mapping matrix of cgeit and cobit controls - isaca€¦ · xls file · web viewmapping cgeit and...
Post on 07-May-2018
226 Views
Preview:
TRANSCRIPT
Mapping CGEIT and CobiT ControlsApplicable Cobit Control Objectives for CGEIT: 66
CGEITJob Practice Domains Task StatementNo. Domain No.
1
1
1
2 2
3 3
4 4
5 5
6 6
7 7
8
9 9
10 10
11 11
Sr. No.
IT Governance Framework
11
1
11
12
2
1
13 2
14 3
15 4
16 5
17 6
18 7
19 8
20 921
10
22 11
23 12
24
3 Value Delivery
1
25 2
26 3
27 4
IT Governance Framework
Strategic Alignment
28
3 Value Delivery
5
29 6
30 7
31 8
32 9
33 10
34 11
35
4
1
36 2
37 3
38 4
39 5
40 6
41 7
Risk Management
41
4
7
42 8
43
5
1
44 2
45 3
46 4
47 5
48 6
49 7
50 8
51 9
52 10
53 11
54
6
1
Risk Management
Resource Management
Performance Measurement
55
6
2
56 3
57 4
58 5
59 6
Performance Measurement
Mapping CGEIT and CobiT ControlsApplicable Cobit Control Objectives for CGEIT: 66
CGEIT CobiTTask Statement Contols
Statement No.PO1.4PO4.5PO6.1
ME4.1PO1.2PO4.1
ME4.1
PO4.2
PO4.3
PO4.5PO1.1ME4.3PO1.2
ME3.1
ME3.2
ME3.3
PO3.3
ME4.7
PO1.5
PO6.4
ME4.1
ME4.2
PO4 .6
Report IT governance status and issues, and effect transparency in reporting.ME4.6ME 3.5
PO6.4
Define the requirements and objectives for, and drive the establishment of, IT governance in an enterprise, considering values, philosophy, management style, IT awareness, organization, standards and policies.
Ensure that an IT governance framework exists and is based on a comprehensive and repeatable IT process and control model that is aligned with the enterprise governance framework.
Establish appropriate management governance structures, such as an enterprise investment committee, IT strategy committee, IT steering committee, technology council, IT architecture review board, business needs committee and IT audit committee.
Ensure that the enterprise and IT governance frameworks enable the enterprise to achieve optimal value for the enterprise.
Confirm that the IT governance framework ensures compliance with applicable external requirements and ethical statements that are aligned with, and confirm delivery of, the enterprise’s goals, strategies and objectives.
Obtain independent assurance that IT conforms with relevant external requirements; contractual terms; organizational policies, plans and procedures; generally accepted practices; and the effective and efficient practice of IT.
Apply IT best practices to enable the business to achieve optimal value from implementation of IT services and IT-enabled business solutions.
Ensure the establishment of a framework for IT governance monitoring (considering cost/benefits analyses of controls, return on investment for continuous monitoring, etc.), an approach to track all IT governance issues and remedial actions to closure, and a lessons-learned process.
Ensure that appropriate roles, responsibilities and accountabilities are established and enforced for information requirements, data and system ownership, IT processes, and benefits and value realization.
Establish a communications plan to continuously market, communicate and reinforce the need and value of IT governance across the enterprise.
PO6.5
ME4.1PO1.4PO1.5PO2.1
PO6.3
Identify and take action on barriers to strategic alignment. PO6.1
PO6.5
PO4.6
PO1.2
ME4.3
PO1.4PO6.3
PO6.4
ME4.2
PO3.3
PO1.1
PO5.1
ME4.1PO1.6PO5.1
ME4.1PO1.1PO5.1PO10.1PO10.2
ME4.1ME4.3PO5.2ME4.3
Establish a communications plan to continuously market, communicate and reinforce the need and value of IT governance across the enterprise.
Define and implement a strategic planning framework, requiring and facilitating collaborative and integrated business and IT management planning.
Actively support/promote and participate in IT management planning by employing best practice enterprise architecture (EA) frameworks.
Ensure that appropriate policies and procedures are in place, understood and followed to support IT and business strategic alignment.
Ensure that effective communication and engagement exists between business and IT management regarding shared strategic initiatives and performance.
Ensure business and IT goals cascade down through the enterprise into clear roles, responsibilities and actions.
Assist senior management by aligning IT initiatives with business objectives and facilitating prioritization of business strategies that optimally achieve business objectives.
Identify and monitor the interdependencies of strategic initiatives and their impact on value delivery and risk.
