Guidance and templates for ICT operations assurance
Guidance and templates to support government organisations to implement a fit-for-purpose assurance approach for managing their information and communications technology (ICT) risks.
Managing your ICT risks
These resources will help you to design and implement a risk management process that enables critical ICT risks to be effectively identified, managed and governed:
Developing your assurance plan
These resources will help you develop a fit-for-purpose assurance plan based on the risk and complexity of your organisation's ICT operation:
Maximising the value of independent assurance
These resources will help you create a comprehensive engagement terms of reference for an independent assurance review, and to select the right provider with the right experience to deliver a high-quality review:
Ensuring high quality assurance information
The quality of assurance reports is critical to make well informed decisions. Use this resource to review the quality of assurance reports:
Overseeing assurance activities and recommendations
- How will progress against the assurance plan be monitored at the governance level?
- How will the status of issues raised in assurance reports be tracked and reported at the governance level?
Capturing lessons learned
Share your ICT risk management and assurance lessons learned with us to:
- help inform a system-wide view of trends
- share examples of working ‘smarter’ for other government organisations to use.