Compliance Management: Difference between revisions

From IT Process Wiki
mNo edit summary
No edit summary
Line 1: Line 1:
<seo metakeywords="compliance management, itil compliance, itil compliance management, compliance management itil, compliance process, process compliance" metadescription="Compliance Management: ITIL process definition - subprocesses - Additional information on ITIL Compliance Management." />
<seo metakeywords="compliance management, itil compliance, itil compliance management, compliance management itil, compliance process, process compliance" metadescription="Compliance Management: ITIL process definition - Sub-processes - Terms - Additional information on ITIL Compliance Management." />
<imagemap>
<imagemap>
Image:ITIL-Wiki-de-es.jpg|DE - ES - Compliance Management|100px
Image:ITIL-Wiki-de-es.jpg|DE - ES - Compliance Management|100px
Line 8: Line 8:
<br style="clear:both;"/>
<br style="clear:both;"/>


== ITIL Compliance Management: Overview ==
<p>&nbsp;</p>


'''Process Objective''': To ensure IT services, processes and systems comply with enterprise policies and legal requirements.
==<span id="ITIL Compliance Management">Overview</span>==
 
''ITIL Compliance Management'' aims to ensure IT services, processes and systems comply with enterprise policies and legal requirements.


'''Part of''': [[ITIL V3 Service Design|Service Design]]
'''Part of''': [[ITIL V3 Service Design|Service Design]]


'''Process Owner''': [[Compliance Management#Additional Information on Compliance Management|Compliance Manager]]
'''Process Owner''': [[Compliance Management#Compliance Manager|Compliance Manager]]


<p>&nbsp;</p>


== ITIL Compliance Management: Process Definition ==
== Process Description ==


[[Image:Itil-compliance-management.jpg|thumb=overview_compliance_management_itilv3_thumb.jpg|left|[https://wiki.en.it-processmaps.com/images/pdf/process_overview_compliance_management_itilv3.pdf ITIL Compliance Management]]]
[[Image:Itil-compliance-management.jpg|right|thumb|375px|alt=Compliance Management ITIL|[https://wiki.en.it-processmaps.com/images/pdf/process_overview_compliance_management_itilv3.pdf ITIL Compliance Management]]]


Compliance issues are addressed within several processes in ITIL V2 and ITIL V3; there is, however, no dedicated Compliance Management process. Compliance is an increasingly important topic for IT organizations, so at IT Process Maps we decided to assign clear responsibilities for ensuring compliance, which meant introducing a specific Compliance Management process as part of the [https://en.it-processmaps.com/products/itil-process-map.html ITIL&reg; Process Map V3].
Compliance issues are addressed within several processes in ITIL; there is, however, no dedicated Compliance Management process.  
<br style="clear:both;"/>
 
Compliance is an increasingly important topic for IT organizations, so at IT Process Maps we decided to assign clear responsibilities for ensuring compliance, which meant introducing a specific Compliance Management process as part of the [https://en.it-processmaps.com/products/itil-process-map.html ITIL&reg; Process Map].
 
ITIL does not provide a detailed explanation of all aspects of Compliance Management. Rather, it highlights the most important activities and assists in identifying interfaces with other Service Management processes.


=== Sub-Processes ===
Following the introduction of Design Coordination in '''''ITIL 2011''''' the information flows have been adapted slightly. The process overview of [[Media:Itil-compliance-management.jpg|ITIL Compliance Management (.JPG)]] is showing the most important interfaces (see Figure 1).


No sub-processes are specified for [[Compliance Management|ITIL Compliance Management]].
<p>&nbsp;</p>


== Sub-Processes ==


===== Downloads =====
No sub-processes are specified for [[Compliance Management|ITIL Compliance Management]].


Use the following links to open the process overview of Compliance Management showing the most important interfaces:
<p>&nbsp;</p>


* [[Media:Itil-compliance-management.jpg|ITIL Compliance Management (.JPG)]]
== Definitions ==
* [https://wiki.en.it-processmaps.com/images/pdf/process_overview_compliance_management_itilv3.pdf ITIL Compliance Management (.PDF)]''


The following ITIL terms and acronyms (''information objects'') are used in ITIL Compliance Management to represent process outputs and inputs:


=== ITIL Terms: Compliance Management ===
<p>&nbsp;</p>


;<span id="Compliance Register">Compliance Register</span>
;<span id="Compliance Register">Compliance Register</span>
Line 46: Line 53:


;<span id="Enterprise Policies and Regulations">Enterprise Policies and Regulations</span>
;<span id="Enterprise Policies and Regulations">Enterprise Policies and Regulations</span>
:A set of binding enterprise policies and regulations which are an important input for the IT Compliance Management process.
:A set of binding enterprise policies and regulations which are an important input for the [[Compliance Management]] process.


