Information Asset Risk Assessment Procedure
|
|
- Julia Rogers
- 6 years ago
- Views:
Transcription
1 Information Asset Risk Assessment Procedure UNIQUE REF NUMBER: AC/IG/012/V1.2 DOCUMENT STATUS: Approved by Audit Committee 19 June 2013 DATE ISSUED: June 2013 DATE TO BE REVIEWED: June P age
2 AMENDMENT HISTORY VERSION DATE AMENDMENT HISTORY V1 June 2013 Version approved by Audit Committee 19 June 2013 AC/IG/012/V1.1 December 2013 Addition of branding and formatting changes in line with Policy for Development of Policies AC/IG/012/V1.2 February 2014 Addition of unique reference number prior to publication REVIEWERS NAME DATE TITLE/RESPONSIBILITY VERSION Donna Dallaway June 2013 CSU Information Governance Manager V1 Matthew Hartland June 2013 Chief Finance Officer V1 Julia Dixon June 2013 Staff Side Representative V1 APPROVALS This document has been approved by: NAME DATE TITLE/RESPONSIBILITY VERSION CCG Audit 19 June 2013 Delegated authority from Board V1 Committee NB: The version of this policy used on the intranet must be a PDF copy of the approved version. DOCUMENT STATUS This is a controlled document. Whilst this document may be printed, the electronic version posted on the intranet is the controlled copy. Any printed copies of the document are not controlled. RELATED DOCUMENTS These documents will provide additional information: REFERENCE NUMBER AC/IG/010 AC/IG/013 AC/IG/008 GB/AC/001 AC/IG/002 DOCUMENT TITLE Data Protection Policy Information Governance Policy Pseudonymisation Policy Corporate Records Policy/Retention/Destruction Procedure Risk Management Strategy Staff Code of Conduct on Confidentiality VERSION APPLICABLE LEGISLATION Data Protection Act 1998 Caldicott: Report on the Review of Patient Identifiable Information 1997 Department of Health: Information Risk Management Good Practice Guidance GLOSSARY OF TERMS TERM ACRONYM DEFINITION Senior Information Risk Officer SIRO Takes ownership of information risk and is a key factor in successfully raising the profile of information risk and to embedding information risk management in Dudley 2 P age
3 CCG s culture. Information Asset Officer IAO Individual appointed is responsible for ensuring that specific information assets are handled and managed appropriately. This means making sure that information assets are properly protected and that their value to the organisation is fully exploited. Information Asset Administrator IAA Primary role is to support the IAO to fulfil their responsibilities. IAAs will ensure that policies and procedures are followed, recognise actual or potential security incidents, consult with their IAO on incident management and ensure that information asset registers are accurate and up to date. 3 P age
4 CONTENTS PAGE NO POLICY OVERVIEW Introduction Purpose Who this Policy applies to 5 THE POLICY Responsibilities Information Assets Risk Assessment Abnormal Occurrences 6 Appendix 1 Risk Assessment 4 P age
5 POLICY OVERVIEW 1.0 Introduction 1.1 Information and information systems are important assets to the CCG and they can be essential for the corporate identity of the CCG and for patient care. This procedure ensures that information risk is managed in a robust way within the CCG. 1.2 Risk is the threat that an event or action will adversely affect the CCG s information assets. This procedure outlines the process regarding information assets to identify risks, analyse the likelihood and impact of their occurrence and then decide what action to take to prevent, minimise, accept or transfer these risks. 1.3 All CCGs are required to:- Regularly assess the risk of all information assets Monitor access to all information assets Provide assurance to the Senior Information Risk Officer (SIRO) and Accountable Officer 1.4 The CCG must also monitor the use of personal confidential data for secondary uses. The CCG must ensure that the information assets used for secondary uses are in line with the organisation s Pseudonymisation Policy. As part of the risk assessment process the pseudonymisation solution must also be checked to ensure that the data is fully pseudonymised. 2.0 Purpose The purpose of this policy is to provide NHS Dudley CCG (Dudley CCG) staff with a framework in regards to Information Asset Risk Assessment. 