Notice of CBRC on Issuing the Regulatory Guidelines for the. Risks in the Information Technology Outsourcing of. Banking Financial Institutions
|
|
- Dustin Chapman
- 5 years ago
- Views:
Transcription
1 Index Number: / Subject Category: Laws and Regulations Release Date: February 16, 2013 Document Number: Yin-Jian-Fa [2013] No.5 Issued by: China Banking Regulatory Commission (CBRC) Notice of CBRC on Issuing the Regulatory Guidelines for the Risks in the Information Technology Outsourcing of Banking Financial Institutions CRBC [2013] No.5 银行业金融机构信息科技外包风险监管指引 银监发 [2013] 5 号 To all the banking bureaus, policy banks, state-owned commercial banks, joint-equity commercial banks, financial asset management companies, postal savings banks, provincial Rural Credit Cooperatives, trust companies regulated directly by CBRC, finance companies of enterprise group, financial leasing companies: Regulatory Guidelines for the Risks in the Information Technology Outsourcing of Banking Financial Institutions is now printed and issued to you for implementation. February 16, Page 1 of 20
2 Regulatory Guidelines for the Risks in the Information Technology Outsourcing of Banking Financial Institutions 银行业金融机构信息科技外包风险监管指引 Chapter One General Provisions Article 1 In order to regulate the IT outsourcing activities in banking financial institutions and reduce the IT outsourcing risks, this guideline is formulated on the basis of Law of the PRC on Supervision over the Banking Industry and Law of Commercial Banks of PRC and other laws and regulations. Article 2 This guideline is applied to all the policy banks, commercial banks, rural cooperative banks, and provincial (autonomous region) rural credit cooperatives. Other financial institutions regulated by CBRC shall also execute according to this guideline. Article 3 The IT outsourcing mentioned in this guideline refers to the behaviors of entrusting the IT activities which shall be the banking financial institutions own responsibility to suppliers, including project outsourcing and human resources outsourcing etc. In principle, the following types are included: 1) outsourcing of R&D and consulting: consulting technical outsourcing of technological management and technological management, planning, demands, systematic development and testing outsourcing; 2) outsourcing of system implementation and maintenance: including data center (data backup center), machine-room facilities, operation and maintenance of network and systems, automatic equipment, POS machine and other outsourcing of operation and maintenance of remote terminal and office equipment. 3) IT activity in business outsourcing: system development, operation maintenance and data processing in the outsourcing such as market expansion, business operation, corporate management and assets disposal. Article 4 Associated outsourcing in this guideline refers to the IT outsourcing provided by the parent companies, affiliated branch companies, associated companies or affiliated institutions of banking financial institutions. Article 5 IT outsourcing may cause the following risks and lead to the strategic, reputation and compliance risks of banking financial institutions: Page 2 of 20
3 1) loss of technological capability: the over-reliance on outside resources of banking financial institutions may lose technological control and innovation ability, which can affect business innovation and development; 2) service interruption: the inconsistency of outsourcing service which supports the business operation may lead to service interruption. 3) information disclosure: the service supplier may illegal obtain or disclose the private data (including customer information) of banking financial institutions. 4) the decrease of service level: because of the outsourcing quality problems or low efficiency of internal and external cooperation, the service level of banking financial institution may decrease. Article 6 The concentration risks referred in this guideline is the risks that banking financial institutions outsource the IT to several service suppliers, which can lead to service interruption, quality decrease and intensive safety accidents etc. Article 7 The trade trusteeship institutions in this guideline refers to the banking financial institutions as outsourcing service suppliers to provide IT outsourcing service for other counterpart financial institutions. Article 8 Banking financial institutions shall include the IT outsourcing management into the comprehensive risk management risks, and establish outsourcing management systems which adapt to the IT strategic objectives of their own institutions, so as to control and decrease the risks caused by outsourcing. Article 9 Banking financial institutions shall establish IT outsourcing management and organization framework; make outsourcing management strategy; regularly evaluate the outsourcing risks; establish and maintain the supplier relation management strategy conforming with their own strategic objectives by means of suppliers admission, evaluation and exit. Article 10 Banking financial institutions shall insist the following principles during IT outsourcing: 1) guide by the principle that do not hinder core ability construction and actively grasp the key technologies; 2) insist on the balance among outsourcing risks, costs and benefits; 3) emphasize on the pre-control of outsourcing risks and maintain regulatory intensity; 4) constantly improve outsourcing strategy and measures by outsourcing Page 3 of 20
4 management and technical development tendency. Article 11 The IT management responsibility shall not be outsourced during the IT outsourcing of banking financial institutions. Article 12 Banking financial institutions shall fully evaluate the IT risks during the IT public infrastructure service such as IT product purchase, maintenance and lease, payment or clearance system of communication circuits which do not involve the transference of bank s customers and internal information; regulate and manage by following Chapter 5 in this guideline. Chapter Two Outsourcing Management and Organization Framework Article 13 Board of directors and senior management in banking financial institutions shall strictly implement the relevant responsibilities for IT outsourcing risks management; clarify the competent department for IT outsourcing management; make and audit the IT outsourcing strategy; audit the procedures and systems for information technology outsourcing management; supervise and control the IT outsourcing risks management effects. Article 14 Main responsibilities of IT outsourcing risks include: 1) recognize, evaluate and remind the outsourcing risks; 2) supervise and evaluate outsourcing management; supervise and urge the constant improvement of outsourcing risks management; 3) regularly report the relevant risks management of IT outsourcing activities to senior management; 4) confirm other IT outsourcing risks management responsibilities to board of directors or senior management. Article 15 Banking financial institutions shall establish IT outsourcing management execution team and equip enough staffs to fulfill the following responsibilities in IT management department or execution department for IT outsourcing activities: 1) implement the IT outsourcing strategy; 2) make and execute the IT outsourcing management systems and procedures; 3) execute suppliers admission, evaluation and exit management; establish and sustain the supplier relation management strategy; 4) make emergency management plans to guarantee the constant Page 4 of 20
5 outsourcing service, organize and implement regular exercises; 5) monitor and analyze all the management activities in outsourcing process, regularly report the outsourcing activities to competent department of IT and outsourcing management risks management departments. Chapter Three Strategic and Risk Management of IT Outsourcing I. IT Outsourcing Strategy Article 16 Banking financial institutions shall improve IT team competence, technological management and innovation ability; grasp IT core skills as objectives; make IT outsourcing strategy on the basis of IT strategy, outsourcing market environment, self risk control ability and risk preference, including the function that cannot be outsourced, resource ability construction plans, suppliers relation management strategy and outsourcing classification management strategy. Article 17 Banking financial institutions shall clarify the functions that cannot be outsourced based on their own IT strategy. The functions that involve the strategic management, risk management, internal auditing and other relevant IT core competence. Article 18 Banking financial institutions shall make resources, competence construction plans based on outsourcing strategy and objectively obtain or improve their management and technical skills by adding personnel, improving skills and knowledge transference so as to reduce the reliance on service suppliers. Article 19 Banking financial institutions shall establish suppliers relation management strategy that conform to their own scales and market position. Reasonably control all the amounts of high risks service suppliers by admission and exit mechanism to realize the following objectives: prevent industry monopoly and institutions concentration risks; improve service quality at the same time of introducing proper competition, reasonably control the amount of service suppliers so as to reduce risks and management costs etc. Article 20 Banking financial institutions can manage the service suppliers level-to-level based on outsourcing qualities and extent of importance; adapt differential control measures to the service suppliers of different levels so as to reduce management cost under the condition of effective management of important risks. Article 21 Banking financial institutions shall manage the outsourcing service or service suppliers properly under the cooperation of parent companies or group companies; however, they shall maintain the independence of relevant decisions of associated outsourcing so as to avoid Page 5 of 20
6 essential knowledge and minimal authority ; 3) deliver the core or important information system development deliverable for source code checks and safety scanning; 4) regularly check the safety of service suppliers and obtain the self-assessment or third-party report of service suppliers. Article 39 Banking financial institutions shall regularly check the safety of associated outsourcing service suppliers; it shall not be replaced by the self-assessment of service suppliers and avoid the independence, objectivity or fairness of check because of associated relations. Article 40 Banking financial institutions shall pay attention to the shock of new technologies or new applications brought by outsourcing service on current handling modes and safety frameworks; timely perfect information safety control system and avoid the extra information safety risks brought by introducing new technologies or applications. V. Outsourcing Service Surveillance and Evaluation Article 41 Banking financial institutions shall keep constant surveillance for outsourcing service; require the service supplier for establishing stage service objectives and tasks; track the execution of tasks so as to timely find out and correct various abnormal conditions during service. Article 42 Banking financial institutions shall establish clear service quality surveillance indexes based on IT outsourcing demands, contracts and service level agreements and make relevant surveillance. Common indexes consist of: 1) information system, equipment and infrastructure availability, operation rate of equipment; 2) malfunction times, malfunction resolution rate and response time of malfunction; 3) service times and customer satisfactory rate; 4) timely completion rate, procedure defect times and demands change rates; 5) outsourcing staffs working saturation-rate, qualified-rate of outsourcing staffs. Article 43 Banking financial institutions shall establish clear service catalog, service level agreement and service level surveillance evaluation mechanism, and ensure the accuracy and completeness of outsourcing service Page 10 of 20
7 surveillance base data and evaluation results; the data shall be kept for at least one year after finishing the service. Article 44 Banking financial institutions shall maintain constant surveillance for the service suppliers finance, internal control and safety management; pay attention to the badness of financial status and internal management chaos caused by bankruptcy, acquisition, loss of key personnel, poor investment and bad management and so on, so as to prevent the accident termination of outsourcing service or sharp decrease of service quality. Article 45 When confronting with abnormal conditions, banking financial institutions shall timely supervise and urge the service suppliers to correct them. With serous conditions and non-timely corrections, senior management of service suppliers shall be met to urge rectifications within limited time. Article 46 At the end of outsourcing service, banking financial institutions shall evaluate the service suppliers which shall be used as important references for the service suppliers. Article 47 As for associated outsourcing, board of directors and senior management of banking financial institutions shall promote the outsourcing service qualities performance evaluation scope of parent companies or affiliated groups for service suppliers; establish accountability mechanism for major events during outsourcing process. Meanwhile, service suppliers shall be required to establish relevant performance evaluation mechanism with outsourcing service level. VI. Outsourcing Interruption and Termination Article 48 Banking financial institutions shall consider the influence of IT outsourcing on service consecutive management and improve objectively the business executive management plan, including but not limited to: 1) recognize the service suppliers and resources involved in important business; 2) clarify service suppliers preparations and maintain relevant resources by agreements, contracts etc.; 3) maintain constant management and surveillance for service suppliers business and evaluate its management level; 4) include relevant service suppliers into rehearsal scope during business constant plan rehearsals. Article 49 In order to reduce the possibility and influence of outsourcing emergencies, banking financial institutions shall establish risk control, sustained release or transference measures in advance for outsourcing Page 11 of 20
