BADM 590 IT Governance, Information Trust, and Risk Management

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "BADM 590 IT Governance, Information Trust, and Risk Management"

Transcription

1 BADM 590 IT Governance, Information Trust, and Risk Management Information Technology Infrastructure Library (ITIL) Spring 2007 By Po-Kun (Dennis), Tseng

2 Abstract: This report is focusing on ITIL framework, which is a set of guidelines for an IT department to control and measure their quality of IT operation. The principles of ITIL mainly deal with processes about IT Service Delivery and Support in order to reach the objectives of the organization. The content of this report includes three major parts which are, first of all, the advance of information security issues involved with SOX Act and other best practices such as COSO, CobiT, and ISO Secondly, the ITIL overview and its main processes and coverage, which will be coming up with the other two case studies, that are deriving from educational organization and other areas. Finally, the report will discuss the connection of ITIL with other key practices to see how they complement and link with ITIL.

3 Background: The bottom line of information security: Recently, most of the enterprises rely on using information technologies to fulfill their enormous data and transactions, such as an online banking service and an internal control process. By applying the sophisticated information technologies, those firms can simplify their business processes, raise their efficiency, and save their time and costs dramatically. With the continuous advance of information technologies and the commercial dependency, information security has started to play a key role in the real business world. This is why enterprises are on pins and needles since most companies are using the information technologies to assist with their tasks, the reliability and accountability of employing these technologies will become critical issues as well as how a company select a suitable IT control framework to maintain and measure its internal security level. IT security threats such as Spyware, Fishing web-side, or even employees could lead to incalculable damages. From 1992, the Committee of Sponsoring Organization (COSO) issued a report for enterprise internal control. Businesses have started to search a right and precise framework for fitting into the specific industry of the businesses. In addition in finding the best practice, the companies also faced more and more regulations from government and requirements from customers. There are some examples below: Financial controls SOX (2002)

4 Privacy Privacy Amendment Act (2001) Health information HIPAA (1996) Customer information GLBA (1999) Except for IT control framework, however, IT service management (ITIL) is also a key part of the whole IT security management area. As a result, this report will be focused on here and connection of ITIL with other frameworks. Sox (the Sarbanes-Oxley Act): In order to prevent financial problems such as Enron s bankruptcy and WorldCom s false accounting report, the US. Legislature had to pass the Sarbanes-Oxley Act (SOX) supervising public companies internal financial states in The first principle of SOX is that To improve quality and transparency in financial reporting and independent audits and accounting services for public companies, to create a Public Company Accounting Oversight Board, to enhance the standard setting process for accounting practices, to strengthen the independence of firms that audit public companies, to increase corporate responsibility and the usefulness of corporate financial disclosure, to protect the objectivity and independence of securities analysts, to improve Securities and Exchange Commission resources and oversight, and for other purposes. 1, which is the most important function for SOX. The overall Act, 1

5 however, has 11 titles and 66 sections. From title 1 to 6, the contents are mainly involved with establishing an independent Public Company Accounting Oversight Board, PCAOB, which deals with auditing and financial reports of public companies. From title 8 to 11, the purpose is to emphasize responsibilities of top managers. Otherwise, the section 302, Corporate Responsibility For Financial Reports, and 404, Management Assessment Of Internal Controls, required a suitable internal control framework. However, what is suitable for organizations acting in different industries and embracing different requirements? The most recognized standards are COSO, Cobit, ISO 17799, and ITIL. What are the Best Practices? COSO: In 1992, the Committee of Sponsoring Organization issued a report especially for enterprise internal control divided into 5 sections that are Monitoring, Information and Communication, Control Activities, Risk Assessment, and Control Environment. Until now, most of the accounting firms have already recognized COSO as an internal control framework. CobiT: Cobit emerged from the COSO practice. It was derived from the information systems audit and control associations (ISACA) and the IT governance institutes (ITIG) in Simply put, Cobit is the control objectives for information and related technologies. Hence, its

6 mission is to research, develop, publicize, and promote an authoritative, up-to-date, international set of generally accepted information technology control objectives for day-to-day use by business managers, IT professionals, and assurance professionals. 2 As the result, CobiT will not offer how to do it but what to do, and it also not covers any software or tool for improving IT services. There are four domains for CobiT,(1) Plan and Organize, (2) Acquire and Implement, (3) Deliver and Support, (4) Monitor and Evaluate. ISO 17799: ISO 17799, published by the international Organization for Standardization in 2001, is international accepted information security management standard. ISO provide a series of management guidelines, which include three dimensions that are Confidentiality, Integrity, and Availability. As CobiT, ISO is also not a technical standard and product or technology driven; contrary, it covers only the management of information security controls. Otherwise, ISO covers almost all information fields not just about IT areas. ITIL (Information Technology Infrastructure Library): Internal and external IT Service and Support professionals are all taking ITIL as their judging criterion. Even Microsoft operations framework (MOF) frequently references ITIL and its corresponding language. 2

7 What is ITIL? ITIL is not a now term and in fact that it has been introduced over two decades. The development of ITIL originated from Central Computer and Telecommunication Agency (CCTA), called the Office of Government Commerce (OCG) now. It has been widely accepted by many organizations from different countries. (A example of how ITIL measure the maturity of organization refers to appendix )However, it has just been applied in the US. within 10 years. It appropriately details a multitude of processes, totally eight books, which explain how IT service should be managed. Book 1. Service Support Book 2. Service Delivery Book 3. Business Perspective Book 4. ICT infrastructure Book 5. Applications Management Book 6. Security Management Book 7. Planning & Implementation Book 8. Software Asset Management At the heart of ITIL is IT service management (ITSM), which includes two books, Service Support and Service Delivery. There are ten basic processes to be defined by the two books as following:

8 Service support Service Delivery Configuration Management Availability Management Incident Management Capacity Management Problem Management Service Continuity Management Change Management Financial Management Release Management Service Level Management There are no standards for these processes. How well this work is enough for the organizations to be up to their requirements. In general, ITIL plays a role in the organizations as a set of guideline, which can be customized to: (1) Assist in getting a handle on the big picture. (2) Help build order and structure where there may be chaos. (3) Reference theory as well as practical tips on what should be done, not how to do so. Where to apply ITIL? Some use it as specifically for only the content from the Service Delivery and Service Support books while others use it for all of ITIL. Basically, whole service management must refer to any components relating to IT service prerequisites and so it must take account of the whole ITIL fields and has not been confined in only just two major orientations or two books. This is the definition of Service Management and the principle of ITIL. Otherwise, the

