INFORMATION TECHNOLOGY FLASH REPORT
|
|
- Malcolm Fowler
- 7 years ago
- Views:
Transcription
1 INFORMATION TECHNOLOGY FLASH REPORT ISACA Releases COBIT 5: Updated Framework for the Governance and Management of IT May 18, 2012 In April, ISACA released COBIT 5 as a replacement for its current globally accepted business framework, COBIT 4.1. This framework has gained broad acceptance and has been used widely over the last 15 years to provide guidance on the governance and management of IT to users from business, IT, risk, security and assurance functions. COBIT continues to be recognised as a leading framework for purposes of providing guidance on the design and evaluation of IT governance processes and controls. Several business-related events and failures over the last decade, many on a global scale, have heightened the focus on governance as stakeholder expectations have evolved. There has been greater attention to risk and risk-based approaches, increased reliance on new and more complex technologies, the introduction of more complex organisational structures (including outsourcing), constant changes in regulatory requirements, and rising security threats. Successful organisations that have survived the challenges of the last decade have demonstrated the importance of good governance, which has moved this to the top of the agenda at all levels of the enterprise. Drivers for Change Organisations operating in today s challenging and dynamic business environment have driven the need for this change. Stakeholders require an increased understanding of how IT investments create value for the organisation. Business users are demanding improved engagement for IT services and there is an ever-increasing demand for compliance with relevant laws, regulations and policies. Other drivers cited by ISACA in its release of COBIT 5 include: The requirement to help stakeholders better understand how various frameworks, good practices and standards are positioned relative to each other and how they can be used together and could augment each other. A need to ensure that the scope covers the full end-to-end business and IT functional responsibilities, as well as a need to cover all aspects that lead to effective governance and management of enterprise IT such as organisational structures, policies and culture over and above the current processes. This is especially important given the increasing pervasiveness of IT and helps increase transparency.
2 A need to provide further guidance in areas of high interest, such as enterprise architecture, asset and service management, management of IT innovation and emerging technologies. A need to link together and reinforce all major ISACA research, frameworks and guidance, with a primary focus on COBIT, Val IT and Risk IT, but also considering, amongst others, Business Model for Information Security (BMIS), Information Technology Assurance Framework (ITAF), Board Briefing on IT Governance, and Taking Governance Forward. A need to connect to and, where relevant, align with other major frameworks and standards, such as Information Technology Infrastructure Library (ITIL ), The Open Group Architecture Forum (TOGAF), Project Management Body of Knowledge (PMBOK), PRojects IN Controlled Environments 2 (PRINCE2) and the International Organisation for Standardisation (ISO) standards. Recognition that there are many current and potential users who wish to focus on specific topics, and who find it difficult to navigate current material and identify content that will satisfy their requirements. There is also a general need to improve ease of use and navigation and to bring consistency in concepts, terminology and the level of detail provided by ISACA. What has changed for COBIT 5? ISACA has revisited and restructured the COBIT framework design to ensure complete coverage for all major aspects related to the governance and management of enterprise IT. Five new governance processes are introduced in the updated framework, which builds and expands on COBIT 4.1. Other major frameworks, standards and resources are now integrated into COBIT 5, including ISACA s Val IT and Risk IT, the Information Technology Infrastructure Library (ITIL ), TOGAF and ISO/IEC The intention of COBIT 5 is to provide a full enterprise-level view of business practices that actively reflects the current pervasive enterprisewide nature of IT use. To achieve this, the process reference model outlined in COBIT 4.1 has been revised and a new governance domain has been introduced together with several new and amended processes. COBIT 5 also makes more explicit and transparent the IT involvement, responsibilities and accountability of business stakeholders. ISACA believes this new framework will help enterprises achieve strategic goals and operational efficiency through maintaining high-quality and low-risk information technology services. ISACA has produced a detailed document comparing COBIT 5 with COBIT 4.1 that identifies nine of the major differences. This forms the basis of the following summary. 1 The new framework is based on five key principles: 1. A focus on meeting stakeholder needs COBIT 5 includes new guidance on the required processes and enablers to support business value creation through the use of IT. The focus on Stakeholder Needs emphasises the need to maintain balance between benefits realisation and the optimisation of risk and resources. COBIT 5 1 To view the full document or request a copy of this comparison document (Comparing COBIT 4.1 with COBIT 5.0), visit the ISACA website: Protiviti 2
