IT Examiner School

Board & Management Responsibilities The Board sets the tone, direction, and risk tolerance The Board should review and approve management’s decisions regarding handling residual risk Examiners must gain an understanding of the organizational structure, communication, and levels of authority The Board and management must develop, implement and enforce applicable policies, procedures, and other mitigating controls

Enterprise Goals/Objectives Board & senior management responsibilities: • Evaluate & agree upon IT goals and objectives • Providing budget for expected technology needs required • Determining if IT goals & objectives are being met • Obtaining regular reporting from senior and/or IT management- status reports for timeliness and budget • Are IT solutions working? Are any changes needed?