9 prerequisites of improving customer service quality are another core area that ITIL must focus on. To satisfy customers requirements will be the fundamental to ITIL and below shows several key activities that are essential for building successful ITIL processes within this area: (1) Documenting, negotiating, and agreeing customer and business quality targets and responsibilities in Service Level Agreements (SLAs). (2) Regular assessment of customer opinion in customer feedback and customer satisfaction surveys. (3) IT personal regularly taking the customer journey and sampling the customer experience. (4) IT personnel taking the customer and business perspective and always trying to keep customer interaction as simple and enjoyable as possible. (5) Understanding the ICT infrastructure. 3 The inner of ITIL: Service Delivery: There are five components that include Service Level Management, Financial Management for IT Service, Capacity Management, IT Service Continuity, and Availability Management, which cover whole quality improving plans for IT services as exhibit

10 Exhibit 1: The Service Delivery Processes (Source: An Introductory Overview of ITIL, itsmf, April 2004, p.13 ) Service Level Management is the most important position of processes in ITIL. It provides clear service delivery standards and the major interface for each organization and user. The major components of SLM are the Service Catalogue, Service Level Agreements (SLAs), and Operational Level Agreements (OLAs). Especially Service Catalogues provides definitions of each service, which include the deliverables, limitations of services, and measurements of service delivery performance, within the IT organization. In order to define what level of service an organization needs, Capacity Management can be ran with business, service support, and financial units together to establish the annual IT

11 infrastructure growth plan. The processes of Financial Management for IT Service gets involved with three major financial aspects, which are budgeting, IT Accounting including audit reports, and Chargeback. Availability Management allows organizations to review business requirements that include availability, reliability, maintainability, serviceability, and security. In order to recover and to avoid incidents that could cause disruption of service, IT Service Continuity focuses on contributing an acceptable level of service disruption with an agreed schedule. As a result, businesses can minimize the service disruption and keep trace the risk of disruption. Service Support: One of the major disciplines in Service Management is to support these services that were established by the Service Delivery group. This includes: Help Desk or Service Desk, Incident Management, Problem Management, Configuration Management, Change Management, and Release Management. The relations of these units show in the exhibit 2. Exhibit 2: The Service Support Processes

12 (Source: An Introductory Overview of ITIL, itsmf, April 2004, p.16 ) The Service Desk is responsible for reporting all incidents and requests, services as a center of all units and users within an organization and provides an interface for other Service Support processes. Incident Management is in charge of solving and detecting all incidents and must reinstate the system to the normal service level of organizations as fast as possible. The objective of Problem Management is to reduce impacts and damages that result from Incident Management. Thus, Problem Management is used to work as an assister for Incident Management to solve the detected problems.

13 To manage changes effectively, Change Management has to ensure that all changes are accepted through proper testing, risk assessment, and scheduling. The main function of Configuration Management is to deal with all operating data relating to the operating factors of any IT infrastructure elements in the organization. Near to Change Management, Release Management has to govern and to update the newest launching software versions and enterprise applications. Planning & Implementation: The six work stages can perform the implementation tasks of IT Service Management as following: Exhibit 3: (Source: Implementing ITIL-Adapting Your IT Organization to the Coming Revolution in IT Service, Randy A. S., 2005, CH 3, p. 15) Visioning stage is to identify and confirm what should be covered by the implementation

14 of ITIL as well as the benefits of implementing ITIL. Through this stage, IT organizations can know where to put more efforts and to avoid unnecessary labor force wasted. The goal of assessment stage has three: find out the gaps between organizations, fill up these gaps, and establish the Win projects which is like a small project fulfill to accomplish a tactical task, such as implementing IT Service Catalog. After finishing the preparation, the planning stage will take place to design implementation plans and come up with the overall implementation program. Then, the foundation stage will commence to work on establishing the strategic goals and defining the working procedures and the responsibilities. In this stage, organizational, technological, and governance strategies will be all getting together. The objective of Initial Win stage is to offer immediate benefits by building 2-5 small projects for each ITSM process. The small projects all have specific functions that are visible and touchable in the organization. Finally, the Control stage will carry out the process designed in the foundation stage and start the life cycle regularly. However, the efforts of implementing ITIL will not be over 12 months. Case Study : University of Canterbuey in New Zealand The seasons for using ITIL:

15 (1) The IT service level of the University had been reduced by several incidents of miscommunication and misunderstanding. (2) Various units and support groups need standardization of internal control and re-alignment. (3) Rather than act as only a support function, ITIL can improve the IT service group s overall services quality and correspond to the university s core business value. Implementing process: (1) Identified requirements for change (2) Identified the scope of this project (3) Defined the objectives of this project (4) Established the project structure (5) Organized the project deliverables and benefits for the IT department The project organizational structure: (1) ITIL implementation project manager (2) Service management project team (ITSM) (3) Implementation teams for each specific process within ITIL framework (4) Steering group (5) Reference groups (6) Reporting lines Resource requirements:

16 (1) Human resources Facilities will be required to fully participate or partly participate in this project. (2) Helpdesk telephone system Since the project tries to increase ability of helpdesk to solve incidents at first point of contact, the resource requirements are still unidentified. (3) Software Benefits of using ITIL: ITIL provides an approach that helps enterprises deriving their core business process more reliable, valuable, and effective. Benefits can be produce such as: Improved productivity Service standardization Improved customer satisfaction Improved communication quality between IT service group and customers Reduced cost Improved the business process as clearly defined roles and responsibilities Saved reaction time for managers Avoided problems effectively

17 Benefits to the customer of IT services: Provide documented procedures for external users Enable the customer to reach business objectives Provide feedback and necessary changes from monitoring of service performance Case Study : Service-Oriented IT Management: Benefit, Cost, and Success Factors The six organizations appreciate that the benefits of using ITIL are not only increased service quality and reduced risks, but also helping with managerial and service efficiency. Standardization and optimizing of process, for instance, will greatly improve managerial efficiency because managers can guarantee that all support centers located around globe will be all consistent and systematic. Exhibit 4 shows that the comparison of per- and post- adopting ITIL in terms of three levels of business engineering: strategies, processes, and systems. After implementation of ITIL, the six organizations getting rid of problems including most are not uniform, not standardized, and without interfaces. Exhibit 4: Gives an overview of the initial situation and the new solution on the three levels of business engineering

18 (Source: Service-Oriented IT Management: Benefit, Cost and Success Factors, Alex, H., 2005, p.4) Mapping ITIL into other best practices: ITIL cannot work alone and we all known that if you can t measure it you can t control it, and if you can t control it you can t manage it.. This is why we must use CobiT to set up the IT control framework and then establish ITIL for IT service Management. In fact that

