SABSA Implementation(Part IV)_ver1-0
Download as PPTX, PDF6 likes2,617 views
This document discusses roles and responsibilities concepts for implementing SABSA, including using a SABSA corporate governance model and domain model with a RACI overlay to define the service provider custodian role and security service manager role as custodians. It also covers how risk appetite and policy are communicated top-down and risk performance and compliance are communicated bottom-up in a SABSA domain model.
SABSA Implementation(Part IV)_ver1-0
- 2. ROLE & RESPONSIBILITY CONCEPTS
- 3. Scope: Strategy & Planning Phase - People
- 4. SABSA Corporate Governance Model
- 5. SABSA Domain Model – RACI Overlay
- 6. Service Provider Custodian Role
- 7. Security Service Manager As Custodian
- 8. Roles & Responsibilities In Risk Aggregation Risk appetite and policy is communicated and distributed top-down in a SABSA domain model Risk performance and policy compliance is communicated and aggregated bottom-up in a SABSA domain model
- 9. END OF PART IV