Ensure that the strategic planning process is adequately documented, transparent and meets stakeholder needs.
Maintain and update the IT management plans, artifacts and standards for the enterprise.
Monitor, evaluate and report on the effectiveness of the alignment of IT and enterprise strategic initiatives.
Monitor and assess current and future technologies and provide advice on the costs, risks and opportunities that they bring.
Ensure that business takes ownership and accountability for business cases, business transformation, organizational change, business process operation and benefit realization for all IT-enabled business investments.
Ensure that all IT-enabled investments are managed as a portfolio of investments.
Ensure that all IT-enabled investments are managed as programs and include the full scope of activities and expenditures that are required to achieve business value.
Ensure that all IT-enabled investments are managed through their full economic life cycle so that value is optimized.
PO10.3PO5.1
PO10.7
PO5.5PO1.1DS1.3DS1.4
PO5.3
PO5.4
PO10.13ME 1.1ME 1.2ME 1.4ME 1.5ME 1.6
DS 1.5PO1.1
PO5.5
ME4.2
PO4.8PO9.1PO9.4
PO9.1
PO4.8PO9.2PO10.9DS2.3PO9.2PO10.9
ME4.5PO9.2PO9.3PO9.4PO9.5ME4.5AI1.2PO9.3
Recognize that different categories of investments need to be evaluated and managed differently.
Ensure that all IT solutions are developed and maintained effectively and efficiently through the development life cycle to deliver the required capabilities.
Ensure that all IT services are delivered to the business with the right service levels.
Ensure that IT services enable the business to create the required business value using assets (people, applications, infrastructure and information) to deliver the appropriate capabilities at optimal cost.
Define and monitor appropriate metrics for the measurement of solution and service delivery against objectives and for the measurement of benefits realized, and respond to changes and deviations.
Engage all stakeholders and assign appropriate accountability for delivery of business and IT capabilities and realization of benefits.
Ensure that IT investments, solutions and services are aligned with the enterprise strategies and architecture
Ensure that IT risk identification, assessment, mitigation, management, communication and monitoring strategies are integrated into business strategic and tactical planning processes.
Align the IT risk management processes with the enterprise business risk management framework (where this exists).
Ensure a consistent application of the risk management framework across the enterprise IT environment.
Ensure that risk assessment and management is included throughout the information life cycle.
Define risk management strategies, and prioritize responses to identified risks to maintain risk levels within the appetite of the enterprise.
Ensure that risk management strategies are adopted to mitigate risk and to manage to acceptable residual risk levels.
Implement timely reporting on risk events and responses to appropriate levels of management (including the use of key risk indicators, as appropriate).
PO9.6
PO9.6
ME4.5PO7.1PO7.2
DS7.1
PO7.3
PO7.4
PO4.12
PO4.1
PO7.1
ME4.4
PO4.5
PO7.2
AI5.1
ME4.4
PO1.3PO4.5PO7.1PO7.2PO7.7PO1.4PO1.5ME4.4
PO3.2
PO1.5
PO5.2
PO1.4
PO5.1
ME1.1
ME1.3
Implement timely reporting on risk events and responses to appropriate levels of management (including the use of key risk indicators, as appropriate).
Establish monitoring processes and practices to ensure the completeness and effectiveness of established risk management processes.
Ensure that the requirements for trained resources with the requisite skill sets are understood and are assessed appropriately.
Ensure the existence of appropriate policies for the training and development of all staff to help meet enterprise requirements and personal/professional growth.
Develop and facilitate the maintenance of systems to record the resources available and potentially available to the enterprise.
Undertake gap analyses to determine shortfalls against requirements to ensure that the business and IT resources (people, application, information, infrastructure) are able to meet strategic objectives.
Effectively and efficiently ensure clear, consistent and enforceable human resource allocation to investment programs and services.
Ensure that sourcing strategies are based on the effective use of existing resources and the identification of those that need be acquired.
Ensure that people, hardware, software and infrastructure procurement policies exist to effectively and efficiently fulfill resource requirements.
Through periodic assessment of the training requirements for human resources, ensure that sufficient, competent and capable human resources are available to execute the current and future strategic objectives and that they are kept up to date with constantly evolving technology.
Ensure integration of resource identification, classification, allocation and periodic evaluation processes into the business’s strategic and tactical planning and operations.
Ensure that the IT infrastructure is standardized; economies of scale are achieved, wherever possible; and interoperability exists, where required, to support the agility needs of the enterprise.
