This Strategic Tier control triangle seeks to manage the organisational demands for business and technology solutions by strategic alignment of resources, structure, and activities that meets its long-term business goals and strategic initiatives, while assuring policy and regulatory compliance, security, risk mitigation, and auditability of it's capabilities. It focuses on executing integrated business and technology plans, establishing a cohesive enterprise architecture, and safeguarding the security, performance, and compliance of information systems across all environments.

This control cascades down into: 1.1-Manage Strategy, 1.2-Manage Architecture, and 1.3-Manage Assurance control subdomains.

---

Control Mappings:
Cobit:2019 ➡️ APO02; APO02.01; APO04; APO04.02; APO08; APO08.02
ISO31000:2018 ➡️ 4; 5.4; 5.4.1
ISO38500:2024 ➡️ 5.4.1; 6; 6.1