Compliance Management: Difference between revisions

From IT Process Wiki
No edit summary
No edit summary
 
(5 intermediate revisions by the same user not shown)
Line 1: Line 1:
<itpmch><title>Compliance Management | IT Process Wiki</title>
<itpmch><title>Compliance Management | IT Process Wiki</title>
<meta name="keywords" content="compliance management, itil compliance, itil compliance management, compliance management itil, compliance process, process compliance" />
<meta name="keywords" content="compliance management, itil compliance, itil compliance management, compliance management itil, compliance process, process compliance" />
<meta name="description" content="Compliance Management: ITIL process definition - Sub-processes - Terms - Additional information on ITIL Compliance Management." />
<meta name="description" content="Compliance Management aims to ensure IT services, processes and systems comply with enterprise policies and legal requirements. ITIL highlights the most important activities and assists in identifying interfaces with other service management processes." />
<meta property="og:url" content="https://wiki.en.it-processmaps.com/index.php/Compliance_Management" />
<meta property="og:title" content="Compliance Management | IT Process Wiki" />
<meta property="og:description" content="Compliance Management aims to ensure IT services, processes and systems comply with enterprise policies and legal requirements. ITIL highlights the most important activities and assists in identifying interfaces with other service management processes." />
<meta property="og:site_name" content="IT Process Wiki - the ITIL&#174; Wiki">
<meta property="og:type" content="article" />
<meta property="article:publisher" content="https://www.facebook.com/itprocessmaps" />
<meta property="fb:admins" content="100002035253209" />
<meta property="fb:admins" content="100002592864414" />
<meta property="og:image" content="https://wiki.en.it-processmaps.com/images/8/89/Itil-compliance-management.jpg" />
<meta property="og:image:width" content="1200" />
<meta property="og:image:height" content="1200" />
<link href="https://plus.google.com/108613479011811316823/posts" rel="publisher" />
</itpmch>
</itpmch>
<imagemap>
<imagemap>
Image:ITIL-Wiki-de-es.jpg|DE - ES - Compliance Management|100px
Image:ITIL-Wiki-de-es.jpg|right|DE - ES - Compliance Management|163px
rect 0 0 50 30 [https://wiki.de.it-processmaps.com/index.php/Compliance_Management diese Seite auf Deutsch]
rect 81 0 114 36 [https://wiki.de.it-processmaps.com/index.php/Compliance_Management diese Seite auf Deutsch]
rect 50 0 100 30 [https://wiki.es.it-processmaps.com/index.php/ITIL_Gestion_de_Cumplimiento esta página en español]
rect 115 0 163 36 [https://wiki.es.it-processmaps.com/index.php/ITIL_Gestion_de_Cumplimiento esta página en español]
desc none
desc none
</imagemap>
</imagemap>
<br style="clear:both;"/>
<br style="clear:both;"/>
<p>&nbsp;</p>


'''<span id="Overview">Objective:</span>''' <html><span id="md-webpage-description" itemprop="description"><i>ITIL Compliance Management</i> aims to ensure IT services, processes and systems comply with enterprise policies and legal requirements.</span></p>
'''<span id="Overview">Objective:</span>''' <html><span id="md-webpage-description" itemprop="description"><i>ITIL Compliance Management</i> aims to ensure IT services, processes and systems comply with enterprise policies and legal requirements.</span></p>
Line 22: Line 32:
==Process Description==
==Process Description==


[[Image:Itil-compliance-management.jpg|right|thumb|375px|alt=Compliance Management ITIL|link=https://wiki.en.it-processmaps.com/index.php/File:Itil-compliance-management.jpg|[https://wiki.en.it-processmaps.com/images/pdf/process_overview_compliance_management_itilv3.pdf ITIL Compliance Management]]]
[[Image:Itil-compliance-management.jpg|right|thumb|500px|alt=Compliance Management ITIL|link=https://wiki.en.it-processmaps.com/index.php/File:Itil-compliance-management.jpg|[https://wiki.en.it-processmaps.com/images/pdf/process_overview_compliance_management_itilv3.pdf ITIL Compliance Management]]]
 
Compliance issues are addressed within several processes in ITIL; there is, however, no dedicated Compliance Management process.