19 ITIL can address the 34 CobiT processes linking with Service Delivery and Support even though, regarding to the appendix, there are some overlaps, which actually enable you to integrate CobiT and ITIL. On the other side, organization can use the security processes and controls defined by ISO to complement weaknesses of ITIL as well since ISO is used for the entire information security section not just for IT-related issues. Especially, when an organization wants to specify issues that will have an impact for the whole organization s security, ISO will be highly helpful. Otherwise, obviously ITIL s Problem Management and Configuration Management do not correspond to ISO according to appendix. However, Change Management, for example, will be directly complemented by CobiT s Change Management and also in ISO s Operational Change Control. We can say that the guidance, indicators, and controls for the definition of service level agreements, availability management, and business continuity management providing by CobiT and ISO17799 enable one to totally supplement ITIL s service delivery processes referring to appendix. Conclusion: As previously mentioned, we notice that ITIL is well-developed on delivery and support

20 processes yet it is weak on security controls. Therefore, in order to create a round-the-clock information security environment, the best way is to integrate these frameworks and to take from the long to add to the short. Organizations may use ITIL as defined processes, use CobiT as metrics or benchmarks, and use IS as risk mitigation for security management. Besides, to be more efficient organizations, it is better not try to complete implementation of ITIL, CobiT, and ISO at the same time because the goals for each organization may be different based on cost, benefit, risk control, or regulatory compliance perspectives. References: 1. ISACA: Serving IT Governance Professionals. (2006) How does ITIL link to COBIT and ISO Article available online at

21 2. H, Axel., T, Gerrit., and B, Walter.(2005). Service-oriented IT Management: Benefit, Cost, and Success Factors Article available online at 3. A, Randy.(2005). Implementing ITIL p John, W. (2005). Combining ITIL with COBIT and Article available online at 0Cobit%20and% pdf 6. Alex, H. (2005). Service-Oriented IT Management: Benefit, Cost and Success Factors. Article available online at 7. itsmf,( April 2004) An Introductory Overview of ITIL. Article available online at 8. D, Hamish.(2002). Proposal to Implement the Information Technology Infrastructure Library Framework for IT Service Management. Article available online at %20ITIL.pdf Appendix ITIL Maturity Measures

22 Appendix ITIL Service support vs. CobiT: Integration of ITIL and COBIT

23 ITIL Service Delivery vs. CobiT: Appendix Integration of ITIL and ISO ITIL Service Support vs. ISO 17799

24 ITIL Service Delivery vs. ISO 17799

Introduction: ITIL Version 3 and the ITIL Process Map V3

Introduction: ITIL Version 3 and the ITIL Process Map V3 Introduction: ITIL Version 3 and the ITIL Process Map V3 IT Process Maps www.it-processmaps.com IT Process Know-How out of a Box IT Process Maps GbR, 2009-2 - Contents HISTORY OF ITIL... 4 The Beginnings...

More information

AN OVERVIEW OF INFORMATION SECURITY STANDARDS

AN OVERVIEW OF INFORMATION SECURITY STANDARDS AN OVERVIEW OF INFORMATION SECURITY STANDARDS February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced

More information

Criticism of Implementation of ITSM & ISO20000 in IT Banking Industry. Presented by: Agus Sutiawan, MIT, CISA, CISM, ITIL, BSMR3

Criticism of Implementation of ITSM & ISO20000 in IT Banking Industry. Presented by: Agus Sutiawan, MIT, CISA, CISM, ITIL, BSMR3 Criticism of Implementation of ITSM & ISO20000 in IT Banking Industry Presented by: Agus Sutiawan, MIT, CISA, CISM, ITIL, BSMR3 Outline What is IT Service Management What is ISO 20000 Step by step implementation

More information

Recommendations for the SMB Market. p: 813.227.4900 f: 813.227.4501 www.numarasoftware.com

Recommendations for the SMB Market. p: 813.227.4900 f: 813.227.4501 www.numarasoftware.com WHITE PAPER By Larr y Desiano Field Sales Engineer Manager and Best Practices Leader Numara Software Inc. T H E C H A L L E N G E F O R T H E S M B M A R K E T Recently, there has been a great deal of

More information

An Implementation Roadmap

An Implementation Roadmap An Implementation Roadmap The 2nd Abu Dhabi IT s Forum P J Corum, CSQA, CSTE, ITSM Managing Director Quality Assurance Institute Middle East and Africa Dubai, UAE Quality Assurance Institute Middle East

More information

-Blue Print- The Quality Approach towards IT Service Management

-Blue Print- The Quality Approach towards IT Service Management -Blue Print- The Quality Approach towards IT Service Management The Qualification and Certification Program in IT Service Management according to ISO/IEC 20000 TÜV SÜD Akademie GmbH Certification Body

More information

COBIT & ITIL usage for SOX current and future

COBIT & ITIL usage for SOX current and future COBIT & ITIL usage for SOX current and future Robert E Stroud International Vice President ISACA Evangelist ITSM & IT Governance CA, Inc. Japan, November 8, 2007 Trademark Notice ITIL is a registered trademark

More information

What Should IS Majors Know About Regulatory Compliance?

What Should IS Majors Know About Regulatory Compliance? What Should IS Majors Know About Regulatory Compliance? Working Paper Series 08-12 August 2008 Craig A. VanLengen Professor of Computer Information Systems/Accounting Northern Arizona University The W.

More information

Creating and Maturing a Service Catalog

Creating and Maturing a Service Catalog Creating and Maturing a Service Catalog By Wendy Kuhn and Pam Erskine Third Sky, Inc. Introduction Developing a service catalog can seem like a simple marketing and communications activity or a daunting

More information

The IT Infrastructure Library (ITIL)

The IT Infrastructure Library (ITIL) IT service management is often equated with the Information Technology Infrastructure Library (ITIL), even though there are a variety of standards and frameworks contributing to the overall ITSM discipline.

