Goal. Security Risk-Oriented BPMN
|
|
- Caren McCoy
- 5 years ago
- Views:
Transcription
1 Fundamentals of Secure System Modelling Springer, 2017 Chapter 5: Security Risk-Oriented BPMN Raimundas Matulevičius University of Tartu, Estonia, Goal Explain how security risks are managed at the organisational business processes Understand how security risk management could be performed using business process model and notation 2
2 Outline Business process model and notation Security risk management using BPMN Abstract and Concrete syntax Semantics Example Further reading 3 Outline Business process model and notation Security risk management Abstract and Concrete syntax Semantics Example Further reading 4
3 Business Process Model and Notation 5 Business Process Model and Notation Approach What organisation needs to do to achieve their business objectives? Advantages Reasonably intuitive Explicit declaration of business activities, processes and sub-processes Disadvantages Captures only a dynamic picture Not focussed on the business support by technology 6
4 Outline Business process model and notation Security risk management Abstract and Concrete syntax Semantics Example Further reading 7 Abstract and Concrete syntax Concept classification 8
5 Abstract and Concrete syntax Concept classification 9 Abstract and Concrete syntax Concept classification 10
6 Abstract and Concrete syntax Concept classification 11 Abstract and Concrete syntax Concept classification 12
7 Abstract and Concrete syntax Concept classification 13 Abstract and Concrete syntax Concept classification 14
8 Abstract and Concrete syntax Concept classification 15 Abstract and Concrete syntax Relationships 16
9 Abstract and Concrete syntax Relationships 17 Abstract and Concrete syntax Relationships 18
10 Abstract and Concrete syntax Relationships 19 Abstract and Concrete syntax Relationships 20
11 Abstract and Concrete syntax Relationships 21 Outline Business process model and notation Security risk management using BPMN Abstract and Concrete syntax Semantics Example Further reading 22
12 Asset-related concepts 23 Risk-related concepts 24
13 Risk treatment-related concepts 25 Outline Business process model and notation Security risk management using BPMN Abstract and Concrete syntax Semantics Example Further reading 26
14 Security risk management process 27 Asset identification // Security objectives determination 28 28
15 Risk Analysis Risk Treatment Decisions Risk treatment decisions Avoiding risk Transferring risk Retaining risk Reducing risk Definition Decision not to be involved in, or to withdraw from a risk Sharing with another party the burden of loss for a risk Accepting the burden of loss from a risk Action to lessen the probability, negative consequences, or both, associated with a risk 30 30
16 Security Requirements Definition Security requirements - security solutions to mitigate the risks 31 If security requirements are unsatisfactory Revise the risk treatment step Revise all of the preceding steps 31 Control Selection and Implementation 32 32
17 Outline Business process model and notation Security risk management using BPMN Abstract and Concrete syntax Semantics Example Further reading 33 Further reading Risk handling [Marcinkowski and Kuciapski, 2012] Ø Risk, risk factor, occurrence probability and impact Ø Risk type and risk handler concepts Modelling of secure business processes through security requirements [Rodriguez et al., 2007] Ø Nonreputation, attack harm detection, integrity, privacy, access control, security role, and security permission Security constraints and security-specific user involvement [Mülle et al., 2011] Ø Security units are represented as structured text annotations 34
18 Further reading Enhancements towards trust modelling [Menzel et al, 2009] Ø Annotating trustworthy interactions, organisational trust, and security intensions Information assurance and security modelling capabilities [Cherdantseva et al., 2012] Compliance to restrict certain areas of a business process [Schleicher et al., 2010] Security and compliance requirements [Brucker et al., 2012] Ø Access control, separation of duty, binding of duty and need to know principles 35 Summary Business process model and notation Security risk management using BPMN Abstract and Concrete syntax Semantics Example Further reading 36
COMPLAINTS HANDLING POLICY
COMPLAINTS HANDLING POLICY ORIGINAL FRENCH VERSION ADOPTED BY THE BOARD OF DIRECTORS MARCH 30, 2015 *English translation provided for information purposes only. Complaints Handling Policy (Adopted 2015-03)
