They have to do a yearly audit I believe. At the end of the day who ever signs off on it is held responsible. From my understanding they submit these packages in a portal. Also there are owners and when risks come up they have to submit a memo identifying impact. So who is the ISSM for this government program/contract? Basically they could go to jail. How I understand government Risk Management Framework.
They have to do a yearly audit I believe. At the end of the day who ever signs off on it is held responsible. From my understanding they submit these packages in a portal. Also there are owners and when risks come up they have to submit a memo identifying impact. So who is the ISSM for this government program/contract? Basically they could go to jail. How I understand government Risk Management Framework.