3.0 Who this Policy applies to 3.1 The policy applies to any person directly employed by, contracted or volunteering with Dudley CCG. This procedure is for all Information Asset Owners (IAO) to follow when conducting a risk assessment of the information assets within their area. Dudley CCG is committed to ensuring the confidentiality and security of personal confidential data and ensures that the records management is of a high quality. This can be verified and maintained through annual risk assessments of the CCG s information assets. THE POLICY 4.0 Responsibilities 4.1 Accountable Officer The Accountable Officer for the CCG is the Chief Accountable Officer. The Accountable Officer has overall responsibility for ensuring that information risks are assessed and mitigated to an acceptable level. 4.2 Senior Incident Reporting Officer (SIRO) The SIRO for the CCG is the Chief Finance Officer. The SIRO is the advocate for information risk within Dudley CCG. 5 P age
6 4.3 Information Asset Owner (IAO) Information Asset Owners are senior individuals, usually Chief Officers or Heads of Services. Their role is to understand and address risks for the information assets they own and to provide assurance to the SIRO. 4.4 Information Asset Administrator (IAA) Information Asset Administrators are the deputies for the IAOs and are usually Department Managers. The IAA ensures that staff adhere to policies and procedures. The IAA must consult their IAO on any potential or actual risks to the asset and ensure that information asset registers are accurate and up to date. 5.0 Information Assets 5.1 Information assets can be an array of forms and documents. The below is a list of what may be an asset, please note that this list is not exhaustive: Databases (including excel and access files) Data files Paper records Back-up and archive data Applications System software Policies and procedures Audit information Encrypted data 6.0 Risk Assessment 6.1 The risk assessment for the assets must be standardised across the CCG. Appendix 1 provides a standard checklist for which information assets must be assessed for. 6.2 The grading and scoring of the risk must be in line with the CCG s Risk Management Policy which is available via the following link; All risk assessments undertaken will be sent to the Governance Department to be entered on to the Risk Register. The reports will be reported to the SIRO via the Audit Committee. 7.0 Abnormal Occurrences 7.1 If a member of staff has been made aware of an immediate risk due to an unusual occurrence, for example virus threat, they must inform the IAA or IAO who must take all reasonable steps to avert the risk/threat. Following this a risk assessment must be completed showing the risk and actions taken and the likelihood of a reoccurrence. 6 P age
7 Appendix 1 Risk Assessment Threat Risk Possibility Comments Actions Outcome L S L x S Unauthorised use of application Misuse of Asset Communications Interception Network Failure Server Failure Storage Capacity Pseudonymisation Technical Failure Data Quality User Error Other risks identified 7 P age
NHS WOLVERHAMPTON CITY CLINICAL COMMISSIONING GROUP
NHS WOLVERHAMPTON CITY CLINICAL COMMISSIONING GROUP INFORMATION ASSET RISK ASSESSMENT PROCEDURE 1 Document Description Document Type Procedure Service NHS Wolverhampton CCG (Wolverhampton CCG) Application
More informationIntegrated Risk Management Framework
Integrated Risk Management Framework Author Patient Safety Manager Version 4.0 Version Date May 2017 Implementation/Approval Date May 2017 Review Date May 2018 Review Body Governing Body Policy Reference
More informationIntegrated Risk Management Framework Sept Page 1 of 17
Integrated Risk Management Framework 2017-2018 Sept 2017 Page 1 of 17 Reference: Title: Author/Nominated Lead: Approval Date: Approving Committee: Review Date: Target Audience: Circulation List: Cross
More informationGifts and Hospitality Policy
Gifts and Hospitality Policy UNIQUE REFERENCE NUMBER: AC/XX/005/V1.2 DOCUMENT STATUS: Approved by Audit Committee 19 June 2013 DATE ISSUED: June 2013 DATE TO BE REVIEWED: July 2014 1 P age AMENDMENT HISTORY
More informationDiscussion. Information
Item 10.8 To: From: Trust Board Kevin Turner, Deputy Chief Executive Date: 4 th July 2017 Title: Strategic Risk Management Report Responsible Director: Kevin Turner, Deputy Chief Executive Author: Karen
More informationNHS North Somerset Clinical Commissioning Group Risk Management Strategy and Framework
NHS North Somerset Clinical Commissioning Group Risk Management Strategy and Framework An Integrated Risk Management Framework Clinical Risk Management Financial Risk Management Corporate Risk Management
