COBIT 5 ISACA s new framework for IT Governance, Risk, Security and Auditing. An overview
|
|
- Albert Black
- 8 years ago
- Views:
Transcription
1 COBIT 5 IACA s new framework for IT Governance, Risk, ecurity and Auditing An overview M. Garsoux COBIT 5 Licensed Training rovider
2 Introduction rinciples rocesses Implementation upporting roducts Questions 2
3 3
4 Evolution of scope Governance of Enterprise IT IT Governance Val IT 2.0 Management (2008) Control Risk IT (2009) Audit COBIT COBIT COBIT COBIT4.0/ /7 COBIT A business framework from IACA, at 4
5 What is CobiT? Control Objectives for Information and Related Technology (CobiT) is a set of best practices for Information Technology management developed by IACA (Information ystems Audit & Control Association) and IT Governance Institute in IACA develops and maintains the internationally recognized COBIT framework, helping IT professionals and enterprise leaders fulfil their IT Governance responsibilities while delivering value to the business. The latest IACA s globally accepted framework COBIT 5 is aimed to provide an end-to-end business view of the governance of enterprise IT that reflects the central role of IT in creating value for enterprises 5
6 Information is a key resource for all enterprises. Information is created, used, retained, disclosed and destroyed. Technology plays a key role in these actions. Technology is becoming pervasive in all aspects of business and personal life. What benefits does information and technology bring to enterprises? 6
7 Helps enterprises: Bring Order to Complex tandards and Frameworks Extract Value from Information Chaos Address all takeholders Needs and Maximize Value of Corporate Information rotect and Drive Enterprise Value 7
8 Enterprises and their executives strive to : Maintain quality information to support business decisions. Generate business value from IT-enabled investments, i.e., achieve strategic goals and realise business benefits through effective and innovative use of IT. Achieve operational excellence through reliable and efficient application of technology. Maintain IT-related risk at an acceptable level. Optimise the cost of IT services and technology. How can these benefits be realized to create enterprise stakeholder value? 8
9 COBIT 5 is a comprehensive framework that helps enterprises to create optimal value from IT by maintaining a balance between realising benefits and optimising risk levels and resource use. COBIT 5 enables information and related technology to be governed and managed in a holistic manner for the whole enterprise, taking in the full end-to-end business and functional areas of responsibility, considering the IT-related interests of internal and external stakeholders. The COBIT 5 principles and enablers are generic and useful for enterprises of all sizes, whether commercial, not-for profit or in the public sector. 9
10 10
11 11
12 Enterprises exist to create value for their stakeholders 12
13 takeholder Value Delivering enterprise stakeholder value requires good governance and management of information and technology (IT) assets. Enterprise boards, executives and management have to embrace IT like any other significant part of the business. External legal, regulatory and contractual compliance requirements related to enterprise use of information and technology are increasing, threatening value if breached. COBIT 5 provides a comprehensive framework that assists enterprises to achieve their goals and deliver value through effective governance and management of enterprise IT. 13
14 Goals cascade takeholder needs have to be transformed into an enterprises actionable strategy. The COBIT 5 goals cascade translates stakeholder needs into specific, actionable and customised goals within the context of the enterprise, IT-related goals and enabler goals. 14
15 COBIT 5 entreprise goals Governance objectives BC Description F 1.takeholder value of business investments I N 2.ortfolio of competitive products and services A N 3.Managed business risks (safeguarding of assets) C I 4.Compliance with external laws and regulations A 5.Financial transparency L 6.Customer oriented service culture C U 7.Business service continuity and availability T 8.Agile responses to a changing business environment O M 9.Information based strategic decision making E 10.Optimisation of service delivery costs R 11.Optimisation of business process functionality I N 12.Optimisation of business process costs T E 13.Managed business change programmes R N 14.Operational and staff productivity A 15.Compliance with internal policies L Learning 16.killed and motivated people &Growth 17.roduct and business innovation culture Benefits Risk Resource 15
