1 IT Governance Regulatory Perspective P.K.Patel AGM, MoF
2 Agenda What is IT Governance? Aspects of IT Governance What banks should consider before implementing these aspects? What banks should do for implementation of these aspects? Gopalakrishna committee recommendation on IT Governance Findings from Banks
3 What is IT Governance?
4 IT Governance IT is now at the core of most organizations ability to execute strategy. IT governance is the process by which decisions are made around IT investments. How decisions are made, who makes the decision, who is held accountable, and how the results of decisions are measured and monitored are all parts of IT governance IT governance can not exist in isolation but must be a subset of enterprise governance.
5 IT Governance The structure, oversight and management processes which ensure the delivery of the expected benefits of IT in a controlled way to help enhance the long term sustainable success of the enterprise. IT Governance focuses specifically on information technology systems, their performance and risk management.
6 IT Governance- Need? Value/ cost, Aligning IT with business, Security, Keeping IT running, Managing complexity, Regulatory compliant- Organizations require a structured approach for managing these and other challenges. This will ensure that there are agreed objectives for IT, good management controls in place and effective monitoring of performance to keep on track and avoid unexpected outcomes.
7 IT Governance
8 What does IT Governance Cover? It s delivery of value to the business and mitigation of IT risk. The first is driven by strategic alignment of IT with the business and the second is driven by embedding accountability into the enterprises. Both needs to be supported by adequate resources and measured to ensure that the results are obtained. This leads to the five main focus areas for IT Governance. Two of them are outcomes: value delivery and risk management. Three of them are drivers: strategic alignment, resource management and performance management. IT Governance is a continuous life- cycle. It s is a process, using resources necessary to execute responsibilities.
9 IT Governance Organizational Structure IT governance stakeholders include- Board of directors IT strategy committees CEOs Business executives CIOs IT steering committee Chief Risk officer Risk committees IT line management IT Organizational Structure- IT Technology, IT Development, IT Operation, IT Assurance
10 Policies and Procedures Board approved policies- Hardware and network architecture, Hardware and software procurement strategy, standards, outsourcing, IT department organizational structure, number of IT expertise, change process Operational procedures especially for data centre Annual review Conversion of long range IT strategy to short-range plans regularly Enterprise information model Enterprise data dictionary CIO- key business player, owner of IT functions
11 IT Governance
12 Strategic Alignment Ensuring that IT strategy is aligned with the business strategy and that distributed IT strategies are consistent and integrated IT alignment is a journey not a destination.
13 IT Strategic Alignment When formulating an IT strategy, a bank must consider- Business Objectives and competitive environment Current and future technologies: Costs, risks and benefits Capability of the IT organization and technology to deliver current and future level of services Operating cost of current IT : whether this provide sufficient value to the business Regulatory and compliance environment
14 Contd. With respect to IT Strategic Alignment, Banks need to ensure the following: Up to date business strategy IT development projects have business case IT budget priorities portfolio of IT- related investment programme IT strategy committee review the management about IT related investments IT steering committee composed of executives from business and IT management Performance of IT management is monitored Comprehensive and ongoing due diligence and oversight process is established for managing the bank s outsourced activities
15 Value delivery Is about executing the value proposition throughout the delivery cycle, ensuring that IT delivers the promised benefits against the strategy, concentrating on optimizing cost and proving the intrinsic value of IT. It is important not only to focus on measurements based on value realisation (i.e., financial measures), but also to take into account the enterprise s performance in creating value. Fit for purpose and meeting business requirements, flexibility to adopt future requirements, throughput and response times, ease of use, resiliency and security, integrity, accuracy and confidentiality of information
16 Banks should consider. Board and senior management are briefed about the value that IT delivers to business in respect of customer service, cost, speed of delivery, quality, ROI and value-add to business etc Reporting and tracking of major IT projects Current rate of failure of IT projects Costs involved in managing incidents (network outage and system downtime) Level of end-user and customer satisfaction with the quality of IT service
17 With respect to value delivery, banks need to ensure that IT investment programmes are managed to ensure are aligned with business strategy and objectives IT controls to minimize IT related vulnerabilities, increase efficiency, use resources optimally and increase the effectiveness of IT processes Proper MIS Project management and quality assurance Evaluation of IT internal control failures and weaknesses Project level steering committees Independent assurance on the achievement of IT objectives and the containment of IT risks is conducted regularly Prioritize IT initiatives and assign ownership for IT enabled business opportunities Periodical review of all non-performing or irrelevant IT projects in the banks
18 Risk Management Requires risk awareness by senior corporate officers, a clear understanding of the enterprise s appetite for risk, understanding of compliance requirement, transparency about the significant risks to the enterprise, and embedding of risk management responsibilities in the organisation.
