darrellodonnell
commented
5 months ago another thought - we could link "governed action" as that is a key construct (key activity?) from our EGF templates.
Open darrellodonnell opened 5 months ago
darrellodonnell
commented
5 months ago another thought - we could link "governed action" as that is a key construct (key activity?) from our EGF templates.
darrellodonnell
commented
5 months ago @talltree FYI
The definition of authorization is currently using a NIST definition (NIST NIST SP 800-57 Part 2 Rev.1 under Authorization).
There is no explicit linkage to governance. On a technical view that's fine. However, lacking linkage to governance leads (IMO) to decisions that are made lacking some context.
May need a
governed authorization(or equivalent) term to help link tech+governance.