8 service which cause important influence on business consistent management, including but not limited to: 1) constantly collect information from service suppliers during outsourcing service process, so as to find out possible conditions for causing service interruption; 2) agree with service suppliers for obtaining the priority of its outsourcing service resources in case of dis-satisfactions for contract agreements; 3) ask service suppliers to make relevant emergency handling planning in case of service interruption, such as providing backup staffs; 4) as for outsourcing service involving important business, baking financial institutions shall consider equipping relevant human resources inside the institutions to grasp essential skills, so as to automatically maintain the minimal service competence during outsourcing interruption. Article 50 Banking financial institutions shall prepare relevant contingency plans for important outsourcing service interruptions and regularly rehearse. The factors shall be considered including but not limited to the following contents: 1) event scenarios, for example, the inconsistency caused by important personnel loss, active quit of service suppliers, passive quit of service suppliers because of qualification changes, acquisition, mergers or bankruptcy; 2) duration and recovery possibility of event; 3) influence scope and possible emergency measures of event; 4) possibility and time of recovering service by service suppliers; 5) alternative service suppliers and migration program of outsourcing service; 6) possibility, limitation and resource demand of transferring outsourcing service to banking financial institutions for autonomous functioning. Article 51 As for the dis-satisfactory of outsourcing requirements of major events, banking financial institutions shall actively ask service suppliers to quit the service under the condition of fully evaluation of its influence and preparing quit plans. In case of severe conditions, canceling admission qualifications shall be considered and apply the surveillance institutions to put on records. As for associated surveillance, banking financial institutions shall not affect the implementation of service supplier exit mechanism because of associated relations. Page 12 of 20
9 sensitive information like banking financial institution customer material, transaction data etc.; 4) the business transaction system outsourcing undertaken by non-on-site form or intensive storage of customer data; 5) associated outsourcing; 6) cross-border IT outsourcing; 7) other IT outsourcing regarded as important by CBRC. Article 77 When the following major event occur during the IT outsourcing of banking financial institutions, they shall be reported to CBRC or its dispatched agencies within two working days. 1) sensitive data disclosure such as customer information of banking financial institutions; 2) data damage or interruption of major business operation; 3) outsourcing service interruption of many banking financial institutions because of force majeure, or important operational, financial problems of service suppliers; 4) other illegal events of service suppliers; 5) other reported important events regulated by CBRC. Article 78 Banking financial institutions shall submit the annual risk evaluation report to CBRC or other dispatched agencies after the annual outsourcing risk management evaluation. Article 79 CBRC and its dispatched agencies shall supervise and inspect the IT outsourcing of banking financial institutions whose results shall be included into the surveillance rate of banking financial institutions. Article 80 As for the IT outsourcing service with high risks, CBRC and its dispatched agencies shall ask banking financial institutions to suspend or quit the outsourcing service until banking financial institutions and outsourcing service suppliers can effectively rectify. Article 81 As for the violation of the guidelines by banking financial institutions, CBRC and its dispatched agencies can ask them to rectify or adopt alternative plans and conduct accountability based on concrete conditions. As for the damage to the sound operation of banking financial institutions by management fault in outsourcing activities and other damage to depositors and other legal rights of customers, the management responsibility Page 18 of 20
10 of banking financial institutions shall be investigated. Article 82 CBRC practices the risk surveillance mechanism for the IT outsourcing activities in banking; regularly reminds the major banking outsourcing service institutions and risks for banking financial institutions; and prevent the systematic or regional IT risks caused by high institutional concentrations. Article 83 CBRC shall make major risks surveillance and evaluation for the banking financial institutions IT outsourcing service with institutional concentration features. Based on necessity, banking financial institutions can be asked to meet with major outsourcing institution to explain the outsourcing service activities and major risky events. Article 84 CBRC shall organize the banking financial institutions to check the IT service activities of banking financial institutions served by major outsourcing service institutions. In principle, it shall be carried out every other year. It can also be practiced by entrusting third-party auditing institutions. Article 85 CBRC can remind the banking financial institutions of surveillance based on the banking financial institutions IT service activity risk evaluation and on-site investigation so as to ask and urge the banking major outsourcing institutions to rectify the risky problems. Article 86 Major banking outsourcing service institutions shall cooperate with banking financial institutions and CBRC to do risky surveillance and on-site investigation. Article 87 CBRC shall organize relevant banking financial institutions to manage and record the banking IT outsourcing service suppliers and make risk evaluation and rating. Article 88 As for the following situations in outsourcing service by service suppliers, CBRC shall regularly provide service suppliers risk warning to banking; release the institution names, service information and so on; ask the banking financial institution to forbid relevant service suppliers to undertake banking IT outsourcing service with at least two years. If outsourcing service suppliers do not rectify, the prohibiting time shall be prolonged. 1) violation of national laws, regulations and surveillance policies under severe circumstance; 2) stealing or disclosure of banking financial institutions sensitive information under severe circumstance; 3) many times of important information system service interruption or data damage, loss or disclosure because of management loss; Page 19 of 20
11 4) damage caused to many banking financial institutions due to low service quality without rectifications after many warnings; 5) problems found in the risk surveillance and on-site investigation with rectification overdue; 6) other illegal or violation to laws and regulations or other major IT risk events. Article 89 CBRC is responsible for the admission management for banking financial institutions for IT outsourcing service suppliers. As for outsourcing activities with major risks, banking financial institution shall immediately evaluate the appropriateness of outsourcing; and remind of the risks warning of IT outsourcing service suppliers and ask them to rectify within limited time. Undertaking of IT outsourcing service is forbidden with non-rectification overdue. Chapter 9 Supplementary Provisions Article 90 Interpretation and revision of this guideline is under the charge of CBRC. Article 91 The guidelines shall take effect from the issuing date. END Page 20 of 20
Regulations for the Supervision and Administration. of Medical Devices
Regulations for the Supervision and Administration Article 1 of Medical Devices Chapter I General Provisions These Regulations are formulated with a view to ensuring the safety and effectiveness of medical
More informationLAW OF THE PEOPLE'S REPUBLIC OF CHINA ON PREVENTION AND CONTROL OF OCCUPATIONAL DISEASES
LAW OF THE PEOPLE'S REPUBLIC OF CHINA ON PREVENTION AND CONTROL OF OCCUPATIONAL DISEASES (Adopted at the 24th Meeting of the Standing Committee of the Ninth National People's Congress on October 27, 2001
More informationStatement of Guidance: Outsourcing Regulated Entities
Statement of Guidance: Outsourcing Regulated Entities 1. STATEMENT OF OBJECTIVES 1.1 This Statement of Guidance ( Guidance ) is intended to provide guidance to regulated entities on the establishment of
More informationOutsourcing Guidelines. for Financial Institutions DRAFT (FOR CONSULTATION)
Outsourcing Guidelines for Financial Institutions DRAFT (FOR CONSULTATION) October 2015 Table of Contents 1. INTRODUCTION... 3 2. DEFINITIONS... 3 3. PURPOSE, APPLICATION AND SCOPE... 4 4. TRANSITION PERIOD...