More informationVirgin Australia Holdings Ltd Audit and Risk Management Committee Charter
Virgin Australia Holdings Ltd Audit and Risk Management Committee Charter 1. Introduction This Charter sets out the purpose, membership, responsibilities, authority and operation of the Audit and Risk
More informationPart 1 The awarding body 1. Section A Governance 1. Section B The awarding body and Qualifications Wales 8. Section C Third parties 13
Contents Foreword Part 1 The awarding body 1 Section A Governance 1 Section B The awarding body and Qualifications Wales 8 Section C Third parties 13 Part 2 The regulated qualification 16 Section D General
More informationPosition No. Job Title Supervisor s Position Court Librarian Director, Court Services ( )
1. IDENTIFICATION Position No. Job Title Supervisor s Position 05-01713 Court Librarian Director, Court Services (05-09972) Department Division/Region Community Location Justice Court Services Iqaluit
More informationINVESTIGATION REPORT
Saskatchewan New Democratic Party September 19, 2018 Summary: On May 9, 2018, the Complainant submitted a privacy breach complaint to the Information and Privacy Commissioner s office alleging that two
More informationAIA Australia Limited
AIA Australia Limited Privacy policies & procedures May 2010 The Power of We AIA.COM.AU AIA Australia Limited Privacy policies & procedures Contents Purpose 3 Policy 3 National Privacy Principles Policy
More informationRISK COMMITTEE OF THE NEX GROUP PLC BOARD
NEX GROUP plc ( NEX / the Company ) RISK COMMITTEE OF THE NEX GROUP PLC BOARD TERMS OF REFERENCE OF THE RISK COMMITTEE (the Committee ) (Approved on and effective from 1 February 2018) Membership 1. The
More informationCommon Model of Information Security Measures for Government Agencies
Note: This document is a tentative translation of Common Model of Information Security Measures for Government Agencies for purpose of reference and its accuracy is not guaranteed. Any entity does not
More informationInvoluntary Resettlement - Overview. Transport Forum Washington, D.C. March 30, 2007
Involuntary Resettlement - Overview Transport Forum Washington, D.C. March 30, 2007 OP 4.12 - Triggers Trigger: acquisition of land which displaces people physically and / or economically. Policy applies
More informationAcademic Dishonesty in Online Coursework
Academic Dishonesty in Online Coursework Securing the ecampus 2012 Breakout Session Wed 18 July 2012 M. E. Kabay, PhD, CISSP-ISSMP Prof. Information Assurance & Statistics School of Business & Management,
More informationDATA PROTECTION LAWS OF THE WORLD. South Korea
DATA PROTECTION LAWS OF THE WORLD South Korea Downloaded: 31 August 2018 SOUTH KOREA Last modified 26 January 2017 LAW In the past, South Korea did not have a comprehensive law governing data privacy.
More informationAnti-Corruption & Civil Rights Commission Republic of Korea
2009. 3. Anti-Corruption & Civil Rights Commission Republic of Korea Background Targets Procedures Outcome Background Previous anti-corruption strategies were geared toward detecting corrupt acts and punishing
More informationDispute Management System (DMS) For ASPSPs and TPPs
Dispute Management System (DMS) For ASPSPs and TPPs Code of Best Practice: Principles and Best Practice Standards Date: January 2018 Version: 1 Classification: PUBLIC Page 1 of 16 Contents Introduction
More informationoffice in San Domenico di Fiesole, via dei Roccettini 9, C.F , in the person of the President. (who shall henceforth
OPEN TENDER FOR THE AWARDING OF SECURITY SURVEILLANCE AND LOGISTIC SERVICES FOR THE LOCATIONS OF THE EUROPEAN UNIVERSITY INSTITUTE AND THE HISTORICAL ARCHIVES OF THE EUROPEAN UNION BETWEEN: the European
More informationSample Three Column DCJS Rap Sheet And Key
APPENDIX 5: Sample Three Column DCJS Rap Sheet And Key Older Version (Three Column): Your rap sheet is divided into three vertical columns. (See page 43 for a sample of this rap sheet.) Different arrests
More informationGuidelines to prevent abusive recruitment, exploitative employment and trafficking of migrant workers in the Baltic Sea Region
Guidelines to prevent abusive recruitment, exploitative employment and trafficking of migrant workers in the Baltic Sea Region Anniina Jokinen HEUNI Tallinn 24 September 2014 Background: Adstringo-project
More informationWTO Research Workshop on BLOCKCHAIN
WTO Research Workshop on BLOCKCHAIN Blockchain and International Trade: Opportunities and Challenges Lance THOMPSON Secretary, UN/CEFACT lance.thompson@un.org UNECE UN/CEFACT 27 November 2018 UN/CEFACT
More informationHow s Life in Estonia?
