0415 Governance Responses¶
Governance policies outline how a governance domain will provide support to the governance drivers. They are said to be the "responses to the challenges proposed by the governance drivers".
Governance policies are written in language that describes the desired end state or method of working. They also describe the costs and benefits of achieving this end state and other related consequences. They are further refined using governance controls that define specific actions in specific situations.
The GovernancePolicy entity is a type of GovernanceDefinition.
There are three main types of policy:
- Principles define the overall values and guidelines for the organization.
- Obligations define specific actions or processing that must be accommodated.
- Approaches define best practices for how a resource should be implemented and managed.
The GovernancePrinciple entity defines a policy that describes an end state that the organization aims to achieve.
The GovernanceObligation entity defines a policy that describes a requirement, often coming from regulations, or from the organization's core values, that must be met.
The GovernanceObligation entity defines a policy that describes a method that should be used for a particular activity.
The GovernanceResponse relationship links a GovernanceDriver entity to a GovernancePolicy entity to show that following the policy will help to support the governance driver.
The GovernancePolicyLink relationship connects two related GovernancePolicy entities.
The Governance Program OMAS provides support for defining governance policies through its GovernancePolicyMakingInterface.