3 provides an approach that can be tailored to suit the needs of an enterprise through a revised goals cascade, which interprets high-level enterprise goals into specified ITrelated goals that can be mapped to specific processes and principles for implementation. The revised goals cascade is based on enterprise goals driving ITrelated goals and critical processes. Example goals and metrics at the enterprise, process and management practice levels are provided to assist management with assessing whether alignment of goals has been achieved. 2. Covering the enterprise end-to-end COBIT 5 follows the same goal and metric concepts as COBIT 4.1 but integrates the governance of enterprise IT into enterprise governance. The updated framework integrates and updates the previous content into a new model with an enterprise-level view that makes it easier for users to understand, and hence implement, improvement. Information and related technologies are treated as assets that need to be managed by all users and cover all functions and processes within an enterprise, not just those specific to an IT function. COBIT 5 s revised process reference model subdivides the IT elements of an enterprise into two principle domains Governance and Management that now cover enterprise business and IT activities end-to-end. As with the former framework, this model can be used as a guide for adjusting the enterprise s own process model. Additionally, COBIT 5 provides more robust guidance for management pertaining to the inputs and outputs required to develop good practice management standards, while COBIT 4.1 only provided inputs and outputs at the highest level. This assists with inter-process integration by providing additional detailed guidance for designing processes that include essential work products. As a result, COBIT 5 can be more exhaustive than its predecessor. 3. Applying a single integrated framework The number of organisations that use or rely on technology has grown substantially since the release of COBIT 4.1, as has the extent to which technology is used across the enterprise. During this time, there have been many IT-related standards and good practice frameworks developed that provide guidance on a range of IT activities. The updated framework aligns with other relevant standards and frameworks at a high level and can therefore be used as an overarching framework for the governance and management of IT across the enterprise. COBIT 5 activities are equivalent to the COBIT 4.1 control practices and Val IT and Risk IT management practices. These practices have been aligned, integrated and updated into a single model that makes it easier for users to understand and use the material when implementing improvements. Additionally, several new and modified processes have been added, including innovation, organisational change enablement, security services and managing assets, to name a few. 4. Enabling a holistic approach The new framework emphasises an increased focus on Enablers, which help to achieve the objectives of the enterprise. Processes that were explicitly or implicitly included in COBIT 4.1 have been brought to the fore with COBIT 5 and rebranded. A set of seven enablers is designed to support the implementation of a more holistic governance and management system for enterprise IT. These are: 2 a. Processes b. Principles, Policies and Frameworks c. Organisational Structures d. People, Skills and Competencies e. Culture, Ethics and Behaviour 2 Framework.aspx. Protiviti 3
4 f. Services, Infrastructure and Applications g. Information 5. Separating governance from management The new framework provides an expanded discussion on governance relating to the board of directors, the needs of stakeholders, and the balance with enterprise direction and objectives. It also provides a key distinction between governance and management of IT, clearly separating the responsibility at the board and executive management levels and describing different types of organisational structures and activities required at each level. Other changes The updated framework also details a more complete RACI (Responsible, Accountable, Consulted and/or Informed) chart to help clarify responsibility and provides a more complete, detailed and clearer range of generic business and IT role players and charts than COBIT 4.1. This enables better definition of role player responsibilities or level of involvement when designing and implementing processes. COBIT 5 discontinues the capability maturity modelling (CMM) approach (as used by COBIT 4.1, Val IT and Risk IT). A new process capability assessment approach, based on ISO/IEC and the COBIT Assessment Programme (a COBIT-based approach that enables the evaluation of selected IT processes and can be used to help determine process capability), has already been established for COBIT 5 as an alternative to the CMM approach. This approach is considered by ISACA to be more robust, reliable and repeatable as a process capability assessment method. COBIT 4.1, Val IT and Risk IT users wishing to move to the new COBIT Assessment Programme approach will need to realign their previous ratings, adopt the new method and initiate a new set of assessments in order to gain the benefits of the new approach. Summary Executives reviewing the governance and management of enterprise IT are advised to review the new COBIT framework and consider its application to their organisations. To request your copy of COBIT 5 or obtain additional information, please visit ISACA s website: Protiviti 4
5 About Protiviti Protiviti ( is a global consulting firm that helps companies solve problems in finance, technology, operations, governance, risk and internal audit. Through our network of more than 70 offices in over 20 countries, we have served more than 35 percent of FORTUNE 1000 and Global 500 companies. We also work with smaller, growing companies, including those looking to go public, as well as with government agencies. Protiviti is a wholly owned subsidiary of Robert Half International Inc. (NYSE: RHI). Founded in 1948, Robert Half International is a member of the S&P 500 index. Contacts David Brand Jonathan Wyatt Mark Peters Managing Director Managing Director Director Chicago, IL London, UK London, UK david.brand@protiviti.com jonathan.wyatt@protiviti.co.uk mark.peters@protiviti.co.uk 2012 Protiviti Inc. An Equal Opportunity Employer. Protiviti is not licensed or registered as a public accounting firm and does not issue opinions on financial statements or offer attestation services.