How s Life in Estonia? November 2017 Relative to other OECD countries, Estonia s average performance across the different well-being dimensions is mixed. While it falls in the bottom tier of OECD countries
More informationCHAPTER 255. MESSENGER SERVICES. Authority The provisions of this Chapter 255 issued under the Vehicle Code, 75 Pa.C.S. 7501, unless otherwise
Ch. 255 MESSENGER SERVICES 67 255.1 CHAPTER 255. MESSENGER SERVICES Sec. 255.1. Purpose. 255.2. Definitions. 255.3. Certificate of authorization. 255.4. Bond. 255.5. Duties of messenger service. 255.5a.
More informationHEALTH DATA ETHICS MORE TRUST, MORE DATA, BETTER HEALTH. European Health Forum Gastein 21 September, Robert Madelin, Fipra International Ltd.
HEALTH DATA ETHICS MORE TRUST, MORE DATA, BETTER HEALTH European Health Forum Gastein 21 September, 2018 Robert Madelin, Fipra International Ltd. 1 WHERE IS THE EU HEALTH DEBATE? Focusing on costs, risk
More informationE-VERIFY NOTICE (RFP)
Consultant s E-Verify Clause and Affidavit (No Bid Contracts) Effective January 1, 2012, this notice shall be provided to all consultants and others who provide professional services to the University
More informationSoftware Agents Behaviour.
From Human Regulations to einstitutions From Human Regulations to Regulated Software Agents Behaviour. (einstitutions: the KEMLG@UPC and IS@Utrecht view) Javier Vázquez-Salceda May 20, 2005 http://www.lsi.upc.es/~webia/kemlg
More informationC174 Prevention of Major Industrial Accidents Convention, 1993
Page 1 of 9 C174 Prevention of Major Industrial Accidents Convention, 1993 Convention concerning the Prevention of Major Industrial Accidents (Note: Date of coming into force: 03:01:1997.) Convention:C174
More informationEthical Obligations and Responsibilities of Trial and Appellate Attorneys Lyana Hunter UNC Chapel Hill School of Government (August 2015)
Ethical Obligations and Responsibilities of Trial and Appellate Attorneys Lyana Hunter UNC Chapel Hill School of Government (August 2015) Discussion of the following rules and opinions: Rule 1.1 Competence
More informationIC Chapter 15. Ballot Card and Electronic Voting Systems; Additional Standards and Procedures for Approving System Changes
IC 3-11-15 Chapter 15. Ballot Card and Electronic Voting Systems; Additional Standards and Procedures for Approving System Changes IC 3-11-15-1 Applicability of chapter Sec. 1. Except as otherwise provided,
More informationResidence: Non-permanent workers SNA Update Issue 39c Alessandra Alfieri and Ivo Havinga United Nations Statistics Division
Residence: Non-permanent workers SNA Update Issue 39c Alessandra Alfieri and Ivo Havinga United Nations Statistics Division Prepared for the July 2005 AEG meeting A. Executive summary Non-permanent workers
More informationMEMORANDUM OF UNDERSTANDING ON ALBERTA-DESTINED HEALTH CARE PROFESSIONALS
MEMORANDUM OF UNDERSTANDING ON ALBERTA-DESTINED HEALTH CARE PROFESSIONALS BETWEEN The Government of Canada as represented by the Minister of Citizenship Immigration Canada, The Government of Alberta as
More informationGUIDELINES FOR DRAFTING & IMPLEMENTING INTEGRITY PLANS IN THE JUDICIAL INSTITUTIONS OF BOSNIA AND HERZEGOVINA
GUIDELINES FOR DRAFTING & IMPLEMENTING INTEGRITY PLANS IN THE JUDICIAL INSTITUTIONS OF BOSNIA AND HERZEGOVINA On the basis of Article 17, items 20 & 28 of the Law on the High Judicial and Prosecutorial
More informationPLASTICA. Martin. Levelling Components. Made in Italy
PLASTICA Made in Italy 59 standard description standard A B D F G H 18400 M16X100 30 100 Ø 83 13 M16 18 130 15000 18404 M16X150 30 150 Ø 83 13 M16 18 180 15000 18408 M16X200 30 200 Ø 83 13 M16 18 230 15000
More informationDATA USE AGREEMENT FOR ACCESS TO PROTECTED HEALTH INFORMATION
DATA USE AGREEMENT FOR ACCESS TO PROTECTED HEALTH INFORMATION This Data Use Agreement (the Agreement ) is effective between the Greenville Hospital System and Data User(s) (the Data Users ): 1. (List name
More informationBACKGROUND METHODOLOGY FOR STUDYING THE COSTS OF VICTIM ASSISTANCE
METHODOLOGY FOR STUDYING THE COSTS OF VICTIM ASSISTANCE Presentation at the STROM II conference Birstonas, Lithuania 13 October 2017 Natalia Ollus & Anni Lietonen BACKGROUND 1 The aim of the study To map
More informationRepublika e Kosovës Republika Kosovo-Republic of Kosovo Kuvendi - Skupština - Assembly
Republika e Kosovës Republika Kosovo-Republic of Kosovo Kuvendi - Skupština - Assembly Law No.03/L 215 ON ACCESS TO PUBLIC DOCUMENTS Assembly of the Republic of Kosovo, Based on Article 65 (1) of Constitution
More informationFramework of engagement with non-state actors: report by the Secretariat to the regional committees
Regional Committee for Europe 64th session EUR/RC64/22 Copenhagen, Denmark, 15 18 September 2014 28 July 2014 140559 Provisional agenda item 5(g) ORIGINAL: ENGLISH Framework of engagement with non-state
More informationGuidelines for Performance Auditing
Guidelines for Performance Auditing 2 Preface The Guidelines for Performance Auditing are based on the Auditing Standards for the Office of the Auditor General. The guidelines shall be used as the foundation
More informationRAPE AND SERIOUS SEXUAL OFFENCES INVESTIGATION POLICY
RAPE AND SERIOUS SEXUAL OFFENCES INVESTIGATION POLICY Reference No. P02:2009 Implementation date 10 June 2009 Version Number 2.3 Policy/Procedure Government Security Classification Handling Instructions
More informationModelling and Reasoning Languages for Social Networks Policies
2009 IEEE International Enterprise Distributed Object Computing Conference Modelling and Reasoning Languages for Social Networks Policies Guido Governatori and Renato Iannella NICTA, Queensland Research
More informationPERSONAL INFORMATION PROTECTION ACT
PERSONAL INFORMATION PROTECTION ACT Promulgated on March 29, 2011 Effective on September 30, 2011 CHAPTER I. GENERAL PROVISIONS Article 1 (Purpose) The purpose of this Act is to provide for the processing
More informationTransitional Relief. The Data Protection (Bailiwick of Guernsey) Law, 2017 came into force on 25 May You can find a copy of the Law here.
The Data Protection (Bailiwick of Guernsey) Law, 2017 ( the Law ) Transitional Relief The Data Protection (Bailiwick of Guernsey) Law, 2017 came into force on 25 May 2018. You can find a copy of the Law
More informationCRIMINAL RECORDS CHECK (DBS) POLICY. Author/Reviewer: Date Approved: Jan 2006
CRIMINAL RECORDS CHECK (DBS) POLICY Author/Reviewer: DHR Date Approved: Jan 2006 Where Approved: Corporation Date of Issue: Nov 2008 Impact Assessment: Jan 2008 Date Reviewed: August 2010 Date Reviewed
More informationSTATE OF NORTH CAROLINA
STATE OF NORTH CAROLINA HERTFORD COUNTY CLERK OF SUPERIOR COURT FISCAL CONTROL AUDIT WINTON, NORTH CAROLINA OFFICE OF THE STATE AUDITOR BETH A. WOOD, CPA STATE AUDITOR HERTFORD COUNTY CLERK OF SUPERIOR
More informationPrivacy Policy. Cabcharge will only collect personal information which is necessary for the operation of its business.
Privacy Policy Cabcharge Australia Limited ( Cabcharge ) is subject to the Australian Privacy Principles pursuant to the Privacy Act 1988 as amended by the Privacy Amendment (Enhancing Privacy Protection)
More informationAlthough the Judiciary Act of 1789 (ch. 20, 35, 1 Stat. 73, 92 93) created
EDITORIAL INTRODUCTION C R I M E D A T A S E T S Improving Our Conceptualization and Measurement of Crime Charles F. Wellford University of Maryland College Park Although the Judiciary Act of 1789 (ch.
More informationSection Existing Language Proposed Language
Submitted By Page # in current document 1 Member 11 Article IV: Eligibility of Officers Section 1 2 Member 12 Article IV: Section 5 Regular Meetings Section Existing Language Proposed Language The regular
More informationFRCC REGIONAL RELIABILITY STANDARD DEVELOPMENT PROCESS MANUAL
FRCC REGIONAL RELIABILITY STANDARD DEVELOPMENT PROCESS MANUAL FRCC-RE-STD-001 Effective Date: March 3, 2017 Version: 1 3000 Bayport Drive, Suite 600 Tampa, Florida 33607-8410 (813) 289-5644 - Phone (813)
More informationLaw No. 13 of 2016 Promulgating the Protection of the Privacy of Personal Data Law
Law No. 13 of 2016 Promulgating the Protection of the Privacy of Personal Data Law No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means
More informationFIRE SAFETY. The Fire Safety Act. being. Chapter F-15.11* of The Statutes of Saskatchewan, (effective November 2, 2015).