Compliance is an increasingly important topic for IT organizations, so at IT Process Maps we decided to assign clear responsibilities for ensuring compliance, which meant introducing a specific Compliance Management process as part of the [https://en.it-processmaps.com/products/itil-process-map.html ITIL&reg; Process Map].
Compliance management is not on the list of official ITIL 2011 processes resp. ITIL 4 practices, but compliance issues are addressed in several ITIL processes, and compliance is an increasingly important topic for IT organizations. So there are good reasons for organizations to define and implement a compliance management process, and at IT Process Maps we have decided to introduce a specific Compliance Management process as part of the [https://en.it-processmaps.com/products/itil-process-map.html ITIL&reg; Process Map].


ITIL does not provide a detailed explanation of all aspects of Compliance Management. Rather, it highlights the most important activities and assists in identifying interfaces with other Service Management processes.  
ITIL does not provide a detailed explanation of all aspects of Compliance Management. Rather, it highlights the most important activities and assists in identifying interfaces with other Service Management processes.  


Following the introduction of Design Coordination in '''''ITIL 2011''''' the information flows have been adapted slightly. The process overview of [[Media:Itil-compliance-management.jpg|ITIL Compliance Management (.JPG)]] is showing the most important interfaces (see Figure 1).
Following the introduction of Design Coordination in ITIL 2011 the information flows have been adapted slightly. The process overview of [[Media:Itil-compliance-management.jpg|ITIL Compliance Management (.JPG)]] shows the key information flows (see fig. 1).
 
<p>&nbsp;</p>


==Sub-Processes==
==Sub-Processes==


No sub-processes are specified for [[Compliance Management|ITIL Compliance Management]].
No sub-processes are specified for [[Compliance Management|ITIL Compliance Management]].
<p>&nbsp;</p>


== Definitions ==
== Definitions ==
Line 44: Line 48:
<html><div itemscope="itemscope" itemtype="https://schema.org/ItemList"><!-- define schema.org/ItemList -->
<html><div itemscope="itemscope" itemtype="https://schema.org/ItemList"><!-- define schema.org/ItemList -->
<meta itemprop="itemListOrder" content="Ascending" />
<meta itemprop="itemListOrder" content="Ascending" />
<p><span itemprop="name">The following <a href="/index.php/ITIL%20Glossary#ITIL%20Glossary%20A-Z" title="ITIL Glossary">ITIL terms and acronyms</a> (<i>information objects</i>) are used in the ITIL Compliance Management process to represent process outputs and inputs:</span>
<p><span itemprop="name">The following <a href="/index.php/ITIL_Glossary#ITIL_Glossary_A-Z" title="ITIL Glossary">ITIL terms and acronyms</a> (<i>information objects</i>) are used in the ITIL Compliance Management process to represent process outputs and inputs:</span>
</p>
</p>
<p>&#160;</p>
<p><b><span id="Compliance_Register" itemprop="itemListElement">Compliance Register</span></b>
<p><b><span id="Compliance_Register" itemprop="itemListElement">Compliance Register</span></b>
</p>
</p>
<ul><li itemprop="description">The Compliance Register is a tool used by the Compliance Management process to keep an overview of all compliance requirements and the measures applied to ensure their enforcement.
<ul><li itemprop="description">The Compliance Register is a tool used by the Compliance Management process to keep an overview of all compliance requirements and the measures applied to ensure their enforcement.
</li></ul>
</li></ul>
<p><br />
<p><b><span id="Compliance_Review" itemprop="itemListElement">Compliance Review</span></b>
</p><p><b><span id="Compliance_Review" itemprop="itemListElement">Compliance Review</span></b>
</p>
</p>
<ul><li itemprop="description">The Compliance Review documents the results of regular process and system compliance assessments. In particular, it contains any identified deviations from compliance requirements, as well as measures to correct the situation.
<ul><li itemprop="description">The Compliance Review documents the results of regular process and system compliance assessments. In particular, it contains any identified deviations from compliance requirements, as well as measures to correct the situation.
</li></ul>
</li></ul>
<p><br />
<p><b><span id="Enterprise_Policies_and_Regulations" itemprop="itemListElement">Enterprise Policies and Regulations</span></b>
</p><p><b><span id="Enterprise_Policies_and_Regulations" itemprop="itemListElement">Enterprise Policies and Regulations</span></b>
</p>
</p>
<ul><li itemprop="description">A set of binding enterprise policies and regulations which are an important input for the <strong class="selflink">Compliance Management</strong> process.
<ul><li itemprop="description">A set of binding enterprise policies and regulations which are an important input for the <strong class="selflink">Compliance Management</strong> process.
</li></ul>
</li></ul>
</div><!-- end of schema.org/ItemList --><p></html>
</div><!-- end of schema.org/ItemList --><p></html>
<p>&nbsp;</p>