Presented by. Denis Darveau CISM, CISA, CRISC, CISSP
Presented by Denis Darveau CISM, CISA, CRISC, CISSP Las Vegas ISACA Chapter, February 19, 2013 2 COBIT Definition Control Objectives for Information and Related Technology (COBIT) is an IT governance framework
More informationCOBIT 5 Introduction. 28 February 2012
COBIT 5 Introduction 28 February 2012 COBIT 5 Executive Summary 2012 ISACA. All rights reserved. 2 Information! Information is a key resource for all enterprises. Information is created, used, retained,
More informationGeoff Harmer PhD, CEng, FBCS, CITP, CGEIT Maat Consulting Reading, UK www.maatconsulting.com
COBIT 5 All together now! Geoff Harmer PhD, CEng, FBCS, CITP, CGEIT Maat Consulting Reading, UK www.maatconsulting.com 1 Copyright Notice COBIT is 1996, 1998, 2000, 2005 2012 ISACA and IT Governance Institute.
More informationRoles, Activities and Relationships
and in COBIT 5 Objective: Value Creation Benefits Realisation Risk Resource Enablers Scope Roles, Activities and Relationships Source: COBIT 5, figure 8 Key Roles, Activities and Relationships Roles, Activities
More informationRevised October 2013
Revised October 2013 Version 3.0 (Live) Page 0 Owner: Chief Examiner CONTENTS: 1. Introduction..2 2. Foundation Certificate 2 2.1 The Purpose of the COBIT 5 Foundation Certificate.2 2.2 The Target Audience
More informationCOBIT 5 For Cyber Security Governance and Management. Nasser El-Hout Managing Director Service Management Centre of Excellence (SMCE)
COBIT 5 For Cyber Security Governance and Management Nasser El-Hout Managing Director Service Management Centre of Excellence (SMCE) Cybersecurity Governance using COBIT5 Cyber Defence Summit Riyadh, KSA
More informationCOBIT 4.1 TABLE OF CONTENTS
COBIT 4.1 TABLE OF CONTENTS Executive Overview....................................................................... 5 COBIT Framework.........................................................................
More informationfor Information Security
for Information Security The following pages provide a preview of the information contained in COBIT 5 for Information Security. The publication provides guidance to help IT and Security professionals
More informationEnabling IT Performance & Value with Effective IT Governance Assessment & Improvement Practices. April 10, 2013
Enabling IT Performance & Value with Effective IT Governance Assessment & Improvement Practices April 10, 2013 Today's Agenda: Key Topics Defining IT Governance IT Governance Elements & Responsibilities
More informationChayuth Singtongthumrongkul
IT is complicated. IT Governance doesn t have to be. Chayuth Singtongthumrongkul CISSP, CISA, ITIL Intermediate, PMP, IRCA ISMS (ISO/IEC 27001) Director of International Academic Alliance, ACIS Professional
More informationUnderstanding COBIT 5. based on ISACA Materials www.isaca.org/cobit. Prepared by: Deb Mallette, CGEIT, CISA, CSSBB, IMG BSMS EPDM, Process Consultant
Prepared by: Deb Mallette, CGEIT, CISA, CSSBB, IMG BSMS EPDM, Process Consultant Understanding COBIT 5 based on ISACA Materials www.isaca.org/cobit ISACA Silicon Valley Chapter Spring 1 Why COBIT is important
More informationCOBIT 5: A New Governance Framework for Managing & Auditing the Technology Environment CS 6-7: Tuesday, July 7 3:30-4:30
COBIT 5: A New Governance Framework for Managing & Auditing the Technology Environment CS 6-7: Tuesday, July 7 3:30-4:30 Presented by: Nelson Gibbs CIA, CRMA, CISA, CISM, CGEIT, CRISC, CISSP ngibbs@pacbell.net
More informationCOBIT 5 ISACA s new framework for IT Governance, Risk, Security and Auditing. An overview
COBIT 5 IACA s new framework for IT Governance, Risk, ecurity and Auditing An overview M. Garsoux COBIT 5 Licensed Training rovider Introduction rinciples rocesses Implementation upporting roducts Questions
More informationSomewhere Today, A Project is Failing
Aligning CobiT and ITIL - The Business Benefit 2007 ISACA All rights reserved www.isaca.org Page - 1 Somewhere Today, A Project is Failing Chapter 1, Peopleware 2nd edition Tom DeMarco 2007 ISACA All rights
More informationCOBIT Helps Organizations Meet Performance and Compliance Requirements
DISCUSS THIS ARTICLE COBIT Helps Organizations Meet Performance and Compliance Requirements By Sreechith Radhakrishnan, COBIT Certified Assessor, ISO/IEC 20000 LA, ISO/IEC 27001 LA, ISO22301 LA, ITIL Expert,
More informationCOBIT 5 Foundation Workshop. COBIT is a trademark of the Information Systems Audit and Control Association and the IT Governance Institute
COBIT 5 Foundation Workshop COBIT is a trademark of the Information Systems Audit and Control Association and the IT Governance Institute COBIT 5: A Business Framework for the Governance and Management
More informationPROTIVITI FLASH REPORT
PROTIVITI FLASH REPORT Cybersecurity Framework: Where Do We Go From Here? February 25, 2014 Just over a year ago, President Barack Obama signed an Executive Order (EO) calling for increased cybersecurity
More informationIT Governance Implementation Workshop
IT Governance Implementation Workshop 3 Full day power packed workshop facilitated by Mr. Gary Allan Banister and Mr. Sreechith Radhakrishnan About the Programme Information is created, used, retained,
