1. Data Management
Data management is the process of developing data architectures, practices and procedures dealing with data and
then executing these aspects on a regular basis. It is; controlling, protecting, and facilitating access to data in order to
provide information consumers with timely access to the data they need. There are many topics within data
management, some of the more popular topics include data modeling, data warehousing, data movement, database
administration and data mining.
2. Development Management
Software development is about working to produce/create software. The term software development is often used for
the activity of computer programming, which is the process of writing and maintaining the source code. Software
development may include research, new development, modification, reuse, re-engineering, maintenance, or any other
activities that result in software products. For larger software systems, usually developed by a team of people, some
form of process is typically followed to guide the stages of production of the software.
3. Risk Management
As organizations use automated IT systems to process their information for better support of their missions, risk
management plays a critical role in protecting an organization’s information assets, and therefore its mission, from IT-
related risk. An effective risk management process is an important component of a successful IT security program.
The principal goal of an organization’s risk management process should be to protect the organization and its ability to
perform their mission, not just its IT assets. Therefore, the risk management process should not be treated primarily as
a technical function carried out by the IT experts who operate and manage the IT system, but as an essential
management function of the organization.
Risk management is the process of identifying risk, assessing risk, and taking steps to reduce risk to an acceptable
level. Risk management is the process that allows IT managers to balance the operational and economic costs of
protective measures and achieve gains in mission capability by protecting the IT systems and data that support their
organizations’ missions.
4. Investment Management
The business of investment management has several facets, including the employment of professional fund
managers, research (of individual assets and asset classes), dealing, settlement, marketing, internal auditing, and the
preparation of reports for clients.
IT investment management has 3 phases;
• Selection
The organization selects those IT projects that will best support its mission needs and identifies and analyzes each
project’s risks and returns before committing significant funds to
a project.
o Screen
o Rank
o Select
• Control
The organization ensures that, as projects develop and as investment costs rise, the project is continuing to meet
mission needs at the expected levels of cost and risk. If the project is not meeting expectations or if problems have
arisen, steps are quickly taken to address the deficiencies.
o Monitor progress
o Take corrective action
• Evaluate
Actual versus expected results are compared once projects have been fully implemented. This is done to 1) assess
the project’s impact on mission performance, 2) identify any changes or modifications to the project that may be
needed, and 3) revise the investment management process based on lessons learned.
Data management is the process of developing data architectures, practices and procedures dealing with data and
then executing these aspects on a regular basis. It is; controlling, protecting, and facilitating access to data in order to
provide information consumers with timely access to the data they need. There are many topics within data
management, some of the more popular topics include data modeling, data warehousing, data movement, database
administration and data mining.
2. Development Management
Software development is about working to produce/create software. The term software development is often used for
the activity of computer programming, which is the process of writing and maintaining the source code. Software
development may include research, new development, modification, reuse, re-engineering, maintenance, or any other
activities that result in software products. For larger software systems, usually developed by a team of people, some
form of process is typically followed to guide the stages of production of the software.
3. Risk Management
As organizations use automated IT systems to process their information for better support of their missions, risk
management plays a critical role in protecting an organization’s information assets, and therefore its mission, from IT-
related risk. An effective risk management process is an important component of a successful IT security program.
The principal goal of an organization’s risk management process should be to protect the organization and its ability to
perform their mission, not just its IT assets. Therefore, the risk management process should not be treated primarily as
a technical function carried out by the IT experts who operate and manage the IT system, but as an essential
management function of the organization.
Risk management is the process of identifying risk, assessing risk, and taking steps to reduce risk to an acceptable
level. Risk management is the process that allows IT managers to balance the operational and economic costs of
protective measures and achieve gains in mission capability by protecting the IT systems and data that support their
organizations’ missions.
4. Investment Management
The business of investment management has several facets, including the employment of professional fund
managers, research (of individual assets and asset classes), dealing, settlement, marketing, internal auditing, and the
preparation of reports for clients.
IT investment management has 3 phases;
• Selection
The organization selects those IT projects that will best support its mission needs and identifies and analyzes each
project’s risks and returns before committing significant funds to
a project.
o Screen
o Rank
o Select
• Control
The organization ensures that, as projects develop and as investment costs rise, the project is continuing to meet
mission needs at the expected levels of cost and risk. If the project is not meeting expectations or if problems have
arisen, steps are quickly taken to address the deficiencies.
o Monitor progress
o Take corrective action
• Evaluate
Actual versus expected results are compared once projects have been fully implemented. This is done to 1) assess
the project’s impact on mission performance, 2) identify any changes or modifications to the project that may be
needed, and 3) revise the investment management process based on lessons learned.