<p>&nbsp;</p>


== Additional Information on Compliance Management ==
== Roles | Responsibilities ==


==== ITIL Roles ====
;<span id="Compliance Manager">Compliance Manager - Process Owner</span>
 
;Compliance Manager - Process Owner
: The Compliance Manager's responsibility is to ensure that standards and guidelines is followed, or that proper, consistent accounting or other practices are being employed.
: The Compliance Manager's responsibility is to ensure that standards and guidelines is followed, or that proper, consistent accounting or other practices are being employed.
:This includes to make sure that external legal requirements are fulfilled.
:This includes to make sure that external legal requirements are fulfilled.


<p>&nbsp;</p>
{| border="1" align="center" cellpadding="5" cellspacing="0" style="text-align:center;" valign="top"
|-
| valign="top"  colspan="2" style="background:#ffffdd;" align="center"| '''Responsibility Matrix: ITIL Compliance Management'''
|-
! width="65%" align="center" style="background:#ffffee;" | ITIL Role / Sub-Process
! style="background:#ffffee;" | [[Compliance Management#Compliance Manager|Compliance Manager]]
|-
| align="left" |[[Compliance Management|Compliance Management]]<br /> ''(no sub-processes specified)''
| A[[Compliance Management#Accountable|<small>[1]</small>]]R[[Compliance Management#Responsible|<small>[2]</small>]]
|-
|}
<p>&nbsp;</p>
'''Remarks'''
<span id="Accountable">[1] ''A: Accountable'' according to the RACI Model: Those who are ultimately accountable for the correct and thorough completion of the ITIL Compliance Management process.</span>


<span id="Responsible">[2] ''R: Responsible'' according to the RACI Model: Those who do the work to achieve a task within  ITIL Compliance Management.</span>


<i><small>[[Main Page|Home]] > [[ITIL Processes]] > [[ITIL V3 Service Design|Service Design]] > [[Compliance Management|Compliance Management]]</small></i>
<p>&nbsp;</p>


<!-- This page is assigned to the following categories: -->
<!-- This page is assigned to the following categories: -->
[[Category:ITIL V3]][[Category:ITIL process]][[Category:Service Design|Compliance Management]][[Category:Compliance Management|!]]
[[Category:ITIL V3]][[Category:ITIL 2011]][[Category:ITIL process]][[Category:Service Design|Compliance Management]][[Category:Compliance Management|!]]
<!-- --- -->
<!-- --- -->

Revision as of 11:14, 2 December 2011

<seo metakeywords="compliance management, itil compliance, itil compliance management, compliance management itil, compliance process, process compliance" metadescription="Compliance Management: ITIL process definition - Sub-processes - Terms - Additional information on ITIL Compliance Management." />

DE - ES - Compliance Managementdiese Seite auf Deutschesta página en español
DE - ES - Compliance Management


 

Overview

ITIL Compliance Management aims to ensure IT services, processes and systems comply with enterprise policies and legal requirements.

Part of: Service Design

Process Owner: Compliance Manager

 

Process Description

Compliance Management ITIL
ITIL Compliance Management

Compliance issues are addressed within several processes in ITIL; there is, however, no dedicated Compliance Management process.

Compliance is an increasingly important topic for IT organizations, so at IT Process Maps we decided to assign clear responsibilities for ensuring compliance, which meant introducing a specific Compliance Management process as part of the ITIL® Process Map.

ITIL does not provide a detailed explanation of all aspects of Compliance Management. Rather, it highlights the most important activities and assists in identifying interfaces with other Service Management processes.

Following the introduction of Design Coordination in ITIL 2011 the information flows have been adapted slightly. The process overview of ITIL Compliance Management (.JPG) is showing the most important interfaces (see Figure 1).

 

Sub-Processes

No sub-processes are specified for ITIL Compliance Management.

 

Definitions

The following ITIL terms and acronyms (information objects) are used in ITIL Compliance Management to represent process outputs and inputs:

 

Compliance Register
The Compliance Register is a tool used by the Compliance Management process to keep an overview of all compliance requirements and the measures applied to ensure their enforcement.
Compliance Review
The Compliance Review documents the results of regular process and system compliance assessments. In particular, it contains any identified deviations from compliance requirements, as well as measures to correct the situation.
Enterprise Policies and Regulations
A set of binding enterprise policies and regulations which are an important input for the Compliance Management process.

 

Roles | Responsibilities

Compliance Manager - Process Owner
The Compliance Manager's responsibility is to ensure that standards and guidelines is followed, or that proper, consistent accounting or other practices are being employed.
This includes to make sure that external legal requirements are fulfilled.

 

Responsibility Matrix: ITIL Compliance Management
ITIL Role / Sub-Process Compliance Manager
Compliance Management
(no sub-processes specified)
A[1]R[2]

 

Remarks

[1] A: Accountable according to the RACI Model: Those who are ultimately accountable for the correct and thorough completion of the ITIL Compliance Management process.

[2] R: Responsible according to the RACI Model: Those who do the work to achieve a task within ITIL Compliance Management.