More informationCLOUD SECURITY THROUGH COBIT, ISO 27001 ISMS CONTROLS, ASSURANCE AND COMPLIANCE
CLOUD SECURITY THROUGH COBIT, ISO 27001 ISMS CONTROLS, ASSURANCE AND COMPLIANCE Indranil Mukherjee Singapore ISC Pte Ltd Session ID: CLD T02 Session Classification: Intermediate Cloud Computing from a
More informationThe Role of Governance, Risk and Compliance in a Firm
Technology Investment: Achieving Balance Between Business Requirements and Regulatory Compliance Over the past decade, IT organizations have endured a historic pendulum swing, from reckless IT development
More informationWhite Paper. COBIT 5 & BiSL
White Paper COBIT 5 & BiSL This paper compares the scope and perspective of COBIT 5 and BiSL and shows how these two frameworks can be used in conjunction to assure that business information management
More informationCloud Security Keeping Data Safe in the Boundaryless World of Cloud Computing
Cloud Security Keeping Data Safe in the Boundaryless World of Cloud Computing Executive Summary As cloud service providers mature, and expand and refine their offerings, it is increasingly difficult for
More informationHigh Value Audits: An Update on Information Technology Auditing. Robert B. Hirth Jr., Managing Director
High Value Audits: An Update on Information Technology Auditing Robert B. Hirth Jr., Managing Director The technology landscape and its impact on internal audit Technology is playing an ever-growing role
More informationCOBIT 5 and the Process Capability Model. Improvements Provided for IT Governance Process
Proceedings of FIKUSZ 13 Symposium for Young Researchers, 2013, 67-76 pp The Author(s). Conference Proceedings compilation Obuda University Keleti Faculty of Business and Management 2013. Published by
More informationARCHITECTURE SERVICES. G-CLOUD SERVICE DEFINITION.
ARCHITECTURE SERVICES. G-CLOUD SERVICE DEFINITION. Table of contents 1 Introduction...3 2 Architecture Services...4 2.1 Enterprise Architecture Services...5 2.2 Solution Architecture Services...6 2.3 Service
More informationMaximizing Your IT Value with Well-Aligned Governance August 3, 2012
Maximizing Your IT Value with Well-Aligned Governance August 3, 2012 6 th Annual SoCal Excellence in Service Management Conference Your Presenter: Jason Brucker Associate Director within Protiviti's IT
More informationApplying Integrated Risk Management Scenarios for Improving Enterprise Governance
Applying Integrated Risk Management Scenarios for Improving Enterprise Governance János Ivanyos Trusted Business Partners Ltd, Budapest, Hungary, ivanyos@trusted.hu Abstract: The term of scenario is used
More informationCopyright protected. Use is for Single Users only via a VHP Approved License. For information and printed versions please see www.vanharen.
COBIT 5 A Management Guide Other publications by Van Haren Publishing Van Haren Publishing (VHP) specializes in titles on Best Practices, methods and standards within four domains: - IT and IT Management
More informationHow To Transform It Risk Management
The transformation of IT Risk Management kpmg.com The transformation of IT Risk Management The role of IT Risk Management Scope of IT risk management Examples of IT risk areas of focus How KPMG can help
More informationITIL Service Lifecycles and the Project Manager
1 ITIL Service Lifecycles and the Project Manager The intersection of IT Service and Project Delivery Presented to: Kansas City Mid-America PMI Chapter Mark Thomas January 17, 2011 1 Agenda 2 Introduction
More informationIS Audit and Assurance Guideline 2202 Risk Assessment in Planning
IS Audit and Assurance Guideline 2202 Risk Assessment in Planning The specialised nature of information systems (IS) audit and assurance and the skills necessary to perform such engagements require standards
More informationHR Business Partnering A Custom Approach
HR Business Partnering A Custom Approach Human Resources is at a turning point CEO s expect the Human Resources function to play a much more active role in enabling business strategies. For a decade now,
More informationExposure Draft: Improving the Structure of the Code of Ethics for Professional Accountants Phase 1
Ken Siong IESBA Technical Director IFAC 6 th Floor 529 Fifth Avenue New York 10017 USA 22 April 2016 Dear Mr Siong Exposure Draft: Improving the Structure of the Code of Ethics for Professional Accountants
More informationCobiT Strategy and Long Term Vision
CobiT Strategy and Long Term Vision Urs Fischer VP Head IT Risk Mgmt, Security & ICS SwissLife Seite 2 1 Seite 3 Seite 4 2 Session Objective Provide those interested stakeholders with a clear and single
More informationEnabling Information PREVIEW VERSION
Enabling Information These following pages provide a preview of the information contained in COBIT 5: Enabling Information. The main benefit of this publication is that it provides COBIT 5 users with a
More informationTOGAF. TOGAF & Major IT Frameworks, Architecting the Family. by Danny Greefhorst, MSc., Director of ArchiXL. IT Governance and Strategy
TOGAF TOGAF & Major IT Frameworks, Architecting the Family by Danny Greefhorst, MSc., Director of ArchiXL TOGAF is a registered trademark of The Open Group. Copyright 2013 ITpreneurs. All rights reserved.
