xx
Controls Sample Page
SAMPLE 1 of 2
Control Topic: Platform Access Security for Operations
Control Number: AS 10
Control: Access to the various components of the platform will be provided on an “as need only” basis to Operations personnel, in conformance with the Principle of Least Privilege, and user access will be reviewed and amended, as necessary on at least a quarterly basis, to ensure timely, complete and correct records of user access are maintained.
Control Owner: Director, Controls and Reporting
Version: 1.0
Effective Date: January 1, 2008
Process
|
Process Group: All |
Process Number: AS 10-1 |
|
Version: 1.0 |
Effective Date: January 1, 2008 |
Section A: Process Scope & Purpose
The Corporation has established and documented comprehensive Information Security Policies, Controls and Practices which are available for reference at xxx, and also available on the Corporate Intranet under Corporate Services: Information Security. Within this document, Guiding Principles are established with regard to information protection which include, inter alia, staff awareness, integration, timeliness, accountability, data ownership, segregation of duties and the principle of least privilege. The Policies also reiterate that the responsibility to implement and execute the policies as defined belongs to the managers and supervisors throughout the company.
Consistent with these IT policies, Platform Management has documented their processes in the User Management Guide, available at [hyperlink]. This document outlines the activities of both Platform Management and G-TAG who are responsible for the actual implementation of new users on Platform Components and any subsequent changes.
In this Control Procedure, Operations has documented its standards with regard to the establishment and maintenance of access to the various Platform components by Operations Staff. These are meant to be consistent with the Policies established at the Corporate level, as well as integrate seamlessly with those procedures established by Platform Management and G-TAG.
Objective
The objective of this control is to ensure that the risk of unauthorized or inappropriate access to the Platform is understood and mitigated appropriately within Operations, thus protecting the validity of records within the Platform.
Scope
This Access Control procedure is appropriate to every situation of granting Platform access to a member of Operations, or to granting Operations entitlements to Non-Operations staff in exceptional circumstances.
This procedure does not deal with wider aspects of data security to be documented elsewhere for Operations
Exceptions
There are no exceptions to this control.
Section B: Definitions
TERM [Removed for client non-disclosure for this sample.]
TERM [Removed for client non-disclosure for this sample.]
TERM [Removed for client non-disclosure for this sample.]
TERM [Removed for client non-disclosure for this sample.]
Section C: Process Description
1) Establish and maintain List of Authorized Requestors for Operations.
Operations will establish and maintain a listing of ‘Operations Authorized Requestors’, who are the Operations personnel designated to confirm that a person be set up with access to various components of the Platform. The current listing will be maintained by Operations Controls and Reporting. This listing will be stored electronically with the G-TAG team and should be reviewed quarterly by Operations Controls and Reporting, and updated as necessary.
2) Establish and maintain consistent Operations User Profiles/Entitlements which are effective in reinforcing the IT control principles, especially those of accountability, data ownership, segregation of duties and the principle of least privilege. User Access shall be granted at the minimal level necessary for the user to complete official job tasks.
Within Operations, a request for Platform Access must be documented by means of an Access Request/Revision for Platform Components form in the format of Appendix 1 of this document.
§ Each Operations Team Lead is responsible for requesting New User Access for staff working in their area, and for keeping those access profiles current as staff change responsibilities or leave the area.
§ Each Operation Team Leader should complete the form for new Team members and for any subsequent changes to that Team member’s entitlements (including those resulting from promotion, re-assignment or resignation) on a timely basis. These signed forms should be submitted to one of the Operations Authorized Requestors, as named in Appendix 2 of this document, for authorization and then passed to Operations Controls and Reporting, which will confirm the request and submit it via MAGIC Ticket to Platform Management.
§ Each Operations Team Lead should retain a listing of Operations staff in their Team and the systems access they currently have, which includes the details of any changes made. This would be easily achieved by retaining a copy of the Access Request/Revision for Platform Components form submitted for each Team member.
There may be exceptional circumstances which, for example, could require non-Operations personnel to have access to Platform Components for short and defined periods of time. In these circumstances, an Access Request/Revision for Platform Components form must be completed, authorized and retained on file with both the Team Leader of the area and with Operation Controls and Reporting.
In these cases of exceptional access, audit trail reports must be available which detail all Platform activities undertaken by the individual who has been granted exceptional access. These reports must be reviewed daily by Operations Controls and Reporting.
Platform Entitlements will be refined periodically to ensure appropriate segregation of duties and principle of least privilege access standards are appropriately maintained, without jeopardizing Operations efficiency.
3) Establish and maintain documented procedures for establishing new Operations User Access or updates to existing Operations User Access which integrate seamlessly into the Platform Management/G-TAG process.
Operations Authorized Requestors submit their request to Operations Controls and Reporting which will review for completeness and consistency and then pass the request to the Global Technology Assistance Group (“G-TAG”) via MAGIC Ticket. The G-TAG Support Center Team is responsible for the end-to-end coordination of user setup requests, for which they utilize MAGIC to manage, track, internally communicate status, and to create reports. The Platform Management Team provides user setup assistance for Desktop setup and components requiring database expertise for user setup.
4) Conduct quarterly reviews of Operations Authorized Requestors and the Platform User access profiles, to ensure correct and appropriate records are maintained at all times.
G-TAG must maintain a database of user access details which can create appropriate reports at the request of Auditors or Regulators. Each calendar quarter–end, Operations Controls and Reporting will receive from G-TAG a current listing of all Operations entitlements granted, either to Operations staff, by Team, as well as all non-Operations staff on an exceptional basis, which they will circulate to the Operations Team Leaders. The Operations Team Leaders must confirm back to Operations Controls and Reporting:
a. The listing is complete and correct without amendment
b. Any amendments to be made to the listing of Operations Staff User Access so as to bring it up to date. Note that these updates should be made by completing the Access Request/Revision for Platform Components form, and submitting these requests to Ops Controls and Reporting which will forward via MAGIC Tickets to Platform Management.
c. Formal renewal of any exceptional access granted to non-Operations staff for the following calendar quarter, also by completing and having authorized an Access Request/Revision for Platform Components form and sending it to Ops Controls and Reporting.
Section D: References
Responsibility Matrix:
|
Key Participant |
Role |
Activities |
|
1. Operations Controls and Reporting |
Establish and Maintain List of Authorized Requestors for Operations |
Ø Create list and submit to PM/G-TAG Ø Review at least quarterly and submit amendments as required |
|
2. Operations Controls and Reporting |
Establish and maintain consistent Operations User Profiles/Entitlements which are effective in reinforcing the IT controls principles, especially those of accountability, data ownership, segregation of duties and the principle of least privilege |
Ø Document current entitlements appropriate for each Operations Team member Ø Identify any Operations Team member with entitlements outside the appropriate entitlements; either remove inappropriate entitlement or document exceptional access Ø Participate in discussions about new entitlements/ functionality Ø Review reports generated which audit trail the activities of all users granted Operations access on a temporary or exceptional basis |
|
3. Operations Controls and Reporting |
Establish and maintain documented procedures for establishing new Operations User Access or updates to existing Operations User Access which integrate seamlessly into the Platform Management/G-TAG process.
|
Ø Document Operations Process for initiating and updating Operations Users Access onto Platform Components Ø Act as Authorized Requestor for all Operations User Access Requests/Revisions Ø Submit MAGIC Tickets to G-TAG with the Product-Subject “Access Request”, all required fields completed and a new User set up template attached to the MAGIC Ticket Ø Close the MAGIC Ticket when received back from G-TAG |
|
4. Operations Controls and Reporting |
Conduct quarterly reviews of Operations Authorized Requestors and the Platform User access profiles, to ensure correct and appropriate access has been granted and current and correct records are maintained at all times. |
Ø Complete Access Controls review of Operations at least quarterly. Ø Sent updates resulting from the review to G-Tag for appropriate action. |
|
5. Operations Team Lead |
Data ownership Management of Team User Access to Platform Operations Record Retention |
Ø Complete initial Access Request/Revision for Platform Components documentation; forward to designated Operations Manager for authorization Ø Forward compete and authorized Access Request/Revision for Platform Components to Ops Controls and Reporting for submission to Platform Management via MAGIC Ticket Ø Retain copies to document all Platform access granted to Team Members and subsequent amendments |
|
6. Designated Operations Directors |
Quality Assurance Compliance with control procedures |
Ø Authorize individual Ops User Access Requests; return to originating Team Lead |
|
7. Platform Management/G-TAG |
Timely Implementation of User Access requests/revisions from Operations Maintain database of Platform access/users for reporting as necessary Record retention |
Ø Identify components that the user will need to access Ø Notify Platform Management of Desktop and component setup to be done by Platform Management. Ø Complete user setup of Desktop and components (i.e. Quartz, OMS, BottomLine, Reporting Portal, etc…), as appropriate per team. Ø Once all logons are setup for a given request, validate the logons as possible. (For individual or small requests all logons are validated. For large requests a sample is taken.) Ø Communicate the logon to the user. Ø Notify the submitter that the request/MAGIC Ticket is resolved. Ø At the request of Audit/Regulators/Ops Controls and Reporting, produce required Platform access reports. Ø Retain records/audit trail of all user access/entitlements for a minimum of 7 years |
Supporting Documentation 1: none
Section E: Control Objectives Matrix
|
Control Objective |
Objective Satisfied |
|
Completeness |
All Operations Staff access is governed by these controls |
|
Validity |
Every instance of Operations staff user access is authorized by designated management |
|
Accuracy |
Operations Controls and Reporting conducts ad hoc spot reviews of the access granted by G-Tag as well as full reviews of all Operations User access each quarter |
|
Integrity |
|
|
Access Security |
Controls steps are consistent with Corporate standards and policies as documented in Information Security Policies, Controls and Practices |
|
Timeliness |
The SLA for completing 3.0 and 5.0 client user setup requests by G-TAG is 24 hours. Request turn around times may be impacted by the size of the request submitted. Large requests (ten or more users or accounts for a user to be setup) are subject to a review by the G-TAG team and an estimated delivery time will be set based upon the size of the request and the number of items preceding it in the team’s work queue. If the request will exceed the 24 hour SLA, then G-TAG must communicate the new expected delivery time to the client as soon as possible.
|
Section F: Revision History and Authorization
|
Version Number |
Revision Date |
Overview of Changes Made |
|
1.0 |
January 2, 2008 |
Initial Issue |
Process Owner, Team Manager Director of Operations
Director of Controls and Reporting
SAMPLE 2 of 2
Control Topic: Monitor and clear Desktop Work Queue
Control Number: Reversals 101
Control: The Platform is designed for straight through processing (STP) and, as part of this design, incorporates a number of exception-handling processes. Approval, Authorization and Manual Step (including GRM) activities are sent to the appropriate Work Queues as events require. All members of the Reversals and Corrections Team will review their work queues on a continuous basis during the day and be assured that all items for the day have been solved/ investigated/ reviewed prior to end of day. Each day, for any items remaining in the work queue which are under investigation or waiting for further clarity, an email listing the same will be sent to the team manager, with a copy to the Director of Operations prior to leaving for the day. If all items are cleared for the day, an email stating that, with the appropriate screen capture of the Work Queue in Desktop will be sent to the same individual and a copy saved in the Daily folder to maintain as an audit trail. The Team Manager and Director of Operations will determine escalation to the Customer, as necessary
Control Owner: Director of Operations, PLATFORM
Version: 1.0
Effective Date: November 16, 2007
Process
|
Process Group: Reversals and Corrections Team |
Process Number: Reversals 101-1 |
|
Version: 1.0 |
Effective Date: November 16, 2007 |
Section A: Process Scope & Purpose
This process was developed to assure the timely completion of all tasks presented as activities in the Reversal and Corrections Team’s Work Queue in the Desktop component of the Platform. It also provides a means to notify Platform Operations Management of items left incomplete, due to reasons beyond the analysts’ control, such as waiting for information that has not been provided or waiting for communication from a business partner that has not been received; as well as first notification of items that must be escalated, due to amount. This allows the Platform Operations Management the ability to review pending items and determine if further escalation is required.
Objective
The objective of this process is to ensure tasks, presented as activities in the Work Queue, are handled in a complete and timely manner to provide control of daily tasks instigated by either the Platform or by the Platform Customer.
Scope
This process applies to all individual CPC Reversals and Corrections team members Work Queues and the Reversals and Corrections Operations Team Work queue (which is a compilation of all Reversals and Corrections activities) available in the Desktop component of the Platform.
Exceptions
Entitlements govern the access to Work Queues on the Desktop. Entitlements are managed and provided by the Platform Manager of Entitlements, who is part of the Platform management team, and, who designates roles with specific privileges and implements the user’s access to these roles, as required. The entitlements process and controls around this process are called out in the Operations General Control on System Access document.
Using the Principle of Least Privilege, access to functionality and responsibilities for Work Queues is provided on an “as needed” basis in the Desktop. Each individual Platform team member is responsible only for Work Queues that are visible on the Desktop under his/her individual login. It is understood that all work completed within that Work Queue is undertaken only by the person or team designated the log in.
Some Work Queues and the Team Work Queue have established access for multiple users. However, the Activity History maintained for each Activity designates the User Name of the individual who performed the work on the portion of the Activity in question. CPC Analysts are not responsible for Work Queues that do not appear on their Desktop and should not ever undertake work under someone else’s access.
Section B: Definitions
Activity [Removed for client non-disclosure for this sample.]
Desktop [Removed for client non-disclosure for this sample.]
Entitlements [Removed for client non-disclosure for this sample.]
GRM [Removed for client non-disclosure for this sample.]
Platform [Removed for client non-disclosure for this sample.]
Principal of Least
Privilege The principle of least privilege is also known as the principle of least authority (POLA), an alternative term coined by those who consider authority be a more precise term than privilege to represent "ability to access" in the true spirit of this concept. Specifically, authority represents all effects that a subject can directly or indirectly cause in a system, as opposed to permission which represents the effects that can be directly caused in a single operation.
Team Work Queue [Removed for client non-disclosure for this sample.]
Work Queue [Removed for client non-disclosure for this sample.]
Section C: Process Description
During the course of every business day, all CPC Reversals and Corrections Analysts will continuously review the Team Work Queue in the Desktop component of the PLATFORM. When activities are visible in the Work Queue, a Reversals and Corrections Analyst will:
1. Open and review the contents of the activity.
2. Mark the activity with a status of “Investigating” using the steps provided in the Activity Management Guide, as necessary.
3. Research the reason for the activity’s creation:
· Manual Steps and Exceptions can be produced systematically during the work flow if there is a situation that stops Straight-through Processing.
· Approvals and Authorizations can be produced by the system when the work flow reaches a node that calls out approval or authorization prior to continuance of the flow.
· Customers can use the GRM functionality to create a message that takes the form of a manual step to request special handling or for other pre-determined purposes.
4. Determine how best to solve the problem that exists, complete the task required or respond to the Customer’s request. This can include emails or phone calls to Custodians, Cash Agent or other business partners to expedite a situation, solve a problem, or complete a process. All manual activities should be screen-captured and those captures printed and placed in the day folder to act as an audit trail of the activity resolution.
5. When the activity is researched to an acceptable resolution or completed, change the status of the activity to “Completed” and that activity will disappear from the Work Queue. The work flow that was halted because of that activity will automatically resume and the processing will continue.
6. If it is inappropriate to complete the activity because it should be handled by a different team, re-direct the activity to that Platform team as soon as possible.
7. If it is impossible to complete the activity, the status of the activity should be changed to “Unable to Complete”. There is a mandatory Notes section to complete in any change of status on an activity. The Reversals and Corrections Analyst must enter sufficient and appropriate reason(s) for his/her inability to complete the activity so that the originator will completely understand the situation. Marking the activity in this way will send the activity to the work queue of the person who originated the request that spawned the activity, to notify him/her that the process has been halted and a new process must be started.
8. The CPC Reversals and Corrections Team must review their Work Queue with actions that have Execution, Settlement, Value Date implication as well as Gain/Loss implications as the basis for prioritizing the items in the queue. At the end of each business day, when all items have been cleared from the Work Queue, the Reversals and Corrections Analyst will send an email to his/her manager, with a copy to the Director of Operations and the Director of Controls and Reporting, stating that his/her work queue is empty for the day, and that all items related to Reversals and Corrections activities were handled in a timely manner.
9. The goal of this control is to complete all activities in the Work Queue on a daily basis. However, there will be times when it is impossible to complete certain activities due to the fact that the analyst is waiting for information, or movement of cash or shares have not been posted. In this instance, the Analyst will:
· Send an email to his/her manager, with a copy to the Director of Operations and Director of Controls and Reporting, listing the items remaining in the Work queue by age and the reason for each remaining open. Refer to all other Reversals and Corrections Controls to determine if items need to be escalated, based on age or amount.
· The Director of Operations will monitor these aging items to further escalation, as needed to resolve prior to critical dates. The Director of Operations has access to all Work Queues in the system.
Section D: References
Responsibility Matrix:
|
Key Participant |
Role |
Activities |
|
1. Platform Customer or Customer’s Custodian |
Initiate transaction |
Ø Enter GRM in Desktop. |
|
2. Platform |
Create activity |
Ø Activity created, based on workflow or input from SWIFT or other actor |
|
3. CPC Reversals and Corrections Ops Analyst |
Receive activity in Work Queue |
Ø Review activity Ø Determine actions to be taken Ø Change status of activity to “Investigating” to assure that two or more Analysts are not working on the same item Ø Either complete work called for in activity, or determine that work cannot be completed Ø Change status to match end state of activity Ø Enter notes to describe work completed or why work could not be completed Ø Provide management with notification that either all Activities were cleared appropriately during that day or listing and aging all remaining activities, including details of why specific activities are not yet resolved and the expected date of completion. |
|
4. Director of Operations |
Determine next steps on aged items |
Ø Determine if escalation is required on any remaining items in the Team Work Queue and escalate, as determined. |
Supporting Documentation 1: Activity Management Guide
Section F: Control Objectives Matrix
|
Control Objective |
Objective Satisfied |
|
Completeness |
ü |
|
Validity |
ü |
|
Accuracy |
|
|
Integrity |
|
|
Access Security |
|
|
Timeliness |
ü |
Section G: Revision History and Authorization
|
Version Number |
Revision Date |
Overview of Changes Made |
|
1.0 |
November 16, 2007 |
Original |
Process Owner, Team Manager Platform Director of Operations
Platform Director of Reporting and Controls
610-692-1980
x
Copyright 2008, DUO Publications & Documentation R&D, All Rights Reserved