Академический Документы
Профессиональный Документы
Культура Документы
Are the General Management Objectives highlighted in the PRCO files (“see Risk
analysis” worksheet) in line with the approved BalanceScoreCard ? – to be checked
IT area
1. BCP – exista? With what frequency is the BCP tested? – see BCP-DRP internal
procedure
Conclusion: BCP policy to be updated (page 3 – back-up is Euroclinic, but
Euroclinic is now in the same location as Eureko) and improved, as follows:
- (page 2 – “Like the other departments, they also should think of alternative
ways of providing their services and [...] of measures that prevent disasters to
take place”.)
- There should be a BCP responsible, and not “all departments to think of
measures to continue their activity”.
- The procedure does not specify of how the back-up is performed, frequency
and location of where the back-up is stored
2. is the back-up on a daily basis performed? Is the back-up stored on DVDs? If
yes, in what location are the DVDs stored? (in ce locatie a.i. sa asigure
continuitatea activitatii in cadrul producerii unui eveniment natural catastrofal –
eg cutremur, incendiu, inundatii?
3. is there a change management procedure? Eg: loguri in place pt fiecare
schimbare, motiv schimbare, numerotare versiuni si master files ultima versiune
in format read-only in vederea asigurarii back-up-ului
4. is tehere information classification internal procedure (eg: public, confidential)?
5. sign-off frontpage for all the approved procedures? (valabil pt toate procedurile)
6. back-up procedure?
Finance / Reporting / Budgeting area (as per the narrative described in ICS):
Operational expenses
Reinsurance process
Investments
Claims
1. how are the complex cases of complaints solved? Is there a Complaint Committee
in place to analyze the case? If yes, who are the attendees? If no, who makes the
final decision and see evidences of investigation.
2. Are the letter of complaints bookept in a file in order to facilitate the access to the
history of complaint? Also, is there a Complaint registry book kept (history of all
the complaints, what the complaint was, who solved it, timeline of solving the
complaint (if in line with the internal procedure – check if there is any internal
procedure on complaints), as well as evidence of the investigations performed.
Internal Audit