More information

The Rise of Service Level Management. Gary Case

The Rise of Service Level Management. Gary Case pink elephant WHITE PAPER: The Rise of Service Level Management in ITIL V3 The Rise of Service Level Management in ITIL V3 february, 2010 Gary Case Principal Consultant, Pink Elephant Table of Contents

More information

Storage Management Within the NEW ITIL Version 3 Context. Dr. D. Akira Robinson, IT Governance Management, Ltd. Dept of Navy

Storage Management Within the NEW ITIL Version 3 Context. Dr. D. Akira Robinson, IT Governance Management, Ltd. Dept of Navy Storage Management Within the NEW ITIL Version 3 Context Dr. D. Akira Robinson, IT Governance Management, Ltd. Dept of Navy Why ITIL? Total dependence on Information Technology Need to deal with complexity

More information

IT Service Desk Health Check & Action Plan

IT Service Desk Health Check & Action Plan IT Service Desk Health Check & Action Plan Version: 1.0 Date: April, 2003 Authors: Fatima Cabral, Gary Case, David Ratcliffe Pink Elephant Leading the Way in IT Management Best Practices www.pinkelephant.com

More information

Trustworthy Computing Spring 2006

Trustworthy Computing Spring 2006 Trustworthy Computing Spring 2006 Project Topic: Risk Management of Information Technology Outsourcing under ITIL ITSM framework By: (Mina) Szu-Chia Cheng 1 pages of 19 Table of Content Abstract...3 Why

More information

IT governance in Brazil:

IT governance in Brazil: Article IT governance in Brazil: does it matter? Authors Prof. Dr. Guilherme Lerch Lunardi, Universidade Federal do Rio Grande (FURG), Brazil. IT governance in Brazil Prof. Dr. Joâo Luiz Becker, Universidade

More information

INTERNATIONAL JOURNAL OF ENGINEERING SCIENCES & RESEARCH TECHNOLOGY

INTERNATIONAL JOURNAL OF ENGINEERING SCIENCES & RESEARCH TECHNOLOGY [Sultana, 2(4): April, 2013] ISSN: 2277-9655 IJESRT INTERNATIONAL JOURNAL OF ENGINEERING SCIENCES & RESEARCH TECHNOLOGY A Case Study on Implementing ITIL in Business Organization Considering Business Benefits

More information

ITIL V3 Application Support Volume 1

ITIL V3 Application Support Volume 1 ITIL V3 Application Support Volume 1 Service Management For Application Support ITIL is a Registered Trade Mark and Community Trademark of the Office of Government and Commerce. This document may contain

More information

Applying Integrated Risk Management Scenarios for Improving Enterprise Governance

Applying Integrated Risk Management Scenarios for Improving Enterprise Governance Applying Integrated Risk Management Scenarios for Improving Enterprise Governance János Ivanyos Trusted Business Partners Ltd, Budapest, Hungary, ivanyos@trusted.hu Abstract: The term of scenario is used

More information

Implementation of ITIL in a Moroccan company: the case of incident management process

Implementation of ITIL in a Moroccan company: the case of incident management process www.ijcsi.org 30 of ITIL in a Moroccan company: the case of incident management process Said Sebaaoui 1, Mohamed Lamrini 2 1 Quality Statistic Computing Laboratory, Faculty of Science Dhar el Mahraz, Fes,

More information

The CMDB at the Center of the Universe

The CMDB at the Center of the Universe The CMDB at the Center of the Universe Reg Harbeck CA Wednesday, February 27 Session 5331 Purpose Clarify origin of CMDB concept and what it is Understand difference and equivalence between CMDB and Asset

More information

Integrated Information Management Systems

Integrated Information Management Systems Integrated Information Management Systems Ludk Novák ludek.novak@anect.com ANECT a.s. Brno, Czech Republic Abstract The article tries to find consensus in these tree different types of the systems the

More information

Executive's Guide to

Executive's Guide to Executive's Guide to IT Governance Improving Systems Processes with Service Management, COBIT, and ITIL ROBERT R. MOELLER WILEY John Wiley & Sons, Inc. Contents Preface xiii PART I: IT GOVERNANCE CONCEPTS

More information

The Rise of Service Level Management in ITIL V3. April 2008. Oblicore, Inc.

The Rise of Service Level Management in ITIL V3. April 2008. Oblicore, Inc. The Rise of Service Level Management in ITIL V3 April 2008 Oblicore, Inc. Table of Contents The Move From Version 2 To Version 3................... 3 What s New In V3?..................................

More information

Getting In-Control - Combining CobiT and ITIL for IT Governance and Process Excellence. Executive Summary: What is the business problem?

Getting In-Control - Combining CobiT and ITIL for IT Governance and Process Excellence. Executive Summary: What is the business problem? Getting In-Control - Combining CobiT and ITIL for IT Governance and Process Excellence Executive Summary: Nearly all of us who are running an IT shop feel the need to gain or increase control, predictability,

More information

IT PROCESSES BEST PRACTICES FOR. Version 1.0 Date: 04/06/2007

IT PROCESSES BEST PRACTICES FOR. Version 1.0 Date: 04/06/2007 BEST PRACTICES FOR IT PROCESSES Version 1.0 Date: 04/06/2007 The Saudi e-government Program (Yesser) has exerted its best effort to achieve the quality, reliability, and accuracy of the information contained

More information

Global Strategic Sourcing Services

Global Strategic Sourcing Services where experience counts Global Strategic Sourcing Services Capabilities Overview Prepared For: Our Current and Future Valued Clients Our Strategic Sourcing Capabilities Sourcing Strategy Deciding whether

More information

Integrating Project Management and Service Management

Integrating Project Management and Service Management Integrating Project and Integrating Project and By Reg Lo with contributions from Michael Robinson. 1 Introduction Project has become a well recognized management discipline within IT. is also becoming

More information

GLOBAL STANDARD FOR INFORMATION MANAGEMENT

GLOBAL STANDARD FOR INFORMATION MANAGEMENT GLOBAL STANDARD FOR INFORMATION MANAGEMENT Manohar Ganshani Businesses have today expanded beyond local geographies. Global presence demands uniformity within the processes across disparate locations of

More information

Applying ITIL v3 Best Practices

Applying ITIL v3 Best Practices white paper Applying ITIL v3 Best Practices to improve IT processes Rocket bluezone.rocketsoftware.com Applying ITIL v. 3 Best Practices to Improve IT Processes A White Paper by Rocket Software Version

More information

The ITIL Story. Pink Elephant. The contents of this document are protected by copyright and cannot be reproduced in any manner.

