page 1 f 1 Service Descriptin: Advanced Services Fixed Price: Cisc UCCE Branch and Mbile Advise and Implement Services (ASF-CX-G-REBMPB-CE) This dcument describes Advanced Services Fixed Price: Cisc UCCE
More informationMobile Field Service A Case Study
Mbile Field Service A Case Study Table f Cntents Intrductin The ROI f Mbile Field Service Summary f Mbile Field Service Benefits Imprved Prductivty and Efficiency Simplified Operatins Enhanced Custmer
More informationUpdated: Mitigating Fraud Risk Through Card Data Verification
Risk Management Best Practices 30 June 2016 Updated: Mitigating Fraud Risk Thrugh Card Data Verificatin AP, Canada, CEMEA, LAC, U.S. Acquirers, Issuers, Prcessrs Overview: Visa is prviding issuers with
More informationWABC Guidelines. For Researchers Investigating Business-Coaching- Related Topics
WABC Guidelines Fr Researchers Investigating Business-Caching- Related Tpics WABC GUIDELINES: Fr Researchers Investigating Business-Caching-Related Tpics (2016-SEP) 1 Cntents 3 Preamble 3 Intended Audience
More informationADMINISTRATIVE REGULATIONS TABLE OF CONTENTS
ADMINISTRATIVE REGULATIONS TABLE OF CONTENTS 8000 INFORMATION TECHNOLOGY R 8100 Intrductin and Gvernance R R R R R R R 8200 Apprpriate Use 8300 Access 8400 Data Security 8500 Hardware and Sftware Supprt
More informationService Catalogue. Your secure data centric guardians. Units 1-3 Trinity Court, Brunel Rd, Totton, Hampshire SO40 3WX
Service Catalgue Yur secure data centric guardians Units 1-3 Trinity Curt, Brunel Rd, Tttn, Hampshire SO40 3WX www.amicusits.c.uk +44 2380 429429 24x365 Cre Managed IT Services 1 Intrductin Amicus ITS
More informationFrequently Asked Questions (FAQs) Goals and Performance
AUDIENCE BACKGROUND Frequently Asked Questins (FAQs) Gals and Perfrmance mycareer @CHOP Gals and mycareer @CHOP Perfrmance are electrnic, integrated tls that supprt develping gals and tracking perfrmance.
More informationSelf- certification criteria for signatories of the IAB Europe OBA Framework
Self- certificatin criteria fr signatries f the IAB Eurpe OBA Framewrk Date: 12 April 2012 Table f cntents 1. Intrductin 3 2. General criteria fr self- certificatin f cmpliance 4 2.1. Data security 4 2.1.1.
More informationClemson University Marketplace Instruction Manual
CU Marketplace is currently prviding ver Clemsn departments with nline business pprtunities. Clemsn University Marketplace Instructin Manual Cash and Treasury Services P a g e 2 CU Marketplace Manual Table
More informationFamily Support Service Provider Quick Reference Guide to CYBER
Welcme Page: Family Supprt Service Prvider Quick Reference Guide t CYBER Links t Mnitr Regularly: Authrizatin Current: Will list all currently pen authrizatins; shuld include nly thse yuth currently receiving
More informationUser Manual Chromis POS Document Version 0.30
User Manual Chrmis POS Dcument Versin 0.30 www.chrmis.c.uk Cpyright 2015 Chrmis POS User Manual Table f Cntents Abut... 3 License... 3 Disclaimer... 4 Features... 5 Supprt... 6 Target Users... 6 Getting
More informationSECTION I: RBC ROYAL BANK ONLINE APPLICATION TERMS AND CONDITIONS
SECTION I: RBC ROYAL BANK ONLINE APPLICATION TERMS AND CONDITIONS Please review the fllwing RBC Ryal Bank Online Applicatin Terms and Cnditins (the "Terms and Cnditins"). Yu must read them, check the tick
More informationEICC Validated Audit Process (VAP) VAP Operations Manual
EICC Validated Audit Prcess (VAP) VAP Operatins Manual Revisin 5.1 January 2016 Infrmatin and cmmunicatin technlgy cmpanies wrking thrugh the Electrnics Industry Citizenship Calitin (EICC) www.eiccalitin.rg
More informationInformation Technology (IT) Services Business Service Catalogue
Infrmatin Technlgy (IT) Services Business Service Catalgue Business Service Catalgue Cntents PURPOSE OF DOCUMENT 4 SERVICES SUMMARY 5 IT SERVICES AND SERVICE OFFERING TEMPLATES 8 1. IT SERVICES 16 1.1.
More informationSolution: Unix and Linux are examples of multi-user operating systems used to handle voluminous data and complex reporting requirements.
1. State the fur basic requirements f a database applicatins. Slutin: The fur basic requirements f database applicatins are Frnt-end interface Back-end database Data prcessing Reprting System 2. Name the
More informationIn this fact sheet we answer the four most common questions new clients ask:
Wrking With Federal Prpsals Intrductin In this fact sheet we answer the fur mst cmmn questins new clients ask: What tasks d yu perfrm and what d yu need frm us? Hw d we use the Virtual War Rms? Hw much
More informationIntegration of SAP TM and SAP CRM
SAP Transprtatin Management Integratin f SAP TM and SAP CRM CUSTOMER Dcument Versin: 1.0 December 2013 SAP AG 1 Cpyright Cpyright 2013 SAP AG. All rights reserved. SAP Library dcument classificatin: PUBLIC
More informationMaking the move from Sage Abra Suite (FoxPro) to Sage HRMS (SQL)
Making the mve frm Sage Abra Suite (FxPr) t Sage HRMS (SQL) 5272 S. LEWIS, SUITE 100 TULSA, OK 74105 918.496.1600 TOLL FREE: 877.496.1600 Making the mve frm Sage Abra Suite (FxPr) t Sage HRMS (SQL) As
More informationOracle Revenue Management and Billing. Version Release Notes. Revision 1.1
Oracle Revenue Management and Billing Versin 2.5.0.2.0 Release Ntes Revisin 1.1 E72808-01 April, 2016 Release Ntes Oracle Revenue Management and Billing Versin 2.5.0.2.0 Release Ntes E72808-01 Cpyright
More informationJOB TITLE: Business and Systems Analyst
JOB TITLE: Business and Systems Analyst 1. PURPOSE OF POSITION This psitin has a strng service delivery fcus and is respnsible fr functinal supprt and nging imprvement f the applicatins and systems envirnment.
More informationMarketing Summary Chapter 4
Marketing Summary Chapter 4 Marketing chapter 4 - Marketing Research: Gather, Analyze & Use Infrmatin Marketing Ethics: taking an ethical & abve-bard apprach t cnducting marketing research that des n harm
More informationDisciplinary Procedure
Disciplinary Prcedure Applicatin Overview Definitins Prcedure Crss references Further assistance APPLICATION This prcedure nly applies t academic, prfessinal, security, grunds and dcument services staff
More information*************************************************************************************************************
* THIS PRINTED VERSION OF THE FORM IS FOR INFORMATION PURPOSES ONLY. * * YOU MUST COMPLETE AND SUBMIT THE FORM ONLINE AT * * GO.NCSU.EDU/SURVEY.REGISTRATION.FORM * NC State Survey Registratin Frm Intrductin
More informationService Description: Cisco Optimization Service for Virtual Managed Services
Page 1 f 1 Service Descriptin: Cisc Optimizatin Service fr Virtual Managed Services This dcument describes Cisc Optimizatin Service fr Virtual Managed Services (vms). Related Dcuments: This dcument shuld
More informationConnect for SAP (Classic)
Cnnect fr SAP (Classic) Fact Sheet 1 Abut Cnnect fr SAP (Classic) Cnnect fr SAP is an bject-riented sftware library. It has been specially designed fr an access t SAP applicatin servers by using Embarcader
More informationMarketing activities and events manager
Rle Brief Marketing activities and events manager Directrate Marketing and cmmunicatins directrate Base lcatin Bristl Grade C 16 Date April 2018 Reprts t Head f marketing prductin Respnsible fr 1. Backgrund
More informationCORPORATE. Freedom to Speak Up Standard Operating Procedure. Document Control Summary Status:
CORPORATE Freedm t Speak Up Standard Operating Prcedure Dcument Cntrl Summary Status: Replacement. This plicy supersedes the Public Interest Disclsure Plicy 28.01.15 (v3.1) Versin: V1.1 Date 01.10.16 Authr/Owner:
More informationRegulations Amending the Food and Drug Regulations (1475 Good Manufacturing Practices)
Canada Gazette: Vl. 147, N. 10 May 8, 2013 Registratin SOR/2013-74 April 26, 2013 FOOD AND DRUGS ACT Regulatins Amending the Fd and Drug Regulatins (1475 Gd Manufacturing Practices) P.C. 2013-420 April
More informationBROKER SELECTION AND ASSESSMENT POLICY
BROKER SELECTION AND ASSESSMENT POLICY Date created: 1 Nvember 2007 Last updated: 19 Nvember 2012 Departments affected: Management departments, senir management, CICD Subject: Definitin f brker selectin
More informationNanogate Jay Systems
Nangate Jay Systems Revisin: H Page 1 1.0 Purpse The purpse f this prcedure is t prvide fr a system and instructins t give each supplier the necessary tls t prvide prduct and services that meet the expectatins
More informationInterstate 91 Viaduct Study MassDOT Contract No Public Involvement Plan
Interstate 91 Viaduct Study MassDOT Cntract N. 82617 Public Invlvement Plan Prject Overview and Gals The prtin f Interstate 91 (I-91) between State Street and the interchange with I-291 parallels the Cnnecticut
More informationSafety and Security Checks for Tank Container HSE CoP 613. Safety and Security Checks for Tank Container. HSE Code of Practice 613
Safety and Security Checks fr Tank Cntainer HSE Cde f Practice 613 Table f Cntents 1. Purpse... 3 2. Definitins... 3 3. Scpe... 3 4. Mandatry principles r standards... 3 4.1 Legal... 4 4.2 Prcess requirements...