More informationA Managed Storage Service on a Hybrid Cloud
A Managed Storage on a Hybrid Cloud Business Context Sustainability Improve procurement & contract management Embrace and optimise advances in technology Environmental improvement & carbon reduction Global
More informationIT Governance Regulatory. P.K.Patel AGM, MoF
IT Governance Regulatory Perspective P.K.Patel AGM, MoF Agenda What is IT Governance? Aspects of IT Governance What banks should consider before implementing these aspects? What banks should do for implementation
More informationPublic Service Corporate Governance of Information and Communication Technology Policy Framework
Public Service Corporate Governance of Information and Communication Technology Policy Framework December 2012 i EXECUTIVE SUMMARY Government transformation is, at a strategic level, informed by government-wide
More informationIncreasing IT Value and Reducing Risk. More for Less with COBIT5. IT Governance and Strategy
Increasing IT Value and Reducing Risk More for Less with COBIT5 Copyright 2012 ITpreneurs. All rights reserved. 1 COBIT 5 the Next Evolution 2 COBIT 5 Released in April 2012 COBIT5 is the eagerly awaited
More informationAuditors Need to Know June 13th, 2012. ISACA COBIT 5 for Assurance
COBIT 5 What s New, What Auditors Need to Know June 13th, 2012 Anthony Noble Viacom Inc. ISACA COBIT 5 for Assurance Task Force Chair Special thanks to Derek Oliver & ISACA for supplying material for this
More informationITIL : the basics. Valerie Arraj, Compliance Process Partners LLC. White Paper July 2013
ITIL : the basics Valerie Arraj, Compliance Process Partners LLC White Paper July 2013 2 ITIL : the basics Contents 1 What is ITIL and what are its origins? 3 2 The service lifecycle 3 3 Why would an organization
More informationCertified Information Security Manager (CISM)
Certified Information Security Manager (CISM) Course Introduction Course Introduction Domain 01 - Information Security Governance Lesson 1: Information Security Governance Overview Information Security
More informationBenchmark of controls over IT activities. 2011 Report. ABC Ltd
www.pwc.com/cy Benchmark of controls over IT activities 2011 Report ABC Ltd... 2012 Scope and approach We wish to provide you with our IT Benchmarking report over IT activities at ABC Ltd (the Company)
More informationThis article describes how these seven enablers have contributed towards better information security management at HDFC Bank.
Information Security Management at HDFC Bank: Contribution of Seven Enablers By Vishal Salvi, CISM, and Avinash W. Kadam, CISA, CISM, CGEIT, CRISC, CBCP, CISSP, CSSLP HDFC Bank was incorporated in August
More informationCOBIT 5 for Risk. CS 3-7: Monday, July 6 4:00-5:00. Presented by: Nelson Gibbs CIA, CRMA, CISA, CISM, CGEIT, CRISC, CISSP ngibbs@pacbell.
COBIT 5 for Risk CS 3-7: Monday, July 6 4:00-5:00 Presented by: Nelson Gibbs CIA, CRMA, CISA, CISM, CGEIT, CRISC, CISSP ngibbs@pacbell.net Disclaimer of Use and Association Note: It is understood that
More informationISO 21500: Did we need it? A Consultant's Point of View after a first experience. Session EM13TLD04
ISO 21500: Did we need it? A Consultant's Point of View after a first experience Session EM13TLD04 Maria Cristina Barbero, MBA, PMI-ACP, PMP Nexen SPA PMI is a registered trade and service mark of the
More informationDeveloping organisational capability in programme & project management. David Trevitt, IVI Senior Advisor 16 th October 2014
Developing organisational capability in programme & project management David Trevitt, IVI Senior Advisor 16 th October 2014 Innovation Value Institute 2014 Developing organisational capability in programme
More informationTOGAF TOGAF & Major IT Frameworks, Architecting the Family
Fall 08 TOGAF TOGAF & Major IT Frameworks, Architecting the Family Date: February 2013 Prepared by: Danny Greefhorst, MSc., Director of ArchiXL TOGAF is a registered trademark of The Open Group. TOGAF
More informationPhil Marshall Black Duck Software. 2012 ISACA Webinar Program. 2012 ISACA. All rights reserved.