== Roles | Responsibilities ==
== Roles | Responsibilities ==
Line 72: Line 72:
<p>&nbsp;</p>
<p>&nbsp;</p>


{| border="1" cellpadding="5" cellspacing="0" style="margin-left: auto; margin-right: auto; text-align:center;" valign="top"
{| class="wikitable" style="background: white;"
|-
|-
|style="vertical-align:top; text-align:center" colspan="2" style="background:#ffffdd;"| '''Responsibility Matrix: ITIL Compliance Management'''
|+ style="background:#013b5e; color:#ffffff; font-size: 120%" colspan="2"|'''Responsibility Matrix: ITIL Compliance Management'''
|-
|-
!style="background:#ffffee; width: 65%; text-align:center"| ITIL Role / Sub-Process
!style="background:#ffffee; width: 65%; text-align:center" | ITIL Role / Sub-Process
! style="background:#ffffee;" | [[Compliance Management#Compliance Manager|Compliance Manager]]
! style="background:#eeeeee;" | [[Compliance Management#Compliance Manager|Compliance Manager]]
|-
|-
|style="text-align:left;" |[[Compliance Management|Compliance Management]]<br /> ''(no sub-processes specified)''
|style="text-align:left;" |[[Compliance Management|Compliance Management]]<br /> ''(no sub-processes specified)''
Line 83: Line 83:
|-
|-
|}
|}
<p>&nbsp;</p>


'''Remarks'''
'''Remarks'''
Line 91: Line 89:


<span id="Responsible">[2] ''R: Responsible'' according to the RACI Model: Those who do the work to achieve a task within ITIL Compliance Management.</span>
<span id="Responsible">[2] ''R: Responsible'' according to the RACI Model: Those who do the work to achieve a task within ITIL Compliance Management.</span>
<p>&nbsp;</p>


==Notes==
==Notes==


<html>By:&#160;&#160;Stefan Kempter&#160;<a rel="author" href="https://plus.google.com/111925560448291102517/about"><img style="margin:0px 0px 0px 0px;" src="/skins/Vector/images/itpm/bookmarking/gplus.png" width="16" height="16" title="By: Stefan Kempter | Profile on Google+" alt="Author: Stefan Kempter, IT Process Maps GbR" /></a>, IT Process Maps.</p>
<html>By:&#160;&#160;Stefan Kempter&#160;<a rel="author" href="https://www.linkedin.com/in/stefankempter"><img style="margin:0px 0px 0px 0px;" src="/images/bookmarking/linkedin.png" width="16" height="16" title="By: Stefan Kempter | Profile on LinkedIn" alt="Author: Stefan Kempter, IT Process Maps GbR" /></a>, IT Process Maps.</p>


