Activity
Evaluate possible IT controls
Define IT controls ICS
Organisation
Responsible
IT Governance Expert
Consulted
Middle Management
Risk Manager
Informed
IT Expert
Input/Output
Input data
Control activities
IT service documentation
Output data
Control activities