Activity
Assigning controls to the business processes
Define IT controls ICS
Organisation
Responsible
Middle Management
Accountable
Senior Management
Consulted
IT Expert
Risk Manager
Risk Owner
Input/Output
Input data
IT risks catalogue
Output data
IT service documentation
IT risks catalogue