IT Examiner School, Seaside, CA

Board and Management Responsibilities

• The Board sets the tone, direction, and risk tolerance.

• The Board should review and approve management’s decisions regarding handling residual risk. • Examiners must gain an understanding of the organizational structure, communication, and levels of authority. • The Board and management must develop, implement and enforce applicable policies, procedures, and other mitigating controls.

Strategic Plans

• Board/Mgmt responsibilities: Strategic Planning – Provide direction for the organization

• Defining the Organization’s goals and objectives • Establishing and setting enterprise priorities • Providing an enterprise-wide budget – Setting timeframes for accomplishing goals and objectives – Define the technology needs- general terms – Consult with senior/IT management for best IT solutions to accomplish – Monitoring status of goals and objectives