The ITIL Story. Pink Elephant. The contents of this document are protected by copyright and cannot be reproduced in any manner. 1. ITIL Defined The Information Technology Infrastructure Library (ITIL) is a set of guidance developed by the United Kingdom s Office Of Government Commerce (OGC). The guidance, documented in a set of

More information

IT Governance Dr. Michael Shaw Term Project

IT Governance Dr. Michael Shaw Term Project IT Governance Dr. Michael Shaw Term Project IT Auditing Framework and Issues Dealing with Regulatory and Compliance Issues Submitted by: Gajin Tsai gtsai2@uiuc.edu May 3 rd, 2007 1 Table of Contents: Abstract...3

More information

In the launch of this series, Information Security Management

In the launch of this series, Information Security Management Information Security Management Programs: Operational Assessments Lessons Learned and Best Practices Revealed JUSTIN SOMAINI AND ALAN HAZLETON As the authors explain, a comprehensive assessment process

More information

Mapping COBIT 5 with IT Governance, Risk and Compliance at Ecopetrol S.A. By Alberto León Lozano, CISA, CGEIT, CIA, CRMA

Mapping COBIT 5 with IT Governance, Risk and Compliance at Ecopetrol S.A. By Alberto León Lozano, CISA, CGEIT, CIA, CRMA Volume 3, July 2014 Come join the discussion! Alberto León Lozano will respond to questions in the discussion area of the COBIT 5 Use It Effectively topic beginning 21 July 2014. Mapping COBIT 5 with IT

More information

Frameworks for IT Management

Frameworks for IT Management Frameworks for IT Management Copyright protected. Use is for Single Users only via a VHP Approved License. For information and printed versions please see www.vanharen.net 18 ITIL - the IT Infrastructure

More information

COBIT 5 For Cyber Security Governance and Management. Nasser El-Hout Managing Director Service Management Centre of Excellence (SMCE)

COBIT 5 For Cyber Security Governance and Management. Nasser El-Hout Managing Director Service Management Centre of Excellence (SMCE) COBIT 5 For Cyber Security Governance and Management Nasser El-Hout Managing Director Service Management Centre of Excellence (SMCE) Cybersecurity Governance using COBIT5 Cyber Defence Summit Riyadh, KSA

More information

ITIL: What is it? How does ITIL link to COBIT and ISO 17799?

ITIL: What is it? How does ITIL link to COBIT and ISO 17799? ITIL: What is it? How does ITIL link to COBIT and ISO 17799? 1 What is ITIL? The IT Infrastructure Library A set of books comprising an IT service management Best Practices framework An industry of products,

More information

IT Service Management ITIL, COBIT

IT Service Management ITIL, COBIT IT Service Management ITIL, COBIT Bülent Ekuklu Business Development Executive IBM Global Services Global Conditions are Changing 100% 90% 80% 70% 60% 50% 40% 30% 20% 10% Agriculture Manufacturing Service

More information

The ITIL Story White Paper

The ITIL Story White Paper The ITIL Story White Paper Produced By: Pink Elephant Version: 3.3 Date of Publication: September, 2004 Table of Contents 1. ITIL Defined... 3 2. Non-Proprietary... 4 3. Concepts Behind The Library...

More information

The multisourcing approach to IT consolidation

The multisourcing approach to IT consolidation Experience the commitment WHITE PAPER The multisourcing approach to IT consolidation The proven commercial practice of multisourcing services integration can help state and local governments achieve IT

More information

Introduction to ITIL

Introduction to ITIL Introduction to ITIL Martin Sarnovský Department of Cybernetics and Artificial Intelligence Faculty of Electrical Engineering and Informatics Technical University of Košice Content IT Service IT Management

More information

Tutorial: Towards better managed Grids. IT Service Management best practices based on ITIL

Tutorial: Towards better managed Grids. IT Service Management best practices based on ITIL Tutorial: Towards better managed Grids. IT Service Management best practices based on ITIL EGI Technical Forum 2011, Lyon (France) September 22, 2011 Dr. Thomas Schaaf www.gslm.eu EMERGENCE TECH LTD. The

More information

IPMA 2006 ITIL in Practice The Alignability Process Model and HP OpenView Service Desk

IPMA 2006 ITIL in Practice The Alignability Process Model and HP OpenView Service Desk IPMA 2006 ITIL in Practice The Alignability Process Model and HP OpenView Service Desk Presented by and Lilien Systems ITIL is a Registered Trade Mark, and a Registered Community Trade Mark of the Office

More information

Preparation Guide. EXIN IT Service Management Associate Bridge based on ISO/IEC 20000

Preparation Guide. EXIN IT Service Management Associate Bridge based on ISO/IEC 20000 Preparation Guide EXIN IT Service Management Associate Bridge based on ISO/IEC 20000 Edition January 2014 Copyright 2014 EXIN All rights reserved. No part of this publication may be published, reproduced,

More information

Determining Best Fit. for ITIL Implementations

Determining Best Fit. for ITIL Implementations Determining Best Fit for ITIL Implementations Michael Harris President David Consulting Group Agenda Why ITIL? The Evolution of IT Metrics Towards the Business What do businesses need from IT Introduction

More information

Making Compliance Work for You

Making Compliance Work for You white paper Making Compliance Work for You with application lifecycle management Rocket bluezone.rocketsoftware.com Making Compliance Work for You with Application Lifecycle Management A White Paper by

More information

COBIT The comprehensive IT governance. framework that addresses every aspect of IT and integrates all of the main global IT standards.

COBIT The comprehensive IT governance. framework that addresses every aspect of IT and integrates all of the main global IT standards. COBIT The comprehensive IT governance framework that addresses every aspect of IT and integrates all of the main global IT standards. COBIT4.1 Does your enterprise s IT support the business? Is it aligned

More information

IT Organisation in Change

IT Organisation in Change IT Organisation in Change ENTERPRISE SOFTWARE ENGINEERING & SOFTWARE ENGINEERING IN THE ENTERPRISE IT change Quality of IT s Costs of IT s change Future Now Perfect IT s Business Demands Can we deliver?

More information

Enhancing IT Governance, Risk and Compliance Management (IT GRC)

Enhancing IT Governance, Risk and Compliance Management (IT GRC) Enhancing IT Governance, Risk and Compliance Management (IT GRC) Enabling Reliable eservices Tawfiq F. Alrushaid Saudi Aramco Agenda GRC Overview IT GRC Introduction IT Governance IT Risk Management IT

More information

Preparation Guide. EXIN IT Service Management Associate based on ISO/IEC 20000

Preparation Guide. EXIN IT Service Management Associate based on ISO/IEC 20000 Preparation Guide EXIN IT Service Management Associate based on ISO/IEC 20000 Edition January 2014 Copyright 2014 EXIN All rights reserved. No part of this publication may be published, reproduced, copied

More information

ITIL AND COBIT EXPLAINED

ITIL AND COBIT EXPLAINED ITIL AND COBIT EXPLAINED 1 AGENDA Overview of Frameworks Similarities and Differences Details on COBIT Framework (based on version 4.1) Details on ITIL Framework, focused mainly on version.2. Comparison

