ADMS 4552 Study Guide - Corporate Governance Of Information Technology, Bilocation, Information System
Document Summary
Information systems steering committee - composed of executives whose role would include oversight of it. Codified set of business ethics and code of conduct help promote an honest, ethical environment. Enterprise risk management - has embodied risk management into the culture so that every employee is aware of it - organizational process that assists the organization in providing reasonable assurance of achieving its objectives: manage organizational risk. Risk culture, attitudes and behaviours, management philosophy, ethical values, integrity. Mandatory training for board members on the concepts of erm. Board approval of erm framework and code of ethics. Inspect board meetings and supporting documents justifying selection of erm framework. Inspect board minutes and supporting documents justifying risk tolerance objectives. Inquire of board members and management regarding the process for setting risk tolerances. Compare the org"s identified risks to those identified by auditor during cbr assessment phase. Inspect board minutes and supporting documents where approval of risk.