This Strategic Tier control triangle seeks to manage software applications, information, technology infrastructure and related services ensuring support and incident management for agile, and secure operations in alignment with business goals, to guarantee alignment with organisational goals, operational efficiency, and the continuity of information systems. This process drives the acquisition, development, maintenance, and decommissioning of critical systems and assets while delivering reliable support and services that enhance system stability, flexibility, and resilience.

This control cascades down into: 3.1-Manage ICT Application, 3.2-Manage ICT Infrastructure, and 3.3-Manage ICT Service control subdomains.

---

Control Mappings:
ISO31000:2018 ➡️ 4; 5; 5.2
ISO38500:2024 ➡️ 6; 6.3; 7.2.3