Ensure that IT assets are managed and protected through their economic life cycle and are aligned with current and long-term business operations requirements to support cost-effective achievement of business objectives
Establish the enterprise's strategic IT objectives, with the board of directors and executive leadership team, categorized into four areas: financial (business contribution), customer (user orientation), internal process (operational excellence), learning and growth (future orientation), or whatever areas are appropriate for the enterprise.
ME1.2ME1.3ME1.4
ME1.4
ME4.3
ME1.4
ME1.6
ME1.5
ME4.6
Establish outcome and performance measures, supported by metrics, and targets that assess progress toward the achievement of enterprise and IT objectives and the business strategy.
Evaluate IT process performance, track IT investment portfolio performance, and measure IT service delivery through the use of outcome measures and performance drivers.
Use maturity models and other assessment techniques to evaluate and report on the health of the enterprise’s performance level.
Use continuous performance measurement to identify, prioritize, initiate and manage improvement initiatives and/or appropriate management action.
Report relevant portfolio, program and IT performance to relevant stakeholders in an appropriate, timely and accurate manner
CobiTContols
DescriptionIT Stratetic PlanIT Organizational StructureIT Policy and Control Environment
Establishment of an IT Governance FrameworkBusiness-IT AlignmentIT Process Framework
Establishment of an IT Governance Framework
IT Strategy Committee
IT Steering Committee
IT Organizational StructureIT Value ManagementValue DeliveryBusiness-IT Alignment
Monitor Future Trends and Regulations
Independent Assurance
IT Tactical Plans
Policy, Standard and Procedures Rollout
Establishment of an IT Governance Framework
Strategic Alignment
Establishment of Roles and ResponsibilitiesPerformance MeasurementIntegrated Reporting
Policy, Standard and Procedures Rollout
Identification of External Legal, Regulatory and Contractual Compliance Requirements
Optimization of Response to External Requriements
Evaluation of Compliance With External Requirements
Communication of IT Objetive and Direction
Establishment of an IT Governance FrameworkIT Stratetic PlanIT Tactical PlansEnterprise Information Architecture model
IT Policies Management
IT Policy and Control Environment
Communication of IT Objetive and Direction
Establishment of Roles and Responsibilities
Business-IT Alignment
Value Delivery
IT Stratetic PlanIT Policies Management
Policy, Standard and Procedures Rollout
Strategic Alignment
Monitor Future Trends and Regulations
IT Value Management
Financial Management Framework
Establishment of an IT Governance FrameworkIT Portfolio ManagementFinancial Management Framework
Establishment of an IT Governance FrameworkIT Value ManagementFinancial Management FrameworkProgramme Management FrameworkProject Management Framework
Establishment of an IT Governance FrameworkValue DeliveryPrioritization within IT BudgetValue Delivery
Project Management ApproachFinancial Management Framework
Integrated Project Plan
Benefit ManagementIT Value ManagementService Level AgreementsOperating Level Agreements
IT Budgeting
Cost Management
Monotoring ApproachDefinition and collection of Monitoring DataPerformance AssessmentBoard and Executive ReportingRemedial Actions
IT Value Management
Benefit Management
Strategic Alignment
Responsibility of Risk, Security and ComplianceIT Risk Management FrameworkRisk Assessment
IT Risk Management Framework
Responsibility of Risk, Security and ComplianceEstablishment of Risk ContextProject Risk ManagementSupplier Risk ManagementEstablishment of Risk ContextProject Risk Management
Risk ManagementEstablishment of Risk ContextEvent IdentificationRisk AssessmentRisk ResponseRisk ManagementRisk Analysis ReportEvent Identification
Project Peformane Measurement, Reporting and Monitoring
Monitoring and Reporting of Service Level Achievements
Maintenance and Monitoring of Risk Action Plan
Maintenance and Monitoring of Risk Action Plan
Risk ManagementPersonnel Recruitment and RetentionPersonnel Competencies
Identification of Education and Training Needs
Staffing of Roles
Personnel Tranining
IT Stagging
IT Process Framework
Personnel Recruitment and Retention
Resource Management
IT Organizational Structure
Personnel Competencies
Procurement Control
Resource Management
IT Organizational StructurePersonnel Recruitment and RetentionPersonnel CompetenciesEmployee Job Performance EvaluationIT Strategic PlanIT Tactical PlansResource Management
Technbology Infrastructure Plan
IT Tactical Plans
Prioritization within IT Budget
IT Strategic Plan
Financial Management Framework
Monitoring Approach
Monitoring Method
Assessment of Current Capability and Performance
Definition and collection of Monitoring DataMonitoring MethodPerformance Assessment
Performance Assessment
Value Delivery
Performance Assessment
Remedial Actions
Board and Executive Reporting
Performance Measurement
Mapping Matrix - COBIT/CGEITApplicable Cobit Control Objectives for CGEIT: 66
COBIT CGEIT
Domain Process Control Objective
IT Governance Framework (Domain 1)
TS1 TS2 TS3
1
PO1.1 - IT Value ManagementPO1.2 - Business-IT Alignment X
PO1.4 - IT Strategic Plan XPO1.5 - IT Tactical PlansPO1.6 - IT Portfolio Management
PO2.3 - Data Classification SchemaPO2.4 - Integrity Management
PO3.1 - Technological Direction Planning
PO3.2 - Technology Infrastructure Plan
PO3.4 - Technology StandardsPO3.5 - IT Architecture BoardPO4.1 - IT Process Framework XPO4.2 - IT Strategy Committee XPO4.3 - IT Steering Committee X
PO4.5 - IT Organizational Structure X X
PO4.9 - Data and System OwnershipPO4.10 - SupervisionPO4.11 - Segregation of DutiesPO4.12 - IT StaggingPO4.13 - Key IT Personnel
Sr. No.
Plan and Orgnanize (PO)
PO1 - Define a Strategic IT Plan
PO1.3 - Assessment of Current Capability and Performance
PO2 - Define the Information Architecture
PO2.1 - Enterprise Information Architecture Model
PO2.2 - Enterprise Data Dictionary and Data Syntax Rules
PO3 - Determine Technological Direction PO3.3 - Monitor Future Trends and
Regulations
PO4 - Define the IT Processes, Organization and Relationship
PO4.4 - Organizational Placement of IT Function
PO4.6 - Establishment of Roles and Responsiblities
PO4.7 - Responsibility of IT Quality Assurance
PO4.8 - Responsibility of Risk, Security and Compliance
PO4.14 - Contracted Staff Policies and Procedures
1
PO4.15 - Relationships
PO5.1 - Financial Management Framework
PO5.2 - Prioritization within IT BudgetPO5.3 - IT BudgetingPO5.4 - Cost ManagementPO5.5 - Benefit Management
PO6.1 - IT Policy and Control Environment X
PO6.3 - IT Policies Management
PO7.2 - Personnel CompetenciesPO7.3 - Staffing of RolesPO7.4 - Personnel TraniningPO7.5 - Dependence Upon Individuals
PO7.6 - Personnel Clearance Procedures
PO7.8 - Job change and Termination
PO8 - Manage Quality
PO8.1 - Quality Management System
PO8.2 - IT Standards and Quality Practices
PO8.4 - Customer FocusPO8.5 - Continuous Improvement
PO9.1 - IT Risk Management FrameworkPO9.2 - Establishment of Risk ContextPO9.3 - Event IdentificationPO9.4 - Risk AssessmentPO9.5 - Risk Response
Plan and Orgnanize (PO)
PO4 - Define the IT Processes, Organization and Relationship
PO5 - Manage the IT Investment
PO6 - Communicate Management Aims and Directions
PO6.2 - Enterprise IT Risk and Control Framework
PO6.4 - Policy, Standard and Procedures Rollout
PO6.5 - Communication of IT Objective and Direction
PO7 - Manage IT Human Resources
PO7.1 - Personnel Recruitment and Retention
PO7.7 - Employee Job Performance Evaluation
PO8.3 - Development and Acquisition Standards
PO8.6 - Quality Measurement, Monitoring and Review
PO9 - Assess and Manage IT Risks
PO9.6 - Maintenance and Monitoring of Risk Action Plan
PO10 - Manage Projects
PO10.1 - Programme Management Framework
1
PO10.2 - Project Management Framework
PO10.3 - Project Management ApproachPO10.4 - Stakeholder CommitmentPO10.5 - Project Scope StatementPO10.6 - Project Phase InitiationPO10.7 - Integrated Project PlanPO10.8 - Project ResourcesPO10.9 - Project Risk ManagementPO10.10 - Project Quality PlanPO10.11 - Project Change Control
PO10.14 - Project Closure
2
AI1.2 - Risk Analysis Report
AI2.1 - High Level DesignAI2.2 - Detailed Design
AI2.3 - Application Control and Auditability
AI2.4 - Application Security and Availability
AI2.6 - Major Upgrades of Existing Systems
AI2.8 - Software Quality Assurance
AI2.10 - Application Software Maintenance
Plan and Orgnanize (PO)
PO10 - Manage Projects
PO10.12 - Project Planning of Assurance Methods
PO10.13 - Project Peformane Measurement, Reporting and Monitoring
Aquire and Implement (AI)
AI1 - Identify Automated Solution
AI1.1 - Definition and Maintenance of Business Functional and Technical Requirements
AI1.3 - Feasibility Study and Formulation of Altenative Courses of Action
AI1.4 - Requirements and Feasibility Decision and Approval
AI2 - Aquire and Maintain Application Software
AI2.5 - Configuration and Implementation of Acquired Application Software