19 Banks should consider Banks position- risk appetite and tolerance levels Maintain a list of IT risks Implement and document risk framework to assess, mitigate approach and analysis cost against benefits Document measures adopted to contain IT risks Reporting system related to IT risks Actual or potential conflicts between operational functions and IT functions
20 With respect to IT risk management, banks need to ensure that Assessment of IT risks and suitably mitigation Bank-wide risk management policy Risk management process for e-banking activities All risks related to suppliers are considered- relationship management, escrow and second sourcing Appropriate incident response plans Operational risk- assessed and relevant controls are implemented Adherence to customer privacy requirement Legislative, regulatory and contractual requirements on the use of systems and softwares where IPR, copyrights and on the use of proprietary software products are applicable
21 Contd. Information Security Policy Comprehensive and centralized change control system for project or application Project management framework and approach Use of IT control framework- COBIT, ITIL, ISO etc Inter-dependencies between risk elements are considered in the risk assessment process IT outsourcing ( Due diligence, monitoring vendor performance, managing SLAs)
22 IT Resource Management Is about the optimal investment in, and the proper management of, critical IT resources: application, information, infrastructure and people. Key issues relate to the optimisation of Knowledge and infrastructure.
23 Banks should consider Current practices followed for managing IT assets IT assets: under-utilised or over- utilised Current short-term and long-term IT strategy in view of the expected business growth Outsourcing strategy IT expertise pool
24 With respect to IT resource management, banks need to ensure that Board is aware of IT resource, infrastructure and investment Policies and procedures for information systems monitoring facilities Record management- responsibilities and authorities of individuals Requirement for trained resources Procedures to assess the integration and interoperability of complex IT processes Responsibilities, relationships, authorities and performance criteria of project team members and stakeholders Procurement practices
25 Performance measurement Tracks and monitors strategy implementation, project completion, process performance and service delivery, using, for example, IT balance scorecrds.
26 Banks should consider Identifying and quantifying IT costs and benefits, ROI, NPV, IRR and payback method Overcoming limitations of measuring unquantifiable values Assess current performance measurement metrics, current MIS, process to evaluate performance of contractors and outsourced service providers, service level agreements Assess ROI trends, practices followed by industry competitors and the bank s performance status in comparison
27 With respect to IT performance management, banks need to ensure that IT projects- appropriate strategic and cost and reward analysis on a periodic basis Standard template for making return versus risk balance IT balance scorecard, maturity level Periodic assessment of IT budget deviations Periodic review and update of IS policies and procedures
28 IT Balanced Scorecard It is a concept for measuring a company s activities in terms of its vision and strategies, to give a comprehensive view of the performance of a business. It measures financial perspective, customer perspective, business process perspective, Learning and growth perspective Business contribution, User orientation, Operational excellence, Future orientation
29 IT Governance- Maturity model 0- Non existent 1- Initial or adhoc 2- Repeatable but intuitive 3- Defined process 4- Managed and measurable 5- Optimized
30 Gopalkrishna committee recommendation
31 IT Governance i. Banks to have a Board approved documented IT strategy/plan ii. A comprehensive IT policy to be framed and reviewed annually. Board Level Strategy Committee Minimum of TWO Directors one of them to be an independent Director All members of the committee to be technically competent At least one member with substantial expertise in managing technology Thrust of the Working group is on a top down approach to IT Governance
32 IT Governance iii. Position of Chief Information Officer (CIO) to be created CIO to act as owner of IT function Help in alignment of business and technology iv. Creation of IT Steering Committee Representations from IT, HR, Legal, business functions Committee to help bank in implementing IT strategy To assess the transparency, accountability, effectiveness of the IT Governance structure in banks v. Stress on training and skill development for effective IT implementation in banks Periodic assessment of training requirements Ensure availability of competent human resources Supporting Organizational structure to be commensurate with the size of the bank, scale of business activities.
33 IT Governance vi. Monitoring of IT function s performance Timely delivery, adherence to budget Appropriate value/benefits vii. Banks to maintain Enterprise data Dictionary Dictionary to have organization s data syntax rules Facilitate data sharing amongst applications Common understanding of data amongst IT users Prevention of incompatibility viii. Project management approach to implementation and management of IT projects ix. Bank wide risk management policy or operational risk policy to include IT risks reviewed annually Key Focus of IT Governance strategic alignment, value delivery, risk, resource and performance management
34 IT Governance x. IT function to support robust MIS in banks xi. Implementation of well known IT control frameworks such as COBIT xii. Collaborative effort with IDRBT for sharing of information, discussing issues and challenges. A forum of CIOs and senior IT officials to share experiences Good IT Governance for robust IT systems, IT risk management, MIS and deriving value from IT
36 IT Governance in Banks Role of board- Establish/Direct/Guide/Review/Question Strategy and Alignment- i) Does the bank have a clear IT strategy? ii) If so, how is it aligned to the business strategy? iii) Whether suitable IT organisation and appropriate resources are ensured in consonance with the IT strategy?
37 IT Policy issues i) Does the bank have a clear vision on the course of development of applications outsourcing/in-house? ii) Do documented outsourcing and in-house development policies exist in the bank? If not, what action has been taken to lay down these policies? iii) Has the IT security policy been established? Whether the bank has subscribed itself to IT standards such as ISO17799? iv) Does the bank follow a standard IT process governance framework such as Control Objectives for Information and related Technology (COBIT)? v) Whether the charter of the IS Audit function in the bank is exhaustive and the same is carried-out purposefully? vi) Is there a system in place to ensure compliance to legal and regulatory prescriptions and guidelines on e-banking, etc.?
38 IT investments i) Is the proposal in line with the approved IT strategy? ii) How does the proposal map to the business goal (short/medium/long term)? iii) Is it supported by a detailed project analysis? iv) If a new delivery channel is proposed, whether it is directed towards a niche segment or across the board? Determine the gaps in servicing any segment, check for new opportunities and provide suitable direction. v) Is there a possibility of the new delivery channel negatively impacting an existing channel? If so, whether it is justified by the need for, say, retaining market competitiveness? vi) Whether the proposal conforms to the bank's outsourcing/in-house development policy?
39 Contd. vii) Whether the surplus capabilities, if any, of the existing IT infrastructure can, instead, be utilised? viii) Is the proposed technological solution state-of- the-art? ix) Whether scalability (i.e., expandable option) is ensured, where appropriate, to take care of higher level of transactions in future? x) Whether redundancy, where appropriate, is ensured to enable uninterrupted supply?
40 Contd xi) How will the proposed solution integrate with the existing enterprise-wide IT enviornment? Whether open/generic standards are proposed to facilitate inter-operability? xii) Whether the bank has/expects to have reasonable pool of expertise to manage the proposed solution? Proposals for imparting expertise details. xiii) If regulatory approval is required for the proposal, whether it has been taken/being taken?
41 Value Delivery i) Review the performance of the projects both cost and time overruns to be looked into. ii) Direct establishment of metrics for evaluation and assess the results. For eg., cost/transaction to be worked-out across services delivered over different channels. Utilisation of cost effective channels vis-à-vis the other channels by the customers should be examined and guidance for improving the performance to be provided, where appropriate. iii) Check the market share of the various IT-based services offered and provide suitable direction. iv) Analyse the impact of IT-based services on the bank's bottom line and reputation and suggest the future course of action. v) Determine the RoI and review the same against the projection for suitable action. Other positive results like retention of customers, addition of more customers, etc., should also be kept in view in the assessment.
42 Management of IT Resources i) Determine whether IT resources are managed efficiently by seizing the opportunities offered by up-to-date technologies. ii) Whether the IT resources are/will be able to support the present and future business needs efficiently and effectively? iii) Is the bank committed to training and educating the staff on the operation and management of relevant technologies? iv) Review the change management policies and procedures.
43 Risk Management i) Review the provisions for DRP/BCP for their adequacy and coverage. Whether the relevant procedures are reviewed and updated, simulated tests being carried-out, etc. ii) Review the implementation of the IT security policy by the bank whether detailed instructions and procedural guidelines are in place, whether suitable organisational structure has been established to implement the policy, steps taken for imbibing the enterprise-wide security consciousness, etc. iii) Set the direction for devising the metrics on the subject and review the same e.g., number of outages in service caused by security attacks / denial of service, number of customer complaints received on non-availability of/deficient service, etc. iv) Verify compliance to regulatory prescriptions.
44 Performance Management i) Establish the relevant metrics/benchmarks and review them e.g., the instances and durations of downtime during the review period, number and nature of customer complaints received, utilisation level of network bandwidth/ system capacity, etc. ii) Review the performance of third party vendors vis-à-vis the SLA.
Technology & IT Governance in Indian Banking Gaurang Trivedi, PhDc Saurashtra University, Rajkot, India Trivedi.email@example.com Phone : 93276 82228 Abstract : Technology as the differentiator has become
IT Charter and IT Governance Framework Status: Custodian: Approved Director: Information Technology Date approved: 2013-12-04 Implementation date: 2013-12-05 Decision number: SAQA 02102/13 Due for review:
What is it and how to audit it 21 April 2009 Agenda Can you define What are the key objectives of How should be structured Roles and responsibilities Key challenges and barriers Auditing Scope Test procedures
Certified Information Systems Auditor (CISA ) Certification Course Description Our 5-day ISACA Certified Information Systems Auditor (CISA) training course equips information professionals with the knowledge
IT Governance: framework and case study Presenter Yaowaluk Chadbunchachai Advisory Services Ernst & Young Corporate Services Limited Presentation topics ERM and IT governance IT governance framework IT
Version : 1.01 Date : 16 September 2009 IT Governance Network South Africa USA UK Switzerland www.itgovernance.co.za firstname.lastname@example.org 0825588732 IT Governance Network, Copyright 2009 Page 1 1 Terms
Preliminary Reference Guide for Software as a Service (SaaS) for the evaluation of the service providers' software development process Maiara Heil Cancian Florianópolis, March/2009 About the author Maiara
The PNC Financial Services Group, Inc. Business Continuity Program subsidiaries) 1 Content Overview A. Introduction Page 3 B. Governance Model Page 4 C. Program Components Page 4 Business Impact Analysis
Page 1 of 7 The CIPM certification is comprised of two domains: Privacy Program Governance (I) and Privacy Program Operational Life Cycle (II). Domain I provides a solid foundation for the governance of
Implementation of a Quality Management System for Aeronautical Information Services -1- Implementation of a Quality Management System for Aeronautical Information Services Chapter IV, Quality Management
SHARED ASSESSMENTS PROGRAM STANDARD INFORMATION GATHERING (SIG) QUESTIONNAIRE 2014 MAPPING TO OCC GUIDANCE (2013-29) ON THIRD PARTY RELATIONSHIPS An overview of how the Shared Assessments Program SIG 2014
Development, Acquisition, Implementation, and Maintenance of Application Systems Part of a series of notes to help Centers review their own Center internal management processes from the point of view of
COMMUNIQUE 14-COM-002 July 14, 2014 Information Technology (IT) Governance Guidance The Credit Union Prudential Supervisors Association (CUPSA) has established an IT Risk Working Group to focus on IT governance
Supplement to the IIMM 2011 Quick Guide: Meeting ISO 55001 Requirements for Asset Management Using the International Infrastructure Management Manual (IIMM) ISO 55001: What is required IIMM: How to get
Enabling IT Performance & Value with Effective IT Governance Assessment & Improvement Practices April 10, 2013 Today's Agenda: Key Topics Defining IT Governance IT Governance Elements & Responsibilities
iii Contents List of figures List of tables OGC s foreword Chief Architect s foreword Preface Acknowledgements v vii viii 1 Introduction 1 1.1 Overview 4 1.2 Context 4 1.3 Purpose 8 1.4 Usage 8 2 Management
COBIT 5 For Cyber Security Governance and Management Nasser El-Hout Managing Director Service Management Centre of Excellence (SMCE) Cybersecurity Governance using COBIT5 Cyber Defence Summit Riyadh, KSA
CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT JANUARY 2008 GUIDELINE ON BUSINESS CONTINUITY GUIDELINE CBK/PG/14
How to Ace IT Governance Without Tech Expertise 50 POWERFUL QUESTIONS READY TO ASK AT YOUR NEXT BOARD MEETING Corporate Director and Creator of THE BOARDROOM BLUEPRINT TM OVERVIEW 50 POWERFUL I.T. QUESTIONS
BUSINESS CONTINUITY MANAGEMENT GUIDELINES FOR BANKS AND FINANCIAL INSTITUTIONS DIRECTORATE OF BANKING SUPERVISION AUGUST 2009 TABLE OF CONTENTS PAGE 1.0 INTRODUCTION..3 1.1 Background...3 1.2 Citation...3
Applying Integrated Risk Management Scenarios for Improving Enterprise Governance János Ivanyos Trusted Business Partners Ltd, Budapest, Hungary, email@example.com Abstract: The term of scenario is used
Based on 2008 Survey of 255 Non-IT CEOs/Executives > 50% Ranked ITG as very important > 75% of businesses consider ITG to be an integral part of enterprise governance, but the overall maturity level is
Balanced Scorecard; a Tool for Measuring and Modifying IT Governance in Healthcare Organizations Ehsan Borousan, Roozbeh Hojabri, Mahmoud Manafi and Aliread Hooman Abstract Nowadays healthcare organizations
WEST COAST DISTRICT MUNICIPALITY IT GOVERNANCE FRAMEWORK IT CHARTER MAY 2012 INDEX 1 Introduction... 1 2 Contextual background... 3 2.1 The CobiT 5 framework (2012)... 4 2.2 The ISO 27000 series (2005,
Stepping Through the Info Security Program Jennifer Bayuk, CISA, CISM Infosec Program How to: compose an InfoSec Program cement a relationship between InfoSec program and IT Governance design roles and
GOVERNANCE OF INFORMATION TECHNOLOGY IN HIGHER EDUCATION SPANISH ASSOCIATION OF UNIVERSITY RECTORS CONFERENCIA DE RECTORES DE LAS UNIVERSIDADES ESPAÑOLAS Information Technology (IT) has become critical
Blending Corporate Governance with Information Security WHAT IS CORPORATE GOVERNANCE? Governance has proved an issue since people began to organise themselves for a common purpose. How to ensure the power
Whitepaper: Security in the Cloud Security in the Cloud: Visibility & Control of your Cloud Service Providers Date: 11 Apr 2012 Doc Ref: SOS-WP-CSP-0412A Author: Pierre Tagle Ph.D., Prashant Haldankar,
CYBER SECURITY DASHBOARD: MONITOR, ANALYSE AND TAKE CONTROL OF CYBER SECURITY INTRODUCTION Information security has evolved. As the landscape of threats increases and cyber security 1 management becomes
White Paper THE FIVE STEPS TO MANAGING THIRD-PARTY RISK By James Christiansen, VP, Information Management Executive Summary The Common Story of a Third-Party Data Breach It begins with a story in the newspaper.
Standard Operations Business Operations process forms the core of all our business activities SMS-GS-O1 Operations December 2014 v1.1 Serco Public Document Details Document Details erence SMS GS-O1: Operations
Office of the Auditor General AUDIT OF IT GOVERNANCE Tabled at Audit Committee March 12, 2015 This page has intentionally been left blank Table of Contents Executive Summary... 1 Introduction... 1 Background...
Moving Forward with IT Governance and COBIT Los Angeles ISACA COBIT User Group Tuesday 27, March 2007 IT GRC Questions from the CIO Today s discussion focuses on the typical challenges facing the CIO around
ITS Project Management Policy Contents I. POLICY STATEMENT II. REASON FOR POLICY III. SCOPE IV. AUDIENCE V. POLICY TEXT VI. PROCEDURES VII. RELATED INFORMATION VIII. DEFINITIONS IX. FREQUENTLY ASKED QUESTIONS
The Asset Management Landscape ISBN 978-0-9871799-1-3 Issued November 2011 www.gfmam.org The Asset Management Landscape www.gfmam.org ISBN 978-0-9871799-1-3 Published November 2011 This version replaces
Effectively Using CobiT in IT Service Management Crown copyright material is reproduced with the permission of the Controller of HMSO and Queen s Printer for Scotland. ITIL is a Registered Trade Mark of
Cayman Islands Society of Professional Accountants Enterprise Risk Management March 19, 2015 Dr. Sandra B. Richtermeyer, CPA, CMA What is Risk Management? Risk management is a process, effected by an entity's
Information Technology Governance Steve Crutchley CEO - Consult2Comply www.consult2comply.com What is IT Governance? Information Technology Governance, IT Governance is a subset discipline of Corporate
END TO END DATA CENTRE SOLUTIONS COMPANY PROFILE About M 2 TD M2 TD is a wholly black Owned IT Consulting Business. M 2 TD is a provider of data center consulting and managed services. In a rapidly changing
SABPP IT GOVERNANCE COMMITTEE TERMS OF REFERENCE PREAMBLE The purpose of the IT Governance Committee is to ensure that IT is effectively governed at SABPP in accordance with the King III Code of Governance
