Enterprise IT Risk and Control Framework
Develop and maintain a framework that defines the enterprise’s overall approach to IT risk and control and that aligns with the IT policy and control environment and the enterprise risk and control framework.