Академический Документы
Профессиональный Документы
Культура Документы
Preamble
Governing the information technology related risks is important for an organization to effectively manage potential risks and for
achieving business objectives. Therefore, it is important for an organization to appropriately manage their IT infrastructure,
operations and IT/business related risks through relevant policies and procedures that have been formalized and communicated
to relevant, responsible individuals.
The following is a checklist that states the required policies, procedures, mythologies and documentation that should be in place
so as to ensure that IT infrastructure and the related risks are managed effectively. The checklist has been developed based on
the international standards ISO 27001: Information Security Management, ISO 20000: Information Technology Service
Information Technology (IT) & Risk Governance Checklist
Management, Control Objectives for Information and related Technology (COBIT) Framework and COSO Enterprise Risk
Management Framework.