Open Source Component Governance and Management Using COBIT Phil Marshall Black Duck Software 2012 ISACA Webinar Program. 2012 ISACA. All rights reserved. Welcome Type in questions using the Ask A Question
More informationMoving Forward with IT Governance and COBIT
Moving Forward with IT Governance and COBIT Los Angeles ISACA COBIT User Group Tuesday 27, March 2007 IT GRC Questions from the CIO Today s discussion focuses on the typical challenges facing the CIO around
More informationG13 USE OF RISK ASSESSMENT IN AUDIT PLANNING
IS AUDITING GUIDELINE G13 USE OF RISK ASSESSMENT IN AUDIT PLANNING The specialised nature of information systems (IS) auditing and the skills necessary to perform such audits require standards that apply
More informationG11 EFFECT OF PERVASIVE IS CONTROLS
IS AUDITING GUIDELINE G11 EFFECT OF PERVASIVE IS CONTROLS The specialised nature of information systems (IS) auditing and the skills necessary to perform such audits require standards that apply specifically
More informationPreventing Fraud: Assessing the Fraud Risk Management Capabilities of Today s Largest Organizations
Preventing Fraud: Assessing the Fraud Risk Management Capabilities of Today s Largest Organizations Overview In late 2006 and 2007, Protiviti commissioned a study to gauge the fraud risk management (FRM)
More informationThe Future of Best Practices in IT Service Management - ITIL Version 3 Explained
The Future of Best Practices in IT Service Management - ITIL Version 3 Explained Reg Harbeck CA Monday, August 13, 2007 Session 1455 ITIL V3: The Processes Governance Processes: Service Measurement Service
More informationA Changing Commission: How it affects you - Issue 1
A Changing Commission: How it affects you - Issue 1 Contents Overview... 3 Change Programme... 4 Introduction... 4 Reviewing how we regulate and engage... 4 What are the key changes... 5 What does it mean
More informationA Practical Guide to Information Governance in Microsoft SharePoint 2013
A Practical Guide to Information Governance in Microsoft SharePoint 2013 Antonio Maio Protiviti, Senior SharePoint Architect & Senior Manager Microsoft SharePoint Server MVP Email: Antonio.maio@protiviti.com
More informationSetting goals and measuring the value of Enterprise IT Architecture using COBIT 5 framework
Setting goals and measuring the value of Enterprise IT Architecture using COBIT 5 framework Karoline Westerlund, IT-strategist Umeå University, Sweden retirement Service Catalogue Defined framework Formalized
More informationGLOBAL STANDARD FOR INFORMATION MANAGEMENT
GLOBAL STANDARD FOR INFORMATION MANAGEMENT Manohar Ganshani Businesses have today expanded beyond local geographies. Global presence demands uniformity within the processes across disparate locations of
More informationSchedule 46 SAO Certificate FAQs
Schedule 46 SAO Certificate FAQs Ensuring Correct Completion and Submission of the SAO Certificate The first submission of the Schedule 46 Finance Act 2009 (FA09) senior accounting officer (SAO) certificate
More informationContents. viii. 4 Service Design processes 57. List of figures. List of tables. OGC s foreword. Chief Architect s foreword. Preface.
