Free Essay

Plan Approval

In:

Submitted By KUdude
Words 4591
Pages 19
Plan Approval
Provide a statement in accordance with the agency’s contingency planning policy to affirm that the ISCP is complete, and has been tested sufficiently. The statement should also affirm that the designated authority is responsible for continued maintenance and testing of the ISCP. This statement should be approved and signed by the system designated authority. Space should be provided for the designated authority to sign, along with any other applicable approving signatures. A sample language is provided below:
As the designated authority for {system name}, I hereby certify that the information system contingency plan (ISCP) is complete and that the information contained in this ISCP provides an accurate representation of the application, its hardware, software, and telecommunication components. I further certify that this document identifies the criticality of the system as it relates to the mission of the {Omega Research Inc}, and that the recovery strategies identified will provide the ability to recover the system functionality in the most expedient and cost-beneficial method in keeping with its level of criticality.
I further attest that this ISCP for {Information System Contingency Plan} will be tested at least annually. This plan was last tested on {12/3/2011}; the test, training, and exercise (TT&E) material associated with this test can be found {TT&E results appendix or location}. This document will be modified as changes occur and will remain under version control, in accordance with {organization name}’s contingency planning policy.
{System Owner Name} Date
{System Owner Title}
1. Introduction
Information systems are vital to {Omega Research Inc} business processes; therefore, it is critical that services provided by {system name} are able to operate effectively without excessive interruption. This Information System Contingency Plan (ISCP) establishes comprehensive procedures to recover {system name} quickly and effectively following a service disruption.
1.1 Background
This {system name} Information System (IS) Contingency Plan (CP) establishes procedures to recover {system name} following a disruption. The following recovery plan objectives have been established:
• Maximize the effectiveness of contingency operations through an established plan that consists of the following phases:
• Activation and Notification phase to activate the plan and determine the extent of damage;
• Recovery phase to restore {system name} operations; and
• Reconstitution phase to ensure that {system name} is validated through testing and that normal operations are resumed.
• Identify the activities, resources, and procedures to carry out {system name} processing requirements during prolonged interruptions to normal operations. • Assign responsibilities to designated {organization name} personnel and provide guidance for recovering {system name} during prolonged periods of interruption to normal operations.
• Ensure coordination with other personnel responsible for {Omega Research Inc} contingency planning strategies. Ensure coordination with external points of contact and vendors associated with {system name} and execution of this plan. 1.2 Scope
This ISCP has been developed for { NIST SP 800-34 }, which is classified as a High-Impact system, in accordance with Federal Information Processing Standards (FIPS) 199 – Standards for Security Categorization of Federal Information and Information Systems. Procedures in this ISCP are for High- Impact systems and designed to recover {MTD} within {RTO hours}. This plan does not address replacement or purchase of new equipment, short-term disruptions lasting less than {RTO hours}, or loss of data at the onsite facility or at the user-desktop levels. 1.3 Assumptions
The following assumptions were used when developing this ISCP:
• {System name} has been established as a High-Impact System, in accordance with FIPS 199.
• Alternate processing sites and offsite storage are required and have been established for this system.
• Current backups of the system software and data are intact and available at the offsite storage facility in {City, State}.
• Alternate facilities have been established at {City, State} and are available if needed for relocation of {system name}.
• The {system name} is inoperable at the {organization name} computer center and cannot be recovered within {RTO hours}.
• Key {system name} personnel have been identified and trained in their emergency response and recovery roles; they are available to activate the {system name} Contingency Plan.
• Additional assumptions as appropriate. The {system name} Contingency Plan does not apply to the following situations:
• Overall recovery and continuity of business operations. The Business Continuity Plan (BCP) and Continuity of Operations Plan (COOP) address continuity of business operations.
• Emergency evacuation of personnel. The Occupant Emergency Plan (OEP) addresses employee evacuation.
• Any additional constraints and associated plans should be added to this list. CONTINGENCY PLANNING GUIDE FOR FEDERAL INFORMATION SYSTEMS (DRAFT) 2. Concept of Operations
The Concept of Operations section provides details about {system name}, an overview of the three phases of the ISCP (Activation and Notification, Recovery, and Reconstitution), and a description of roles and responsibilities of {Organization’s} personnel during a contingency activation. 2.1 System Description
NOTE: Information for this section should be available from the system’s System Security Plan (SSP) and can be copied from the SSP. Provide a general description of system architecture and functionality. Indicate the operating environment, physical location, general location of users, and partnerships with external organizations/systems. Include information regarding any other technical considerations that are important for recovery purposes, such as backup procedures. 2.2 Overview of Three Phases
This ISCP has been developed to recover the {system name} using a three-phased approach. This approach ensures that system recovery efforts are performed in a methodical sequence to maximize the effectiveness of the recovery effort and minimize system outage time due to errors and omissions.
The three system recovery phases are:
Activation and Notification Phase – Activation of the ISCP occurs after a disruption or outage that may reasonably extend beyond the RTO established for a system. The outage event may result in severe damage to the facility that houses the system, severe damage or loss of equipment, or other damage that typically results in long-term loss.
Once the ISCP is activated, system owners and users are notified of a possible long-term outage, and a thorough outage assessment is performed for the system. Information from the outage assessment is presented to system owners and may be used to modify recovery procedures specific to the cause of the outage.
