Scribd Logo
Upload

Welcome to Scribd!

  • Servicios Fuera de Perímetro - ENG - Pintado

    Uploaded by

    carolozano1996
    7 views6 pages
    The document outlines a 4-phase governance process for outsourcing out-of-perimeter services at an organization: 1) Identification of services to be outsourced, 2) Assessment of inherent and residual risks, 3) Monitoring of real residual risks during service provision, and 4) Offboarding at the end of the contract. It includes registration of initiatives, perimeter and risk evaluations, expert group approval, and monitoring throughout onboarding, service, and offboarding. The process aims to analyze and mitigate risks of outsourcing based on service essentiality and location inside or outside the organizational perimeter.

    Original Description:

    Original Title

    Servicios Fuera de Perímetro_ENG_pintado

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document outlines a 4-phase governance process for outsourcing out-of-perimeter services at an organization: 1) Identification of services to be outsourced, 2) Assessment of inherent and residual risks, 3) Monitoring of real residual risks during service provision, and 4) Offboarding at the end of the contract. It includes registration of initiatives, perimeter and risk evaluations, expert group approval, and monitoring throughout onboarding, service, and offboarding. The process aims to analyze and mitigate risks of outsourcing based on service essentiality and location inside or outside the organizational perimeter.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    7 views6 pages

    Servicios Fuera de Perímetro - ENG - Pintado

    Uploaded by

    carolozano1996
    The document outlines a 4-phase governance process for outsourcing out-of-perimeter services at an organization: 1) Identification of services to be outsourced, 2) Assessment of inherent and residual risks, 3) Monitoring of real residual risks during service provision, and 4) Offboarding at the end of the contract. It includes registration of initiatives, perimeter and risk evaluations, expert group approval, and monitoring throughout onboarding, service, and offboarding. The process aims to analyze and mitigate risks of outsourcing based on service essentiality and location inside or outside the organizational perimeter.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 6

    Governance of out-of-perimeter services

    February 2022
    Simplified outline of the Governance Process for out of perimeter services

    Receipt of request for initiative to be Approval of outsourcing Government Start of End of


    outsourced Outsourcing Servicice Service

    Onboarding Monitoring Offboarding

    Phase 1 Phase 2 Phase 3 Phase 4 Phase 4


    Perimeter Identification Inherent Risk and Planned Residual Risk Real Residual Risk identification- Supplier Monitoring Offboarding
    Identification

    Service Owner Real Outsourcing


    Inherent Risk and
    Registration of the Perimeter accepts the Residual Expert Monitoring Monitoring
    Planned Residual Contracting Offboarding Plan/ Exit
    initiative Evaluation mitigation Risk Group of Planning Execution
    Risk Evaluation
    measures Evaluation Real Risk

    Scaled to
    GEE /
    Regulator

    2
    Flow based on essentiality and services Outside the Perimeter
    ESSENTIALITY & OUT OF PERIMETER

    Service Owner Registration of the


    initiative

    Essentiality Analysis?

    GobEx INSIDE THE CRITCAL/IMPORTANT


    X X
    perimter? PERIMETER SERVICES
    TPRM
    Department

    OUTSIDE THE
    NOT CRITICAL SERVICES
    PERIMETER

    All risks are fully analysed.

    Analysis of the risks


    Risk experts established for this
    and Factory type of services.
    All risks will apply, with a lower level of depth.

    Presentation to the
    Outsourcing Outsourcing Expert
    Expert Group Group

    END EBA register.

    Manula Task Trigger of the process END End of the process X Decision

    3
    Service Global Planned risk Risk component

    SO registers the initiative

    Draft Perimeter Evaluation


    (SO uploads the file)

    Validation Perimeter Evaluation


    (GobEx evaluates)

    OUTSIDE PERIMETER

    Draft Planned Risk Evaluation


    (Risk selection for outside perimeter
    services)

    Planned Risk Assessment Validation OPENED/ ACCEPTED


    OPENED
    (RPG and REX are created) (All experts accept or decline)

    Send to Applicant
    (pending SO to fill in forms)

    4
    Service Global Planned risk Risk component

    In Progress
    (SO uploads the files)
    Evaluation by the Factory
    Expert (Factory evaluates
    the files)
    Expert Review
    (Expert Assesment)

    Manager Review COMPLETED


    (Manager reviews) (all completed)

    Awaiting Acceptance (SO Accepts


    Measures)

    Draft Real Risk Evaluation


    (Manager selects there is an available COMPLETED
    contract)

    RRG
    Expert Revision
    Expert Checks if all the
    Real Risk Assessment Validation documentation is in place
    OPENED and if needed requests the SO - In
    (Manager creates Real Risk)
    Progress)

    5
    Service Global Real Risk Risk component

    CaixaBank Expert
    Assessment (review
    factory assessment)

    COMPLETED
    (All completed)

    Manager Review (Manager Reviews


    Draft Real Risk GEE
    measures)

    Pending Committee
    Real Risk GEE Validation (Dossier is generated – one for each
    RRG)

    Outsourcing Validation
    (All Risks/Escalation)

    Completed / Rejected (All Risks)

    COMPLETED

    You might also like