IT Examiner School eBook May 2025

Internal Use Only

AIO Infrastructure Governance

Internal Use Only

AIO/Support & Delivery Governance

To comprehensively address risks, it's essential management focus on the following key questions:

1. Are responsibilities clearly delineated at the board, executive management, and operational levels? 2. How does strategic planning factor into risk mitigation? 3. Are policies, standards, and procedures effectively developed and followed?. 4. How effective are audit processes and independent assessments? 5. How is risk management information reported to both management and the board?