Recovery Phase – The Recovery phase details the activities and procedures for recovery of the affected system. Activities and procedures are written at a level that an appropriately skilled technician can recover the system without intimate system knowledge. This phase includes notification and awareness escalation procedures for communication of recovery status to system owners and users.
Reconstitution Phase – The Reconstitution phase defines the actions taken to test and validate system capability and functionality. This phase consists of two major activities: validating successful recovery and deactivation of the plan.
During validation, the system is tested and validated as operational prior to returning operation to its normal state. Validation procedures may include functionality or regression testing, concurrent processing, and/or data validation. The system is declared recovered and operational by system owners upon successful completion of validation testing.
Deactivation includes activities to notify users of system operational status. This phase also addresses recovery effort documentation, activity log finalization, incorporation of lessons learned into plan updates, and readying resources for any future recovery events. 2.3 Roles and Responsibilities
The ISCP establishes several roles for {system name} recovery and/or recovery support. Persons or teams assigned ISCP roles have been trained to respond to a contingency event affecting {system name}.
Describe each team and role responsible for executing or supporting system recovery. Include responsibilities for each team/role, leadership roles, and coordination with other recovery teams, as applicable. At a minimum, a role should be established for a system owner or business unit point of contact, a recovery coordinator, and a technical recovery point of contact.
Leadership roles should include an ISCP Director, who has overall management responsibility for the plan, and an ISCP Coordinator, who is responsible to oversee recovery effort progress, initiate any needed escalations or awareness communications, and establish coordination with other recovery teams as appropriate. 3. Activation and Notification
The Activation and Notification Phase defines initial actions taken once a {system name} disruption has been detected or appears to be imminent. This phase includes activities to notify recovery personnel, conduct an outage assessment, and activate the ISCP. At the completion of the Activation and Notification Phase, {system name} ISCP staff will be prepared to perform recovery measures to restore system functions. 3.1 Activation Criteria and Procedure
The {system name} ISCP may be activated if one or more of the following criteria are met:
1. The type of outage indicates {system name} will be down for more than {RTO hours};
2. The facility housing {system name} is damaged and may not be available within {RTO hours}; and
3. Other criteria, as appropriate. The following persons or roles may activate the ISCP if one or more of these criteria are met:
Establish one or more roles that may activate the plan based on activation criteria. Authorized persons may include the system or business owner, or the operations point of contact (POC) for system support. 3.2 Notification
The first step upon activation of the {system name} ISCP is notification of appropriate business and system support personnel. Contact information for appropriate POCs is included in {Contact List Appendix name}.
For {system name}, the following method and procedure for notifications are used:
Describe established notification procedures. Notification procedures should include who makes the initial notifications, the sequence in which personnel are notified (e.g., system owner, technical POC, contingency plan coordinator, business unit or user unit POC, and recovery team POC) and the method of notification (e.g., email blast, call tree, automated notification system, etc.). 3.3 Outage Assessment
Following notification, a thorough outage assessment is necessary to determine the extent of the disruption, any damage, and expected recovery time. This outage assessment is conducted by {name of recovery team}. Assessment results are provided to the ISCP Coordinator to assist in the coordination of the recovery of {system name}.
Outline detailed procedures to include how to determine the cause of the outage; identification of potential for additional disruption or damage; assessment of affected physical area(s); and determination of the physical infrastructure status, IS equipment functionality, and inventory. Procedures should include notation of items that will be needed to be replaced and estimated time to restore service to normal operations. 4. Recovery
The Recovery Phase provides formal recovery operations that begin after the ISCP has been activated, outage assessments have been completed (if possible), personnel have been notified, and appropriate teams have been mobilized. Recovery Phase activities focus on implementing recovery strategies to restore system capabilities, repair damage, and resume operational capabilities at the original or new permanent location. At the completion of the Recovery Phase, {system name} will be functional and capable of performing the functions identified in the plan. 4.1 Sequence of Recovery Activities
The following activities occur during recovery of {system name}:
Modify the following list as appropriate for the selected system recovery strategy:
1. Identify recovery location (if not at original location);
2. Identify required resources to perform recovery procedures;
3. Retrieve backup and system installation media;
4. Recover hardware and operating system (if required); and
5. Recover system from backup and system installation media. 4.2 Recovery Procedures
The following procedures are provided for recovery of {system name} at the original or established alternate location. Recovery procedures are outlined per team and should be executed in the sequence presented to maintain an efficient recovery effort.
Provide general procedures for the recovery of the system from backup media. Specific keystroke-level procedures may be provided in an appendix. If specific procedures are provided in an appendix, a reference to that appendix should be included in this section. Teams or persons responsible for each procedure should be identified. 4.3 Escalation Notices/Awareness Provide appropriate procedures for escalation notices during recovery efforts. Notifications during recovery include problem escalation to leadership and status awareness to system owners and users. Teams or persons responsible for each escalation/awareness procedure should be identified. 5. Reconstitution
Reconstitution is the process by which a recovered system is tested to validate system capability and functionality. During Reconstitution, recovery activities are completed and normal system operations are resumed. If the original facility is unrecoverable, the activities in this phase can also be applied to preparing a new permanent location to support system processing requirements. This phase consists of two major activities – validating successful recovery and deactivation of the plan. 5.1 Concurrent Processing
