Posted by: Robert Davis
COBIT, Control Environment, IT Architecture, Project Management, Risk Management, Risk Mitigation, Risk Tolerance
As a logical assumption, IT project management is a primary governance point for the entity’s ITG program. Therefore, derivatively, management’s CE due diligence regarding IT project governance policies will significantly reduce systems and infrastructure life cycle risks.
At the entity-level, control consciousness is influenced significantly by oversight committee members. Therefore, the ideal collective characteristics of individuals participating in entity oversight should include: independence from management, experience and stature, demonstrated activities involvement and scrutiny, appropriate situational actions, sufficient knowledge management, effective management assessment techniques as well as interaction with internal and external audit.
“View Part I of the Common Risk Determinants for an IT Architecture series here“