More informationBrief introduction of the emergency response mechanism of public health incidents the ministry of health of china
Brief introduction of the emergency response mechanism of public health incidents the ministry of health of china 2004.5 The progress of the establishment of public health emergency response mechanism
More informationCOMMISSION IMPLEMENTING REGULATION (EU)
L 253/8 Official Journal of the European Union 25.9.2013 COMMISSION IMPLEMENTING REGULATION (EU) No 920/2013 of 24 September 2013 on the designation and the supervision of notified bodies under Council
More informationChapter 9 Legal Aspects of Health Information Management
Chapter 9 Legal Aspects of Health Information Management EXERCISE 9-1 Legal and Regulatory Terms 1. T 2. F 3. F 4. F 5. F EXERCISE 9-2 Maintaining the Patient Record in the Normal Course of Business 1.
More informationFACULTY OF DENTISTRY, THE UNIVERSITY OF HONG KONG THE PRINCE PHILIP DENTAL HOSPITAL
FACULTY OF DENTISTRY, THE UNIVERSITY OF HONG KONG THE PRINCE PHILIP DENTAL HOSPITAL Rules Governing Treatment of Patients and Handling of Patient Information (Applicable to Staff and Students of both the
More informationAudit Report Grant Closure Processes Follow-up Review
Audit Report Grant Closure Processes Follow-up Review GF-OIG-16-017 Geneva, Switzerland Table of Contents I. Background... 3 II. Objectives, Scope, Methodology and Rating... 5 1) Objectives... 5 2) Scope&
More informationLIETUVOS RESPUBLIKOS SOCIALINĖS APSAUGOS IR DARBO MINISTERIJA MINISTRY OF SOCIAL SECURITY AND LABOUR OF THE REPUBLIC OF LITHUANIA
LIETUVOS RESPUBLIKOS SOCIALINĖS APSAUGOS IR DARBO MINISTERIJA MINISTRY OF SOCIAL SECURITY AND LABOUR OF THE REPUBLIC OF LITHUANIA International Labour Standards Department 2013-10-30 International Labour
More informationThird Party Trust Manage your outsourcing arrangements
Third Party Trust Manage your outsourcing arrangements Who's keeping your promises October 2014 Issue 1 Contents Page MAS Outsourcing Guidelines and Notice 4 Implications of Notice 6 MAS Outsourcing Guidelines
More informationInternal Compliance Programs (ICPs)
Internal Compliance Programs (ICPs) 1 Standards for Exporters In April 2010, METI amended the Foreign Exchange and Foreign Trade Act, and introduced the standards for exporters, which require every single
More informationGATEWAY BEHAVIORAL HEALTH SERVICES VOLUNTEER/INTERNSHIP APPLICATION
PERSONAL INFORMATION GATEWAY BEHAVIORAL HEALTH SERVICES VOLUNTEER/INTERNSHIP APPLICATION NAME SOCIAL SECURITY # ADDRESS CITY/STATE/ZIP TELEPHONE EMERGENCY CONTACT RELATIONSHIP TO INTERN/VOLUNTEER TELEPHONE
More informationNABET Criteria for Food Hygiene (GMP/GHP) Awareness Training Course
NABET Criteria for Food Hygiene (GMP/GHP) Awareness Training Course 0 Section 1: INTRODUCTION 1.1 The Food Hygiene training course shall provide training in the basic concepts of GMP/GHP as per Codex Guidelines
More informationGAO INDUSTRIAL SECURITY. DOD Cannot Provide Adequate Assurances That Its Oversight Ensures the Protection of Classified Information
GAO United States General Accounting Office Report to the Committee on Armed Services, U.S. Senate March 2004 INDUSTRIAL SECURITY DOD Cannot Provide Adequate Assurances That Its Oversight Ensures the Protection
More informationBOM/BSD 17/May 2006 BANK OF MAURITIUS. Guidelines on Outsourcing by Financial Institutions
BOM/BSD 17/May 2006 BANK OF MAURITIUS Guidelines on Outsourcing by Financial Institutions May 2006 Revised November 2017 Table of Contents 1. Introduction...1 Authority...1 Scope of application...1 Effective
More informationGrant Agreement Tool Model Contract Provisions
SLS SAMPLE DOCUMENT 07/05/17 Grant Agreement Tool Model Contract Provisions This document contains a variety of model contractual provisions for use in grant agreements. Most of these provisions are donor-friendly
More informationSubsidy contract for the project. Click here to enter text.
Subsidy contract for the project Click here to enter text. Version 02 as of 14.06.2016 The following contract between the Land of Salzburg acting as managing authority (hereinafter MA ) of the European
More informationThis policy applies to all employees.
Policy: Code of Conduct and Ethics Policy #: 501.007 Department: Compliance Effective Date (Mo/Dy/Yr): 11/17/1990 Last Revision Date (Mo/Dy/Yr): 07/06/2008 Scope: This policy applies to all employees.
More informationDECREE ON OCCUPATIONAL SAFETY AND HYGIENE
GOVERNMENT No. 06-CP SOCIALIST REPUBLIC OF VIETNAM Independence - Freedom - Happiness Hanoi, 20 January 1995 DECREE ON OCCUPATIONAL SAFETY AND HYGIENE The Government Pursuant to the Law on the Organization
More informationDepartment of Defense Defense Commissary Agency Fort Lee, VA DIRECTIVE. Records Management Program
Department of Defense Defense Commissary Agency Fort Lee, VA 23801-1800 DIRECTIVE Records Management Program DeCAD 5-2 Corporate Operations Group OPR: HQ DeCA/COG References: (a) DeCA Directive (DeCAD)
More informationBanking Regulation and Policy Department Bangladesh Bank Head Office Dhaka
Banking Regulation and Policy Department Bangladesh Bank Head Office Dhaka BRPD Circular No- Date:---------- Managing Director/Chief Executive All bank-companies operating in Bangladesh Dear Sir, Guidelines
More informationCNAS-RL01. Rules for the Accreditation of Laboratories
CNAS-RL01 Rules for the Accreditation of Laboratories CNAS CNAS-RL01:2011 Page 1 of 25 Table of Contents Foreword... 2 1 Scope... 3 2 References... 3 3 Terms and definitions... 3 4 Accreditation conditions...
More informationPRE- QUALIFICATION OF SUPPLIERS FOR HOME AFRIKA LIMITED
PRE- QUALIFICATION OF SUPPLIERS FOR HOME AFRIKA LIMITED 2018 2020 1 TABLE OF CONTENTS INTRODUCTION 3 SUBMISSION INSTRUCTIONS 3 IMPORTANT NOTES TO THE SUPPLIER..4 MANDATORY REQUIREMENTS 5 INFORMATION QUESTIONNAIRE..6
More informationLinda Livingston, Resource Coordinator
Page 1 Request for Proposal (RFP) For a Non-Profit Ownership (NPO) entity to acquire and develop single family homes San Diego Regional Center Community Placement Plan For Fiscal Year 2016-2017 AUTHORITY
More informationEXECUTIVE ORDER 12333: UNITED STATES INTELLIGENCE ACTIVITIES
EXECUTIVE ORDER 12333: UNITED STATES INTELLIGENCE ACTIVITIES (Federal Register Vol. 40, No. 235 (December 8, 1981), amended by EO 13284 (2003), EO 13355 (2004), and EO 13470 (2008)) PREAMBLE Timely, accurate,
More informationWEST VIRGINIA HIGHER EDUCATION POLICY COMMISSION REQUEST FOR PROPOSALS VERIFICATION AND DOCUMENT MANAGEMENT SERVICES RFP #19007.
WEST VIRGINIA HIGHER EDUCATION POLICY COMMISSION REQUEST FOR PROPOSALS VERIFICATION AND DOCUMENT MANAGEMENT SERVICES RFP #19007 Table of Contents Section 1 Section 2 Section 3 Section 4 Section 5 Section
More informationLETTER OF AGREEMENT TERMS AND CONDITIONS OF DISCRETIONARY GRANT
LETTER OF AGREEMENT TERMS AND CONDITIONS OF DISCRETIONARY GRANT LFO grant no.: Grant recipient: Grant period begins: Maximum total grant: Project title: Grant period ends: Date of Board approval: We are
More informationThe Basics of International Compliance Programme / Industry Seminar in the Philippines Hong-Kong (Jan. (Sep. 13, ) Shunichi GOSHIMA.
The Basics Basics of International International Compliance Compliance Programme Programme / Industry Industry Seminar Seminar in the Philippines Hong-Kong (Jan. (Sep. 13, 9. 2011) The Basics Internal
More informationNational Cervical Screening Programme Policies and Standards. Section 2: Providing National Cervical Screening Programme Register Services
National Cervical Screening Programme Policies and Standards Section 2: Providing National Cervical Screening Programme Register Services Citation: Ministry of Health. 2014. National Cervical Screening
More informationTHE ASCENSION HEALTH CORPORATE RESPONSIBILITY PROGRAM A MISSION BASED ON VALUES AND ETHICS
THE ASCENSION HEALTH CORPORATE RESPONSIBILITY PROGRAM A MISSION BASED ON VALUES AND ETHICS Ascension Health, its local health ministries, associates and agents are committed to carrying out their health
More informationGeneral terms and conditions of Tempo funding
1 June 2017 1 (6) General terms and conditions of Tempo funding Contents 1 Scope of application and publicity of the funding decision... 2 2 Monitoring of costs... 2 3 Eligible costs... 2 3.1 Principles...
More informationSchedule B New York Main Street (NYMS) Administrative Plan Awardee/LPA NAME Project Name
Schedule B New York Main Street (NYMS) Administrative Plan Awardee/LPA NAME Project Name SHARS ID: # The term Local Program Administrator or LPA shall refer to Awardee Name, the recipient of the Housing
More informationChild Care Program (Licensed Daycare)
Chapter 1 Section 1.02 Ministry of Education Child Care Program (Licensed Daycare) Follow-Up on VFM Section 3.02, 2014 Annual Report RECOMMENDATION STATUS OVERVIEW # of Status of Actions Recommended Actions
More informationGuidelines for the practice of home telemedicine (2011 edition)
Guidelines for the practice of home telemedicine (2011 edition) Japanese Telemedicine and Telecare Association Chapter 1.Introduction A large number of patients prefer to receive medical treatment in a
More informationSOLICITATION FOR PARTICIPATION IN A REQUEST FOR PROPOSALS FOR CHIEF EXECUTIVE OFFICER (CEO) SEARCH SERVICES JACKSONVILLE, FL SOLICITATION NUMBER 94414
SOLICITATION FOR PARTICIPATION IN A REQUEST FOR PROPOSALS FOR CHIEF EXECUTIVE OFFICER (CEO) SEARCH SERVICES JACKSONVILLE, FL SOLICITATION NUMBER 94414 PROPOSALS ARE DUE ON APRIL 27, 2018 BY 12:00 PM EST
More informationCourtesy Translation. Supplements and Amendments IV to the Mainland s Specific Commitments on Liberalization of Trade in Services for Macao
Courtesy Translation Annex Supplements and Amendments IV to the Mainland s Specific Commitments on Liberalization of Trade in Services for Macao Sectors or sub-sectors 1. Business services A. Professional
More informationPolicy on Telecommuting
Page 1 of 9 PURPOSE: California State University Channel Islands supports telecommuting when the campus determines that telecommuting is in its best interest. Such instances for telecommuting
More informationTrust Fund Grant Agreement
Public Disclosure Authorized CONFORMED COPY GRANT NUMBER TF094521 GZ Public Disclosure Authorized Trust Fund Grant Agreement (Additional Financing for the Palestinian NGO-III Project) Public Disclosure
More informationRegulatory system reform of occupational health and safety in China
Industrial Health 2015, 53, 300 306 Country Report Regulatory system reform of occupational health and safety in China Fenghong WU 1 and Yan CHI 2 * 1 Department of Public Health, Nanning Center for Disease
More informationPOLICY STATEMENT PRIVACY POLICY
POLICY STATEMENT PRIVACY POLICY Version: 3.0 Issue Date: 01/07/2009 Last Review: 10/02/2016 Issued By: General Manager APPROVAL This policy has been approved by the Boards of METRO Church Australia and
More informationManaging Risks and Security in Outsourced Environment
Managing Risks and Security in Outsourced Environment Vincent Leung CISSP CISA CISM TOGAF Enterprise Architect - Information Security 19 May 2011 1 Contents 1. About Cathay Pacific Airways 2. Outsourcing
More informationConstruction of Agricultural University Students Entrepreneurship Incubation Base Taking Sichuan Agricultural University as a Case Study
Construction of Agricultural University Students Entrepreneurship Incubation Base Taking Sichuan Agricultural University as a Case Study Xia Yao Student Affairs Department, Chengdu Campus, Sichuan Agricultural
More informationEmployee Assistance Professionals Association of South Africa: an Association for Professionals in the field of Employee Assistance Programmes
Employee Assistance Professionals Association of South Africa: an Association for Professionals in the field of Employee Assistance Programmes EAPA-SA, PO Box 11166, Hatfield, 0028. Code of Ethics 2010
More informationGetting Ready for Ontario s Privacy Legislation GUIDE. Privacy Requirements and Policies for Health Practitioners
Getting Ready for Ontario s Privacy Legislation GUIDE Privacy Requirements and Policies for Health Practitioners PUBLISHED BY THE COLLEGE OF DENTAL HYGIENISTS OF ONTARIO SEPTEMBER 2004 2 This booklet is
More informationNEW DISASTER PLANNING REGULATIONS AND REQUIREMENTS: ARE YOU PREPARED?
