This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
SOC-CMM: Business Domain - Charter
Additionally, one can think of SOC's Charter as a Mandate from "above", which is represented by a Responsibility (what they are tasked to take care of/ to do/to be accounted for), and an Authority (what they are allowed/authorised to do).

Sometimes there might be a mismatch: accountability is bigger than the authority required to fulfill the responsibilities, or resources provided are insufficient, thus there might be a conflict. Such situations happen from my experience most often due to lack of precise definitions/clarity in mandate / charter - or strategy/roadmap, how to get to the fulfilment/full coverage of Mandate/Charter (when resources are lacking).

I see objective of this part the SOC-CMM : to identify if this area is clear - that the Charter/Mandate is defined, understood, responsibilities - manageable - i.e. SOC is enabled.

Additional reading might be helpful - (disclosure: I was part of the development team).

Vilius Benetis

Messages In This Thread
SOC-CMM: Business Domain - Charter - by cgergen - 02-17-2022, 04:26 PM
RE: SOC-CMM: Business Domain - Charter - by ViliusBenetis - 02-21-2022, 06:16 AM

Forum Jump:

Users browsing this thread: 1 Guest(s)