16 COBIT 5 IT-related goals BC Description F 1. Alignment of IT and business strategy I N 2. IT compliance and support for business compliance with external laws & regulations A 3. Commitment of executive management for making IT related decisions N C 4. Managed IT related business risks I A 5. Realised benefits form IT-enabled investments and services portfolio L 6. Transparency of IT costs, benefits and risk C 7. Delivery of IT services in line with business requirements U 8. Adequate use of applications, information and technology structure T I N T E R N A L L &G 9. IT agility 10. ecurity of information, processing infrastructure and applications 11. Optimisation of IT assets, resources and capabilities 12. Enablement and support of business processes by integrating applications and technology 13. Delivery of programme on time, on budget, and meeting requirements and quality standards 14. Availability of reliable and useful information for decision making 15. IT compliance with internal policies 16. Competent and motivated business and IT personnel 17. Knowledge, expertise and initiatives for business innovation 16
17 Mapping of Enterprise goals into IT-goals Enterprise Goal IT -Related Goal Alignment of IT and business strategy Delivery of IT services Customer 7 in line with business requirements Financial 1 Internal 9 IT agility Competent and Learning 16 motivated business and Growth and IT personnel takeholder Value of Customer - oriented Optimisation of business killed and Business investments service culture process functionality motivated peole Financial Customer Internal Learning and Growth 17
18 Mapping IT goals to processes IT - Related Goal Delivery of IT services Alignment of IT and in line with business business strategy requirements COBIT 5 rocess EDM01 EDM02 Evaluate, Direct and Monitor EDM03 EDM0 4 EDM05 Ensure Governance Framework etting and Maintenance Ensure Benefits Delivery Ensure Risk Optimisation Ensure Ressource Optimisation Ensure takeholder Transparency IT agility Knowledge, expertise and initiatives for business innovation Financial Customer Internal 18
19 Key components of a governance system 19
20 COBIT 5 aligns with the latest relevant other standards and frameworks used by enterprises: Enterprise: COO, COO ERM, IO 9000, IO IT-related: IO 38500, ITIL, IO27000 series, TOGAF, MBOK/RINCE2, CMMI Etc. This allows the enterprise to use COBIT 5 as the overarching governance and management framework integrator. IACA plans a capability to facilitate COBIT user mapping of practices and activities to third-party references. 20
21 COBIT 5 defines a set of enablers to support the implementation of a comprehensive governance and management system for enterprise IT. COBIT 5 enablers are: Factors that, individually and collectively, influence whether something will work Driven by the goals cascade Described by the COBIT 5 framework in seven categories 21
22
23 1. rinciples, policies and frameworks Are the vehicle to translate the desired behaviour into practical guidance for day-to-day management 2. rocesses Describe an organised set of practices and activities to achieve certain objectives and produce a set of outputs in support of achieving overall IT related goals 3. Organisational structures Are the key decision-making entities in an organisation 4. Culture, ethics and behaviour Of individuals and of the organisation; very often underestimated as a success factor in governance and management activities 5. Information Is pervasive throughout any organisation, i.e., deals with all information produced and used by the enterprise. Information is required for keeping the organisation running and well governed, but at the operational level, information is very often the key product of the enterprise itself. 6. ervices, infrastructure and applications Include the infrastructure, technology and applications that provide the enterprise with information technology processing and services 7. eople, skills and competencies Are linked to people and are required for successful completion of all activities and for making correct decisions and taking corrective actions 23
24 Governance ensures that enterprise objectives are achieved by evaluating stakeholder needs, conditions and options; setting direction through prioritisation and decision making; and monitoring performance, compliance and progress against agreed direction and objectives (EDM) Management plans, builds, runs and monitors activities in alignment with the direction set by the governance body to achieve the enterprise objectives (BRM) 24