NEW DISASTER PLANNING REGULATIONS AND REQUIREMENTS: ARE YOU PREPARED? By: Minton P. Mayer Wiseman Ashworth Law Group Nashville Memphis 5050 Poplar, 24 th Floor Memphis, TN 38157 Telephone 901 312 1641
More informationAGREEMENT BETWEEN THE BAKU-TBILISI-CEYHAN PIPELINE COMPANY AND THE GOVERNMENT OF GEORGIA ON THE ESTABLISHMENT OF A GRANT PROGRAM FOR GEORGIA
AGREEMENT BETWEEN THE BAKU-TBILISI-CEYHAN PIPELINE COMPANY AND THE GOVERNMENT OF GEORGIA ON THE ESTABLISHMENT OF A GRANT PROGRAM FOR GEORGIA Agreement between BTC Co. and the Government of Georgia On the
More informationGUIDELINES FOR CRITERIA AND CERTIFICATION RULES ANNEX - JAWDA Data Certification for Healthcare Providers - Methodology 2017.
GUIDELINES FOR CRITERIA AND CERTIFICATION RULES ANNEX - JAWDA Data Certification for Healthcare Providers - Methodology 2017 December 2016 Page 1 of 14 1. Contents 1. Contents 2 2. General 3 3. Certification
More informationSupplements and Amendments VI to the Mainland s Specific Commitments on Liberalization of Trade in Services for Hong Kong 1. A. Professional services
Annex Supplements and Amendments VI to the Mainland s Commitments on Liberalization of Trade in Services for Hong Kong 1. Sectors or 1. Business services A. Professional services a. Legal services (CPC861)
More informationBusiness Risk Planning
Business Risk Planning SENTINEL EVENTS EHNAC Background The Electronic Healthcare Network Accreditation Commission (EHNAC) is a federally recognized, standards development organization and tax-exempt,
More informationWe are the regulator: Our job is to check whether hospitals, care homes and care services are meeting essential standards.
Inspection Report We are the regulator: Our job is to check whether hospitals, care homes and care services are meeting essential standards. Life Line Screening UK Corporate Office 3rd Floor, Suite 8,
More informationImplementation Regulations of Import Boiler und Pressure Vessel Safety Quality Licensing System
Implementation Regulations of Import Boiler und Pressure Vessel Safety Quality Licensing System Issued by the Ministry of Labour of the People s Republic of China on September 29, 1993 Implementation Regulations
More informationNABET Accreditation Criteria for QMS Consultant Organizations (ISO 9001: 2008)
NABET Accreditation Criteria for QMS Consultant Organizations (ISO 9001: 2008) NABET/ QMS CO/ 0111/00 Page 0 INTRODUCTION A number of consultant Organizations is helping organizations in various sectors
More informationOutsourcing Risk Management. UniCredit Group Experience
Risk UniCredit Group Experience Stefano Alberigo Unicredit Head of Operational & Reputational Risk Oversight Francesco Mottola Manager Accenture Finance & Risk Rome, 23 th June 2015 Agenda A Context &
More informationAshland Hospital Corporation d/b/a King s Daughters Medical Center Corporate Compliance Handbook
( Medical Center ) conducts itself in accord with the highest levels of business ethics and in compliance with applicable laws. This goal can be achieved and maintained only through the integrity and high
More informationChecklist of requirements for licensing under Section 31 of the Trade Regulation Code (GewO)
Checklist of requirements for licensing under Section 31 of the Trade Regulation Code (GewO) I. Operational framework 1. Senior executive 1.1 Company management has selected a senior executive as designated
More informationManagement Standards. EHS Policy and Program
Global Environment, Health and Safety Standards Abbott has an established Environment, Health and Safety (EHS) Policy and set of management and technical standards that form the basis of our EHS management
More informationEnvironment, Health, and Safety
INSTITUTE POLICY Environment, Health, and Safety Policy Statement The California Institute of Technology including its division the Jet Propulsion Laboratory ( JPL ), ( Caltech or the Institute ) is committed
More informationINDUSTRIAL ENERGY OPTIMIZATION PROGRAM
INDUSTRIAL ENERGY OPTIMIZATION PROGRAM YOU VE GOT THE POWER TO SAVE Identify energy waste and reduce your production costs. Our efficiency experts will provide customized technical assistance to help you
More informationIAF MLA Document. Policies and Procedures for a MLA on the Level of Single Accreditation Bodies and on the Level of Regional Accreditation Groups
IAF MLA Document Level of Single Accreditation Bodies and on the Level of Regional Accreditation Groups (IAF ML 4:2016) Issued: 11 May 2016 Application Date: 11 May 2016 IAF ML 4:2016, Page 2 of 23 The
More informationManaging outsourcing projects. Prof. Dr. Daning Hu Department of Informatics University of Zurich
Managing outsourcing projects Prof. Dr. Daning Hu Department of Informatics University of Zurich Learning objectives Understand the scope of IT outsourcing Understand the outsourcing environment Review