High-impact systems are not required to have concurrent processing as part of the validation effort. If concurrent processing does occur for the system prior to making it operational, procedures should be inserted here. Procedures should include length of time for concurrent processing, processing information on both concurrent systems, and validating information on the new permanent system.
For high-impact systems without concurrent processing, this section may either be removed or the following may be used:
In concurrent processing, a system operates at two separate locations concurrently until there is a level of assurance that the recovered system is operating correctly. {System name} does not have concurrent processing as part of validation. Once the system has been tested and validated, it will be placed into normal operations. 5.2 Validation Data Testing
Validation data testing is the process of testing and validating recovered data to ensure that data files or databases have been recovered completely. The following procedures will be used to determine that the recovered data is complete and current to the last available backup:
Provide procedures for testing or validation of recovered data to ensure that data is correct and up to date. This section may be combined with the Functionality Testing section if procedures test both the functionality and data validity. Teams or persons responsible for each procedure should be identified. An example of a validation data test for a high-impact system would be to log into the system database and check the audit logs to determine that all transactions and updates are current. Detailed data test procedures may be provided in Appendix E, System Validation Test Plan. 5.3 Validation Functionality Testing
Validation functionality testing is the process of verifying that recovered {system name} functionality has been tested, and the system is ready to return to normal operations.
Provide system functionality testing and validation procedures to ensure that the system is operating correctly. This section may be combined with the Data Testing section if procedures test both the functionality and data validity. Teams or persons responsible for each procedure should be identified. An example of a functional test for a high-impact system may be logging into the system and running a series of operations as a test or real user to ensure that all parts of the system are operating correctly. Detailed functionality test procedures may be provided in Appendix E, System Validation Test Plan. 5.4 Recovery Declaration
Upon successfully completing testing and validation, the {designated authority} will formally declare recovery efforts complete, and that {system name} is in normal operations. {System name} business and technical POCs will be notified of the declaration by the ISCP Coordinator. 5.5 Notifications (users)
Upon return to normal system operations, {system name} users will be notified by {role} using predetermined notification procedures (e.g., email, broadcast message, phone calls, etc.). 5.6 Cleanup
Cleanup is the process of cleaning up or dismantling any temporary recovery locations, restocking supplies used, returning manuals or other documentation to their original locations, and readying the system for a possible future contingency event.
Provide any specific cleanup procedures for the system, including preferred locations for manuals and documents and returning backup or installation media to its original location. 5.7 Offsite Data Storage
It is important that all backup and installation media used during recovery be returned to the offsite data storage location. The following procedures should be followed to return backup and installation media to its offsite data storage location.
Provide procedures for returning retrieved backup or installation media to its offsite data storage location. This may include proper logging and packaging of backup and installation media, preparing for transportation, and validating that media is securely stored at the offsite location. 5.8 Data Backup
As soon as reasonable following recovery, the system should be fully backed up and a new copy of the current operational system stored for future recovery efforts. This full backup is then kept with other system backups. The procedures for conducting a full system backup are:
Provide appropriate procedures for ensuring that a full system backup is conducted within a reasonable time frame, ideally at the next scheduled backup period. This backup should go offsite with the other media in Section 6.3 5.9 Event Documentation
It is important that all recovery events be well-documented, including actions taken and problems encountered during the recovery effort, and lessons learned for inclusion and update to this ISCP. It is the responsibility of each recovery team or person to document their actions during the recovery effort, and to provide that documentation to the ISCP Coordinator.
Provide details about the types of information each recovery team member is required to provide or collect for updating the ISCP with lessons learned. Types of documentation that should be generated and collected after a contingency activation include:
• Activity logs (including recovery steps performed and by whom, the time the steps were initiated and completed, and any problems or concerns encountered while executing activities);
• Functionality and data testing results;
• Lessons learned documentation; and ■ After Action Report.
Event documentation procedures should detail responsibilities for development, collection, approval, and maintenance.
5.10 Deactivation
Once all activities have been completed and documentation has been updated, the {designated authority} will formally deactivate the ISCP recovery effort. Notification of this declaration will be provided to all business and technical POCs.
SUGGESTED APPENDICES
ISCP appendices included should be based on system and plan requirements. The following appendices are recommended:
APPENDIX A PERSONNEL CONTACT LIST
Provide contact information for each person with a role or responsibility for activation or implementation of the ISCP, or coordination with the ISCP. For each person listed, at least one office and one non-office contact number is recommended.
{System name} ISCP Key Personnel
Key Personnel Contact Information
ISCP Director Work Insert number
Insert Name and Title Home Insert number
Insert Street Address Cellular Insert number
Insert City, State, and Zip Code Email Insert email address
ISCP Director – Alternate Work Home Cellular Email
ISCP Coordinator Work Home Cellular Email {System name} ISCP Key Personnel
ISCP Coordinator – Alternate Work Home Cellular Email
Recovery Team – Team Lead Work Home Cellular Email
Recovery Team – Team Member Work Home Cellular Email