More informationRisk Management Policy
Risk Management Policy 1 Purpose and scope of this Policy 1.1 CSG Limited (CSG) is committed to managing its risks in a consistent and practical manner. Effective risk management is directly focussed on
More informationGifts and Hospitality Policy
Gifts and Hospitality Policy UNIQUE REFERENCE NUMBER: AC/XX/005/V2 DOCUMENT STATUS: Approved by Audit Committee 21 November 2015 DATE ISSUED: Nov 2015 DATE TO BE REVIEWED: Nov 2018 1 P age AMENDMENT HISTORY
More informationRisk Management Policy
Risk Management Policy October 2014 Risks 1. Risks can be identified under four principal headings a. Financial risks b. Strategic Risks c. Operational Risks, and d. Hazard Risks 2. These are either externally
More informationRISK MANAGEMENT FRAMEWORK
RISK MANAGEMENT FRAMEWORK UNIQUE REF NUMBER: GB/AC/001/V2.1 DOCUMENT STATUS: Approved by Audit & Governance Committee 18 October 2018 DATE ISSUED: November 2018 DATE TO BE REVIEWED: November 2021 1 AMENDMENT
More informationRisk Management Policy and Strategy
Risk Management Policy and Strategy Version: 2.1 Bodies consulted: Approved by: Directors and Managers responsible for risk Board of Directors Date Approved: 28 March 2017 Lead Manager: Lead Director:
More informationSouth Lincolnshire NHS Clinical Commissioning Group Business Continuity Policy
South Lincolnshire NHS Clinical Commissioning Group Business Continuity Policy Reference No: CG001 Version: Version 1 Approval date 27 March 2014 Date ratified: 27 March 2014 Name of Author and Lead Jules
More informationDOCUMENT TYPE: Strategy UNIQUE IDENTIFIER: RMS-01. DOCUMENT TITLE: Risk Management Strategy 2018/2019
DOCUMENT TYPE: Strategy DOCUMENT TITLE: Risk Management Strategy 2018/2019 SCOPE: Trust Wide AUTHOR / TITLE: Phebe Hemmings, Company Secretary Christine Morris, Interim Director of Governance REPLACES:
More informationImpact Assessment Risk Stratification
Privacy Impact Assessment Risk Privacy Stratification Impact Assessment Risk Stratification IG Taskforce Consultation Paper CP-02 March 2014 PIA Risk stratification Page 1 of 23 NHS England INFORMATION
More informationEnterprise Risk Management Program
Enterprise Risk Management Program David W Sundvall, Risk Manager 3/2/2016 Page 0 of 12 Table of Contents Introduction... 2 Approach... 2 Risk Appetite... 3 Roles and Responsibilities... 3 Process... 4
More informationGDPR Data Processing Addendum
GDPR Data Processing Addendum Effective Date 24 May 2018 This Data Processing Addendum for the GDPR (Addendum) is made as of the Effective Date by and between Fresh Relevance Ltd incorporated and registered
More informationRisk Management Strategy Highland Council Pension Fund
Risk Management Strategy Highland Council Pension Fund Approved Pensions Committee 9 August 2018 3 1. Introduction 1.1 Risk management is a key element of Corporate Governance and the Highland Council
More informationRisk Management Strategy
Risk Management Strategy 2016 2019 Version: 6 Policy Lead/Author & Deputy Director of Quality position: Ward / Department: Nursing Directorate Replacing Document: Version 5 Approving Committee Quality
More informationRisk Management Strategy Draft Copy
Risk Management Strategy 2017 Draft Copy FOREWORD Welcome to the Council s Strategic & Operational Risk Management Strategy, refreshed in May 2017. The aim of the Strategy is to improve strategic and operational
More informationOverpayment and Underpayment of Salary Policy Implementation Date: January 2014 Review Date: January 2017
Overpayment and Underpayment of Salary Policy Implementation Date: January 2014 Review Date: January 2017 1 P age AMENDMENT HISTORY VERSION DATE AMENDMENT HISTORY D1 Jan 14 Addition of branding and formatting
More informationCO14: Risk Management Policy
Corporate CO14: Risk Management Policy Version Number Date Issued Review Date V3.1 20/12/17 30/04/2018 Prepared By: Consultation Process: Policy & Corporate Governance Lead, NHS County Durham & Darlington
More informationRisk Management Strategy
Risk Management Strategy Document Reference MLCSU CA_WL_V3 Version 3 Authors: Donna Bamber, Midlands & Lancashire Commissioning Support Unit Senior Risk Officer Smita Shetty, Service Redesign Manager,
More informationPRIME FINANCIAL POLICIES
1. INTRODUCTION 1.1. General PRIME FINANCIAL POLICIES 1.1.1. These prime financial policies and supporting detailed financial policies shall have effect as if incorporated into the group s constitution.
More informationNHS WEST NORFOLK CLINICAL COMMISSIONING GROUP RISK MANAGEMENT STRATEGY AND POLICY FRAMEWORK
NHS WEST NORFOLK CLINICAL COMMISSIONING GROUP RISK MANAGEMENT STRATEGY AND POLICY FRAMEWORK DOCUMENT CONTROL SHEET Name of Document: WNCCG Risk Management Strategy & Policy Framework Version: 2.0 Date
More informationRISK MANAGEMENT STRATEGY Version 3
RISK MANAGEMENT STRATEGY Version 3 Risk Management Strategy V3 - March 2018 1 Standard Operating Procedure St Helens CCG Risk Management Strategy Version 3.0 Implementation Date September 2014 Review Date
More informationCONTROLLED DOCUMENT. Version Number: 4.1. On: January 2018 Review Date: June 2016 Distribution: Essential Reading for: Information for: 1 of 15
Risk Management Strategy and Policy CONTROLLED DOCUMENT CATEGORY: CLASSIFICATION: PURPOSE: Controlled Number: Document Strategy/Policy Governance To set out the principles and framework for the management
More informationMEMORANDUM. To: From: Metrolinx Board of Directors Robert Siddall Chief Financial Officer Date: September 14, 2017 ERM Policy and Framework
MEMORANDUM To: From: Metrolinx Board of Directors Robert Siddall Chief Financial Officer Date: September 14, 2017 Re: ERM Policy and Framework Executive Summary Attached are the draft Enterprise Risk Management
More informationRisk Management Policy and Framework
Risk Management Policy and Framework C014 CO14: Risk Mgt Policy and Framework (3) Page 1 of 31 Contents 1. Introduction... 5 2. Definitions... 6 3. Risk Management Framework... 7 4. Duties and responsibilities...
More informationRISK MANAGEMENT POLICY October 2015
RISK MANAGEMENT POLICY October 2015 1. INTRODUCTION 1.1 The primary objective of risk management is to ensure that the risks facing the business are appropriately managed. 1.2 Paringa Resources Limited
More informationSTRATEGY DOCUMENT. Risk Management Strategy
STRATEGY DOCUMENT Risk Management Strategy Document Number: 1COV-STG-007 Sponsor: Chief Executive Date Created: 01/11/2005 Version: 5.0 Status: Final Date Approved: xxx Next Review Date: xxx Approved By:
More informationRisk Management Strategy
Risk Management Strategy Job title of lead contact: Corporate Services Manager Version number: Version 1 Group responsible for approving Executive Team / Governing Body the document: Date of final approval:
More informationRisk Management Framework
Risk Management Framework Risk Management Framework 1. The University views Risk Management as integral to the successful execution of its Strategy. In order to achieve the aims set out in our strategy,
More informationRisk Management Policy and Procedures.
Risk Management Policy and Procedures. Rev Date Purpose of Issue/Description of Change Date 1. June 2006 Initial Issue 2. November 2009 Revised and updated 6 th November 2009 3. September 2010 Revised
More informationKent and Medway Information Sharing Agreement v4 2014/15
Kent and Medway Information Sharing Agreement v4 2014/15 Document filename: 20140918_KMISA_V4 Programme IG Partnership Board Project KMISA Review Document Reference Status Approved Programme Manager Charlie
More informationRisk Management Policy
Risk Management Policy Document Owner: Deputy Director of Strategic Planning Document version/date: Updated June 2015 Recommended by Audit and Risk Committee: 3 June 2015 Approved by Council: 30 June 2015
More informationNagement. Revenue Scotland. Risk Management Framework. Revised [ ]February Table of Contents Nagement... 0
Nagement Revenue Scotland Risk Management Framework Revised [ ]February 2016 Table of Contents Nagement... 0 1. Introduction... 2 1.2 Overview of risk management... 2 2. Policy Statement... 3 3. Risk Management
More informationNHS BROMLEY CLINICAL COMMISSIONING GROUP RISK MANAGEMENT STRATEGY
NHS BROMLEY CLINICAL COMMISSIONING GROUP RISK MANAGEMENT STRATEGY 1 CONTENTS Page Number Introduction 3 Purpose 4 Objectives 4 Systematic Approach to Risk Management 4 The Risk Management Structure 5 Risk
More informationContinuing Healthcare and Funded Nursing Care Appeal Procedure
Continuing Healthcare and Funded Nursing Care Appeal Procedure Version Version 6 Ratified by: Quality Assurance Committee Date Ratified: 6 March 2014 Name of originator/author; Name of responsible committee/individual
More informationRisk Management Policy
Risk Management Policy Version: 3 Board Endorsement: 11 January 2014 Last Review Date: 3 January 2014 Next Review Date: July 2014 Risk Management Policy 1 Table of Contents 1 Introduction... 3 2 Overview...
