An umbrella framework for governance and management of enterprise information and technology, including audit & assurance, risk management, information security, regulatory and compliance, and governance of enterprise IT.
Audience: Senior leadership, Auditor, Technical security practitioner, Risk practitioner
Resource technology specifics: Enterprise network
Resource type: Guideline
Resource enforcement: Voluntary
Resource certification type: Self-assessment, Third-party audit