World Council of Credit Unions Annual Conference Credit Union Liability with Third-Party Processors Andrew (Andy) Poprawa CEO, Deposit Insurance Corporation of Ontario Canada 1 Credit Union Liability with
APPLICATION OF THE KING III REPORT ON CORPORATE GOVERNANCE PRINCIPLES Ethical Leadership and Corporate Citizenship The board should provide effective leadership based on ethical foundation. that the company
Institute for Development and Research in Banking Technology Keynote Address by Shri. R. Gandhi, In-Charge Director, IDRBT, at the Conference of IT Chiefs, IDRBT, Hyderabad on July 04, 2005 IT Infrastructure
Document Reference Number Date Title Author Owning Department Version Approval Date Review Date Approving Body UoG/ILS/IS 001 January 2016 Information Security and Assurance Policy Information Security
Guidelines on Information security, Electronic Banking, Technology risk management and cyber frauds Reserve Bank of India Department of Banking Supervision, Central Office, Mumbai Page 1 Table of Contents
kincaidtoc.fm Page vii Friday, September 20, 2002 1:25 PM C ONTENTS Preface Acknowledgments xxi xxvii Part 1 CRM: Is It Right for Your Company? 1 Chapter 1 Commerce in the 21st Century 3 1.1 Understanding
Public Record Office Victoria PROS 10/10 Strategic Management Guideline 5 Records Management Strategy Version Number: 1.0 Issue Date: 19/07/2010 Expiry Date: 19/07/2015 State of Victoria 2010 Version 1.0
IT is complicated. IT Governance doesn t have to be. Chayuth Singtongthumrongkul CISSP, CISA, ITIL Intermediate, PMP, IRCA ISMS (ISO/IEC 27001) Director of International Academic Alliance, ACIS Professional
SERVICE DESIGN Service Design Set of specialized organizational capabilities for providing value to customers in the form of services SOURCE: ITIL Service Design Publication, p. 11 Service Design Goals
Gobierno de TI Enfrentando al Reto IT Facing the Challenge Everett C. Johnson, CPA International President ISACA and ITGI 1 Add titles Agenda Agenda IT governance keys IT governance focus areas: theory
ITIL Roles s Role Process Liaison Incident Analyst Operations Assurance Analyst Infrastructure Solution Architect Problem Manager Problem Owner Change Manager Change Owner CAB Member Release Analyst Test
Information Technology Capability Maturity Model Information Security Managing The Risk Introduction Information Security continues to be business critical and is increasingly complex to manage for the
WOOLWORTHS HOLDINGS LIMITED CORPORATE GOVERNANCE PRINCIPLES 2014 CORPORATE GOVERNANCE PRINCIPLES 2014 CORPORATE GOVERNANCE PRINCIPLES 2014 This table is a useful reference to each of the King III principles
ITIL by Test-king Number: ITIL-F Passing Score: 800 Time Limit: 120 min File Version: 15.0 Sections 1. Service Management as a practice 2. The Service Lifecycle 3. Generic concepts and definitions 4. Key
Measuring Continuity Planning Program Performance Carl B Jackson Director Crisis Management & Continuity Planning Resource Center (CMCPRC) Measuring Continuity Planning Program Performance Session Agenda
Assessing Your Information Technology Organization Are you running it like a business? By: James Murray, Partner Trey Robinson, Director Copyright 2009 by ScottMadden, Inc. All rights reserved. Assessing
BRIDGE the gaps between IT, cloud service providers, and the business. IT service management for the cloud Business white paper Executive summary Today, with more and more cloud services materializing,
INFORMATION TECHNOLOGY THIRD PARTY SERVICE MANAGEMENT POLICY Version 1.0 FEBRUARY 2007 Document Title: Summary: Information Technology Third Party Service Management Policy This policy defines the Institute
www.pwc.com/ca/technology-consulting Company size matters: Perspectives on IT Governance versus large Canadian organizations and IT Governance PwC conducted research for the 4th edition of the IT Governance
IT Governance and IT Operations Bizdirect, Mainroad, WeDo, Saphety Lisbon, Portugal October 2 2008 Jan Duffy, Research Director Industry Insights Agenda About IDC Insights Today s organizational complexities
Perspectives Finding your balance Top tips for successful HR delivery in multiple countries across Europe ...organisations are striving for a more standardised approach across all their business locations