25 COBIT 5 is not prescriptive, but it advocates that organisations implement governance and management processes such that the key areas are covered, as shown. 25
26 COBIT 5 brings together the five principles that allow the enterprise to build an effective governance and management framework based on a holistic set of seven enablers that optimises information and technology investment and use for the benefit of stakeholders. 26
27 27
28 28
29 29
30 30
31 31
32 32
33 33
34 Failed IT initiatives Rising costs erception of low business value for IT investments ignificant incidents related to IT risk (e.g. data loss) ervice delivery problems Failure to meet regulatory or contractual requirements Audit findings for poor IT performance or low service levels Hidden and/or rogue IT spending Resource waste through duplication or overlap in IT initiatives Insufficient IT resources IT staff burnout / dissatisfaction IT enabled changes frequently failing to meet business needs (late deliveries or budget overruns) Multiple and complex IT assurance efforts Board members or senior managers that are reluctant to engage with IT 34
35 Merger, acquisition or divestiture hift in the market, economy or competitive position Change in business operating model or sourcing arrangements New regulatory or compliance requirements ignificant technology change or paradigm shift An enterprise-wide governance focus or project A new CIO, CFO, COO or CEO External audit or consultant assessments A new business strategy or priority By using pain points or trigger events as the launching point for IT governance initiatives, the business case for GEIT improvement can be related to issues being experienced, which will improve buy-in to the business case. 35
36 36
37 37
38 38
39 39
COBIT 5 Introduction. 28 February 2012
COBIT 5 Introduction 28 February 2012 COBIT 5 Executive Summary 2012 ISACA. All rights reserved. 2 Information! Information is a key resource for all enterprises. Information is created, used, retained,
More informationChayuth Singtongthumrongkul
IT is complicated. IT Governance doesn t have to be. Chayuth Singtongthumrongkul CISSP, CISA, ITIL Intermediate, PMP, IRCA ISMS (ISO/IEC 27001) Director of International Academic Alliance, ACIS Professional
More informationCOBIT 5 For Cyber Security Governance and Management. Nasser El-Hout Managing Director Service Management Centre of Excellence (SMCE)
COBIT 5 For Cyber Security Governance and Management Nasser El-Hout Managing Director Service Management Centre of Excellence (SMCE) Cybersecurity Governance using COBIT5 Cyber Defence Summit Riyadh, KSA
More informationS11 - Implementing IT Governance An Introduction Debra Mallette
S11 - Implementing IT Governance An Introduction Debra Mallette S11 - Introduction to IT Governance Implementation using COBIT and Val IT Speaker: Debra Mallette, CGEIT, CISA, CSSBB Session Objectives
More informationPresented by. Denis Darveau CISM, CISA, CRISC, CISSP
Presented by Denis Darveau CISM, CISA, CRISC, CISSP Las Vegas ISACA Chapter, February 19, 2013 2 COBIT Definition Control Objectives for Information and Related Technology (COBIT) is an IT governance framework
More informationCOBIT 5 for Risk. CS 3-7: Monday, July 6 4:00-5:00. Presented by: Nelson Gibbs CIA, CRMA, CISA, CISM, CGEIT, CRISC, CISSP ngibbs@pacbell.
COBIT 5 for Risk CS 3-7: Monday, July 6 4:00-5:00 Presented by: Nelson Gibbs CIA, CRMA, CISA, CISM, CGEIT, CRISC, CISSP ngibbs@pacbell.net Disclaimer of Use and Association Note: It is understood that
More informationRevised October 2013
Revised October 2013 Version 3.0 (Live) Page 0 Owner: Chief Examiner CONTENTS: 1. Introduction..2 2. Foundation Certificate 2 2.1 The Purpose of the COBIT 5 Foundation Certificate.2 2.2 The Target Audience
More informationRoles, Activities and Relationships
and in COBIT 5 Objective: Value Creation Benefits Realisation Risk Resource Enablers Scope Roles, Activities and Relationships Source: COBIT 5, figure 8 Key Roles, Activities and Relationships Roles, Activities
More informationGeoff Harmer PhD, CEng, FBCS, CITP, CGEIT Maat Consulting Reading, UK www.maatconsulting.com
COBIT 5 All together now! Geoff Harmer PhD, CEng, FBCS, CITP, CGEIT Maat Consulting Reading, UK www.maatconsulting.com 1 Copyright Notice COBIT is 1996, 1998, 2000, 2005 2012 ISACA and IT Governance Institute.