<p>&nbsp;</p>
<p>&nbsp;</p>


<p><small>
<p><small>
<span itemscope="itemscope" itemtype="http://data-vocabulary.org/Breadcrumb">
<span itemprop="breadcrumb" itemscope itemtype="http://schema.org/BreadcrumbList">
<a href="https://wiki.en.it-processmaps.com/index.php/Compliance_Management#Process_Description" itemprop="url"><span itemprop="title">Process Description</span></a>
<span itemprop="itemListElement" itemscope itemtype="http://schema.org/ListItem">
</span>
<a itemprop="item" href="https://wiki.en.it-processmaps.com/index.php/Compliance_Management#Process_Description">
<span itemscope="itemscope" itemtype="http://data-vocabulary.org/Breadcrumb">
<span itemprop="name">Process Description</span></a>
<a href="https://wiki.en.it-processmaps.com/index.php/Compliance_Management#Definitions" itemprop="url"><span itemprop="title">Definitions</span></a>
<meta itemprop="position" content="1"></span>
</span>
<span itemprop="itemListElement" itemscope itemtype="http://schema.org/ListItem">
<span itemscope="itemscope" itemtype="http://data-vocabulary.org/Breadcrumb">
<a itemprop="item" href="https://wiki.en.it-processmaps.com/index.php/Compliance_Management#Definitions">
<a href="https://wiki.en.it-processmaps.com/index.php/Compliance_Management#Roles_.7C_Responsibilities" itemprop="url"><span itemprop="title">Roles</span></a>
<span itemprop="name">Definitions</span></a>
<meta itemprop="position" content="2"></span>
<span itemprop="itemListElement" itemscope itemtype="http://schema.org/ListItem">
<a itemprop="item" href="https://wiki.en.it-processmaps.com/index.php/Compliance_Management#Roles_.7C_Responsibilities">
<span itemprop="name">Roles</span></a>
<meta itemprop="position" content="3"></span>
</span>
</span>
</small></p>
</small></p>


<!-- define schema.org/WebPage --> <span itemscope itemtype="https://schema.org/WebPage" itemref="md-webpage-description">
<!-- define schema.org/WebPage --> <span itemscope itemtype="https://schema.org/WebPage" itemref="md-webpage-description">
<meta itemprop="alternativeHeadline" content="ITIL Compliance Management" />
  <meta itemprop="alternativeHeadline" content="ITIL Compliance Management" />
<meta itemprop="name" content="Compliance Management" />
  <meta itemprop="name" content="Compliance Management" />
<link itemprop="url" href="https://wiki.en.it-processmaps.com/index.php/Compliance_Management" />
  <link itemprop="url" href="https://wiki.en.it-processmaps.com/index.php/Compliance_Management" />
<meta itemprop="inLanguage" content="en" />
  <meta itemprop="inLanguage" content="en" />
<link itemprop="citation" href="https://wiki.de.it-processmaps.com/index.php/Compliance_Management" />
  <link itemprop="citation" href="https://wiki.de.it-processmaps.com/index.php/Compliance_Management" />
<link itemprop="citation" href="https://wiki.es.it-processmaps.com/index.php/ITIL_Gestion_de_Cumplimientoo" />
  <link itemprop="citation" href="https://wiki.es.it-processmaps.com/index.php/ITIL_Gestion_de_Cumplimiento" />
<meta itemprop="Headline" content="Compliance Management" />
  <meta itemprop="Headline" content="Compliance Management" />
<link itemprop="isPartOf" href="https://wiki.en.it-processmaps.com/index.php/ITIL_Service_Design" />
  <link itemprop="isPartOf" href="https://wiki.en.it-processmaps.com/index.php/ITIL_Service_Design" />
<link itemprop="primaryImageOfPage" href="https://wiki.en.it-processmaps.com/images/8/89/Itil-compliance-management.jpg" />
  <link itemprop="primaryImageOfPage" href="https://wiki.en.it-processmaps.com/images/8/89/Itil-compliance-management.jpg" />
<link itemprop="author" href="https://plus.google.com/111925560448291102517/about" />
  <span id="https://wiki.en.it-processmaps.com/images/8/89/Itil-compliance-management.jpg" itemprop="image" itemscope itemtype="https://schema.org/ImageObject">
<meta itemprop="author" content="Stefan Kempter" />
  <meta itemprop="caption" content="Compliance Management">
<meta itemprop="creator copyrightHolder publisher" content="IT Process Maps" />
  <meta itemprop="contentUrl" content="https://wiki.en.it-processmaps.com/images/8/89/Itil-compliance-management.jpg" />
  <meta itemprop="width" content="1200" />
  <meta itemprop="height" content="1200" />
  <meta itemprop="representativeOfPage" content="true"/>
  <meta itemprop="dateCreated" content="2011-09-19" />
  <meta itemprop="dateModified" content="2020-06-20" />
  <span itemprop="thumbnail" itemscope itemtype="https://schema.org/ImageObject">
    <meta itemprop="url" content="https://wiki.en.it-processmaps.com/images/thumb/8/89/Itil-compliance-management.jpg/600px-Itil-compliance-management.jpg" />
    <meta itemprop="width" content="600" />
    <meta itemprop="height" content="600" />
  </span>
  <meta itemprop="keywords" content="Compliance Management" />
  <meta itemprop="keywords" content="ITIL Compliance Management" />
  </span>
  <link itemprop="author" href="https://www.linkedin.com/in/stefankempter" />
  <meta itemprop="author" content="Stefan Kempter" />
  <meta itemprop="creator copyrightHolder publisher" content="IT Process Maps" />
</span><p></html>
</span><p></html>


