2023 IT Examiner School

Internal Use Only

IT Management

Internal Use Only

How Governance Is Achieved • Through management structure & the Board of Directors • Assignment of responsibilities & authority covering • Central oversight & coordination • Risk assessment & measurement • Monitoring & testing • Reporting • Acceptable residual risk • Establishment of policies, procedures & standards • With at least annual review/approval • Allocation of resources • Monitoring • Accountability