1 FIRE SAFETY c. F-15.11 The Fire Safety Act being Chapter F-15.11* of The Statutes of Saskatchewan, 2015. (effective November 2, 2015). *NOTE: Pursuant to subsection 33(1) of The Interpretation Act, 1995,
More informationSummary of Revisions to the ANSI Essential Requirements:
Summary of Revisions to the ANSI Essential Requirements: 2003 2018 Note: the ANSI Essential Requirements: Due process requirements for American National Standards (www.ansi.org/essentialrequirements) replaced
More informationPREPARING FOR DISCOVERY AND DEPOSITIONS/ HOW NOT TO LOSE YOUR CASE BEFORE TRIAL*
PREPARING FOR DISCOVERY AND DEPOSITIONS/ HOW NOT TO LOSE YOUR CASE BEFORE TRIAL* Speaker: J. Andrew Nathan Nathan, Bremer, Dumm & Myers 7900 East Union Avenue Suite 600, Denver CO 80237 (303) 691-3737
More informationCODE OF PRACTICE FOR COMMUNITY- BASED CCTV SYSTEMS
CODE OF PRACTICE FOR COMMUNITY- BASED CCTV SYSTEMS 1 INTRODUCTION This Code of Practice sets out the basic conditions of use for Community-Based CCTV systems by applicants for the Department of Justice,
More informationConstitution Amendment # 1 Location ARTICLE XI, SECTION 1, LETTER B
Constitution Amendment # 1 Location ARTICLE XI, SECTION 1, LETTER B Chapter Affairs: Each collegiate and alumni chapter shall have the authority to conduct all affairs of the chapter, provided that any
More informationConsultation on International Outreach of ESFRI projects and landmarks. Main findings
Consultation on International Outreach of ESFRI projects and landmarks Main findings April 201 EUROPEAN COMMISSION Directorate-General for Research and Innovation Directorate B Open Innovation and Open
More informationCriminal Procedure Code. Surrender
1 Extract from Estonian Criminal Procedure Code (Unofficial translation) Surrender Subdivision 1 - General Provisions 490. European arrest warrant The European arrest warrant is a request submitted by
More informationPresident's introduction
Croatian Competition Agency Annual plan for 2014-2016 1 Contents President's introduction... 3 1. Competition and Croatian Competition Agency... 4 1.1. Competition policy... 4 1.2. Role of the Croatian
More informationII. CORRUPTION PREVENTION COMMISSION
II. CORRUPTION PREVENTION COMMISSION (extract from the Integrity and Prevention of Corruption Act, 26 May 2010) 1. Definition, composition and supervision of the Corruption Prevention Commission Article
More informationPRIVACY POLICY DOT DM Corporation Commonwealth of Dominica cctld (.dm)
PRIVACY POLICY DOT DM Corporation Commonwealth of Dominica cctld (.dm) Modified: 08 May 2018 V1.2 1. 1.1 OBJECTIVES: The objectives of this Privacy Policy are: (1) To disclose to the Registrant, and in
More informationCanadian Pesticide Compliance and Enforcement Overview
Canadian Pesticide Compliance and Enforcement Overview Presentation to AAPCO March 6, 2016 Diana Dowthwaite Director General, Compliance, Laboratory Services and Regional Operations Directorate Pest Management
More informationCOGNIZANT TECHNOLOGY SOLUTIONS CORPORATION
COGNIZANT TECHNOLOGY SOLUTIONS CORPORATION Nominating, Governance and Public Affairs Committee Charter Updated September 12, 2018 A. Purpose The purpose of the Nominating, Governance and Public Affairs
More informationMinutes: ORDA Audit Committee Meeting March 26, :06am. Attendance:
Minutes: ORDA Audit Committee Meeting March 26, 2013. 10:06am Attendance: Cliff Donaldson Audit Chair Ted Blazer President/CEO Padraig Power Finance Director Alan Walther Bonadio and Company The meeting
More information31) Feature Models and MDA for Product Lines
Obligatory Literature Fakultät Informatik, Institut für Software- und Multimediatechnik, Lehrstuhl für Softwaretechnologie Ø Florian Heidenreich, Jan Kopcsek, and Christian Wende. FeatureMapper: Features
