The roles of Application Business Owner and Application IT Manager are often not clearly defined within an Organizational setup or not well understood. The definition of these two roles are quintessential to ensure that responsibilities and accountabilities are appropriately placed for the Management of an IT Application.
Application Business Owner Accountabilities
- Determine Business Criticality, Recovery Time Objective (RTO) and Recovery Point Objective (RPO).
- Data Ownership – Identify, Classify and Protect Data.
- Application Access Control Ownership – Ensure that access to the application, on both the Business and IT side, are as per the Need-To-Have Principle.
- Responsible for the Application’s Information Security Governance and Control and Regulatory Compliance.
Application IT Manager Responsibilities
- Implement IT controls to Protect Data.
- Ensure that access to the application , on the IT side, are as per Need-To-Have Principle.
- Support the Application Business Owner by providing oversight of IT implementation and processes.