More informationINFORMATION TECHNOLOGY FLASH REPORT
INFORMATION TECHNOLOGY FLASH REPORT ISACA Releases COBIT 5: Updated Framework for the Governance and Management of IT May 18, 2012 In April, ISACA released COBIT 5 as a replacement for its current globally
More informationfor Information Security
for Information Security The following pages provide a preview of the information contained in COBIT 5 for Information Security. The publication provides guidance to help IT and Security professionals
More informationEnabling Information PREVIEW VERSION
Enabling Information These following pages provide a preview of the information contained in COBIT 5: Enabling Information. The main benefit of this publication is that it provides COBIT 5 users with a
More informationCOBIT 5 Foundation Workshop. COBIT is a trademark of the Information Systems Audit and Control Association and the IT Governance Institute
COBIT 5 Foundation Workshop COBIT is a trademark of the Information Systems Audit and Control Association and the IT Governance Institute COBIT 5: A Business Framework for the Governance and Management
More informationUnderstanding COBIT 5. based on ISACA Materials www.isaca.org/cobit. Prepared by: Deb Mallette, CGEIT, CISA, CSSBB, IMG BSMS EPDM, Process Consultant
Prepared by: Deb Mallette, CGEIT, CISA, CSSBB, IMG BSMS EPDM, Process Consultant Understanding COBIT 5 based on ISACA Materials www.isaca.org/cobit ISACA Silicon Valley Chapter Spring 1 Why COBIT is important
More informationIncreasing IT Value and Reducing Risk. More for Less with COBIT5. IT Governance and Strategy
Increasing IT Value and Reducing Risk More for Less with COBIT5 Copyright 2012 ITpreneurs. All rights reserved. 1 COBIT 5 the Next Evolution 2 COBIT 5 Released in April 2012 COBIT5 is the eagerly awaited
More informationCOBIT 4.1 TABLE OF CONTENTS
COBIT 4.1 TABLE OF CONTENTS Executive Overview....................................................................... 5 COBIT Framework.........................................................................
More informationIT Governance Implementation Workshop
IT Governance Implementation Workshop 3 Full day power packed workshop facilitated by Mr. Gary Allan Banister and Mr. Sreechith Radhakrishnan About the Programme Information is created, used, retained,
More information2009 Solvay Brussels School and IT Governance institute
IT Governance Masterclass Georges Ataya CISA, CGEIT, CISA, CISSP, MSCS, PBA International VP, IT Governance Institute Professor, Solvay Business School Managing Partner, ICT Control NV 1 Georges Ataya
More informationWEST COAST DISTRICT MUNICIPALITY IT GOVERNANCE FRAMEWORK IT CHARTER
WEST COAST DISTRICT MUNICIPALITY IT GOVERNANCE FRAMEWORK IT CHARTER MAY 2012 INDEX 1 Introduction... 1 2 Contextual background... 3 2.1 The CobiT 5 framework (2012)... 4 2.2 The ISO 27000 series (2005,
More informationIT Service Management. The Role of Service Request Management
RL Consulting IT Service Management The Role of Service Request Management Prepared by: Rick Leopoldi June 1, 2007 Copyright 2001-2007. All rights reserved. Duplication of this document or extraction of
More informationStrategy, COBIT and Vision: HOW DO THEY RELATE? Ken Vander Wal, CISA, CPA, Past President, ISACA vandeke@gmail.com 11.16.2013
Strategy, COBIT and Vision: HOW DO THEY RELATE? Ken Vander Wal, CISA, CPA, Past President, ISACA vandeke@gmail.com 11.16.2013 AGENDA IT s Changing Landscape ISACA s Response Vision and Mission COBIT 5
More informationCONCEPTUAL MODEL OF IT GOVERNANCE FOR HIGHER EDUCATION BASED ON COBIT 5 FRAMEWORK
CONCEPTUAL MODEL OF IT GOVERNANCE FOR HIGHER EDUCATION BASED ON COBIT 5 FRAMEWORK HERU NUGROHO Telkom University, Telkom Applied Science School, Department of Information Technology, Bandung E-mail: herunugroho@telkomuniversity.ac.id,
More informationCSR / Sustainability Governance and Management Assessment By Coro Strandberg Principal, Strandberg Consulting www.corostrandberg.
