This standard stipulates the general principles of risk governance, risk governance framework, top-level design, risk governance environment, governance of risk management system, governance of elements and risk governance process. This standard is applicable to: a) Organizational governance entities implement top-level design functions for IT risk governance; b) Establish or improve the organization’s IT risk governance system; c) Clarify relevant requirements in the organization’s IT risk governance process; d) Standardize organizational IT risk governance Business development and construction of related platforms; e) Guidance for third parties or other relevant institutions to carry out IT risk governance consulting business.
T/CESA 1077-2020 history
2020T/CESA 1077-2020 Information technology service - Governance-Governance of IT risk