More informationRisk Management Strategy Review
REPORT TO TRUST BOARD 30 May 2013 G Title Risk Management Strategy Review Executive summary The NHS Litigation Authority (NHSLA) requires the Board to review the Risk Management Strategy on an annual basis.
More informationRisk Management Strategy and Standard Operating Procedure
Risk Management Strategy and Standard Operating Procedure Document Status Equality Impact Assessment Draft Completed no impact Document Ratified/Approved By Date Issued Date To be Reviewed Distribution
More informationANTI-MONEY LAUNDERING POLICIES, CONTROLS AND PROCEDURES
ANTI-MONEY LAUNDERING POLICIES, STATEMENT It is the policy of this firm that all members of staff at all levels shall actively participate in preventing the services of the firm from being exploited by
More informationNagement. Revenue Scotland. Risk Management Framework
Nagement Revenue Scotland Risk Management Framework Table of Contents 1. Introduction... 2 1.2 Overview of risk management... 2 2. Policy statement... 3 3. Risk management approach... 4 3.1 Risk management
More informationReference Check Completed by Joanne Phizacklea.Date 02/02/2017
Document Type: Strategy Document Title: Risk Management Strategy 2017/2018 Scope: Trust Wide Author / Title: Paul Jones, Company Secretary Carl Foulkes, Risk and Compliance Manager Replaces: Version 7,
More informationRISK MANAGEMENT PROCEDURE GUIDANCE
RISK MANAGEMENT PROCEDURE GUIDANCE East and North Hertfordshire Clinical Commissioning Group Page 1 of 25 DOCUMENT CONTROL SHEET Document Owner: Director of Nursing and Quality Document Author(s): Company
More informationInformation Management Business Area. National Policing Information Risk Escalation Policy V1.0
Information Management Business Area National Policing Information Risk Escalation Policy V1.0 January 2015 Introduction 1. This policy sets out the National Policing Information Risk Escalation Policy
More informationRisk Management Policy
Version: 2.0 New or Replacement: Policy number: Document author(s): Replacement ULHT-MD-GOV-RM-PMIMSI Paul White, Risk Manager Contributor(s): Members of the Trust Board & Senior Leadership Team Approved
More informationRisk Management Strategy and Policy
Risk Management Strategy and Policy SUMMARY The purpose of this document is to provide guidance to all staff within the CCG on the management of strategic, operational and project risks within the organisation
More informationRisk Management Policy
DYNAMIC ARCHISTRUCTURES LIMITED Risk Management Policy DYNAMIC ARCHISTRUCTURES LIMITED Regd. Address: 409, Swaika Centre, 4A Pollock Street, Kolkata - 700001 (West Bengal) CONTENTS Sr. Particulars Page
More informationManchester Health and Care Commissioning. Finance Committee. Terms of Reference
Manchester Health and Care Commissioning Finance Committee Terms of Reference 1.0 Name The Committee shall be known as the Finance Committee. 2.0 Overview The Finance Committee forms a key element of the
More informationRisk Management Policy
Risk Management Policy 1 Document configuration control Policy Title Author/Job Title Policy Version Version 1.0 Status Reference and guidance Consultation Forum Risk Management Policy Jonathan Sutton
More informationSOMERSET PARTNERSHIP NHS FOUNDATION TRUST RISK MANAGEMENT POLICY. Report to the Trust Board 26 May Risk and Compliance Manager
SOMERSET PARTNERSHIP NHS FOUNDATION TRUST RISK MANAGEMENT POLICY Report to the Trust Board 26 May 2015 Sponsoring Director: Author: Purpose of the report: Key Issues and Recommendations: Director of Governance
More informationRISK REGISTER POLICY AND PROCEDURE
RISK REGISTER POLICY AND PROCEDURE Lead Manager: Head of Clinical Governance Responsible Director: Board Medical Director Approved by: Date Approved: Date for Review: Feb 2012 Replaces Version: 1.0 Page
More information1.1. This document forms the Council s Risk Management Strategy. It sets out:
1. Introduction Bovey Tracey Town Council RISK MANAGEMENT STRATEGY 1.1. This document forms the Council s Risk Management Strategy. It sets out: - What is risk management - Why the Council needs a risk
More informationRBI GDPR DATA PROCESSING ADDENDUM
RBI GDPR DATA PROCESSING ADDENDUM 1. SCOPE 1.1. This GDPR Data Processing Addendum ( DPA ) applies to RBI s processing of personal data on Customer s behalf under the Agreement. With regard to such processing,
More informationDisaster Recovery. Example Policy. Author: A Heathcote Date: 24/05/2017 Version: 1.0
Example Policy Author: A Heathcote Date: 24/05/2017 Version: 1.0 Copyright 2017 Health and Social Care Information Centre. The Health and Social Care Information Centre is a non-departmental body created
More informationInformation security policy
Information security policy Policy objectives 1 This policy is intended to establish the necessary policies, procedures and an organisational structure that will protect NMC s information assets and critical
More informationBournemouth Primary MAT Risk Management Policy
Bournemouth Primary MAT Risk Management Policy 1. Introduction The Bournemouth Primary Multi-Academy Trust (the Trust) operates a risk management system in order to identify and manage key exposures and
More informationSouth Lanarkshire College Risk Management Policy and Procedures
1. Purpose This policy and its procedures detail and communicate the College s approach to risk management. 2. Policy Statement South Lanarkshire College will effectively manage risk, taking all reasonable
More information* Unless otherwise indicated, this policy will still apply beyond the review date.
