IT Governance, Risk, and Compliance

Dec 28 2010   7:33PM GMT

Governing IT: Policy Formulation and Enforcement – Part IV

Robert Davis Robert Davis Profile: Robert Davis

IT policies should be deployed based on assessed effectiveness and efficiency in addressing managements’ risk appetite for an adopted strategy. As previously suggested in this article, control policies can be considered high-level governance documentation guiding operational activities. Therefore, logically, deployed controlling activities should reflect management’s strategy for ensuring an adequate entity-centric control system.

Operationally, an IT control system is a process or set of processes that manage, command, direct or regulate the behavior of other systems, processes, activities, and/or tasks. Whereby, according to Wikipedia, “[t]here are two common classes of control systems, with many variations and combinations: logic or sequential controls, and feedback or linear controls.” For instance, fuzzy logic attempts to combine some of the design simplicity of logic based control with the utility of linear based control.

View Part I of the Governing IT: Policy Formulation and Enforcement series here

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: