Sat Nov 22 06:32:51 PST 2014

Control Architecture: Establishment: Is a control architecture formally established?


Options:

Option 1: Formally establish a control architecture for the enterprise.
Option 2: Use an informal control architecture for the enterprise.

Decision:

IF the enterprise is to operate a maturity of Defined or above, THEN formally establish a control architecture for the enterprise,
OTHERWISE use an informal control architecture for the enterprise.

Basis:

Formally establish a control architecture for the enterprise.

A formally established control architecture includes establishment and documentation of:

Use an informal control architecture for the enterprise.

If no formal model exists that covers the issues identified above, then an informal model is in use, regardless of whether there is an awareness of its existence. It is highly likely that this model differs from person to person and group to group and that the inconsistencies between them creates complexity and vulnerability as well as a general lack of control.

Copyright(c) Fred Cohen, 1988-2012 - All Rights Reserved