Name of Policy Description of Policy Privacy Policy This policy sets out how ACU manages privacy obligations and reflects the 13 Australian Privacy Principles (APPs) from Schedule 1 of the Privacy Amendment
More informationAn Introductory Presentation for ECU Staff
Risk Management at ECU An Introductory Presentation for ECU Staff Phillip Draber Manager, Risk and Assurance Outcomes By the end of this session you should: Be able to complete and document risk management
More informationRISK MANAGEMENT FRAMEWORK
RISK MANAGEMENT FRAMEWORK 1. INTRODUCTION (Company) acknowledges that risk is inherent in its business. The Company s risk management framework is an important tool to guide the organisation towards achieving
More informationMedicine Management NELCSU Document
For inclusion in NHS Provider contracts as a document relied on: CCG Commissioned National Tariff Payment System (NTPS) Formerly Payment by Results Excluded Drugs & Devices Policy 2017/19 Amendment history:
More informationRisk Management at the Deutsche Bundesbank March 2011
Risk Management at the Deutsche Bundesbank March 2011 (C) Deutsche Bundesbank - Division Organisation 1 Agenda Definition of risk management [3] Factors of influence to review the RM set up [4] The Framework
More informationGoverning Body Assurance Framework and Risk Register
Title of paper: Governing Body Assurance Framework and Risk Register Meeting: Governing Body, 231 st January 2014 Author: email: Exec Lead: Justin Dix, Governing Body Secretary justin.dix@surreydownsccg.nhs.uk
More informationCCG Policy on Primary Care Rebate Schemes (PCRS)
CCG Policy on Primary Care Rebate Schemes (PCRS) 1. Introduction A number of manufacturers have established rebate schemes for drugs used in primary care. Their motive for this could be speculated on for
More informationINTEGRATED RISK MANAGEMENT FRAMEWORK
INTEGRATED RISK MANAGEMENT FRAMEWORK 2018 20 VERSION Version Date Author Status Comment Draft 1 29.5.2014 Draft 2 10.6.2014 Richard Walker & Vicky Peverelle Richard Walker & Vicky Peverelle Draft Draft
More informationDeclaring and Managing Interests Including Managing Conflicts of Interest
Declaring and Managing Interests Including Managing Conflicts of Interest Wolverhampton Clinical Commissioning Group 1 DOCUMENT STATUS: APPROVED DATE ISSUED: OCTOBER 2017 DATE TO BE REVIEWED: OCTOBER 2019
More informationRisk Management Strategy and Board Assurance Framework
Risk Management Strategy and Board Assurance Framework Version 1.1 Ratified by Health Commissioning Board Date ratified Audit Committee in Common: 10 th October 2017 Heath Commissioning Board: 8 th November
More informationTitle CIHI Submission: 2014 Prescribed Entity Review
Title CIHI Submission: 2014 Prescribed Entity Review Our Vision Better data. Better decisions. Healthier Canadians. Our Mandate To lead the development and maintenance of comprehensive and integrated health
More informationDATA PROTECTION AND PERSONAL INFORMATION FAIR PROCESSING POLICY
Directorate of Clinical and Quality Assurance & Trust Secretary DATA PROTECTION AND PERSONAL INFORMATION FAIR PROCESSING POLICY Reference: CQP013 Version: 1.1 This version issued: 07/03/13 Result of last
More informationRisk Management Strategy
Risk Management Strategy Solent NHS Trust policies can only be considered to be valid and up-to-date if viewed on the intranet. Please visit the intranet for the latest version. Purpose of Agreement Solent
More informationRISK MANAGEMENT POLICY
B A R R A M U N D I L I M I T E D RISK MANAGEMENT POLICY February 2018 THE OBJECTIVES OF RI SK MANAGEMENT Risk management is the systematic process of managing an organisation's risk exposures to achieve
More informationBudgetary Control Policy
Budgetary Control Policy Version: 001 Ratified by: CP&R CCG Governing Body Date ratified: September 2017 Name of Director Sponsor: Name of originator/author: Name of responsible committee/individual: Chief
More informationPATIENT and PUBLIC INVOLVEMENT - Reimbursement of Expenses Policy
PATIENT and PUBLIC INVOLVEMENT - Reimbursement of Expenses Policy Authorship: Communications and Engagement Team Committee Approved: Remuneration Committee Approved date: May 2014 Review Date: May 2016