APPENDIX B VENDOR CONTACT LIST

Vendor IBM contact Steve Barrettar 522 South Rd Poughkeepsie, NY 12601 phone (214) 451-7747 Vendor SunGard Don Meltin, Jack Fabrianni, Lincoln Balducci 401 N Broad St.Philadelphia, PA phone
(877) 456-3966 0r (215) 351-1300
PPENDIX C DETAILED RECOVERY PROCEDURES
This appendix includes the detailed recovery procedures for the system, which may include items such as:
• Keystroke-level recovery steps;
• System installation instructions from tape, CD, or other media;
• Required configuration settings or changes;
• Recovery of data from tape and audit logs; and
• Other system recovery procedures, as appropriate.
If the system relies totally on another group or system for its recovery (such as a mainframe system), information provided should include contact information and locations of detailed recovery procedures for that supporting system.
APPENDIX D ALTERNATE PROCESSING PROCEDURES
This section should identify any alternate manual or technical processing procedures available that allow the business unit to continue some processing of information that would normally be done by the affected system. Examples of alternate processes include manual forms processing, input into workstations to store data until it can be uploaded and processed, or queuing of data input.
APPENDIX E SYSTEM VALIDATION TEST PLAN
This appendix includes system acceptance procedures that are performed after the system has been recovered and prior to putting the system into full operation and returned to users. The System Validation Test Plan may include the regression or functionality testing conducted prior to implementation of a system upgrade or change. An example of a system validation test plan:
Once the system has been recovered, the following steps will be performed to validate system data and functionality:
Procedure Expected Results Actual Results Successful? Performed by At the Command Prompt, type in sysname System Log-in
Screen appears
Log in as user testuser, using password testpass Initial Screen with
Main Menu shows
From Menu - select 5- Generate Report Report Generation Screen shows
- Select Current Date Report
- Select Weekly
- Select To Screen Report is generated on screen with last successful transaction included
- Select Close Report Generation Screen Shows
- Select Return to Main Menu Initial Screen with
Main Menu shows
- Select Log-Off Log-in Screen appears

APPENDIX F ALTERNATE STORAGE, SITE, AND TELECOMMUNICATIONS
This appendix provides information for alternate storage, alternate processing site, and alternate telecommunications for the system. Alternate storage, site, and telecommunications information is required for High-Impact systems, per NIST SP800-53-3. Refer to NIST SP800-53-3 for details on control specifics. Information that should be provided for each area includes:
Alternate Storage:
• City and state of alternate storage facility, and distance from primary facility;
• Whether the alternate storage facility is owned by the organization or is a third-party storage provider;
• Name and points of contact for the alternate storage facility;
• Delivery schedule and procedures for packaging media to go to alternate storage facility;
• Procedures for retrieving media from the alternate storage facility;
• Names and contact information for those persons authorized to retrieve media;
• Alternate storage configuration features that facilitate recovery operations (such as keyed or card reader access by authorized retrieval personnel);
• Any potential accessibility problems to the alternate storage site in the event of a widespread disruption or disaster; • Mitigation steps to access alternate storage site in the event of a widespread disruption or disaster;
• Types of data located at alternate storage site, including databases, application software, operating systems, and other critical information system software; and
• Other information as appropriate.
Alternate Processing Site:
• City and state of alternate processing site, and distance from primary facility;
• Whether the alternate processing site is owned by the organization or is a third-party site provider;
• Name and points of contact for the alternate processing site;
• Procedures for accessing and using the alternate processing site, and access security features of alternate processing site;
• Names and contact information for those persons authorized to go to alternate processing site;
• Type of alternate processing site, and equipment available at site;
• Alternate processing site configuration information (such as available power, floor space, office space, telecommunications availability, etc.);
• Any potential accessibility problems to the alternate processing site in the event of a widespread disruption or disaster;
• Mitigation steps to access alternate processing site in the event of a widespread disruption or disaster;
• SLAs or other agreements of use of alternate processing site, available office/support space, set up times, etc.; and
• Other information as appropriate. Alternate Telecommunications:
• Name and contact information of alternate telecommunications vendors;
• Geographic locations of alternate telecommunications vendors facilities (such as central offices, switch centers, etc.);
• Contracted capacity of alternate telecommunications;
• SLAs or other agreements for implementation of alternate telecommunications capacity;
• Information on alternate telecommunications vendor contingency plans;
• Names and contact information for those persons authorized to implement or use alternate telecommunications capacity; and
• Other information as appropriate.

APPENDIX G DIAGRAMS (SYSTEM AND INPUT/OUTPUT)
NOTE: Information for this section should be available from the system’s System Security Plan (SSP) and can be copied from the SSP. Include any system architecture, input/output, or other technical or logical diagrams that may be useful in recovering the system. Diagrams may also identify information about interconnection with other systems.