<!-- This page is assigned to the following categories: -->
<!-- This page is assigned to the following categories: -->
[[Category:ITIL V3]][[Category:ITIL 2011]][[Category:ITIL process]][[Category:Service Design|Compliance Management]][[Category:Compliance Management|!]]
[[Category:ITIL 2011]][[Category:ITIL V3]][[Category:ITIL process]][[Category:Service Design|Compliance Management]][[Category:Compliance Management|!]]
<!-- --- -->
<!-- --- -->

Latest revision as of 11:53, 31 December 2023

DE - ES - Compliance Managementdiese Seite auf Deutschesta página en español
DE - ES - Compliance Management


Objective: ITIL Compliance Management aims to ensure IT services, processes and systems comply with enterprise policies and legal requirements.

Part of: Service Design

Process Owner: Compliance Manager

 

Process Description

Compliance Management ITIL
ITIL Compliance Management

Compliance management is not on the list of official ITIL 2011 processes resp. ITIL 4 practices, but compliance issues are addressed in several ITIL processes, and compliance is an increasingly important topic for IT organizations. So there are good reasons for organizations to define and implement a compliance management process, and at IT Process Maps we have decided to introduce a specific Compliance Management process as part of the ITIL® Process Map.

ITIL does not provide a detailed explanation of all aspects of Compliance Management. Rather, it highlights the most important activities and assists in identifying interfaces with other Service Management processes.

Following the introduction of Design Coordination in ITIL 2011 the information flows have been adapted slightly. The process overview of ITIL Compliance Management (.JPG) shows the key information flows (see fig. 1).

Sub-Processes

No sub-processes are specified for ITIL Compliance Management.

Definitions

The following ITIL terms and acronyms (information objects) are used in the ITIL Compliance Management process to represent process outputs and inputs:

Compliance Register

  • The Compliance Register is a tool used by the Compliance Management process to keep an overview of all compliance requirements and the measures applied to ensure their enforcement.

Compliance Review

  • The Compliance Review documents the results of regular process and system compliance assessments. In particular, it contains any identified deviations from compliance requirements, as well as measures to correct the situation.

Enterprise Policies and Regulations

  • A set of binding enterprise policies and regulations which are an important input for the Compliance Management process.

Roles | Responsibilities

Compliance Manager - Process Owner

  • The Compliance Manager's responsibility is to ensure that standards and guidelines is followed, or that proper, consistent accounting or other practices are being employed.
  • This includes to make sure that external legal requirements are fulfilled.

 

Responsibility Matrix: ITIL Compliance Management
ITIL Role / Sub-Process Compliance Manager
Compliance Management
(no sub-processes specified)
A[1]R[2]

Remarks

[1] A: Accountable according to the RACI Model: Those who are ultimately accountable for the correct and thorough completion of the ITIL Compliance Management process.

[2] R: Responsible according to the RACI Model: Those who do the work to achieve a task within ITIL Compliance Management.

Notes

By:  Stefan Kempter , IT Process Maps.

 

Process Description  › Definitions  › Roles