More information

A Comparison of IT Governance & Control Frameworks in Cloud Computing. Jack D. Becker ITDS Department, UNT & Elana Bailey

A Comparison of IT Governance & Control Frameworks in Cloud Computing. Jack D. Becker ITDS Department, UNT & Elana Bailey A Comparison of IT Governance & Control Frameworks in Cloud Computing Jack D. Becker ITDS Department, UNT & Elana Bailey ITDS Department, UNT MS in IS AMCIS 2014 August, 2014 Savannah, GA Presentation

More information

iso20000templates.com

iso20000templates.com iso20000templates.com Public IT Limited 2011 IT Service Policy Document Ref. ITSM01001 Version: 1.0 Draft 1 Document Author: Document Owner: V 1.0 Draft 1 Page 1 of 11 Revision History Version Date RFC

More information

Service Management ITIL Service Design

Service Management ITIL Service Design Service Management ITIL Service Design Univ.-Prof. Dr.-Ing. Wolfgang Maass Chair in Economics Information and Service Systems (ISS) Saarland University, Saarbrücken, Germany WS 2011/2012 Thursdays, 8:00

More information

ICTEC. IT Services Issues 3.4.2008. HELSINKI UNIVERSITY OF TECHNOLOGY 2007 Kari Hiekkanen

ICTEC. IT Services Issues 3.4.2008. HELSINKI UNIVERSITY OF TECHNOLOGY 2007 Kari Hiekkanen ICTEC IT Services Issues 3.4.2008 IT Services? IT Services include (for example) Consulting, IT Strategy, IT Architecture, Process, Software Software development, deployment, maintenance, operation, Custom

More information

The ITIL Service Desk. Common Sense Comes To Life. Version : 1.3 Date : August 13, 2003 : Pink Elephant Global Hosting Services www.pinkghost.

The ITIL Service Desk. Common Sense Comes To Life. Version : 1.3 Date : August 13, 2003 : Pink Elephant Global Hosting Services www.pinkghost. The ITIL Service Desk Common Sense Comes To Life Version : 1.3 Date : August 13, 2003 Location : Pink Elephant Global Hosting Services Table Of Contents 1 ITIL DEFINED... 3 2 ITIL S BUSINESS BENEFITS...

More information

Has Your Organization Out-Grown Your Helpdesk? A guide to determine when your company is at the right stage to shift to a Service Desk.

Has Your Organization Out-Grown Your Helpdesk? A guide to determine when your company is at the right stage to shift to a Service Desk. Has Your Organization Out-Grown Your Helpdesk? A guide to determine when your company is at the right stage to shift to a Service Desk. 1 P a g e Has Your Organization Out-Grown Your Helpdesk? A guide

More information

Benchmark of controls over IT activities. 2011 Report. ABC Ltd

Benchmark of controls over IT activities. 2011 Report. ABC Ltd www.pwc.com/cy Benchmark of controls over IT activities 2011 Report ABC Ltd... 2012 Scope and approach We wish to provide you with our IT Benchmarking report over IT activities at ABC Ltd (the Company)

More information

Service Improvement. Part 3 The Strategic View. Robert.Gormley@ed.ac.uk http://www.is.ed.ac.uk/itil

Service Improvement. Part 3 The Strategic View. Robert.Gormley@ed.ac.uk http://www.is.ed.ac.uk/itil Service Improvement Part 3 The Strategic View Robert.Gormley@ed.ac.uk http://www.is.ed.ac.uk/itil Service Management House Customers Avail. Mgmt Capacity Mgmt Service Level Mgmt Continuity Mgmt Financial

More information

Snohomish County PUD. Service Management Journey. Chris Thorpe Tina Myren June 16, 2010

Snohomish County PUD. Service Management Journey. Chris Thorpe Tina Myren June 16, 2010 Snohomish County PUD Service Management Journey Chris Thorpe Tina Myren June 16, 2010 Topics Snohomish County PUD How We Started Our Approach Change Management ITSM Tool Top Ten Tips Who Is Snohomish County

More information

Domenico Raguseo. IT Governance e Business Technology (approfondimenti su ITIL)

Domenico Raguseo. IT Governance e Business Technology (approfondimenti su ITIL) IT Governance e Business Technology (approfondimenti su ITIL) Domenico Raguseo Italy Client Technical Professional Manager SW Europe Service Management Solution Architect Leader http://www.linkedin.com/in/dragus

More information

APPLICATION OF INFORMATION TECHNOLOGY SERVICE MANAGEMENT WITHIN SELECTED LOGISTICS AND TRANSPORT SERVICES

APPLICATION OF INFORMATION TECHNOLOGY SERVICE MANAGEMENT WITHIN SELECTED LOGISTICS AND TRANSPORT SERVICES Proceedings of the 13 th International Conference Reliability and Statistics in Transportation and Communication (RelStat 13), 16 19 October 2013, Riga, Latvia, p. 363 369. ISBN 978-9984-818-58-0 Transport

More information

Security & IT Governance: Strategies to Building a Sustainable Model for Your Organization

Security & IT Governance: Strategies to Building a Sustainable Model for Your Organization Security & IT Governance: Strategies to Building a Sustainable Model for Your Organization Outside View of Increased Regulatory Requirements Regulatory compliance is often seen as sand in the gears requirements

More information

ITIL V3 Service Lifecycle Key Inputs and Outputs

ITIL V3 Service Lifecycle Key Inputs and Outputs ITIL V3 Lifecycle & ITIL V3 Lifecycle Key 1 ITIL V3 Lifecycle & Use Material Complying with all applicable copyright laws is responsibility user No part this document may be reproduced, stored in or introduced

More information

Contract management roles and responsibilities

Contract management roles and responsibilities Contract management roles and responsibilities This White Paper describes the formal arrangements for managing the relationship with the provider through a demand and supply organization. This is a governance

More information

John Kacmarynski TLG Learning. ITIL History Benefits of Implementing ITIL Integrated Service Lifecycle Approach and Processes

John Kacmarynski TLG Learning. ITIL History Benefits of Implementing ITIL Integrated Service Lifecycle Approach and Processes John Kacmarynski TLG Learning ITIL History Benefits of Implementing ITIL Integrated Service Lifecycle Approach and es What is not defined cannot be controlled What is not controlled cannot be measured

More information

Process Ownership and Service Ownership

Process Ownership and Service Ownership Process Ownership and Service Ownership Maximizing the Value of Key Roles A Third Sky White Paper By Lou Hunnebeck, ITIL Expert and Service Design 2011 Author, VP ITSM Vision & Strategy for Third Sky,

More information

ITSM 101. Patrick Connelly and Sandeep Narang. Gartner. www.it.ufl.edu

ITSM 101. Patrick Connelly and Sandeep Narang. Gartner. www.it.ufl.edu ITSM 101 Patrick Connelly and Sandeep Narang Gartner 1 IT Service Management 101 Agenda What is IT Service Management? Why is IT Service Management Important? Speaking a Common Language: Overview of Key

More information

Best Practice ITIL (Information Technology Infrastructure Library)

Best Practice ITIL (Information Technology Infrastructure Library) Best Practice ITIL (Information Technology Infrastructure Library) To achieve G H Bank s overall objectives, the Information Technology Group must provide excellent cutting-edge IT services to all stakeholders

More information

Contents. viii. 4 Service Design processes 57. List of figures. List of tables. OGC s foreword. Chief Architect s foreword. Preface.

