Enabling Processes
Enabling Processes
Enabling Processes
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Deliver, Service and Support<br />
200<br />
: ENABLING PROCESSES<br />
DSS06 Process Practices, Inputs/Outputs and Activities (cont.)<br />
Management Practice Inputs Outputs<br />
DSS06.04 Manage errors and exceptions.<br />
Manage business process exceptions and errors and<br />
facilitate their correction. Include escalation of business<br />
process errors and exceptions and the execution of<br />
defined corrective actions. This provides assurance of<br />
the accuracy and integrity of the business information<br />
process.<br />
From Description Description To<br />
Evidence of error<br />
correction and remediation<br />
MEA02.04<br />
Error reports and root<br />
cause analysis<br />
Internal<br />
Activities<br />
1. Define and maintain procedures to assign ownership, correct errors, override errors and handle out-of-balance conditions.<br />
2. Review errors, exceptions and deviations.<br />
3. Follow up, correct, approve and resubmit source documents and transactions.<br />
4. Maintain evidence of remedial actions.<br />
5. Report relevant business information process errors in a timely manner to perform root cause and trending analysis.<br />
Management Practice Inputs Outputs<br />
DSS06.05 Ensure traceability of Information events From Description Description To<br />
and accountabilities.<br />
Ensure that business information can be traced to the<br />
Retention requirements Internal<br />
originating business event and accountable parties. This<br />
enables traceability of the information through its life<br />
cycle and related processes. This provides assurance<br />
that information that drives the business is reliable<br />
and has been processed in accordance with<br />
������� �����������<br />
Record of transactions Internal<br />
Activities<br />
1. Define retention requirements, based on business requirements, to meet operational, financial reporting and compliance needs.<br />
2. Capture source information, supporting evidence and the record of transactions.<br />
3. Dispose of source information, supporting evidence and the record of transactions in accordance with the retention policy.<br />
Management Practice Inputs Outputs<br />
DSS06.06 Secure information assets.<br />
From Description Description To<br />
Secure information assets accessible by the business<br />
through approved methods, including information in<br />
electronic form (such as methods that create new assets<br />
in any form, portable media devices, user applications<br />
and storage devices), information in physical form (such<br />
as source documents or output reports) and information<br />
during transit. This benefits the business by providing<br />
end-to-end safeguarding of information.<br />
Reports of violations DSS05.03<br />
Activities<br />
1. Apply data classification and acceptable use and security policies and procedures to protect information assets under the control of the business.<br />
2. Provide acceptable use awareness and training.<br />
3. Restrict use, distribution and physical access of information according to its classification.<br />
4. Identify and implement processes, tools and techniques to reasonably verify compliance.<br />
5. Report to business and other stakeholders on violations and deviations.<br />
DSS06 Related Guidance<br />
Related Standard Detailed Reference<br />
����<br />
Personal Copy of: Mr. Dong Hong Wang