APPENDIX H SYSTEM INVENTORY
Provide the hardware and software inventory for the system. Inventory information should include type of server or hardware on which the system runs, processors and memory requirements, storage requirements, and any other pertinent details. The software inventory should identify the operating system (including service pack or version levels, and any other applications necessary to operate the system, such as database software).
APPENDIX I INTERCONNECTIONS TABLE
NOTE: Information for this section should be available from the system’s System Security Plan (SSP) and can be copied from the SSP. This appendix includes information on other systems that directly interconnect or exchange information with the system. Interconnection information should include the type of connection, information transferred, and contact person for that system.
If the system does not have any direct interconnections, then this appendix may be removed, or the following statement may be used:
{System name} does not directly interconnect with any other systems. APPENDIX J TEST AND MAINTENANCE SCHEDULE
All ISCPs should be reviewed and tested at least yearly or whenever there is a significant change to the system. Provide information and a schedule for the testing of the system. For High-Impact Systems, a yearly full functional test is required. The full functional test should include all ISCP points of contact and be facilitated by an outside or impartial observer. A formal test plan is developed prior to the functional test, and test procedures are developed to include key sections of the ISCP, including the following:
• Notification Procedures;
• System recovery and an alternate platform from backup media;
• Internal and external connectivity; and
• Restoration to normal operations.
Results of the test are documented in an After Action Report, and Lessons Learned are developedfor updating information in the ISCP.
NOTE: Full functional tests of systems normally are failover tests to the alternate locations, and may be very disruptive to system operations if not planned well. Other systems located in the same physical location may be affected by or included in the full functional test. It is highly recommended that several functional tests be conducted and evaluated prior to conducting a full functional (failover) test.
Examples of functional tests that may be performed prior to a full functional test include: ■ Full notification and response of key personnel to recovery location;
CONTINGENCY PLANNING GUIDE FOR FEDERAL INFORMATION SYSTEMS (DRAFT)
• Recovery of a server or database from backup media; and
• Setup and processing from a server at an alternate location.

The following is a sample of a yearly test and maintenance schedule for a high-impact system:
Step Date Due by Responsible Party Date Scheduled Date Held
Identify failover test facilitator. March 1 ISCP Coordinator
Determine scope of failover test (include other systems?). March 15 ISCP Coordinator, Test Facilitator
Develop failover test plan. April 1 Test Facilitator
Invite participants. July 10 Test Facilitator
Conduct functional test. July 31 Test Facilitator, ISCP Coordinator, POCs
Finalize after action report and lessons learned. August 15 ISCP Coordinator
Update ISCP based on lessons learned. September 15 ISCP Coordinator
Approve and distribute updated version of ISCP. September 30 ISCP Director, ISCP Coordinator

APPENDIX K ASSOCIATED PLANS AND PROCEDURES
NOTE: Information for this section should be available from the system’s System Security Plan (SSP) and can be copied from the SSP. ISCPs for other systems that either interconnect or support the system should be identified in this appendix. The most current version of the ISCP, location of ISCP, and primary point of contact (such as the ISCP Coordinator) should be noted.
APPENDIX L BUSINESS IMPACT ANALYSIS
The Business Impact Analysis results should be included in this appendix.
APPENDIX M DOCUMENT CHANGE PAGE
Modifications made to this plan since the last printing are as follows:
Record of Changes
Page No. Change Comment Date of Change Signature

Similar Documents

Premium Essay

Cmgt410 Week 3 Huffman Trucking Benefit Election

...the company to achieve the goals required for this project they must first organize all the personnel that will be in charge of analyzing needs, analyzing budget, define issues that may arise, designers, trainers, developers, and most important the administrative team meaning project managers. Organization at this point is the most crucial step to achieve the task and that is why the team must be chosen carefully. Huffman trucking Benefit Election At the starting point of the project the team must first discuss the benefits that they want to implement, they can also get in contact the human resources team to analyze what they have in plan as far as benefits go. Once something is decided the team can start creating several different types of plans which will eventually be reduced to a total of three plans A, B, and C. Once these three plans are chosen the analysts can review them with human resources to see if they a suitable for the employees, if the analyst team gets a positive response from human resource this first task will then be completed. The second step of the process now begin, this will consist of reviewing the requirements for the benefits. In order to determine how the requirements are met, the developers will create new software that will allow the human resource and management if employee qualifies for benefits. The software will make it easier for management and human resource to see how much time employees have been working for the company, part time or...

