Skip to content

0420 Governance Controls

Governance is enabled through People, Process and Technology. These are controlled through a combination of technical controls (implemented IT function) and organizational controls (training, responsibility, buddy-checking etc).


GovernanceControl entity

A GovernanceControl entity describes how a particular GovernancePolicy is implemented. It is a type of GovernanceDefinition that is linked to the element it is controlling using the GovernedBy relationship.

GovernanceImplementation relationship

A GovernanceImplementation relationship links a GovernancePolicy entity to a GovernanceControl entity that is implement all or part of the policy. The rationale attribute describes why this implementation approach was chosen.

A GovernanceControlLink relationship links two related GovernanceControl entities together. The description attribute describes the reason for the relationship.

TechnicalControl entity

A TechnicalControl entity is a type of GovernanceControl that is automated using technology.

OrganizationalControl entity

An OrganizationalControl entity is a type of GovernanceControl that is implemented as a manual process or a set of responsibilities linked to an individual, role or team.

Further Information

Raise an issue or comment below