More informationParticipants Guide to the ALGARVE NATURE WEEK 2018 B2B EVENT
Participants Guide t the ALGARVE NATURE WEEK 2018 B2B EVENT Htel Vila Galé Lags 21 st f April 2017-9h30 am t 12h30 pm http://algarvenatureweek2018.talkb2b.net INTRODUCTION The Enterprise Eurpe Netwrk (EEN)
More informationRelevance in Equivio Zoom. Predictive Coding Technology for Assessment of Document Relevance
Relevance in Equivi Zm Predictive Cding Technlgy fr Assessment f Dcument Relevance THE PROBLEM: REDUCING REVIEW COSTS WHILE ENHANCING QUALITY E-discvery is all abut finding relevant dcuments. Legacy prcesses
More informationAPPLICABLE TO ALL DIRECTORS, SENIOR MANAGEMENT AND EMPLOYEES OF THE COMPANY
APPLICABLE TO ALL DIRECTORS, SENIOR MANAGEMENT AND EMPLOYEES OF THE COMPANY PHILOSOPHY JSAW is a prfessinally managed rganisatin and the cre value underlying ur crprate philsphy is "trusteeship". We believe
More informationApplication Portfolio Analysis: Tool for Cloud Migration Dr. Gopala Krishna Behera December 5, 2017
Applicatin Prtfli Analysis: Tl fr Clud Migratin Dr. Gpala Krishna Behera December 5, 2017 Tday, a majrity f custmers are getting ut f the data center business and mving twards the use f Clud Services.
More informationReturn on Investment (ROI) for Document Management
Return n Investment (ROI) fr Dcument Management Versin 1.0 2 nd April 2013 1. The need fr ROI Sme businesses purchase Dcument Management (DM) because they have t, either fr cmpliance with legislatin r
More informationInformation Technology Master Plan. City of Georgetown, Texas
Infrmatin Technlgy Master Plan City f Gergetwn, Texas Dcument Infrmatin and Revisin Histry Vers in Date Authr(s ) R evis in Ntes 1.0 12/18/2009 Bill Llyd Initial Dcument 2.1 12/19/2009 Bill Llyd Editing
More informationThe Total Economic Impact Of IBM s Worklight Platform
A Frrester Ttal Ecnmic Impact Study Prepared Fr IBM The Ttal Ecnmic Impact Of IBM s Wrklight Platfrm Cst Savings In The Develpment And Maintenance Of Multiplatfrm Mbile Apps Prject Directr: Jan ten Sythff
More informationAddendum No. 1 - Page 1 of 10 SPEC. NO
JUNE 1, 2015 ADDENDUM NO. 1 Fr REQUEST FOR PROPOSAL ( RFP ) Fr AIRPORT ELECTRONIC MASS NOTIFICATION/ALERT SYSTEM AND SERVICES FOR O HARE AND MIDWAY INTERNATIONAL AIRPORTS Specificatin and Cntract Dcument
More information2018 FREQUENTLY ASKED QUESTIONS
2018 FREQUENTLY ASKED QUESTIONS PINNACLE PROGRAM QUESTIONS 1. Q: Hw d I knw if I have cmpleted all requirements t receive PINNACLE rewards? A: View yur PINNACLE Mnthly Eligibility dashbard n the Fundatins
More informationq-erp Information Sheet Version 2.0 q-erp Information Sheet
q-erp Infrmatin Sheet Versin 2.0 q-erp Infrmatin Sheet 1. OVERVIEW 1.1 General System Features This lists the general features f the system regardless f what mdule is accessed. Architecture - Client/Server
More informationNZATD Education Trust Awards elearning Award Guidelines for Entrants
NZATD Educatin Trust Awards elearning Award Guidelines fr Entrants Fcus f Award NZATD intrduced this award t recgnise excellence in the design and implementatin f elearning initiatives within rganisatins.
More informationMarketing activities and events manager
Rle Brief Marketing activities and events manager Directrate Marketing and cmmunicatins directrate Base lcatin Bristl Grade C 16 Date September 2016 Reprts t Head f marketing prductin Respnsible fr 1.
More informationControlled Doc. #EDM Ver: 11.0Last Modified:11/8/2017 9:53:02 AM Network_Optimization_Service.doc
Page 1 f 21 Netwrk Optimizatin Service Service Descriptin: Netwrk Optimizatin Service This dcument describes the Netwrk Optimizatin Service. Related Dcuments: This dcument shuld be read in cnjunctin with
More informationRestaurant Management system
IJRIT Internatinal Jurnal f Research in Infrmatin Technlgy, Vlume 2, Issue 3, March 2014, Pg: 284-288 Internatinal Jurnal f Research in Infrmatin Technlgy (IJRIT) www.ijrit.cm ISSN 2001-5569 Restaurant
More informationUDI Compliance Service
UDI Cmpliance Service What is UDI? The US Fd and Drug Administratin (FDA) has issued a ruling that medical devices must cnfrm t a Unique Device Identificatin (UDI) standard. The UK Department f Health
More informationKupu Sustainability Initiatives Hawai i Energy Fellow Position Description
Kupu Sustainability Initiatives Hawai i Energy Fellw Psitin Descriptin Kupu, in cllabratin with Hawai i Energy, is seeking t hire ne (1) Sustainability Initiatives Fellw wh is a current higher educatin
More informationExtension of the Senior Managers and Certification Regime by the UK s FCA
CLIENT MEMORANDUM Extensin f the Senir Managers and Certificatin Regime by the UK s FCA Des the SM&CR apply t my firm and what des it entail? August 2, 2017 AUTHORS Jseph D. Ferrar Nichlas Bugler Andrew
More informationIntegration of SAP TM with SAP Global Trade Services
SAP Transprtatin Management Integratin f SAP TM with SAP Glbal Trade Services CUSTOMER Dcument Versin: 2.1 December 2013 SAP AG 1 Cpyright Cpyright 2013 SAP AG. All rights reserved. SAP Library dcument
More informationMaintenance Cost Optimisation for Process & Power Generation Plants
Reliability Imprvement Prgramme & Maintenance Cst Optimisatin fr Prcess & Pwer Generatin Plants Date: Venue: 24 t 28 September 2012 (5 days) Hliday Villa, Subang, Malaysia COURSE INTRODUCTION: This Curse
More informationEmpowered Workgroups. A process area at Level 4: Predictable
Empwered Wrkgrups A prcess area at Level 4: Predictable Purpse Descriptin The purpse f Empwered Wrkgrups is t invest wrkgrups with the respnsibility and authrity fr determining hw t cnduct their business
More informationEmpower your Teams How SAP utilizes the Team Foundation Server. Niels Hebling, Gerald Morrison, Dirk Lüdtke
Empwer yur Teams Hw SAP utilizes the Team Fundatin Server Niels Hebling, Gerald Mrrisn, Dirk Lüdtke What is it all abut? 2012 SAP AG. All rights reserved. 2 Develpment Lifecycle in a perfect wrld Develpment
More informationCharter (draft v0.2) (1)(a) Name. (1)(a) Prepared By. (1)(b) Purpose. (1)(b) Business Problem. Evolution of Product Information
Charter (draft v0.2) Subject: OASIS DITA Pharmaceutical Cntent Subcmmittee DRAFT Charter Date: 21-April-2009 Versin: 0.2 (1)(a) Name Full Name: OASIS DITA Pharmaceutical Cntent Subcmmittee Shrt Name: DITA-PC-SC
More information1. Why can I modify a purchase requisition although I set the changeability of the release indicator to '1' ('Cannot be changed')?
Nte Language: English Versin: 10 Validity: Valid Since 25.08.2009 Summary Symptm FAQ Release Strategy List f questins : 1. Why can I mdify a purchase requisitin althugh I set the changeability f the release
More informationIBM Internet of Things
IBM Internet f Things Reprt is prepared by: (Pstdc researcher) Dr. Oleksiy Khriyenk (WISE Master s Prgram student) Syed Ibrahim (WISE Master s Prgram student) Sumeeta Chanda MIT Department University f
More informationRequest for Quotes PennDOT Leadership Academy for Managers (PLAM) Solicitation Number:
www.dt.state.pa.us Request fr Qutes PennDOT Leadership Academy fr Managers (PLAM) Slicitatin Number: 6100041372 Curse Title: Curse Date(s) & Lcatins: PennDOT Leadership Academy fr Managers (PLAM) This
More informationMonitoring, Evaluation and Adaptive Management Following INFFER Assessment (INFFER step 7)
Mnitring, Evaluatin and Adaptive Management Fllwing INFFER Assessment (INFFER step 7) www.inffer.rg David Pannell, Geff Park, April Curatl, Anna Rberts, Stephanie Spry, Sally Marsh Intrductin The Investment
More information