Introduction CSR / Sustainability Governance and Management Assessment By Coro Strandberg Principal, Strandberg Consulting www.corostrandberg.com June 2015 Companies which adopt CSR or sustainability 1
More informationCLOUD SECURITY THROUGH COBIT, ISO 27001 ISMS CONTROLS, ASSURANCE AND COMPLIANCE
CLOUD SECURITY THROUGH COBIT, ISO 27001 ISMS CONTROLS, ASSURANCE AND COMPLIANCE Indranil Mukherjee Singapore ISC Pte Ltd Session ID: CLD T02 Session Classification: Intermediate Cloud Computing from a
More informationPractical Approaches to Achieving Sustainable IT Governance
Practical Approaches to Achieving Sustainable IT Governance Beyond Mandates: Getting to Sustainable IT Governance Best Practices Agenda IT Governance Definition IT Governance Principles IT Governance Decisions
More informationCOBIT 5: A New Governance Framework for Managing & Auditing the Technology Environment CS 6-7: Tuesday, July 7 3:30-4:30
COBIT 5: A New Governance Framework for Managing & Auditing the Technology Environment CS 6-7: Tuesday, July 7 3:30-4:30 Presented by: Nelson Gibbs CIA, CRMA, CISA, CISM, CGEIT, CRISC, CISSP ngibbs@pacbell.net
More informationCIO, CISO and Practitioner Guidance IT Security Governance
CIO, CISO and Practitioner Guidance IT Security Governance June 2006 (Revision 1, August 2007) 1 CIO, CISO and Practitioner Guidance Whatever your business, security and privacy are key matters that affect
More informationHow To Use Risk It
Risk IT A set of guiding principles and the first framework to help enterprises identify, govern and effectively manage IT risk. In business today, risk plays a critical role. Almost every business decision
More informationTOGAF. TOGAF & Major IT Frameworks, Architecting the Family. by Danny Greefhorst, MSc., Director of ArchiXL. IT Governance and Strategy
TOGAF TOGAF & Major IT Frameworks, Architecting the Family by Danny Greefhorst, MSc., Director of ArchiXL TOGAF is a registered trademark of The Open Group. Copyright 2013 ITpreneurs. All rights reserved.
More informationAN APPROACH TO DESIGN SERVICES KEY PERFORMANCE INDICATOR USING COBIT5 AND ITIL V3
AN APPROACH TO DESIGN SERVICES KEY PERFORMANCE INDICATOR USING COBIT5 AND ITIL V3 1 Retno Ayu Widiyaningrum, 2 Kudang B Sminar, 3 Husniteja Sukmana Department of Computer Science, Bogor Agricultural University,
More informationCompany size matters: Perspectives on IT Governance
www.pwc.com/ca/technology-consulting Company size matters: Perspectives on IT Governance versus large Canadian organizations and IT Governance PwC conducted research for the 4th edition of the IT Governance
More informationBeyond Mandates: Getting to Sustainable IT Governance Best Practices. Steve Romero PMP, CISSP, CPM IT Governance Evangelist
Beyond Mandates: Getting to Sustainable IT Governance Best Practices Steve Romero PMP, CISSP, CPM IT Governance Evangelist Agenda > IT Governance Definition > IT Governance Principles > IT Governance Decisions
More informationThe IT Infrastructure Library (ITIL)
IT service management is often equated with the Information Technology Infrastructure Library (ITIL), even though there are a variety of standards and frameworks contributing to the overall ITSM discipline.
More informationCIO, CISO and Practitioner Guidance IT Security Governance
June 2006 (Revision 1, August 2007) () 1 CIO, CISO and Practitioner Guidance Whatever your business, security and privacy are key matters that affect your enterprise and those dependent upon you. There
More informationGovernance. as a tool for Architects. Tuesday, 6 November, 12
Governance as a tool for Architects Governance is the act of governing. It relates to decisions that define expectations, grant power, or verify performance. It consists of either a separate process or
More informationRMBC s Governance Framework for Significant Partnerships
RMBC s Governance Framework for Significant Partnerships 1.0 Introduction 1.1 Corporate governance describes how organisations direct and control what they do. For a council, this includes how it relates
More informationIT Governance isn t one thing, it s everything. Steve Romero PMP, CISSP, CCP
IT Governance isn t one thing, it s everything. Steve Romero PMP, CISSP, CCP 1 An executive view of governance Based on 2009 Survey of 255 Non-IT CEOs/Executives 50% Ranked ITG as very important 75% of
More informationPhil Marshall Black Duck Software. 2012 ISACA Webinar Program. 2012 ISACA. All rights reserved.