More informationTelecommunications Information Privacy Code 2003
Telecommunications Information Privacy Code 2003 Incorporating Amendments No 3, No 4, No 5 and No 6 Privacy Commissioner Te Mana Matapono Matatapu NEW ZEALAND This version of the code applies from 2 8
More informationLIMS IMPLEMENTATION PROJECT HINDSIGHTS How to avoid pitfalls and delays Presented By Kathy Smith Narragansett Bay Commission
LIMS IMPLEMENTATION PROJECT HINDSIGHTS How to avoid pitfalls and delays Presented By Kathy Smith Narragansett Bay Commission This presentation s focus is on a project that had many obstacles, delays, overruns
More informationPENNSYLVANIA BAR ASSOCIATION LEGAL ETHICS AND PROFESSIONAL RESPONSIBILITY COMMITTEE RESOLUTION
PENNSYLVANIA BAR ASSOCIATION LEGAL ETHICS AND PROFESSIONAL RESPONSIBILITY COMMITTEE RESOLUTION WHEREAS, it is the charge of the PBA Legal Ethics and Professional Responsibility Committee to review and
More informationLogic-based Argumentation Systems: An overview
Logic-based Argumentation Systems: An overview Vasiliki Efstathiou ITI - CERTH Vasiliki Efstathiou (ITI - CERTH) Logic-based Argumentation Systems: An overview 1 / 53 Contents Table of Contents Introduction
More informationPATENT COOPERATION TREATY (PCT)
E PCT/GL/ISPE/6 ORIGINAL: ENGLISH DATE: June 6, 2017 PATENT COOPERATION TREATY (PCT) PCT INTERNATIONAL SEARCH AND PRELIMINARY EXAMINATION GUIDELINES (Guidelines for the Processing by International Searching
More informationTitle 20 DEVELOPMENT PERMIT PROCEDURES AND ADMINISTRATION. Title GENERAL PROVISIONS
Title 20 DEVELOPMENT PERMIT PROCEDURES AND ADMINISTRATION 20.02.005 Purpose and applicability. Title 20.02 GENERAL PROVISIONS (1) The purpose of this title is to enact the processes and timelines for land
More informationBOSNA I HERCEGOVINA БOСНA И ХEРЦEГOВИНA
BOSNA I HERCEGOVINA Konkurencijsko vijeće БOСНA И ХEРЦEГOВИНA Koнкурeнциjски сaвjeт BOSNIA AND HERZEGOVINA Council of Competition Law on Competition Sarajevo, 2000. I - General Provisions Article 1 This
More information(Acts whose publication is obligatory)
L 181/6 I (Acts whose publication is obligatory) COUNCIL REGULATION (EC) No 1338/2001 of 28 June 2001 laying down measures necessary for the protection of the euro against counterfeiting THE COUNCIL OF
More informationFINANCIAL SERVICES AND MARKETS REGULATIONS 2015
FINANCIAL SERVICES AND MARKETS REGULATIONS 2015 *In this Annex, underlining indicates new text and strikethrough indicates deleted text, unless otherwise indicated. FINANCIAL SERVICES AND MARKETS REGULATIONS
More informationPROCEDURE (Essex) / Linked SOP (Kent) Data Protection. Number: W 1011 Date Published: 24 November 2016
1.0 Summary of Changes 1.1 This procedure/sop has had an additional paragraph added at 3.8.6 relating to data processing of information by direct access to Athena. 2.0 What this Procedure/SOP is About
More informationInterNational Electrical Testing Association Operating Principles and Procedures
InterNational Electrical Testing Association Operating Principles and Procedures 1. GENERAL These Operating Principles and Procedures describe the method used by the InterNational Electrical Testing Association
More informationPolicy Framework for the Regional Biometric Data Exchange Solution
Policy Framework for the Regional Biometric Data Exchange Solution Part 10 : Privacy Impact Assessment: Regional Biometric Data Exchange Solution REGIONAL SUPPORT OFFICE THE BALI PROCESS 1 Attachment 9
More informationEstonian National Electoral Committee. E-Voting System. General Overview
Estonian National Electoral Committee E-Voting System General Overview Tallinn 2005-2010 Annotation This paper gives an overview of the technical and organisational aspects of the Estonian e-voting system.
