Update 09_IT_Risk Control Matrix.md

Signed-off-by: Dennis Eichhorn <spl1nes.com@googlemail.com>
2026-01-11 12:58:42 +00:00 · 2024-03-20 15:15:10 +01:00 · 2024-03-20 15:15:10 +01:00 · 861aac237b
commit 861aac237b
parent bd67f74205
1 changed files with 1 additions and 1 deletions
--- a/Processes/09_IT_Risk
+++ b/Processes/09_IT_Risk
@ -6,7 +6,7 @@
 | 2    | CTO                  | Operational Risk (IT) | Data loss                                                    | 3    | 5    | Daily  |       | Preventing (System) | Automatic daily backups to external/remote service providers | 1    | 1    |         |          |      |      | [Cron](https://github.com/Karaka-Management/Build/blob/master/Backup/cron.sh) |
 | 3    | CTO                  | Operational Risk (IT) | Data loss                                                    | 3    | 5    | Daily  |       | Preventing (Manual) | Quarterly manual backups for long-term storage               | 1    | 3    |         |          |      |      |           |
 | 4    | CTO                  | Operational Risk (IT) | Corrupted backup data                                        | 2    | 3    | Daily  |       | Revealing (System)  | Automatic data integrity validation of daily backups         | 1    | 3    |         |          |      |      | [Cron](https://github.com/Karaka-Management/Build/blob/master/Backup/cron.sh) |
-| 5    | HOD, head of IT, CTO | Operational Risk (IT) | Emplyees have access to files or functions outside of their competencies | 4    | 4    | Daily  |       | Preventing (Manual) | Employee permissions are defined in a general Permission List. Deviations must be approved | 1    | 4    | [Permission List](https://github.com/Karaka-Management/Organization-Guide/blob/master/Processes/IT/Permission%20List.md) |          |      |      |           |
+| 5    | HOD, head of IT, CTO | Operational Risk (IT) | Emplyees have access to files or functions outside of their competencies | 4    | 4    | Daily  |       | Preventing (Manual) | Employee permissions are defined in a general Permission List. Deviations must be approved | 1    | 4    |  |          |      |      | [Permission List](https://github.com/Karaka-Management/Organization-Guide/blob/master/Processes/IT/Permission%20List.md) |
 | 6    | head of IT, CTO      | Operational Risk (IT) | Software causes problems                                     | 3    | 3    | Weekly |       | Preventing (Manual) | New software and software updates must be tested in a sandbox environment | 1    | 1    |         |          |      | [Third Party Software Validation - New](https://github.com/Karaka-Management/Organization-Guide/blob/master/Processes/IT/Third%20Party%20Software%20Validation%20-%20New.md)<br />[Third Party Software Validation - Update](https://github.com/Karaka-Management/Organization-Guide/blob/master/Processes/IT/Third%20Party%20Software%20Validation%20-%20Update.md) |           |
 | 7    | HOD, head of IT, CTO | Operational Risk (IT) | Unauthorized software.                                       | 3    | 5    | Weekly |       | Preventing (Manual) | New software must be approved                                | 1    | 2    |         |          |      |      | [Third Party Software Validation - New](https://github.com/Karaka-Management/Organization-Guide/blob/master/Processes/IT/Third%20Party%20Software%20Validation%20-%20New.md) |