Chief Risk Office

Compliance business concept. Businessman

Enterprise Governance for Information & related Technology


  • Integrate the management of I&T-related enterprise risk with overall enterprise risk management (ERM) and balance the costs and benefits of managing I&T-related enterprise risk.

SGM Value Proposition:

  • Managed I&T-related risk.

  • Security of information, processing infrastructure and applications, and privacy.

Enterprise architect pressing a tile in

Business Model and Architecture Management


  • Ensuring that the information, data, and systems of the organization are available to only those that have permission, and protecting the information, data, and systems from unauthorized tampering.

SGM Value Propositions:

  • Detailed understanding of the product lifecycle during the development of Business Architecture to ensure rigour in the design of controls, processes, and procedures.

  • Understanding the lifecycles of key entities within the enterprise.

  • Depict which actor (person, organization, or system) can access which enterprise data.

  • Demonstrate compliance with data privacy laws and other applicable regulations (HIPAA, SOX, etc).

  • Understanding Actor-to-Role relationships is a key supporting tool in the definition of training needs, user security settings, and organizational change management.

  • Establishing authorization, security, and access to these technology components

  • Enable application/technology auditing and prove compliance with enterprise technology standards.

  • Establish traceability and changing application end-point address while moving application either from a shared environment to a dedicated environment or vice versa.

  • Describes the means of communication — the method of sending and receiving information — between these assets in the Technology Architecture; insofar as the selection of package solutions in the preceding architectures put specific requirements on the communications between the applications.

Growth value, increase value, value adde

Management of Value


  • Business service continuity and availability.

SGM Value Proposition:

  • Managed I&T-related risk.