Compliance Management
From IT Process Wiki
Contents |
[edit] ITIL Compliance Management: Overview
Process Objective: To ensure IT services, processes and systems comply with enterprise policies and legal requirements.
Part of: Service Design
Process Owner: Compliance Manager
[edit] ITIL Compliance Management: Process Definition
Compliance issues are addressed within several processes in ITIL V2 and ITIL V3; there is, however, no dedicated Compliance Management process. Compliance is an increasingly important topic for IT organizations, so at IT Process Maps we decided to assign clear responsibilities for ensuring compliance, which meant introducing a specific Compliance Management process as part of the ITIL® Process Map V3.
No sub-processes are specified for Compliance Management in compliance with ITIL V3.
[edit] ITIL Terms: Compliance Management
- Compliance Register
- The Compliance Register is a tool used by the Compliance Management process to keep an overview of all compliance requirements and the measures applied to ensure their enforcement.
- Compliance Review
- The Compliance Review documents the results of regular process and system compliance assessments. In particular, it contains any identified deviations from compliance requirements, as well as measures to correct the situation.
- Enterprise Policies and Regulations
- A set of binding enterprise policies and regulations which are an important input for the IT Compliance Management process.
[edit] Additional Information on Compliance Management
[edit] ITIL Roles
- Compliance Manager - Process Owner
- The Compliance Manager's responsibility is to ensure that standards and guidelines is followed, or that proper, consistent accounting or other practices are being employed.
- This includes to make sure that external legal requirements are fulfilled.
