From 861aac237b6be0ab11fa3650c370c23ab0a49f78 Mon Sep 17 00:00:00 2001
From: Dennis Eichhorn <spl1nes.com@googlemail.com>
Date: Wed, 20 Mar 2024 15:15:10 +0100
Subject: [PATCH] Update 09_IT_Risk Control Matrix.md

Signed-off-by: Dennis Eichhorn <spl1nes.com@googlemail.com>
---
 Processes/09_IT_Risk Control Matrix.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Processes/09_IT_Risk Control Matrix.md b/Processes/09_IT_Risk Control Matrix.md
index 1ec433a..30b346b 100644
--- a/Processes/09_IT_Risk Control Matrix.md	
+++ b/Processes/09_IT_Risk Control Matrix.md	
@@ -6,7 +6,7 @@
 | 2    | CTO                  | Operational Risk (IT) | Data loss                                                    | 3    | 5    | Daily  |       | Preventing (System) | Automatic daily backups to external/remote service providers | 1    | 1    |         |          |      |      | [Cron](https://github.com/Karaka-Management/Build/blob/master/Backup/cron.sh) |
 | 3    | CTO                  | Operational Risk (IT) | Data loss                                                    | 3    | 5    | Daily  |       | Preventing (Manual) | Quarterly manual backups for long-term storage               | 1    | 3    |         |          |      |      |           |
 | 4    | CTO                  | Operational Risk (IT) | Corrupted backup data                                        | 2    | 3    | Daily  |       | Revealing (System)  | Automatic data integrity validation of daily backups         | 1    | 3    |         |          |      |      | [Cron](https://github.com/Karaka-Management/Build/blob/master/Backup/cron.sh) |
-| 5    | HOD, head of IT, CTO | Operational Risk (IT) | Emplyees have access to files or functions outside of their competencies | 4    | 4    | Daily  |       | Preventing (Manual) | Employee permissions are defined in a general Permission List. Deviations must be approved | 1    | 4    | [Permission List](https://github.com/Karaka-Management/Organization-Guide/blob/master/Processes/IT/Permission%20List.md) |          |      |      |           |
+| 5    | HOD, head of IT, CTO | Operational Risk (IT) | Emplyees have access to files or functions outside of their competencies | 4    | 4    | Daily  |       | Preventing (Manual) | Employee permissions are defined in a general Permission List. Deviations must be approved | 1    | 4    |  |          |      |      | [Permission List](https://github.com/Karaka-Management/Organization-Guide/blob/master/Processes/IT/Permission%20List.md) |
 | 6    | head of IT, CTO      | Operational Risk (IT) | Software causes problems                                     | 3    | 3    | Weekly |       | Preventing (Manual) | New software and software updates must be tested in a sandbox environment | 1    | 1    |         |          |      | [Third Party Software Validation - New](https://github.com/Karaka-Management/Organization-Guide/blob/master/Processes/IT/Third%20Party%20Software%20Validation%20-%20New.md)<br />[Third Party Software Validation - Update](https://github.com/Karaka-Management/Organization-Guide/blob/master/Processes/IT/Third%20Party%20Software%20Validation%20-%20Update.md) |           |
 | 7    | HOD, head of IT, CTO | Operational Risk (IT) | Unauthorized software.                                       | 3    | 5    | Weekly |       | Preventing (Manual) | New software must be approved                                | 1    | 2    |         |          |      |      | [Third Party Software Validation - New](https://github.com/Karaka-Management/Organization-Guide/blob/master/Processes/IT/Third%20Party%20Software%20Validation%20-%20New.md) |