This publication will help you to demonstrate compliance with BIP 0008, by enabling you to document which controls from BIP 0008 have been implemented within your system. The Workbook also enables you to keep a record of the documentation required by the Code of Practice.
The Workbook is available in 3 parts, to match the 3 parts of BIP 0008.
The Compliance Workbooks are intended to be used during the evaluation of an information management system for compliance with the relevant part(s) of BIP 0008.
There are 3 Compliance Workbooks, each aligned to a particular Part of BIP 0008. Each Workbook includes a series of questions, each relating to a particular control described in the Code of Practice. Each question requires a response and, where appropriate, a reference to be completed.
The responses are:
The reference should link to the documentation that describes the control and how it is implemented within the system.
When all the questions in the workbook have been completed, an assessment of the responses should then be made. Each 'No' answer should be reviewed, and appropriate actions taken such that the response can be changed to a 'Yes' (or under exceptional circumstances to 'N/A'). Once all the 'No' answers have been resolved, compliance with the Code of Practice has then been demonstrated.
In order to demonstrate that compliance with the Code of Practice has been maintained over a period of time, regular (perhaps annual) reviews and the completion of new Compliance Workbooks should be pursued. Such a review should also be undertaken during and after a major system change.
 |
© Falcon 2011. All Rights Reserved. |
