Objectives, Risks, and Controls

  • Article

Published: April 25, 2008   |   Updated: October 10, 2008

 

Governance provides the principles and structures to carry out an organization’s key objectives and priorities in the context of the requirements and risks of the enterprise. Governance is defined in the foundation Manage Layer, but it is integrated throughout all of the phases. The following table lists the key objectives for the Deliver Phase, along with the risks to those objectives and controls that ensure that the objectives are met.

Table 7. Deliver Phase Objectives, Risks, and Controls

Objective

Risk

Control

Ensure that those services that the business and IT have agreed on are developed effectively, deployed successfully, and ready for operations
  • IT services fail to provide business value
  • Inadequate IT service development (too long, too expensive, or both)
  • Operations unable to effectively operate service

Project Plan Approved MR

Build the right solution the right way
  • Service solution does not meet business requirements
  • Development effort fails to deliver solutions on time or within budget

Project Plan Approved MR

Deliver a solution ready for operations
  • Operation of service results in errors and possibly compromised security
  • Service levels are not maintained due to operations errors and misconfiguration

Release Readiness Review MR