3 Organizational Governance, Policies, and Risk Management

This chapter is a detailed version of the topics we briefly touched on in Chapter 1. As we learned in Chapter 1, the purpose of an organization is to create value for the stakeholders, shareholders, and customers. This is achieved by aligning the enterprise’s mission, objectives, and strategy. Similarly, organizational structures and leadership are required to establish objectives that support their mission and satisfy stakeholders and customers. The board of directors establishes the strategy and the enterprise derives its principles from this plan.

Organizational leaders support the enterprise’s objectives and decision-making by evaluating the risk and benefits associated with specific ...

Get ISACA Certified in Risk and Information Systems Control (CRISC®) Exam Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

ISACA Certified in Risk and Information Systems Control (CRISC®) Exam Guide by Shobhit Mehta

3

Organizational Governance, Policies, and Risk Management

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly