Compliance Management: Difference between revisions
No edit summary |
No edit summary |
||
Line 23: | Line 23: | ||
</itpmch> | </itpmch> | ||
<imagemap> | <imagemap> | ||
Image:ITIL-Wiki-de-es.jpg|right|DE - ES - Compliance Management|163px | |||
Image:ITIL-Wiki-de-es.jpg|DE - ES - Compliance Management|163px | |||
rect 81 0 114 36 [https://wiki.de.it-processmaps.com/index.php/Compliance_Management diese Seite auf Deutsch] | rect 81 0 114 36 [https://wiki.de.it-processmaps.com/index.php/Compliance_Management diese Seite auf Deutsch] | ||
rect 115 0 163 36 [https://wiki.es.it-processmaps.com/index.php/ITIL_Gestion_de_Cumplimiento esta página en español] | rect 115 0 163 36 [https://wiki.es.it-processmaps.com/index.php/ITIL_Gestion_de_Cumplimiento esta página en español] |
Revision as of 12:26, 19 March 2022
Objective: ITIL Compliance Management aims to ensure IT services, processes and systems comply with enterprise policies and legal requirements.
Part of: Service Design
Process Owner: Compliance Manager
Process Description
Compliance management is not on the list of official ITIL 2011 processes resp. ITIL 4 practices, but compliance issues are addressed in several ITIL processes, and compliance is an increasingly important topic for IT organizations. So there are good reasons for organizations to define and implement a compliance management process, and at IT Process Maps we have decided to introduce a specific Compliance Management process as part of the ITIL® Process Map.
ITIL does not provide a detailed explanation of all aspects of Compliance Management. Rather, it highlights the most important activities and assists in identifying interfaces with other Service Management processes.
Following the introduction of Design Coordination in ITIL 2011 the information flows have been adapted slightly. The process overview of ITIL Compliance Management (.JPG) shows the key information flows (see fig. 1).
Sub-Processes
No sub-processes are specified for ITIL Compliance Management.
Definitions
The following ITIL terms and acronyms (information objects) are used in the ITIL Compliance Management process to represent process outputs and inputs:
Compliance Register
- The Compliance Register is a tool used by the Compliance Management process to keep an overview of all compliance requirements and the measures applied to ensure their enforcement.
Compliance Review
- The Compliance Review documents the results of regular process and system compliance assessments. In particular, it contains any identified deviations from compliance requirements, as well as measures to correct the situation.
Enterprise Policies and Regulations
- A set of binding enterprise policies and regulations which are an important input for the Compliance Management process.
Roles | Responsibilities
Compliance Manager - Process Owner
- The Compliance Manager's responsibility is to ensure that standards and guidelines is followed, or that proper, consistent accounting or other practices are being employed.
- This includes to make sure that external legal requirements are fulfilled.
ITIL Role / Sub-Process | Compliance Manager |
---|---|
Compliance Management (no sub-processes specified) |
A[1]R[2] |
Remarks
[1] A: Accountable according to the RACI Model: Those who are ultimately accountable for the correct and thorough completion of the ITIL Compliance Management process.
[2] R: Responsible according to the RACI Model: Those who do the work to achieve a task within ITIL Compliance Management.
Notes
By: Stefan Kempter , IT Process Maps.
Process Description › Definitions › Roles