Contents. viii. 4 Service Design processes 57. List of figures. List of tables. OGC s foreword. Chief Architect s foreword. Preface. iii Contents List of figures List of tables OGC s foreword Chief Architect s foreword Preface Acknowledgements v vii viii 1 Introduction 1 1.1 Overview 4 1.2 Context 4 1.3 Purpose 8 1.4 Usage 8 2 Management

More information

Information Technology Infrastructure Library -ITIL. IT Governance CEN 667

Information Technology Infrastructure Library -ITIL. IT Governance CEN 667 Information Technology Infrastructure Library -ITIL IT Governance CEN 667 1 Lectures Schedule Week Topic Introduction to IT governance Week 1 Overwiev of Information Security standards - ISO 27000 series

More information

Manager s Certificate in IT Service Management. Guidelines & Syllabus for Prospective Candidates

Manager s Certificate in IT Service Management. Guidelines & Syllabus for Prospective Candidates Manager s Certificate in IT Service Management Guidelines & Syllabus for Prospective Candidates CONTENTS PREFACE 1. INTRODUCTION 2. SYLLABUS 3. THE HOLDER OF THE CERTIFICATE 4. ELIGIBILITY FOR THE WRITTEN

More information

ITIL Foundation Course 2 - Introduction to ITSM

ITIL Foundation Course 2 - Introduction to ITSM ITIL Foundation Course 2 - Introduction to ITSM Lesson Slide 1 ITSM as a Practice Topics Discussed The Practice of IT Service Management Good Practice Service Service Management Process Model Practice

More information

CobiT and IT Governance Elements for building in security. from the top, down and the bottom, up

CobiT and IT Governance Elements for building in security. from the top, down and the bottom, up CobiT and IT Governance Elements for building in security from the top, down and the bottom, up David Kohrell, PMP, CISA, MA, MCRP david.kohrell@tapuniversity.com This presentation was developed using

More information

This article will provide background on the Sarbanes-Oxley Act of 2002, prior to discussing the implications for business continuity practitioners.

This article will provide background on the Sarbanes-Oxley Act of 2002, prior to discussing the implications for business continuity practitioners. Auditing the Business Continuity Process Dr. Eric Schmidt, Principal, Transitional Data Services, Inc. Business continuity audits are rapidly becoming one of the most urgent issues throughout the international

More information

TWO-THIRDS OF ORGANISATIONS HAVE ENGAGED WITH ITIL Is your Company an IT Service Management Laggard?

TWO-THIRDS OF ORGANISATIONS HAVE ENGAGED WITH ITIL Is your Company an IT Service Management Laggard? For further information: Hilary King Dimension Data Tel: +27 11 575 6728 Cell: +27 82 414 9623 Fax: +27 11 576 6728 hilary.king@za.didata.com EMBARGOED: NOT FOR PUBLICATION UNTIL 22h00 CAT ON 28 FEBRUARY

More information

IT Compliance 24.09.2007. After Hours Seminar September 2007 Zurich. Improving IT Risk & Compliance Management (RCM)

IT Compliance 24.09.2007. After Hours Seminar September 2007 Zurich. Improving IT Risk & Compliance Management (RCM) IT Compliance 24.09. AHS After Hours Seminar Zurich Improving IT Risk & Compliance Management (RCM) Bruno J. Wiederkehr Member of the Board ISACA Switzerland Chapter Agenda 1. Understanding the RCM Requirements

More information

IT Service Management

IT Service Management IT Service Management VNUG Conference 2013-09-04 Anders Stenmark Business Critical Consultant, HP Agenda Introduction Reliable service delivery ITSM ITSM Assessments 2 Introduction Anders Stenmark Business

More information

14 October 2015 ISACA Curaçao Conference By: Paul Helmich

14 October 2015 ISACA Curaçao Conference By: Paul Helmich Governance, Risk & Compliance A practical approach 14 October 2015 ISACA Curaçao Conference By: Paul Helmich Topics today What is GRC? How much of all the GRC literature, tools, etc. do I need to study

More information

ITIL: What it is What it Can Do For You V2.1

ITIL: What it is What it Can Do For You V2.1 ITIL: What it is What it Can Do For You V2.1 Service Solution Company Facilitated by: Patrick Musto Agenda Answer the questions what? and how? Historical Background Fundamental Principles 5 Lifecycle Phases

More information

Logging the Pillar of Compliance

Logging the Pillar of Compliance WHITEPAPER Logging the Pillar of Compliance Copyright 2000-2011 BalaBit IT Security All rights reserved. www.balabit.com 1 Table of Content Introduction 3 Open-eyed management 4 ISO 27001 5 PCI DSS 5 Sarbanes

More information

ISO20000: What it is and how it relates to ITIL v3

ISO20000: What it is and how it relates to ITIL v3 ISO20000: What it is and how it relates to ITIL v3 John DiMaria; Certified Six Sigma BB, HISP BSI Product Manager; ICT (ISMS,ITSM,BCM) Objectives and Agenda To raise awareness, to inform and to enthuse

More information

ITIL - QUICK REFERENCE GUIDE

ITIL - QUICK REFERENCE GUIDE http://www.tutorialspoint.com/itil/itil_quick_guide.htm ITIL - QUICK REFERENCE GUIDE Copyright tutorialspoint.com ITIL Overview ITIL is a framework providing best practice guidelines on all aspects of

More information

ITIL V3 AND THE SERVICE LIFECYCLE PART I THE MISSING COMPONENT

ITIL V3 AND THE SERVICE LIFECYCLE PART I THE MISSING COMPONENT ITIL V3 AND THE SERVICE LIFECYCLE PART I THE MISSING COMPONENT PLANVIEW INC. BACKGROUND IT departments continually have tremendous demands placed on them to manage new initiatives, projects, incidents,