iii Contents List of figures List of tables OGC s foreword Chief Architect s foreword Preface Acknowledgements v vii viii 1 Introduction 1 1.1 Overview 4 1.2 Context 4 1.3 Purpose 8 1.4 Usage 8 2 Management
More informationCollaborative development of evaluation capacity and tools for natural resource management
Collaborative development of evaluation capacity and tools for natural resource management Helen Watts (Adaptive Environmental Management, formerly NSW Department of Environment and Climate Change) Sandra
More informationThe Asset Management Landscape
The Asset Management Landscape ISBN 978-0-9871799-1-3 Issued November 2011 www.gfmam.org The Asset Management Landscape www.gfmam.org ISBN 978-0-9871799-1-3 Published November 2011 This version replaces
More informationGovernance, Risk and Compliance (GRC) software Business needs and market trends
Governance, Risk and Compliance (GRC) software Business needs and market trends David Cau Director Business Risk Deloitte The importance of a holistic view of risk and compliance issues and the difficulty
More informationPayment Card Industry Data Security Standards
Payment Card Industry Data Security Standards Discussion Objectives Agenda Introduction PCI Overview and History The Protiviti Difference Questions and Discussion 2 2014 Protiviti Inc. CONFIDENTIAL: This
More informationLiterature Review of Business Process Improvement Methodologies: Executive Summary
Literature Review of Business Process Improvement Methodologies: Executive Summary April 2008 Researchers: Dr Zoe Radnor Associate Professor in Operations Management Warwick Business School University
More informationALIGNING ECONOMIC SUBSTANCE AND TAX ESTAR: ECONOMIC SUBSTANCE TAX REVIEW
ALIGNING ECONOMIC SUBSTANCE AND TAX ESTAR: ECONOMIC SUBSTANCE TAX REVIEW estar: economic substance review 01 ALIGNING ECONOMIC SUBSTANCE AND TAX ECONOMIC SUBSTANCE IS VITALLY IMPORTANT FOR TAX - IT IS
More informationInformation Governance
WHITE PAPER Information Governance Irrelevant, overhead or central to survival? Setting the information governance agenda Table of Contents Introduction... 1 Defining the importance of information governance...
More informationFINANCIAL SERVICES FLASH REPORT
FINANCIAL SERVICES FLASH REPORT UK Outlines New Action Plan for Anti-Money Laundering and Counter-Terrorist Finance May In April, the United Kingdom s Home Office and Her Majesty s Treasury (HMT) issued
More informationAsset Management Policy March 2014
Asset Management Policy March 2014 In February 2011, we published our current Asset Management Policy. This is the first update incorporating further developments in our thinking on capacity planning and
More informationHow To Use Risk It
Risk IT A set of guiding principles and the first framework to help enterprises identify, govern and effectively manage IT risk. In business today, risk plays a critical role. Almost every business decision
More informationProcess Control Optimisation with SAP
Process Control Optimisation with SAP The procure-to-pay cycle, which includes all activities from the procurement of goods and services to receiving invoices and paying vendors, is a basic business process.
More informationBoard of Member States ERN implementation strategies
Board of Member States ERN implementation strategies January 2016 As a result of discussions at the Board of Member States (BoMS) meeting in Lisbon on 7 October 2015, the BoMS set up a Strategy Working
More informationIT risk management discussion 2013 PIAA Leadership Camp May 15, 2013
IT risk management discussion 2013 PIAA Leadership Camp May 15, 2013 Debbie Lew Agenda Review what is IT governance Review what is IT risk management A discussion of key IT risks to be aware of Page 2
More informationPwC Luxembourg. Models for the governance of your investments with Portfolio Management September 2009
PwC Luxembourg Models for the governance of your investments with Portfolio Management Agenda Welcome The Portfolio Management Concept Portfolio Management in PMI Portfolio Management in Val IT Portfolio
More informationCRO Forum Paper on the Own Risk and Solvency Assessment (ORSA): Leveraging regulatory requirements to generate value. May 2012.
CRO Forum Paper on the Own Risk and Solvency Assessment (ORSA): Leveraging regulatory requirements to generate value May 2012 May 2012 1 1. Introduction 1.1. Purpose of the paper In this discussion paper
More informationMinistry of Social Development Independent Review of Information Systems Security
Ministry of Social Development Independent Review of Information Systems Security Phase 2 Review of Wider Information Systems Security 30 November 2012 Independent Review of Ministry Information Systems
More informationCHArTECH BOOkS MANAgEMENT SErIES INTrODuCINg ITSM AND ITIL A guide TO IT SErvICE MANAgEMENT www.icaew.com/itfac
Chartech Books Management Series Introducing ITSM and ITIL A Guide to IT Service Management www.icaew.com/itfac Introducing ITSM and ITIL A Guide to IT Service Management by Colin Rudd This report is published
More informationGetting In-Control - Combining CobiT and ITIL for IT Governance and Process Excellence. Executive Summary: What is the business problem?
