Let's continue with our e d. M. Three example
In this video, we're going to talk about E. D. M. Three with respect to policies and procedures, culture and behavior and services, infrastructure and applications, and how each component supports the fulfillment of this governance objective
in the policies and procedures, component will be pinpointing the relevant policies that support the overall objective of risk optimization.
An example of a relevant policy would be the enterprise risk policy and description of it.
For example, this policy would define enterprise risk and how it affects business objectives and translate enterprise governance into risk governance principles and addresses. The necessary risk management activities
in this section, like other sections, include a related guidance and a detailed reference of where to find specific information to support the overall goal of risk optimization.
The culture, ethics and behavior component will spell out desired behavior at all levels within the organization.
Let's take this example of key culture elements, oven enterprises, culture, risk and behavior to support risk optimization.
Some of the key culture elements include promoting an I T risk aware culture at all levels within an organization and creating a way in which to empower the enterprise as a whole toe, identify report and escalate I t risks.
Then the key culture elements go on to identify the different responsibilities and accountabilities necessary for risk optimization, including senior management, setting the direction and support for risk practices,
and managing and defining the risk appetite.
Additionally, business owners are pinpointed as being necessary to accept ownership of I t. Risk and have an overall commitment toe I t risk management.
Desired behaviors are also spelled out and what is required to support risk optimization
things like encouraging employees to raise I t related issues and create a culture of transparency to support an overall goal of managing I t. Risk
the last component to support the goal of managed I t Risk includes the services, infrastructure and applications needed to support this governance. Objective.
Support this governance school. A risk management system is a required infrastructure for overall risk optimization.
So do you see in this objective how it includes all of the seven enablers?
So in this video, we covered how policies and procedures,
culture and behavior and services, infrastructure and applications allow idiom three to be implemented