Ensured governance framework setting and maintenance

• Define the governance framework - EDM01.01

  Establish and communicate the overall governance framework for the enterprise I&T.;

• Maintain the governance framework - EDM01.02

  Regularly review and update the governance framework to ensure its continued relevance and effectiveness.;

• Ensure compliance with the governance framework - EDM01.03

  Monitor and enforce adherence to the established governance framework across the enterprise.;

Ensured benefits delivery

• Define value management practices - EDM02.01

  Establish and communicate the practices for identifying; measuring; and realizing business benefits from I&T investments.;

• Monitor and report on value creation - EDM02.02

  Track and report on the actual benefits realized from I&T investments against planned targets.;

Managed the enterprise architecture

• Define the enterprise architecture - APO01.01

  Establish and document the overall enterprise architecture; including business; data; application; and technology architectures.;

• Maintain the enterprise architecture - APO01.02

  Regularly review and update the enterprise architecture to reflect changes in business strategy and technology.;

Managed strategy

• Define the business strategy - APO02.01

  Establish and communicate the overall business strategy of the enterprise.;

• Define the IT strategy - APO02.02

  Develop and communicate an IT strategy that aligns with and supports the business strategy.;

Managed enterprise risk

• Establish and maintain a risk management framework - APO03.01

  Define the overall approach; processes; and organizational structures for enterprise risk management.;

• Identify and assess enterprise risks - APO03.02

  Systematically identify potential risks and assess their likelihood and impact on business objectives.;

Managed security

• Define the security approach - APO13.01

  Establish and communicate the enterprise's overall approach to security; including principles; policies; and standards.;

• Maintain the security plan - APO13.02

  Regularly review and update the security plan to address new threats and vulnerabilities.;

Managed programs

• Initiate and plan programs - BAI01.01

  Define program objectives; scope; and resource requirements; and establish program plans.;

• Manage program changes - BAI01.02

  Establish and manage the process for handling changes to program scope; timelines; and resources.;

Managed security services

• Manage user identity and logical access - DSS05.01

  Establish and maintain processes for managing user identities and controlling logical access to IT systems and data.;

• Protect against malware - DSS05.02

  Implement measures to prevent; detect; and correct malware attacks.;

Monitored

• Monitor and report performance and conformance - MEA01.01

  Establish and operate mechanisms to monitor and report on I&T performance

• Evaluate performance and conformance - MEA01.02

  Extablish a process to analyze performance and conformance data to identify trends