TECHNOLOGY STRATEGY AUDIT Executive Summary It is our intention to facilitate the understanding of technology strategy and its integration with business strategies. This guideline is organized as series
IPAA PROFESSIONAL CAPABILITIES PROJECT Procurement Capability Standards Definition Professional Role Procurement is the process of acquiring goods and/or services. It can include: identifying a procurement
WHITE PAPER IT SERVICE MANAGEMENT IT SERVICE DESIGN 101 Prepared by: Phillip Bailey, Service Management Consultant Steve Ingall, Head of Service Management Consultancy 60 Lombard Street London EC3V 9EA
Integrating Project and Integrating Project and By Reg Lo with contributions from Michael Robinson. 1 Introduction Project has become a well recognized management discipline within IT. is also becoming
SESSION 709 Wednesday, November 4, 9:00am - 10:00am Track: Strategic View The Business of IT Provisioning Bill Irvine Transformation Strategist, Accelerate Innovation, VMware firstname.lastname@example.org Session
BUSINESS EXCELLENCE FRAMEWORK Public Sector Interpretation Guide 1 CONTENTS THE BUSINESS EXCELLENCE FRAMEWORK... 3 THE PUBLIC SECTOR TRANSFORMATION... 4 1. LEADERSHIP (120 points)... 6 1.1 Senior Leadership
SUPERVISORY AND REGULATORY GUIDELINES: PU-0412 Operational Risk 25 th November, 2013 GUIDELINES FOR THE MANAGEMENT OF OPERATIONAL RISK 1. INTRODUCTION 1.1. The Central Bank of The Bahamas ( the Central
ASAE s Job Task Analysis Strategic Level Competencies During 2013, ASAE funded an extensive, psychometrically valid study to document the competencies essential to the practice of association management
Practical Approaches to Achieving Sustainable IT Governance Beyond Mandates: Getting to Sustainable IT Governance Best Practices Agenda IT Governance Definition IT Governance Principles IT Governance Decisions
ISO20000: What it is and how it relates to ITIL v3 John DiMaria; Certified Six Sigma BB, HISP BSI Product Manager; ICT (ISMS,ITSM,BCM) Objectives and Agenda To raise awareness, to inform and to enthuse
The ITIL v.3. Foundation Examination ITIL v. 3 Foundation Examination: Sample Paper 4, version 3.0 Multiple Choice Instructions 1. All 40 questions should be attempted. 2. There are no trick questions.
Leveraging the Private Cloud for Competitive Advantage Introduction While it is universally accepted that organisations will leverage cloud solutions to service their IT needs, there is a lack of clarity
Introduction CSR / Sustainability Governance and Management Assessment By Coro Strandberg Principal, Strandberg Consulting www.corostrandberg.com June 2015 Companies which adopt CSR or sustainability 1
Begin with the end in mind Is your business vision driving your software purchases? Or is it the other way around? Organisations can be paying 25-35% too much for software, support and maintenance costs.
TECHNOLOGY brief: AVAILABILITY MANAGEMENT Availability : A CA Process Map Malcolm Ryder ARCHITECT CA SERVICES Table of Contents Executive Summary 1 SECTION 1: CHALLENGE 2 Simplifying ITIL How to Use the
Microsoft s Compliance Framework for Online Services Online Services Security and Compliance Executive summary Contents Executive summary 1 The changing landscape for online services compliance 4 How Microsoft
BS OHSAS 18001 Occupational Health and Safety Management It s your duty Your implementation guide BS OHSAS 18001 - Occupational Health and Safety Management Background BS OHSAS 18001 is the globally recognized
Virginia Commonwealth University School of Medicine Information Security Standard Title: Scope: Business Continuity Management Standard for IT Systems This standard is applicable to all VCU School of Medicine
IT Governance isn t one thing, it s everything. Steve Romero PMP, CISSP, CCP 1 An executive view of governance Based on 2009 Survey of 255 Non-IT CEOs/Executives 50% Ranked ITG as very important 75% of
23 rd Annual and One Day Seminar Vendor Management Best Practices Catherine Bruder CPA, CITP, CISA, CISM, CTGA Michigan Texas Florida Insight. Oversight. Foresight. SM Doeren Mayhew Bruder 1 $100 billion
www.pwc.co.uk Cyber security Building confidence in your digital future November 2013 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence in