2.1 Structure
| No: 43028139 | Date(g): 4/11/2021 | Date(h): 29/3/1443 |
Effective from 2021-11-04 - Nov 03 2021
To view other versions open the versions tab on the right
| The Framework is structured around four main domains, namely: | ||
| • | Information Technology Governance and Leadership. | |
| • | Information Technology Risk Management. | |
| • | Information Technology Operations Management. | |
| • | System Change Management. | |
| For each domain, several subdomains are defined. A subdomain focusses on a specific IT governance topic. Per subdomain, the Framework states a principle and Control Requirements. | ||
| • | A Principle summarizes the main set of required IT controls related to the subdomain. | |
| • | The Control Requirements reflects the mandated IT controls that should be considered. | |
| The framework should be implemented in view of principles mentioned in per subdomains along with its associated Control Requirements. | ||
| Control Requirements have been uniquely numbered according to the following numbering system throughout the Framework: | ||
 | ||
Figure 2 - Control requirements numbering system | ||
The figure below illustrates the overall structure of the Framework and indicates the IT Governance Framework domains and subdomains, including a reference to the applicable section of the Framework. | ||
 | ||
Figure 3 - Information Technology Governance Framework | ||