More informationRisk Management & Assurance Strategy. Audit Committee. See reference page 38
BHH Brent Harrow Hillingdon Clinical Commissioning Groups Risk Management & Strategy Author: Policy Number: Version: Sponsor/Executive: Responsible committee: Gilbert George Dawn Crump Interim Head of
More informationRisk Management Policy
Risk Management Policy Date Published 6 th July 2016 Version 1 Approved Date 6 th July 2016 Review Cycle Annually Review Date June 2017 Learning together; to be the best we can be 1. Introduction 1.1.
More informationRisk Management Framework Policy (incorporating the Risk Management Policy and Strategy)
Corporate Risk Management Framework Policy (incorporating the Risk Management Policy and Strategy) Document Control Summary Status: Version: Replacement. Replaces: Management of the Assurance Plan and
More informationCapital Requirements Directive Pillar 3 Disclosure. June 2017
Capital Requirements Directive Pillar 3 Disclosure June 2017 1. Background The purpose of this document is to outline the Pillar 3 disclosures for BlueBay Asset Management LLP ( LLP ). LLP is a subsidiary
More informationframework v2.final.doc 28/03/2014 CORPORATE GOVERNANCE FRAMEWORK
framework v2.final.doc 28/03/2014 CORPORATE GOVERNANCE FRAMEWORK framework v2.final.doc 28/03/2014 CONTENTS Page Statement of Corporate Governance... 2 Joint Code of Corporate Governance... 4 Scheme of
More informationRisk. Protocol for the Management of Risk
Risk Protocol for the Management of Risk Instr No Contact Brian Orpin Version 4.0 Email brian.orpin@nhs.net Issue Date 27/04/2015 Telephone 0131 314 5360 Review Date 27/04/2016 Status Issued Change Control
More informationWebinar: Deep Dive into Risk, High Risk and Risk Assessments in the GDPR
Webinar: Deep Dive into Risk, High Risk and Risk Assessments in the GDPR Tuesday, 24 May 2016 11:00 AM US EDT #CIPLGDPR 1 Webinar Agenda 1. Introduction 2. Risk, High Risk and Risk Assessments in the General
More informationRISK MANAGEMENT FRAMEWORK
RISK MANAGEMENT FRAMEWORK Approving authority Approval date University Council 5 August 2013 (3/2013 meeting) Advisor Vice President (Corporate Services) vpcorporateservices@griffith.edu.au (07) 373 57343
More informationCONTROL OF SUBSTANCES HAZARDOUS TO HEALTH
CONTROL OF SUBSTANCES HAZARDOUS TO HEALTH POLICY Version 2.0 Important: This document can only be considered valid when viewed on NHS Hull CCG s website. If this document has been printed or saved to another
More informationCash & Treasury Management Policy
Cash & Treasury Management Policy Annex 1 Category: Policy / Procedure The aim of the Cash & Treasury Management Policy is to provide a framework within which the Trust can manage risk Summary: and protect
More informationRisk Management. Policy No. 14. Document uncontrolled when printed DOCUMENT CONTROL. SSAA Vic
Document uncontrolled when printed Policy No. 14 Risk Management DOCUMENT CONTROL Version: Date approved by Board: On behalf of Board: Jack Wegman 17 March 2015 26 March 2015 Denis Moroney President Next
More informationTECHNICAL RELEASE TECH04/13AAF. ASSURANCE REPORTING ON RELEVANT TRUSTEES (Relevant Trustee Supplement to ICAEW AAF 02/07)
TECHNICAL RELEASE TECH04/13AAF ASSURANCE REPORTING ON RELEVANT TRUSTEES (Relevant Trustee Supplement to ICAEW AAF 02/07) ASSURANCE REPORTING ON RELEVANT TRUSTEES ABOUT ICAEW ICAEW is a professional membership
More informationRISK MANAGEMENT FRAMEWORK
RISK MANAGEMENT FRAMEWORK 1. INTRODUCTION (Company) acknowledges that risk is inherent in its business. The Company faces a broad range of risks as a listed entertainment organisation. The Company s risk
More informationDATA HANDLING AGREEMENT
DATA HANDLING AGREEMENT This agreement records the terms upon which Wonde will process the School Data for the purpose of transferring the School Data to one or more third party providers of services to
More informationTAXATION STRATEGY. The strategy covers all taxes including, inter alia, Corporation Tax, VAT, PAYE and stamp duty.