Getting In-Control - Combining CobiT and ITIL for IT Governance and Process Excellence Executive Summary: Nearly all of us who are running an IT shop feel the need to gain or increase control, predictability,
More informationIn the launch of this series, Information Security Management
Information Security Management Programs: Operational Assessments Lessons Learned and Best Practices Revealed JUSTIN SOMAINI AND ALAN HAZLETON As the authors explain, a comprehensive assessment process
More informationFrameworks for IT Management
Frameworks for IT Management Copyright protected. Use is for Single Users only via a VHP Approved License. For information and printed versions please see www.vanharen.net 18 ITIL - the IT Infrastructure
More informationInformation Technology Auditing for Non-IT Specialist
Information Technology Auditing for Non-IT Specialist IIA Pittsburgh Chapter October 4, 2010 Agenda Introductions What are General Computer Controls? Auditing IT processes controls Understanding and evaluating
More informationGovernance. as a tool for Architects. Tuesday, 6 November, 12
Governance as a tool for Architects Governance is the act of governing. It relates to decisions that define expectations, grant power, or verify performance. It consists of either a separate process or
More informationThe Compliance Universe
The Compliance Universe Principle 6.1 The board should ensure that the company complies with applicable laws and considers adherence to non-binding rules, codes and standards This practice note is intended
More informationSUPPLY CHAIN ASSURANCE FRAMEWORK: THE SUPPLY CHAIN STANDARDS TRANSLATOR
SUPPLY CHAIN ASSURANCE FRAMEWORK: THE SUPPLY CHAIN STANDARDS TRANSLATOR Michael de Crespigny, CEO Information Security Forum Session ID: GRC R02B Session Classification: General Interest KEY ISSUE Our
More informationEA vs ITSM. itsmf 15.4.2014
EA vs ITSM itsmf 15.4.2014 EA vs ITSM SH Needs Business Goals 2 GOVERNANCE EVALUATE PLANNING ITSM IMPROVING OPERATING Business Programs Projects DEVELOPING EA IMPLEMENTING What is an enterprise in the
More informationITAG RESEARCH INSTITUTE
ITAG RESEARCH INSTITUTE Control and Governance Maturity Survey Establishing a reference benchmark and a self-assessment tool Erik Guldentops Wim Van Grembergen Steven De Haes Control and Governance Maturity
More informationIRCA Briefing note ISO/IEC 20000-1: 2011
IRCA Briefing note ISO/IEC 20000-1: 2011 How to apply for and maintain Training Organization Approval and Training Course Certification IRCA 3000 Contents Introduction 3 Summary of the changes within ISO/IEC
More informationCompany size matters: Perspectives on IT Governance
www.pwc.com/ca/technology-consulting Company size matters: Perspectives on IT Governance versus large Canadian organizations and IT Governance PwC conducted research for the 4th edition of the IT Governance
More informationFinance Effectiveness Efficiency
Business Unit Finance Effectiveness Efficiency An overview Agenda Page 1 Efficiency - An overview 1 2 Our services 7 3 Case study 14 Section 1 Efficiency - An overview 1 Section 1 Efficiency - An overview
More informationInformation System Project Management Context (IS PM 2. lecture, 2012)
Information System Project Management Context Topics of the current lecture Overview of IT processes in organization System work framework draft Project life cycle Project management methodologies IT Processes
More informationExecutive's Guide to
Executive's Guide to IT Governance Improving Systems Processes with Service Management, COBIT, and ITIL ROBERT R. MOELLER WILEY John Wiley & Sons, Inc. Contents Preface xiii PART I: IT GOVERNANCE CONCEPTS
More informationFINANCIAL SERVICES FLASH REPORT
FINANCIAL SERVICES FLASH REPORT The Fourth European Union Anti-Money Laundering Directive July 2015 The Fourth European Union (EU) Anti-Money Laundering Directive (Fourth Directive) was approved by the
More informationThe linchpin between Corporate Governance and IT Governance
The linchpin between Corporate Governance and IT Governance Stuart Macgregor The Open Group s EA Forum Johannesburg and Cape Town November 2013 www.realirm.com LEADING ENTERPRISE Copyright Real ARCHITECTURE
More information1. FPO. Guide to the Sarbanes-Oxley Act: IT Risks and Controls. Second Edition
1. FPO Guide to the Sarbanes-Oxley Act: IT Risks and Controls Second Edition Table of Contents Introduction... 1 Overall IT Risk and Control Approach and Considerations When Complying with Sarbanes-Oxley...
More informationGuide to the Sarbanes-Oxley Act: IT Risks and Controls. Frequently Asked Questions
Guide to the Sarbanes-Oxley Act: IT Risks and Controls Frequently Asked Questions Table of Contents Page No. Introduction.......................................................................1 Overall
More informationIntegrated Information Management Systems
Integrated Information Management Systems Ludk Novák ludek.novak@anect.com ANECT a.s. Brno, Czech Republic Abstract The article tries to find consensus in these tree different types of the systems the
More informationIT Compliance 24.09.2007. After Hours Seminar September 2007 Zurich. Improving IT Risk & Compliance Management (RCM)
IT Compliance 24.09. AHS After Hours Seminar Zurich Improving IT Risk & Compliance Management (RCM) Bruno J. Wiederkehr Member of the Board ISACA Switzerland Chapter Agenda 1. Understanding the RCM Requirements
More informationRisk Management Practice Guideline
Risk Management Practice Guideline Risk Management Task Force February 2007 Forward This is the first CIPS (Canadian Information Processing Society) best practice. It has been developed to support the
More information