More informationTrust Fund Grant Agreement
Public Disclosure Authorized CONFORMED COPY GRANT NUMBER TF057872-GZ Public Disclosure Authorized Trust Fund Grant Agreement (Palestinian NGO-III Project) Public Disclosure Authorized between INTERNATIONAL
More informationSecurity Asset Protection Professional Certification (SAPPC) Competency Preparatory Tools (CPT)
SAPPC Knowledge Checkup Please note: Cyber items are indicated with a ** at the end of the practice test questions. Question Answer Linked 1. What is the security professionals role in pursuing and meeting
More informationAPPENDIX D CHECKLIST FOR PROPOSALS
APPENDIX D CHECKLIST FOR PROPOSALS Is proposal content complete, clear, and concise? Proposals should include a comprehensive scope of work, and have enough detail to permit the responsible public entity
More informationMAS RELEASES REVISED GUIDELINES ON OUTSOURCING RISK MANAGEMENT
AUGUST 2016 1 MAS RELEASES REVISED GUIDELINES ON OUTSOURCING RISK MANAGEMENT On 27 July 2016, the Monetary Authority of Singapore ( MAS ) issued its new Guidelines on Outsourcing Risk Management ( Revised
More informationAPPLICATION FOR EMPLOYMENT
MISSAUKEE COUNTY Sheriff s Office 911-Dispatch Po Box 800 110 S. Pine Street Lake City, Michigan, 49651 Phone (231)-839-4338 Fax: (231)-839-4344 APPLICATION FOR EMPLOYMENT (PLEASE PRINT PLAINLY) Note:
More informationDATA PROTECTION POLICY (in force since 21 May 2018)
DATA PROTECTION POLICY (in force since 21 May 2018) This Data Protection Policy is issued by IDM Südtirol - Alto Adige, with registered office in Piazza della Parrocchia n. 11 39100, Bolzano (hereinafter
More informationDOCTORS HOSPITAL, INC. Medical Staff Bylaws
3.1.11 FINAL VERSION; AS AMENDED 7.22.13; 10.20.16; 12.15.16 DOCTORS HOSPITAL, INC. Medical Staff Bylaws DMLEGALP-#47924-v4 Table of Contents Article I. MEDICAL STAFF MEMBERSHIP... 4 Section 1. Purpose...
More informationReport of the Information & Privacy Commissioner/Ontario. Review of the Cardiac Care Network of Ontario (CCN):
Information and Privacy Commissioner / Ontario Report of the Information & Privacy Commissioner/Ontario Review of the Cardiac Care Network of Ontario (CCN): A Prescribed Person under the Personal Health
More information1. Lead Times. 2. Duration and Effective Date
1. Lead Times From receipt of a new signed service agreement, the times taken to implement the Hosting Services will be 2 weeks. 2. Duration and Effective Date 2.1 The Effective Date of this Schedule is
More information2018 IATA GAPS Startup Innovation Awards Terms & Conditions
2018 IATA GAPS Startup Innovation Awards Terms & Conditions VOID WHERE PROHIBITED. NO PURCHASE NECESSARY TO ENTER OR WIN. GENERAL INFORMATION 1. Information on how to enter the 2018 IATA Global Airport
More informationATRIUM - GENERAL INFORMATION
ATRIUM - GENERAL INFORMATION The atrium is situated on the ground floor of the Bank of Cyprus Cultural Foundation, (hereinafter called as the Cultural Foundation ) at 86-90 Faneromeni Street, 1011 Nicosia.
More informationSUMMARY OF JOINT NOTICE OF PRIVACY PRACTICES (HOSPITAL AND MEMBERS OF ITS MEDICAL STAFF)
VCMC Ventura County Medical Center SUMMARY OF JOINT NOTICE OF PRIVACY PRACTICES (HOSPITAL AND MEMBERS OF ITS MEDICAL STAFF) The Joint Notice of Privacy Practices ("Notice") covers all services provided
More informationNotre Dame College Website Terms of Use
Notre Dame College Website Terms of Use Agreement to Terms of Use These Terms and Conditions of Use (the Terms of Use ) apply to the Notre Dame College web site located at www.notre-dame-college.edu.hk,
More informationHealth and Safety Policy and Managerial Responsibilities
Health and Safety Policy and Managerial Responsibilities 1.0 Purpose This document outlines the policies, procedures and practices governing the manner in which the Royal Conservatoire of Scotland manages
More informationConsolato d Italia. Cape Town
Consolato d Italia Cape Town SPECIFICATIONS SELECTION PROCEDURE FOR AN EXTERNAL SERVICE PROVIDER TO SUPPORT THE ITALIAN CONSULAR/DIPLOMATIC MISSION IN THE PROCESSING OF VISA APPLICATION DEFINITIONS For
More informationQuestion 1. A) Susie can sue the amusement park, and will probably win, because one of the ride operators failed to properly buckle her in.
Question 1. Susie loves roller coasters. Recently, Susie went to an amusement park that had a roller coaster advertised to be one of the best in the world. While Susie was on the roller coaster, she was
More informationTELECOMMUNICATION SERVICES APPLICATION TYPE A, B, OR C NETWORKS, AND/OR TYPE 1 TO 5 SERVICES
TELECOMMUNICATION SERVICES APPLICATION TYPE A, B, OR C NETWORKS, AND/OR TYPE 1 TO 5 SERVICES INSTRUCTIONS FOR COMPLETION Print clearly, illegible, unclear or incomplete application forms may delay processing.