More informationHaving regard to the Treaty on the Functioning of the European Union, and in particular Article 172 thereof,
L 150/72 Official Journal of the European Union 20.5.2014 REGULATION (EU) No 512/2014 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 16 April 2014 amending Regulation (EU) No 912/2010 setting up the
More informationCatholic Schools Office Diocese of Lismore
Catholic Schools Office Diocese of Lismore DISCRIMINATION, HARASSMENT AND BULLYING IN THE WORKPLACE STANDARD OPERATING PROCEDURES Policy Number: PMADHB:V2 Status: Final Date Issued: December 2014 Evaluation
More informationEuroclear Central Securities Depository (CSD) User Committees Terms of Reference (incorporating internal governance practice & procedures)
Euroclear Central Securities Depository (CSD) User Committees Terms of Reference (incorporating internal governance practice & procedures) 1. Purpose 1.1. Each CSD establishes its own User Committee as
More informationAUDIT, RISK AND COMPLIANCE COMMITTEE CHARTER
AUDIT, RISK AND COMPLIANCE COMMITTEE CHARTER October 2015 Page 1 1. PURPOSE OF THE AUDIT, RISK AND COMPLIANCE COMMITTEE CHARTER 1.1 The purpose of this document is to set out the role, duties and responsibilities
More informationRulebook. Revised as of: July 27, DTCC Data Repository (U.S.) LLC
DTCC Data Repository (U.S.) LLC Rulebook Revised as of: July 27, 2017 This DTCC Data Repository (U.S.) LLC Rulebook, as amended, supplemented or modified from time to time, and together with any appendix,
More informationDURHAM CONSTABULARY POLICY
DURHAM CONSTABULARY POLICY Durham Constabulary Freedom of Information Act Publication Scheme Name of Policy Lawful Business Monitoring Registry Reference No. DCP 167 Policy Owner Head of Professional Standards
More informationPolicies and Procedures No. 56
1255 Imperial Avenue, Suite 1000 San Diego, CA 92101-7490 619/231-1466 FAX 619/234-3407 Policies and Procedures No. 56 SUBJECT: Enacted: 9/13/07 FRAUD IN THE WORKPLACE PURPOSE: To establish policies and
More informationDIVISION E--INFORMATION TECHNOLOGY MANAGEMENT REFORM
DIVISION E--INFORMATION TECHNOLOGY MANAGEMENT REFORM SEC. 5001. SHORT TITLE. This division may be cited as the `Information Technology Management Reform Act of 1995'. SEC. 5002. DEFINITIONS. In this division:
More informationOffice of the Clerk of Circuit Court Baltimore County, Maryland
Audit Report Office of the Clerk of Circuit Court Baltimore County, Maryland October 2011 OFFICE OF LEGISLATIVE AUDITS DEPARTMENT OF LEGISLATIVE SERVICES MARYLAND GENERAL ASSEMBLY This report and any related
More information11/15/13. Objectives. Review. Our Screen Saver Dependencies. Our Screen Saver Dependencies. Project Deliverables Timeline TEAM FINAL PROJECT
Objectives Team Final Project Review What design pattern is used in the screen savers code? What is the design principle we discussed on Wednesday? What was likely to change? Open up Eclipse Nov 15, 2013
More informationColloquium organized by Supreme Administrative Court of the Czech Republic and ACA-Europe
NEJVYŠŠÍ SPRAVNI SOUD Colloquium organized by Supreme Administrative Court of the Czech Republic and ACA-Europe Provide or Protect? Administrative courts between Scylla of freedom of information and Charybdis
More informationDATA SHARING AND PROCESSING
DATA SHARING AND PROCESSING Capita Business Services Limited March 2016 Version 1.3 TABLE OF CONTENTS: Item Heading Page 1 Data Processing Agreement 2 2 Data Protection Act 1998 2 3 Data Protection Act
More informationWOMEN AND GIRLS IN EMERGENCIES
WOMEN AND GIRLS IN EMERGENCIES SUMMARY Women and Girls in Emergencies Gender equality receives increasing attention following the adoption of the UN Sustainable Development Goals (SDGs). Issues of gender
More informationUnit 03. Ngo Quy Nham Foreign Trade University
Unit 03 Ngo Quy Nham Foreign Trade University The process by which managers identify organisational problems and try to resolve them. Identifying a problem Identifying decision criteria Allocating weight
More informationAd-Hoc Query on Implementation of Council Regulation 380/2008. Requested by FI EMN NCP on 10 th September 2009
Ad-Hoc Query on Implementation of Council Regulation 380/2008 Requested by FI EMN NCP on 10 th September 2009 Compilation produced on 8 th December 2009 Responses from Austria, Belgium, Denmark, Estonia,
More informationFOURTH EVALUATION ROUND. Corruption prevention in respect of members of parliament, judges and prosecutors COMPLIANCE REPORT
Adoption: 2 December 2016 Publication: 15 February 2017 Public GrecoRC4(2016)12 F O U R T H FOURTH EVALUATION ROUND Corruption prevention in respect of members of parliament, judges and prosecutors COMPLIANCE
More informationNational Human Rights Institutions in the EU Member States Strengthening the fundamental rights architecture in the EU I
European Union Agency for Fundamental Rights (FRA) MEMO / 7 May 2010 National Human Rights Institutions in the EU Member States Strengthening the fundamental rights architecture in the EU I 82% of those
More information[To be published in THE GAZETTE OF INDIA, EXTRAORDINARY, Part II, Section 3, Sub-section (i) of dated the , 2011]
[To be published in THE GAZETTE OF INDIA, EXTRAORDINARY, Part II, Section 3, Sub-section (i) of dated the ----------, 2011] Government of India MINISTRY OF COMMUNICATIONS AND INFORMATION TECHNOLOGY (Department
More informationSECTION 1. TABLE OF CONTENTS.