Words: 594 - Pages: 3

Free Essay

The Implication of Ppp on Ptm

...3 The Regulatory System in the United Kingdom This chapter examines the regulatory system currently in place in the United Kingdom. It provides an overview of the structure and objectives of regulation, the role of the regulator and the techniques that are employed in regulating firms and individuals who engage in investment business. 3.1 Background: the financial crisis and regulatory reform 3.1.1 Responding to the financial crisis In the UK, as elsewhere, the onset of the financial crisis exposed deficiencies in financial regulation and led to calls for regulatory reform. The Treasury Select Committee1 led the way, with its hearings into the collapse of Northern Rock exposing serious deficiencies in supervision and risk management.2 In October 2008, the Chancellor of the Exchequer asked Lord Turner, the newly appointed chairman of the FSA, to review the causes of the crisis and to make recommendations on the changes in regulation and supervisory approach needed to create a more robust banking system for the future. The Turner Review3, published in March 2009, made a 1 The Treasury Select Committee is a Parliamentary (House of Commons) committee that scrutinises the activity of the regulatory authorities in the UK. 2 See House of Commons Treasury Committee, The Run on the Rock HC 56-1 (Fifth Report of Session 2007-08). 3 FSA, ‘The Turner Review, A regulatory response to the global banking crisis’ (March 2009) at http://www.fsa.gov.uk/Pages/Library/Corporate/turner/index...

Words: 25821 - Pages: 104

Free Essay

Credit Policy

...line performance by assisting in the sales process. The credit department's role is to develop strong customer relationships by granting aggressive but appropriate credit limits and terms, easing the establishment of new accounts by processing applications quickly while protecting the margins by managing risk of loss represented by fraud, failure or severe delinquency Developing a Mission Statement Before a mission statement can be adequately defined, a general understanding of the environment or market in which your company operates must be obtained. In developing the mission statement, there needs to be a basic understanding of the following: A) B) C) D) E) F) Nature of the Marketplace Competition Location of your Customers Growth Plans Margins Internal Company Structure Exploring these areas will ensure that your credit department's mission statement is directly in line with the marketplace and your company's overall mission statement. Step 2 - Goals of the Credit Department Definition Now that you have identified the key components of your mission statement, you can set your specific goals. Your goals are put into place to support the mission statement. In order to be effective your...

Words: 1187 - Pages: 5

Premium Essay

Benefits Election System Sr

...Service Request SR-HT-001 Huffman Trucking Derrick Jones CMGT/442 January 29, 2014 James Johnsen Service Request SR-HT-001 Huffman Trucking The purpose of this service request is to address identify and address the concerns that Huffman Trucking may incur if implementing a Benefits Election System. K. Huffman started Huffman Trucking in 1936 in the city of Cleveland, Ohio. Although the company started out with only one tractor-trailer it has grown considerably over the years. The need for more carrier services caused by World War II made Huffman Trucking a necessity and the company prospered as a result. Huffman Trucking became one of the major carriers to the ports on the East Coast and the Midwestern states. The company and the federal government have a relationship that is the result of the business that was conducted during the war. The company grew in numbers to 36 trailers and 16 tractors by the 1945. The growth of the company continued over the years resulting in the attainment of five carriers out of the eastern region. This type of growth has made it possible for Huffman Trucking to remain privately owned. Benefits Election System The tremendous success that the company has experienced over the years has made it necessary for the company to look at other benefits to its employees. Therefore, the company has chosen to implement a Benefits Election System “BES”. The main focus of the BES is to provide employees with a means of tracking and reporting their employee...

Words: 846 - Pages: 4

Premium Essay

Student

...registered with ofos. Hotel has their own profile which services they provide. Report Period: Start Date (24/01/15) to End Date (07/02/15) Project Status Summary Key accomplishments last period: List brief 1- or 2- sentence descriptions of what was accomplished in this last period:  Task 1 -Create the tables to related Admin, Restaurant, Client, City and Area field.  Task 2- Client and admin side of the project (Login, Registration, and Forgot Password).  Task 3- City and Area (Admin can add city and related to city admin could able to add area for specific city). Upcoming tasks for next period: List brief 1- or 2-sentence descriptions of what you plan to accomplish this next period.  Task 1 – Restaurant side ((Login, Registration, and Forgot Password).  Task 2 - Admin Side (Restaurant Approval and disapproval)  Task 3 - Client side(according to search restaurant, cuisine, food item, food type) Issues: List principal open issues:  Issue-1 To construct E-R Diagram  Issue-2 Auto complete search....... External Guide Signature Internal Guide...

Words: 251 - Pages: 2

Free Essay

Final Paper

...INSTRUCTIONS FOR FINAL PAPER REL/WST 390 SPRING 2014 Your major assignment for the semester is a research paper due on TUESDAY, MAY 6. The paper is to be 10 pages long minimum, PLUS endnotes and bibliography. All choices of topic must be submitted to me for approval, via e-mail, by midnight on Sunday, April 13. This is a firm deadline and no personal reminders will be given. You cannot consider your proposal approved until you receive an e-mail reply from me. I retain the right to approve or disapprove any choice. I will deduct points if topics are not approved on time, and I do not accept any paper that has not been discussed with me in advance. A preliminary bibliography and research notes are due by midnight on Sunday, April 20. This is just to give me an idea how you’re doing. You don’t have to have a full-out bibliography, just a few titles that will start you off on your research. And you don’t need a complete outline of the paper – though if you have that, it’s great. At least you need to submit a written paragraph describing your research strategy (e.g., what sort of sources you intend to search for, how you think you might end up organizing the topic) – basically the steps you’ll be going through as you work on the paper. If I see a problem looming ahead of you, I’ll intervene and we’ll work it out! The paper is to be submitted to Blackboard by Tuesday, May 6 at 5:00 p.m. -- note the earlier hour. Your work should be double-spaced; use a standard...

