close

What Is Truth to Power?

[+/-] A research and advisory resource...
dedicated to bridging the gaps between governance and practice, technology and business, regulation and control, risk management and real market pressures, and your own knowledge and the knowledge of your peers.
[+/-] An open forum and community...
built to create a common pool of knowledge—one big brain—that lets you work more efficiently, build technology and business practices more effectively, and endure audits more effortlessly.
[+/-] A plexus nexus...
a neutral hub through which you can reach many valuable information nodes, resource collections, and organizations that are helping people like you already, but in fractured ways.
[+/-] A rebellion...
against the idea that auditors, analysts, and consultancies can control information simply through their ability to collect and distill it. T2P's goal is to unlock the vast body of knowledge, insight, and conventional wisdom that we all have, make it freely available to you, and help you digest and interpret it—without undue cost, bias, or hype.
Top Panel
WHAT IS T2P?
Top Panel
Technology Sourcing & Investment Management

Guidance on reducing risks and improving value in the acquisition and development of technology, including service-provider and outsourcing management.

Rules & Standards RSS
Results 1 - 5 of 5 Add a new rule
Framework for Managing Technology Risk for IT Service Provider Relationships
IssuerBITS
Country US

Helps financial services companies address control weaknesses in outsourced IT services. Coverage includes information security controls and audits, disaster recovery, vendor management, and cross-border considerations.

ReviewRecommendPrintReportClaim
Global Technology Audit Guide (GTAG) 7: IT Outsourcing
IssuerIIA
Country Multi

Guidance on the IT outsourcing lifecycle and its management in the context of a general risk, control, compliance, and governance framework. Developed for audit executives, internal auditors, and management

ReviewRecommendPrintVisitReportClaim
Information Technology Investment Management (ITIM): A Framework for Assessing and Improving Process Maturity
IssuerUS GAO
Country US

A heavyweight framework for evaluation and communication of IT investment practices, aimed at US government agencies.

ReviewRecommendPrintVisitReportClaim
NIST Integrating IT Security into the Capital Planning and Investment Control Process (800-65)
IssuerNIST
Country US

Common criteria against which agencies (or companies) can prioritize security activities into capital planning processes.

ReviewRecommendPrintReportClaim
Val IT
IssuerISACA
Country Multi

A framework for the management, evaluation, and selection of IT-enabled business investments, as well as IT portfolio rationalization.

ReviewRecommendPrintVisitReportClaim