More informationNotice of Proposed Rule Making NPRM 15-03
Notice of Proposed Rule Making NPRM 15-03 16 July 2015 Part 147 Docket 14/CAR/2 Consequential Amendments Part 66 Part 119 Part 145 Published by the Civil Aviation Authority of New Zealand Background to
More informationRegulations for HKAS Accreditation
Regulations for HKAS Accreditation Published by Innovation and Technology Commission The Government of the Hong Kong Special Administrative Region 36/F., Immigration Tower, 7 Gloucester Road, Wan Chai,
More informationStartup Terrace 2018 Selection Award. Application Guide
Small and Medium Enterprise Administration, Ministry of Economic Affairs International Startup Campus Demonstration Program Startup Terrace 2018 Selection Award Application Guide Version 14 June 2018 Organizer:
More informationIncident Management Plan
The Glasgow School of Art Incident Management Plan June 2015 (Minor Updates: October 2016) Policy Control Title Incident Management Plan Date Approved June 2015 Approving Bodies Board of Governors Executive
More informationRisk-Quality-Safety Management Reporting and the Healthcare SafetyZone Portal
Risk-Quality-Safety Management Reporting and the Healthcare SafetyZone Portal Heather Annolino, RN, MBA, CPHRM Director, Risk-Quality-Safety Consulting Services Clarity Group, Inc. 04/22/15 1 04/22/15
More informationCompliance Program Updated August 2017
Compliance Program Updated August 2017 Table of Contents Section I. Purpose of the Compliance Program... 3 Section II. Elements of an Effective Compliance Program... 4 A. Written Policies and Procedures...
More informationStandards for the Operation of Licensed Pharmacies
Standards for the Operation of Licensed Pharmacies Introduction These standards are made under the authority of Section 29.1 of the Pharmacy and Drug Act. They are one component of the law that governs
More informationWESTMINSTER SCHOOL DISTRICT
WESTMINSTER SCHOOL DISTRICT TITLE: ASSISTANT DIRECTOR OF NUTRITION SERVICES BASIC FUNCTION: In association with the Director of Nutrition Services, assists in planning, coordinating, and directing a district-wide
More informationPre-Qualification Document External Audit Services
Pre-Qualification Document External Audit Services Audit of the annual accounts of the European Financial Stability Facility for the financial years 2017-2019 26/01/2017 Introduction The European Financial
More informationREQUESTING QUALIFICATIONS FOR PROFESSIONAL DESIGN SERVICES
STATE OF FLORIDA, DEPARTMENT OF MILITARY AFFAIRS CONSTRUCTION & FACILITY MANAGEMENT OFFICE PUBLIC ANNOUNCEMENT REQUESTING QUALIFICATIONS FOR PROFESSIONAL DESIGN SERVICES For PROJECT NUMBER: 212060 BROOKSVILLE
More informationHIPAA Notice of Privacy Practices
HIPAA Notice of Privacy Practices Georgia Mountains Hospice understands that your health information is highly personal and we are committed to safeguarding your privacy. Please read this Notice of Privacy
More informationIncident Reporting, Notification, and Review Procedure
Incident Reporting, Notification, and Review Procedure 1. Purpose and Scope 1.1. The purpose of this procedure is to require incident reporting and notification and to aid the University of Notre Dame
More informationEQuIPNational Survey Planning Tool NSQHSS and EQuIP Actions 4.
Standard 1: Governance for safety and Quality and Standard 2: Partnering with Consumers Section 1 Governance, Policies, Business decision making, Organisational / Strategic planning, Consumer involvement
More informationOffice of the Australian Information Commissioner
Policy and Procedure Name Privacy Policy and Procedure Version 1.0 Approved By Chief Executive Officer Date Approved 19/10/2016 Review Date 30/06/2017 Opportune Professional Development in accordance with
More informationSTUDENT ORGANIZATION ROOM RENTAL AGREEMENT
STUDENT ORGANIZATION ROOM RENTAL AGREEMENT *Each section must be initialed by Student Organization President. The signature page on the back must be completed by the listed officers. This form must be
More informationHEALTH AND SAFETY POLICY
HEALTH AND SAFETY POLICY Category: Health and Safety Date Created: July 2016 Responsibility: Chief Executive Date Last Reviewed: October 2017 Approval: UCOL Council Version: 17.1 UCOL Health and Safety
More informationDefense Security Service National Industrial Security Program. Guidelines for Trustees, Proxy Holders and Outside Directors
Defense Security Service National Industrial Security Program Guidelines for Trustees, Proxy Holders and Outside Directors July 2009 Guidelines for Trustees, Proxy Holders, and Outside Directors (TO BE
More informationREQUEST FOR PROPOSAL (RFP) # CONSULTANT SERVICES FOR DEVELOPMENT OF A DISTRICT SUSTAINABILITY PLAN
REQUEST FOR PROPOSAL (RFP) #1314-15 CONSULTANT SERVICES FOR DEVELOPMENT OF A DISTRICT SUSTAINABILITY PLAN Request for Proposal must be received no later than January 3, 2014 at 2:00 pm CARRI MATSUMOTO
More informationBill 59 (2012, chapter 23) An Act respecting the sharing of certain health information
SECOND SESSION THIRTY-NINTH LEGISLATURE Bill 59 (2012, chapter 23) An Act respecting the sharing of certain health information Introduced 29 February 2012 Passed in principle 29 May 2012 Passed 15 June
More informationOUTSOURCING IN 2010 RECENT TRENDS & KEY ISSUES FOR IRISH BUSINESSES
OUTSOURCING IN 2010 RECENT TRENDS & KEY ISSUES FOR IRISH BUSINESSES What is Outsourcing? What can be Outsourced? Why Outsource? Key Benefits Who Is Outsourcing? Recent Deals Irish Outsourcing Market 2010
More informationSafeguarding Healthcare Information. By:
Safeguarding Healthcare Information By: Jamal Ibrahim Enterprise Info Security ICTN 4040-602 Spring 2015 Instructors: Dr. Phillip Lunsford & Mrs. Constance Bohan Abstract Protection of healthcare information
More informationREQUEST FOR PROPOSAL: SAN EXPANSION & OPTIMIZATION
REQUEST FOR PROPOSAL: SAN EXPANSION & OPTIMIZATION Issued: November 21, 2014 TABLE OF CONTENTS 1. Introduction...3 1.1 Purpose...3 1.2 Background...3 1.3 Summary of Services Required...3 2. Key Information
More information