Words: 476 - Pages: 2

Free Essay

Test of Control

...TEST OF CONTROL | |ASSERTIONS |AUDIT OBJECTIVES |AUDIT PROCEDURES | |1. |Occurrence |All recorded purchases are bona fide |Serviced received are approve in writing and| | | |transactions, in that they relate to goods or |goods received are counted, inspected and | | | |services authorised or received. |compared to purchase order before | | | | |acceptance. | | | | |TOC: Examine evidence of approved purchase | | | | |and services orders. | |2. |Completeness |All purchases of inventory for the period are |Suppliers’ invoices are numbered using an | | | |recorded. |invoice register or pre numbered vouchers | | | | |and the sequences accounted for. | | | | ...

Words: 256 - Pages: 2

Free Essay

Examining Government Regulations

...Examining Government Regulations Anonymous HSM/210 Examining Government Regulations The target population I will be examining is the elderly, the first issue is Ozone standards. Based on extensive scientific evidence about ozone's effects the EPA proposed to strengthen the National Ambient Air Quality Standards. This will improve public health protection especially for children and the elderly. The updates also will improve protection for trees, plants and ecosystems. The second regulation to examine is on (CCRC) Continuing Care Retirement Communities. A. CCAC as a Surrogate for Regulation, B. Benefits of Government Regulation, C. Drawbacks of Government Regulation. Continuing Care Retirement Communities are the best option for the elderly and long-term care. They are known for the strategy of having different levels of care in the community setting and the way they provide cost effective care. As they continue to grow and lose the bad reputation for being financially unstable more of our elderly are finding this option attractive. However not all of the elderly population can afford this option, because the cost is too high. The problem has drawn attention from in and outside the industry who want to make CCRC affordable to more of the elderly population. It is well-documented that America's older population is rapidly expanding. "Between 1990 and 2130 the elderly population is expected to double to 65 million people" (DHHS, 1992). As the...

Words: 741 - Pages: 3

Free Essay

Hahahahaha

...Tennis as a spectator sport Tennis: Its Time for War! Arguably the most popular life-long sport, tennis, in its true context is not merely the friendly game that is perceived by its spectators. Spectators are oblivious to its heart-crunching reality. To uncover the truth beneath the surface, spectators must become players and participate. Only then will their dream world be pulled from their eyes and unmask the brutality, the evilness, and the hatred that is pumping in a tennis players mind. The game of tennis is no more than an all out war. Tennis is a duel, a battle of skill and determination between two cherished friends or, perhaps, competitive rivals. Once on the court, though, the mentality of the players transforms from mellow human beings to war machines from hell. Its a tournament to the death. The winner is he/she that has survived to proclaim his/her glory of victory. The winner receives that extraordinary boost of ego and pride that all humans yearn for. These two attributes mutate the winner into the ultimate warrior, the supreme tennis player. The battlefield is where it all happens ;the tennis court. Whether natural or synthetic, players adapt to the surroundings to gain the advantage for victory. The tennis racket, a tennis players almighty weapon, bestowed upon them by the great sports manufacturers to wreak havoc and eliminate the competition. Along with their medium of attack, the tennis ball, tennis warriors engage in a battle that will ultimately determine...

Words: 1535 - Pages: 7

Premium Essay

Electoral Reforms

...ELECTORAL REFORMS IN INDIA: ISSUES AND CHALLENGES BEFORE THE ELECTION COMMISSION SYNOPSIS 1) Introduction 2) Electoral Reforms in India 3) Elections in India 4) Free and fair elections 5) Criminalization in Electoral System: 6) Issues and challenges before the Election Commission 7) Current Situation ABSTRACT In this essay, we have a given a brief view about elections and politics inheriting criminalization. The failure of the Legislature to deliberately think over key issues, particularly criminalization in politics forms the fragment of introduction. A concise panorama about the misuse of authority, money power and muscle power escort the introducing lines. Besides, the essay entails the electoral reforms in India. The transformations in the same has been discussed such as the introduction of Electronic Voting Machine, lowering of voting age, deputation of Election Commission is included. The power of Election Commission accompanies the above lines in the essay. Further, the method of free and fair elections forms a part of it. The elections held at regular intervals, that is, after every five years forms a part of our democratic structure. Auxiliary, the next part deals with criminalization in politics leading to an unfair election. Few instances aiding such criminalization in politics add to it. Use of money power to win elections has also been discussed in this essay. The subsequent part enumerates the issues and challenges before the Election...

Words: 3206 - Pages: 13

Premium Essay

Healy, Paul M, and Wahlen, James M. (1999). a Review of the Earnings Management Literature and Its Implications for Standard Setting.