AI2.7 - Development of Application Software
AI2.9 - Applications Requirements Management
AI3 - Acquire and Maintain Technology Infrastructure
AI3.1 - Technological Infrastructure Acquisition Plan
2 AI3.3 - Infrastructure MaintenanceAI3.4 - Feasibility Test Environment
AI4.1 - Planning for Operational Solutions
AI4.3 - Knowledge Transfer to End Users
AI5.1 - Procurement ControlAI5.2 - Supplier Contract ManagementAI5.3 - Supplier SelectionAI5.4 - IT Resources Acquisition
AI6 - Manage Changes
AI6.1 - Change Standards and Procedures
AI6.3 - Emergency Changes
AI7.1 - TrainingAI7.2 - Test PlanAI7.3 - Implementation PlanAI7.4 - Test EnvironmentAI7.5 - System and Data ConversionAI7.6 - Testing of ChangesAI7.7 - Final Acceptance TestAI7.8 - Promotion to ProductionAI7.9 - Post Implementation Review
3
DS1.2 - Definition of ServicesDS1.3 - Service Level AgreementsDS1.4 - Operating Level Agreements
DS2.2 - Supplier Relationship ManagementDS2.3 - Supplier Risk Management
Aquire and Implement (AI)
AI3 - Acquire and Maintain Technology Infrastructure
AI3.2 - Infrastructure Resource Protection and Availability
AI4 - Enable Operation and Use
AI4.2 - Knowledge Transfer to Business Management
AI4.4 - Knowledge Transfer to Operations and Support Staff
AI5 - Procure IT Resources
AI6.2 - Impact Assessment, Prioritization and Authorization
AI6.4 - Changes Status Tracking and Reporting
AI6.5 - Change Closure and Documentation
AI7 - Install and Accredit Solutions and Changes
Deliver and Support (DS)
DS1 - Define and Manage Service Levels
DS1.1 - Service Level Management Framework
DS1.5 - Monitoring and Reporting of Service Level Achievements
DS1.6 - Review of Service Level Agreements and Contracts
DS2 - Manage Third-Party Services
DS2.1 - Identification of All Supplier Relationships
3
DS2.4 - Supplier Performance Monitoring
DS3.2 - Current Performance and Capacity
DS3.3 - Future Performance and CapacityDS3.4 - IT Resources AvailabilityDS3.5 - Monitoring and ReportingDS4.1 - IT Continuity FrameworkDS4.2 - IT Continuity PlansDS4.3 - Critical IT Resources
DS4.4 - Maintenance of IT Continuity Plan
DS4.5 - Testing of the IT Continuity PlanDS4.6 - IT Continuity Plan Training
DS4.7 - Distribution of IT Continuity Plan
DS4.8 - Service Recovery and ResumptionDS4.9 - Offsite Backup StorageDS4.10 - Post-Resumption ReviewDS5.1 - Management of IT SecurityDS5.2 - IT Security PlanDS5.3 - Identity ManagementDS5.4 - User Account Management
DS5.6 - Security Incident Definition
DS5.7 - Protection of Security Technology
DS5.8 - Cryptographic Key Management
DS5.10 - Network SecurityDS5.11 - Exchange of Sensitive DataDS6.1 - Definition of ServicesDS6.2 - IT AccountingDS6.3 - Cost Modeling and ChargingDS6.4 - Cost Model Maintenance
DS7.2 - Delivery of Training and Education
Deliver and Support (DS)
DS2 - Manage Third-Party Services
DS3 - Manage Performance and Capacity
DS3.1 - Performance and Capacity Planning
DS4 - Ensure Continuous Service
DS5 - Ensure Systems Security
DS5.5 - Security Testing, Surveillance and Monitoring
DS5.9 - Malicious Software Prevention, Detection and Correction
DS6 - Identify and Allocate Costs
DS7 - Educate and Train Users
DS7.1 Identification of Education and Training Needs
3
DS7.3 - Evaluation of Training ReceivedDS8.1 - Service Desk
