Establish and maintain relationships with key stakeholders, business functions, and leadership outside the IT group.

UCF ID: 00779
Control Type: Process or Activity
Status: Live

Supporting and supported controls

This control directly supports:

    Establish and maintain the IT staff structure in line with strategic goals. [UCF Control ID 00764]

There are no supporting controls.

Authority documents complied with:

FFIEC IT Examination Handbook – Management, Pg 6; CobiT, Version 4.1, PO4.15; The Standard of Good Practice for Information Security, SM2.2.5(c); OGC ITIL: Security Management, § 3.5; BS 25999-1, Business continuity management. Code of practice, 2006, § 7.8.1, § 7.8.2

Banking and Finance Guidance

The Chief Information Officer (CIO) should support the activities of managers in the other business areas. [Pg 6, FFIEC IT Examination Handbook – Management]

ITIL Guidance

[§ 3.5, OGC ITIL: Security Management]

General Guidance

The organization should establish and maintain an optimal coordination, communication and liaison structure between the IT function and various other interests inside and outside the IT function, such as the board, executives, business units, individual users, suppliers, security officers, risk managers, the corporate compliance group, outsourcers and offsite management. [PO4.15, CobiT, Version 4.1]

The information security function should maintain contacts with appropriate personnel from outside the organization, such as security experts, law enforcement agencies, and government agencies. [SM2.2.5(c), The Standard of Good Practice for Information Security]

UK and Canadian Guidance

The organization should consider and protect key stakeholder's interests when it determines the business continuity management strategies, which should take into account relevant cultural and social considerations. Strategies should be identified to manage the relationships between the organization and key stakeholders, contractors, and service or business partners. Protecting the stakeholder's interest may include special arrangements to ensure the welfare of those with special needs, such as illness, pregnancy, or a disability. [§ 7.8.1, § 7.8.2, BS 25999-1, Business continuity management. Code of practice, 2006]


Copyright 2005-2009 Unified Compliance Framework™. All rights reserved.


Site and content © Copyright 2003-2009 Network Frontiers, LLC. All rights reserved.