Download Free Payment Card Industry Data Security Standard Compliance (PCI DSS) Roles and Responsibilities Matrix Templates

- Chief Information Officers (CIOs) who are concerned with the deployment and operation of systems and IT-related processes.

- Chief Information Security Officers (CISOs) who are concerned with the overall information security program and compliance with information security policies.

- Chief Financial Officers (CFOs) who are concerned with the overall control environment of their organizations. This is often delegated to financial positions such as those in Payments Operations, and Accounts Receivable.

- Chief Privacy Officers (CPOs) who are responsible for the implementation of policies that relate to the management of personal information, including policies that support compliance with privacy and data protection laws.

The ISLA framework is enabling because it introduces advanced work-flow automation and community management technology into the OSS environment, thereby creating a number of core capabilities that can be divided over seven functionally oriented logical domains, which will be discussed later in the chapter.

The three framework components are as follows:
1. Enabling technology and concepts
- Dynamic work-flow automation
- Dynamic work-flow communities

2. Capabilities
- Universal access
- Intelligence
- Collaboration
- Automation

What is the differences between ITIL Incident Management and ITIL Problem Management, here is the explanation in simple comparison:

Process:
Incident Management: Deals with fighting symptoms to incidents

Problem Management: Seeks to remove the causes of incidents permanently from the IT infrastructure.

Interaction
Incident Management: interaction with customers is usually reactive, with the main objective being to find a workaround solution to restore normal services for the customer as soon as possible.

Download Free GLBA Compliance Risk Assessment Templates for Banking and Financial Institution.
Administrative Safeguards
1) Do you check references prior to hiring employees who will have access to customer information?
2) Do you ask every new employee to sign an agreement to follow your organization's confidentiality and security standards for handling customer information
3) Do you train employees to take basic steps to maintain the security, confidentiality and integrity of customer information, such as:
a. locking rooms and file cabinets where paper records are kept;
b. using password-activated screensavers;

This IT Audit Plan Templates is built based on Banking and Financial Institution business process. However this simple IT template also could be used in another industry since there are a lot of similarity between Banking and other industries in term of IT operation and usage. Banking industry is one of Highly IT Dependent Industry which required complying with a lot of regulatory compliances from Central Bank, GLBA up to Sarbanes Oxley Compliances.