Executive Summary TAXATION STRATEGY The pages following this summary constitute a formal tax strategy prepared in the context of enabling the Senior Accounting Officer (SAO) to submit to HMRC the annual
More informationGeneral Risk Management Framework
North Gold Coast Seahawks Basketball Inc General Risk Management Framework Introduction This guide provides an outline for a North Gold Coast Seahawks Basketball Risk Management Framework. Note: This draft
More informationHaving regard to the Treaty establishing the European Atomic Energy Community, and in particular Articles 31 and 32 thereof,
L 219/42 COUNCIL DIRECTIVE 2014/87/EURATOM of 8 July 2014 amending Directive 2009/71/Euratom establishing a Community framework for the nuclear safety of nuclear installations THE COUNCIL OF THE EUROPEAN
More informationExecutive Board Annual Session Rome, May 2015 POLICY ISSUES ENTERPRISE RISK For approval MANAGEMENT POLICY WFP/EB.A/2015/5-B
Executive Board Annual Session Rome, 25 28 May 2015 POLICY ISSUES Agenda item 5 For approval ENTERPRISE RISK MANAGEMENT POLICY E Distribution: GENERAL WFP/EB.A/2015/5-B 10 April 2015 ORIGINAL: ENGLISH
More informationIntroduction to ISO Key Points and Benefits
Introduction to ISO 31000 Key Points and Benefits By Gerard Joyce LinkResQ Managing Risk We all manage risk consciously or unconsciously - but rarely systematically Managing risk means forward thinking
More informationInformation Governance and Quality in Optometry. Peter Hampson and Richard Knight LOCSU
Information Governance and Quality in Optometry Peter Hampson and Richard Knight LOCSU Introduction NHS Contracts IG compliance and Quality in Optometry Information Governance NHS Contracts NHS Contracts:
More informationFinancial Services Authority
Financial Services Authority FINAL NOTICE To: Of: Zurich Insurance Plc, UK branch The Zurich Centre 3000 Parkway Whiteley Fareham PO15 7JZ Date 19 August 2010 TAKE NOTICE: The Financial Services Authority
More informationVAT Procedures FINACC-04
VAT Procedures FINACC-04 1 Procedure Title: Supersedes: VAT Various, in the regions Description of Amendment(s): This is a consolidation of best practice in London, Anglia and Essex regions. This procedure
More informationPolicy: s27. Security Management Policy Securing Environments. Version: S27/05
Policy: s27 Security Management Policy Securing Environments Version: S27/05 Ratified by: Trust Management Team Date ratified: 14 th November 2012 Title of Author: Head of Safety & Security. Specialist
More informationJune 2017 MIRVAC GROUP RISK MANAGEMENT FRAMEWORK
MIRVAC GROUP RISK MANAGEMENT FRAMEWORK June 2017 Last Revised Date: June 2017 Contents Contents 1 Introduction... 2 2 Roles and Responsibilities... 2 3 Governance... 2 3.1 ISO 31000... 2 3.2 Standards,
More informationMothercare plc Group Tax Strategy
Mothercare plc Group Tax Strategy Contents 1. DOCUMENT CONTEXT... 3 1.1 Introduction... 3 1.2 Scope... 3 2. OUR TAX STRATEGY... 4 2.1 Purpose... 4 2.2 Key Principles... 4 3. GOVERNANCE & MANAGEMENT OF
More information