More information

Service Catalog Management: A CA Service Management Process Map

Service Catalog Management: A CA Service Management Process Map TECHNOLOGY BRIEF: SERVICE CATALOG MANAGEMENT Catalog : A CA Process Map JULY 2009 Enrico Boverino SR PRINCIPAL CONSULTANT, TECHNICAL SALES ITIL SERVICE MANAGER ITAC CERTIFIED Table of Contents Executive

More information

ITIL's IT Service Lifecycle - The Five New Silos of IT

ITIL's IT Service Lifecycle - The Five New Silos of IT The workable, practical guide to Do IT Yourself Vol. 4.01 January 1, 2008 ITIL's IT Service Lifecycle - The Five New Silos of IT By Rick Lemieux In my last article I spoke about IT s evolution from its

More information

ITIL. Lifecycle. www.alctraining.com.my. ITIL Intermediate: Continual Service Improvement. Service Strategy. Service Design. Service Transition

ITIL. Lifecycle. www.alctraining.com.my. ITIL Intermediate: Continual Service Improvement. Service Strategy. Service Design. Service Transition Take your ITIL skills to the next level ITIL Lifecycle ITIL Intermediate: Part of the complete ITIL Education Program Advance your career Add value to your organisation Gain credits towards ITIL Expert

More information

SECURITY. Risk & Compliance Services

SECURITY. Risk & Compliance Services SECURITY Risk & Compliance s V1 8/2010 Risk & Compliances s Risk & compliance services Summary Summary Trace3 offers a full and complete line of security assessment services designed to help you minimize

More information

Employing ITSM in Value Added Service Provisioning

Employing ITSM in Value Added Service Provisioning RL Consulting People Process Technology Organization Integration Employing ITSM in Value Added Service Provisioning Prepared by: Rick Leopoldi January 31, 2015 BACKGROUND Service provisioning can oftentimes

More information

Introduction to ITIL for Project Managers

Introduction to ITIL for Project Managers CSC NORTH AMERICAN PUBLIC SECTOR Introduction to ITIL for Project Managers May Chantilly Luncheon Linda Budiman, PMP ITILv2 & ITILv3 Process Architect ITIL Service Manager, CobiT certified 5/13/2008 8:08:45

More information

Using QUalysgUard to Meet sox CoMplianCe & it Control objectives

Using QUalysgUard to Meet sox CoMplianCe & it Control objectives WHITE PAPER Using QualysGuard to Meet SOX Compliance & IT Objectives Using QualysGuard To Meet SOX Compliance and IT Objectives page 2 CobIT 4.0 is a significant improvement on the third release, making

More information

HP Operational ITSM Service. For continual service improvement

HP Operational ITSM Service. For continual service improvement HP Operational ITSM Service For continual service improvement Overview Enhance service levels by applying best practices and standards Improve productivity and reduce costs Deliver true business value

More information

Using COBiT For Sarbanes Oxley. Japan November 18 th 2006 Gary A Bannister

Using COBiT For Sarbanes Oxley. Japan November 18 th 2006 Gary A Bannister Using COBiT For Sarbanes Oxley Japan November 18 th 2006 Gary A Bannister Who Am I? Who am I & What I Do? I am an accountant with 28 years experience working in various International Control & IT roles.

More information

Recent Advances in Automatic Control, Information and Communications

Recent Advances in Automatic Control, Information and Communications Proposal of the improvement of actual ITIL version based on comparative IT Service Management methodologies and standards The implementation of IT Service Management frameworks and standards Anel Tanovic*,

More information

Achieving Business Imperatives through IT Governance and Risk

Achieving Business Imperatives through IT Governance and Risk IBM Global Technology Services Achieving Business Imperatives through IT Governance and Risk Peter Stremus Internet Security Systems, an IBM Company Introduction : Compliance Value Over the past 15 years

More information

IT Governance Regulatory. P.K.Patel AGM, MoF

IT Governance Regulatory. P.K.Patel AGM, MoF IT Governance Regulatory Perspective P.K.Patel AGM, MoF Agenda What is IT Governance? Aspects of IT Governance What banks should consider before implementing these aspects? What banks should do for implementation

More information

ITIL Service Lifecycles and the Project Manager

ITIL Service Lifecycles and the Project Manager 1 ITIL Service Lifecycles and the Project Manager The intersection of IT Service and Project Delivery Presented to: Kansas City Mid-America PMI Chapter Mark Thomas January 17, 2011 1 Agenda 2 Introduction

More information

IT Service Management (ITSM) & IT Infrastructure Library (ITIL) Overview

IT Service Management (ITSM) & IT Infrastructure Library (ITIL) Overview IT Service (ITSM) & IT Infrastructure Library (ITIL) Overview September 2005 Hamid Nouri President, Nouri Associates Client Briefing What is IT Infrastructure Library (ITIL)? Information Technology Infrastructure

More information

ASSESSMENT OF THE IT GOVERNANCE PERCEPTION WITHIN THE ROMANIAN BUSINESS ENVIRONMENT

ASSESSMENT OF THE IT GOVERNANCE PERCEPTION WITHIN THE ROMANIAN BUSINESS ENVIRONMENT Accounting and Management Information Systems Vol. 11, No. 1, pp. 44 55, 2012 ASSESSMENT OF THE IT GOVERNANCE PERCEPTION WITHIN THE ROMANIAN BUSINESS ENVIRONMENT Pavel NĂSTASE 1 and Simona Felicia UNCHIAŞU

More information

IT and Business Process Performance Management: Case Study of ITIL Implementation in Finance Service Industry

IT and Business Process Performance Management: Case Study of ITIL Implementation in Finance Service Industry IT and Business Process Performance Management: Case Study of Implementation in Finance Service Industry M S Faculty of Economics and Business Zagreb, University of Zagreb Kennedy s sq 6, 10000 Zagreb,

More information

SECTION B DEFINITION, PURPOSE, INDEPENDENCE AND NATURE OF WORK OF INTERNAL AUDIT

SECTION B DEFINITION, PURPOSE, INDEPENDENCE AND NATURE OF WORK OF INTERNAL AUDIT SECTION B DEFINITION, PURPOSE, INDEPENDENCE AND NATURE OF WORK OF INTERNAL AUDIT Through CGIAR Financial Guideline No 3 Auditing Guidelines Manual the CGIAR has adopted the IIA Definition of internal auditing

More information