...Healy, Paul M, and Wahlen, James M. (1999). A Review of the Earnings Management Literature and Its Implications for Standard Setting. INTRODUCTION The main purpose of this review is to examine the scholarly evidence on earnings management to help standard setters and regulatory agencies assess the degree of earnings management and the integrity of financial reporting and to identify future opportunities for future research on earnings management. Through the examination of earnings management, standard setters can determine the degree of earnings management use and if investors, creditors, or regulatory bodies are being deceived. There can be major consequences if the previously mentioned people and bodies are misled. Investors rely heavily on financial information from a company’s management. If this information is misleading, a lot of money can be lost. Another group that relies on the integrity of a company is creditors. Creditors can be liable for the loss of capital if a company goes into bankruptcy and the creditor bases everything (interest rates, money borrowed) off of the financial position of a company. Financial misrepresentation can have a major effect on these financial institutions. Regulatory agencies are also affected by earnings management and can be deceived by companies that are trying to dodge industry regulations, have regulations changed, or seek industry relief. REVIEW/BACKGROUND The major issues examined in this review include: tests of earnings...

Words: 765 - Pages: 4

Free Essay

Off-Campus Anti-Vandalism

... III. Project General Goal This project aims to provide a neat, vandalism-free property by cleaning and repainting the said property. IV. Specific Objectives With the help of the community, this project aims to: * achieve a vandalism-free community before the coming school year. * encourage the community to take the initiative to minimize vandalism. V. Project Operational Activity and Schedule As service providers, we Louisians, in coordination with and approval of the barangay officials and concerned NSTP operatives, will be cleaning and repainting the designated area according to the indicated schedule of each. Here below are listed the schedules of each team member who will be conducting the said activity: VI. Personnel: People to be involved in the said activity are as follows: Louisian Students. These will be providing the manpower needed in order to achieve the goal mentioned above. NSTP Instructor. He will be supervising the students’ work and his approval will be the basis of...

Words: 466 - Pages: 2

Premium Essay

Kingstown Capital Analysis

...After the implementation of TARP in the wake of the financial crisis of 2008, GM emerged as one of the primary recipients and is a leader with great long term prospects in an industry which will only become more regulated. According to an automotive industry executive survey conducted by KPMG, “fuel efficiency remains the single biggest factor when buying a vehicle” . Additionally, KPMG reports that urbanization is becoming a prominent problem in megacities where parking space is scarce and pollution is rampant. States and international countries have begun to recognize this and influential organizations such as the California Air Resources Board (CARB) have placed laws to regulate the automotive industry. Because of these regulations in the market, GM, a producer of consumer and commercial automobiles with a market cap of $38,835.7 million, is in a better position than Navistar, a producer of commercial and military vehicles and a market cap of $1,613.2 million. Due to the rising concerns over the environment and the nature of the automotive industry, there is a risk run by both companies that changing government policies will increase costs and decrease profits in the long term. However, GM is a company whose product group is more diversified than Navistar’s. While Navistar focuses on the heavier grade automobiles such as commercial fleets, RV’s, and military trucks which require fuel-hungry and polluting engines, GM offers automobiles in both the commercial and consumer space...

Words: 558 - Pages: 3

Premium Essay

Capture Theory

...Question: 3.27 More and more regulations have immerged in to the market since an increase in financial crises have come into the existence. Attention has been drawn into the debate between those who support or call more regulations of the private sector to protect public goods and those who argue for reducing or eliminating such regulations which are based on regulations would do further damage to the economy by restricting business. Another important area to be considered is about the regulations been captured. The theory of regulatory capture or capture theory argues that although regulations might be introduced to the aim of protecting the public interest, it will not be ultimately achieved because in the process of introducing regulations the organizations that are subjected to the regulation will finally come to control the regulators. There is ample evidence to prove that regulatory capture is taken place in a variety of forms. The scenario of Dr. Batterhams role is reviewed in this regard. Dr. Batterham was the chief scientist and mean while he held the position of chief technologist for Rio Tinto. This dual role made the senate committee to recommend the position of federal governments chief scientist should be full time after the found there was a conflict of interest between the two job roles. The role of chief scientist also included to assist in assuring the public interest in science and technology is converged to national priority issues . Every individual on...

Words: 1246 - Pages: 5

Free Essay

Bvcps

...BVCPS Reputation For over 30 years, we have worked successfully with top manufacturers and retailers around the world to help them better manage risk and regulatory compliance. Worldwide Locations With locations close to sourcing areas in over 40 countries, we offer you the convenience of global coverage with local service where you need it. Technical Knowledge & Leadership Our staff participate in the development of international, industry and regulatory standards worldwide, keeping you and us at the forefront of changes in safety requirements and testing methods. Personalized Service At Bureau Veritas, we are committed to meeting your evolving needs and helping you anticipate new market trends. We offer you customized and specialized services to meet your quality assurance needs throughout your supply chain. Providing you with the highest levels of service is a priority for us. So we do the Inspection, Factory & Social Audit to show responsibility by making sure that its facilities, equipment, products and services comply with quality, health & safety, environmental and social responsibility imperatives, whether they are: - regulatory: imposed by applicable codes or regulations which condition the "license to operate", - voluntary: based on sector specific requirements or recognized international standards, - proprietary: based on your own schemes, standards or requirements. We are able to carry out inspections of your facilities, equipment and products, and audits...

Words: 251 - Pages: 2