Changes

Jump to navigation Jump to search
Line 53: Line 53:  
All bank card transactions will be reviewed periodically and confirmed annually to assist in maintaining proper accountability and internal control. In addition, written departmental bank card procedures will be reviewed for conformity with UNMC policies, State Treasurer regulations, and Payment Card Industry Data Security Standards.
 
All bank card transactions will be reviewed periodically and confirmed annually to assist in maintaining proper accountability and internal control. In addition, written departmental bank card procedures will be reviewed for conformity with UNMC policies, State Treasurer regulations, and Payment Card Industry Data Security Standards.
 
==Technical Controls==
 
==Technical Controls==
All bank card transactions will be processed in conformance with the Payment Card Industry Data Security Standards. A secure network environment is established for processing of bank card transactions. A vulnerabilty management program is in place to ensure that the technical controls are functioning properly. Technical controls are in place to ensure that identity and access management is limited to those with a need to access the data in order to perform their job duties. Appropriate audit logging is enabled in order to track and monitor access. In the case of an information security event is found (such as an unauthorized wireless access point), the organization will follow the Incident Response Security Procedure. All members of UNMC complete annual information security compliance training.<br />
+
All bank card transactions will be processed in conformance with the Payment Card Industry Data Security Standards. A secure network environment is established for processing of bank card transactions. A vulnerability management program is in place to ensure that the technical controls are functioning properly. Technical controls are in place to ensure that identity and access management is limited to those with a need to access the data in order to perform their job duties. Appropriate audit logging is enabled in order to track and monitor access. In the case of an information security event is found (such as an unauthorized wireless access point), the organization will follow the Incident Response Security Procedure. All members of UNMC complete annual information security compliance training.<br />
 
<br />
 
<br />
 
For more detailed information, see the [[Bank Card Handling Procedures]] or contact the [mailto:wlawlor@unmc.edu Controller].<br />
 
For more detailed information, see the [[Bank Card Handling Procedures]] or contact the [mailto:wlawlor@unmc.edu Controller].<br />
 
<br />
 
<br />
 
This page maintained by [mailto:dpanowic@unmc.edu dkp].
 
This page maintained by [mailto:dpanowic@unmc.edu dkp].

Navigation menu