Procedure Guidelines and Controls Documentation - How Do I Validate My Document?

Procedure Guidelines and Controls Documentation - How Do I Validate My Document?
Friday, 30 September 2011 15:09
Print E-mail
User Rating: / 16
PoorBest 
Publications and Whitepapers
Article Index
Procedure Guidelines and Controls Documentation
Document Library Management Program
Process Librarian
Access Control
Data Classification and Data Owners
Document Types and Their Use
How Do I Validate My Document?
Should I Write A Process Profile?
Where Do I Find the Template?
Should I Write A Work Instruction - SOP?
Why Do RunBooks Focus On Service?
How Do I Find Or Store My Document?
Where Are Devices Inventoried As Assets?
Controls and Key Controls (see Control Self Assessment Portal)
Controls and Key Controls - Where Do I Find The Form or Template?
When Do I Use A Flow Diagram?
WAcronym Glossary and Definitions
Risks and Associated Controls (SAMPLE)
IT Process Asset Library - Recommendations for information organization and visibility over document assets
All Pages
Page 7 of 19
How Do I Validate My Document?

Before embarking on a procedure, policy, process or any type of controls documentation, contact the process librarian so the intended object can be verified and catalogued in the process objects database.

validate process
Figure 1. Validate a Process Object

Document Type - Process Profile

The purpose of a process profile is to capture and document essential elements associated with a business process. A process is a series of actions, changes, or functions bringing about a result.

Elements included in a process profile are selected by the process team. Generally, the elements include, but are not limited to:

  • Version Control And Change History
  • Purpose And Scope
  • Associated Control Objectives
  • Critical Success Factors
  • Performance Indicators  -Baseline Performance
  • Goals/Measures
  • Service Level Considerations
  • Related /Source Documents
  • Forms And Templates
  • Quality Records - Including SQM
  • Process Diagram
  • Process Deviations And Current State
  • Trigger And Exit Criteria
  • Acronyms/Definitions
  • Safety Issues
  • Risk Management Plan
  • Process Definition (Inputs And Outputs To Other Processes)
  • Status Codes-Metadata

Characteristics of Process

Highest level of abstraction and lowest level of detailHigh level set of steps that collectively accomplish a business function:Typically includes sub or component level processesOften used by more than one program or department



< Prev

Last Updated on Thursday, 03 May 2012 17:29
 
New Services
The GRC Buzz

 

Now Available - Cloud & Virtualization Essentials™

 

 

 

Push 2 Check

http://rymatech.com/

 

HISPIHolistic Information Security Practitioner Institute (HISPI) welcomes EnterpriseGRC Solutions as member of their HISP Certification Board/Committee Read More

GRC Solutions

ITpreneursITpreneurs is proud to name EnterpriseGRC Solutions as its newest certified partner. ITpreneurs and EnterpriseGRC Solutions will collaborate to increase Cloud and Virtualization concepts and controls, ISO 27001, COBIT and ITIL courses offered through EnterpriseGRC Solutions. “Every member of my organization has achieved at least one certification through ITpreneurs, and this is the second company that I’ve founded with that same promise. [...] It is a proud day, that we can be a part of ITpreneurs’ landmark efforts to bring forward CompTIA Cloud Essentials training and certification. - Robin Basham, Managing Partner.

ComplianceExchange A Blog We Love

Spontaneous Kudos - We've really been digging our digest from The Compliance Exchange

Review enterprisegrc.com on alexa.com

Have you read Value of a Conversation?

Please Join us on Facebook

Read More

Partners and Client Information
EnterpriseGRC Solutions is recently named as a member of the Cloud Credential Council. Holistic Information Security Practitioner Institute names CEO, Robin Basham, to their Education Advisory Board.

Ryma Technology Solutions names EnterpriseGRC Solutions as an Affiliate Partner.  More. Recent Wins: EnterpriseGRC Provides IS0 27001 Policy and SOA readiness for NetSuite Inc.  EnterpriseGRC Solutions Sponsor to ISACA ITGI.  Recent Partner Alignments include ITpreneurs, Control Solutions International

Request For Information? Please fill out our Wufoo form.

Wordle: EnterpriseGRC.com Blog
Cloud Credential Council
Read More

ISACA Silicon Valley LogoAre you attending "Enabling Trust: Business In the Cloud"? Learn more.

© EnterpriseGRC Solutions, Inc. 2012 | Privacy Policy | Toll Free Contact 800 847-6821