DS8.2 - Registration of Customer QueriesDS8.3 - Incident EscalationDS8.4 - Incident ClosureDS8.5 - Reporting and Trend Analysis
DS9.3 - Configuration Integrity Review
DS10.2 - Problem Tracking and ResolutionDS10.3 - Problem Closure
DS11 - Manage Data
DS11.4 - DisposalDS11.5 - Backup and Restoration
DS12.1 - Site Selection and LayoutDS12.2 - Physical Security MeasuresDS12.3 - Physical Access
DS12.5 - Physical Facilities Management
DS13.2 - Job SchedulingDS13.3 - IT Infrastructrure Monitoring
4
ME1.1 - Monotoring Approach
Deliver and Support (DS)
DS7 - Educate and Train Users
DS8 - Manage Service Desk and Incidents
DS9 - Manage the Configuration
DS9.1 - Configuration Repository and Baseline
DS9.2 - Identification and Maintenance of Configuration Items
DS10 - Manage Problems
DS10.1 - Indentification and Classification of Problems
DS10.4 - Integration of Configuration, Incident and Problem Management
DS11.1 - Business Requirements for Data Management
DS11.2 - Storage and Retention Arrangements
DS11.3 - Media Library Management System
DS11.6 - Securiyt Requirements for Data Management
DS12 - Manage the Physical Environment DS12.4 - Protection Against Environmental
Factors
DS13 - Manage Operations
DS13.1 - Operations Procedures and Instructions
DS13.4 - Sensitive Documents and Output Devices
DS13.5 - Preventive Maintenance for Hardware
Monitor and Evaluate (ME)
ME1 - Monitor and Evaluate IT Performance
ME1.2 - Definition and collection of Monitoring Data
4
ME1.3 - Monitoring MethodME1.4 - Performance Assessment
ME1.5 - Board and Executive ReportingME1.6 - Remedial Actions
ME2.2 - Supervisory ReviewME2.3 - Control ExceptionsME2.4 - Control Self-assessmentME2.5 - Assurance of Internal Control
ME2.6 - Internal Control at Third PartiesME2.7 - Remedial Actions
ME3.4 - Positive Assurance of complianceME3.5 - Integrated Reporting
X XME4.2 - Strategic AlignmentME4.3 - Value DeliveryME4.4 - Resource ManagementME4.5 - Risk ManagementME4.6 - Performance MeasurementME4.7 - Independent Assurance
Monitor and Evaluate (ME)
ME1 - Monitor and Evaluate IT Performance
ME2 - Monitor and Evaluate Internal Control
ME2.1 - Monitoring of Internal Control Framework
ME3 - Ensure Compliance With External Requriements
ME3.1 - Identification of External Legal, Regulatory and Contractual Compliance Requirements
ME3.2 - Optimization of Response to External Requriements
ME3.3 - Evaluation of Compliance With External Requirements
ME4 - Provide IT Governance
ME4.1 - Establishment of an IT Governance Framework
CGEITIT Governance Framework (Domain 1) Strategic Alignment (Domain 2)
TS4 TS5 TS6 TS7 TS8 TS9 TS10 TS11 TS1 TS2 TS3 TS4 TS5 TS6 TS7 TS8 TS9 TS10X
X X
X XX X
X
X
X X
X
X X
X X X
X X
X
X
X
X
X XX
X X
XX
CGEITStrategic Alignment (Domain 2) Value Delivery (Domain 3) Risk Management (Domain 4)
TS11 TS12 TS1 TS2 TS3 TS4 TS5 TS6 TS7 TS8 TS9 TS10 TS11 TS1 TS2 TS3 TS4 TS5X X X X
X
X
X X
X X X X
XXX
X X
X XX X
X
X
X
X
X
X X
X
XX
X
X
X
X
X
XX
X X XX X
X X
X
CGEITRisk Management (Domain 4) Resource Management (Domain 5) Performance Measrt (Domain 6)
TS6 TS7 TS8 TS1 TS2 TS3 TS4 TS5 TS6 TS7 TS8 TS9 TS10 TS11 TS1 TS2 TS3 TS4
XXX X
X
X
X X
X
X
X
X X XX X X
XX
X
XX XXX
X X
X
X
X
X
X
X XX X X
XX X X
X X
CGEITPerformance Measrt (Domain 6)
TS5 TS6
XX
X
top related