658
edits
Credit Card Processing: Difference between revisions
m
updated Controller email
(→Technical Controls: change wlawlor@unmc.edu to jeffrey.miller@unmc.edu) |
Mhurlocker (talk | contribs) m (updated Controller email) |
||
| (One intermediate revision by one other user not shown) | |||
| Line 40: | Line 40: | ||
It is the policy of the University of Nebraska Medical Center that all bank card transactions on the UNMC campus will be under the control of the Controller. Web-based bank card transactions must utilize the standard UNMC application provided by Information Technology Services. | It is the policy of the University of Nebraska Medical Center that all bank card transactions on the UNMC campus will be under the control of the Controller. Web-based bank card transactions must utilize the standard UNMC application provided by Information Technology Services. | ||
==Bank Card Reporting == | ==Bank Card Reporting == | ||
Bank card collections received by departments for UNMC will be submitted along with cash/check collections and a Cash Remittance Report to the [ | Bank card collections received by departments for UNMC will be submitted along with cash/check collections and a Cash Remittance Report to the [https://info.unmc.edu/management/finance/cashering/ Finance Cashier]. | ||
== Internal Controls == | == Internal Controls == | ||
| Line 55: | Line 55: | ||
All bank card transactions will be processed in conformance with the Payment Card Industry Data Security Standards. A secure network environment is established for processing of bank card transactions. A vulnerability management program is in place to ensure that the technical controls are functioning properly. Technical controls are in place to ensure that identity and access management is limited to those with a need to access the data in order to perform their job duties. Appropriate audit logging is enabled in order to track and monitor access. In the case of an information security event is found (such as an unauthorized wireless access point), the organization will follow the Incident Response Security Procedure. All members of UNMC complete annual information security compliance training.<br /> | All bank card transactions will be processed in conformance with the Payment Card Industry Data Security Standards. A secure network environment is established for processing of bank card transactions. A vulnerability management program is in place to ensure that the technical controls are functioning properly. Technical controls are in place to ensure that identity and access management is limited to those with a need to access the data in order to perform their job duties. Appropriate audit logging is enabled in order to track and monitor access. In the case of an information security event is found (such as an unauthorized wireless access point), the organization will follow the Incident Response Security Procedure. All members of UNMC complete annual information security compliance training.<br /> | ||
<br /> | <br /> | ||
For more detailed information, see the [[Bank Card Handling Procedures]] or contact the [mailto: | For more detailed information, see the [[Bank Card Handling Procedures]] or contact the [mailto:mhrncirik@unmc.edu Controller].<br /> | ||
<br /> | <br /> | ||
This page maintained by [mailto:dpanowic@unmc.edu dkp]. | This page maintained by [mailto:dpanowic@unmc.edu dkp]. | ||