IT Examiner School, Providence, RI

Board and Management Responsibilities

• The Board sets the tone, direction, and risk tolerance. • The Board should review and approve management’s decisions regarding handling residual risk. • Examiners must gain an understanding of the organizational structure, communication, and levels of authority. • The Board and management must develop, implement and enforce applicable policies, procedures, and other mitigating controls.

Strategic Plans • Board/Mgmt responsibilities: Strategic Planning – Provide direction for the organization

• Defining the Organization’s goals and objectives • Establishing and setting enterprise priorities • Providing an enterprise-wide budget – Setting timeframes for accomplishing goals and objectives – Define the technology needs- general terms – Consult with senior/IT management for best IT solutions to accomplish – Monitoring status of goals and objectives