1. Policies, Controls and Guidelines
1.1 Policies Key message: they are formally documented statements of management expectations and intentions in relation to a specific area or task. Policies are used to direct actions and decisions, and adherence to policy is mandatory. Effective policies:
|
1.2 Controls Key message: they are means of managing a risk, ensuring that a business objective is achieved or that a process is followed. Effective controls:
|
|
1.3 Guidelines Key message: they are recommended practices that allow some discretion or leeway in their interpretation, implementation, or use. Effective guidelines:
|
1.4 Compliance
Compliance is strongly tied to governance:
Internal or external audits will provide evidence of compliance
2. Decision-making authority Governance decisions are made at highest levels of the organization
Decision‐making authority should be delegated as far as possible
Everyone must understand their own scope of control
|
|
2.1 Match the level of risk Decisions with little risk can be made at low levels:
Decisions with significant risk should be made at higher levels with a mechanism to provide more structure and review |
Go back to ITIL 4 Managing Professional Certification Course: Direct, Plan and Improve (DPI) to finish this chapter or to the main page ITIL 4 Managing Professional Certification Course.
When you are managing a team, “how to be a good manager” is the “must”...
As manager, I am doing many reports, even when I was an ITIL consultant, I still needed to do many reports...
ITIL V3 is going to be obsolete...
Managing an IT service when I start a new company is not an easy task, particularly true, if the service...