--S.2022-- S.2022 One Hundred Fifth Congress of the United States of America AT THE SECOND SESSION Begun and held at the City of Washington on Tuesday, the twenty-seventh day of January, one thousand nine
More informationGOLDEN RAIN FOUNDATION OF WALNUT CREEK BYLAWS ARTICLE I GENERAL PURPOSES AND OFFICES
*Effective 9/3/02 *Amended 5/13/02 GOLDEN RAIN FOUNDATION OF WALNUT CREEK BYLAWS ARTICLE I GENERAL PURPOSES AND OFFICES Section 1. General Purpose This Corporation shall be conducted as a nonprofit mutual
More informationExtensional Equality in Intensional Type Theory
Extensional Equality in Intensional Type Theory Thorsten Altenkirch Department of Informatics University of Munich Oettingenstr. 67, 80538 München, Germany, alti@informatik.uni-muenchen.de Abstract We
More information30 Transformational Design with Essential Aspect Decomposition: Model-Driven Architecture (MDA)
Fakultät Informatik, Institut für Software- und Multimediatechnik, Lehrstuhl für Softwaretechnologie 30 Transformational Design with Essential Aspect Decomposition: Model-Driven Architecture () Prof. Dr.
More informationAspect Decomposition: Model-Driven Architecture (MDA) 30 Transformational Design with Essential. References. Ø Optional: Ø Obligatory:
Fakultät Informatik, Institut für Software- und Multimediatechnik, Lehrstuhl für Softwaretechnologie 30 Transformational Design with Essential Aspect Decomposition: Model-Driven Architecture () Prof. Dr.
More informationINFORMATION DISSEMINATION POLICY STATEMENT
ID 72 INFORMATION DISSEMINATION POLICY STATEMENT EFFECTIVE DATE: June 21, 2005 Supersedes No.: SOD 72 Dated: 07/22/02 Subject: Withdrawal of Federal Information Products from GPO s Information Dissemination
More informationI.E. Canada Controlled Export Webinar Series. Session 3 Defence Trade Controls: Canada s Controlled Goods Program and its Interaction with US ITAR
I.E. Canada Controlled Export Webinar Series Session 3 Defence Trade Controls: Canada s Controlled Goods Program and its Interaction with US ITAR John W. Boscariol McCarthy Tétrault LLP July 26, 2018 Growing
More informationAlberta Records Management Committee: Terms of Reference
Alberta Records Management Committee: Terms of Reference Mission The Alberta Records Management Committee (ARMC) is a decision-making committee whose purpose is to provide corporate oversight to the Government
More informationNational Programme for Estonian Language Technology: a Pre-final Summary
National Programme for Estonian Language Technology: a Pre-final Summary Einar Meister**, Jaak Vilo* & Neeme Kahusk*** **Vice-chairman, *Chairman & *** Coordinator of the Programme Outline HLT evolution
More informationAUTOMATED CONTRACT REVIEW
AUTOMATED CONTRACT REVIEW Machine Learning Comes to Corporate Law Session #133 Kingsley Martin KM Standards Amy Harvey & Michael Nogroski Chapman and Cutler SPEAKERS Julian Tsisin Google AUTOMATED CONTRACT
More information