The Institute of Internal Auditors’ final draft guide to change and patch management controls is “about managing risks that are a growing concern to those involved in the governance process. Like information security, management of IT changes is a fundamental process that can cause damage to the entire enterprise and easily disrupt operations if it is not performed well. This enterprisewide impact makes change management of interest to many audit committees and, as a result, to top management. The objective of this guide is to convey how effective and efficient IT change and patch management contribute to organizational success.”
No comments:
Post a Comment