0420 Governance Controls¶
Governance is enabled through People, Process and Technology. These are controlled through a combination of technical controls (implemented IT function) and organizational controls (training, responsibility, buddy-checking etc).
A GovernanceControl entity describes how a particular GovernancePolicy is implemented. It is a type of GovernanceDefinition that is linked to the element it is controlling using the GovernedBy relationship.
A GovernanceImplementation relationship links a GovernancePolicy entity to a GovernanceControl entity that is implement all or part of the policy. The
rationale attribute describes why this implementation approach was chosen.
A GovernanceControlLink relationship links two related GovernanceControl entities together. The
description attribute describes the reason for the relationship.
A TechnicalControl entity is a type of GovernanceControl that is automated using technology.
An OrganizationalControl entity is a type of GovernanceControl that is implemented as a manual process or a set of responsibilities linked to an individual, role or team.
The Governance Program OMAS provides support for defining governance policies through its GovernanceDefinitionsInterface.
There is further detail on the content of the governance controls in the following models:
0430 Technical Controls - describe automated behaviour that implements a governance control.
0440 Organizational Controls - identity governance roles and manual procedures (such as approvals) that implement a governance control.
- 0445 Governance Roles - define governance roles and the people associated with them.
Governance Execution Points - describe classifications for software components that link them to a governance control.
Raise an issue or comment below