Open Source Component Governance and Management Using COBIT Phil Marshall Black Duck Software 2012 ISACA Webinar Program. 2012 ISACA. All rights reserved. Welcome Type in questions using the Ask A Question
More informationThis article describes how these seven enablers have contributed towards better information security management at HDFC Bank.
Information Security Management at HDFC Bank: Contribution of Seven Enablers By Vishal Salvi, CISM, and Avinash W. Kadam, CISA, CISM, CGEIT, CRISC, CBCP, CISSP, CSSLP HDFC Bank was incorporated in August
More informationCOBIT Helps Organizations Meet Performance and Compliance Requirements
DISCUSS THIS ARTICLE COBIT Helps Organizations Meet Performance and Compliance Requirements By Sreechith Radhakrishnan, COBIT Certified Assessor, ISO/IEC 20000 LA, ISO/IEC 27001 LA, ISO22301 LA, ITIL Expert,
More informationHow To Compare Itil To Togaf
ITSM vs EA KAOS ITSM vs EA SH Needs Business Goals 2 GOVERNANCE EVALUATE PLANNING ITSM IMPROVING OPERATING Business Programs Projects DEVELOPING EA IMPLEMENTING IT service - ITIL 3 Lifecycle approach Service
More informationPolicy (Board Approved)
Policy (Board Approved) Compliance and Regulatory Management Document Number GOV-POL-20 1.0 Policy Statement Stanwell Corporation Limited (Stanwell) is a Queensland company Government Owned corporation.
More informationGoverning and optimising the design, build and run of new generation IT services
Governing and optimising the design, build and run of new generation IT services harold.petersen@uxcconsulting.com.au www.uxcconsulting.com.au Leadit Conference, Melbourne 13-15 August 2014 Harold Petersen
More informationQuick Guide: Meeting ISO 55001 Requirements for Asset Management
Supplement to the IIMM 2011 Quick Guide: Meeting ISO 55001 Requirements for Asset Management Using the International Infrastructure Management Manual (IIMM) ISO 55001: What is required IIMM: How to get
More informationWHITE PAPER IT SERVICE MANAGEMENT IT SERVICE DESIGN 101
WHITE PAPER IT SERVICE MANAGEMENT IT SERVICE DESIGN 101 Prepared by: Phillip Bailey, Service Management Consultant Steve Ingall, Head of Service Management Consultancy 60 Lombard Street London EC3V 9EA
More informationWhite Paper. COBIT 5 & BiSL
White Paper COBIT 5 & BiSL This paper compares the scope and perspective of COBIT 5 and BiSL and shows how these two frameworks can be used in conjunction to assure that business information management
More informationBased on 2008 Survey of 255 Non-IT CEOs/Executives
Based on 2008 Survey of 255 Non-IT CEOs/Executives > 50% Ranked ITG as very important > 75% of businesses consider ITG to be an integral part of enterprise governance, but the overall maturity level is
More informationEnabling IT Performance & Value with Effective IT Governance Assessment & Improvement Practices. April 10, 2013
Enabling IT Performance & Value with Effective IT Governance Assessment & Improvement Practices April 10, 2013 Today's Agenda: Key Topics Defining IT Governance IT Governance Elements & Responsibilities
More informationIT Governance. What is it and how to audit it. 21 April 2009
What is it and how to audit it 21 April 2009 Agenda Can you define What are the key objectives of How should be structured Roles and responsibilities Key challenges and barriers Auditing Scope Test procedures
More informationIT GOVERNANCE PANEL BRING VALUE BY AUDITING IT GOVERNANCE GET THE
1 IT GOVERNANCE PANEL BRING VALUE BY AUDITING IT GOVERNANCE GET THE ANSWERS AND PRACTICAL TIPS FROM THE IT GOVERNANCE AUDIT PROFESSIONALS JOHAN LIDROS, PRESIDENT EMINERE GROUP KATE MULLIN, CISO, HEALTH
More informationContract management roles and responsibilities
Contract management roles and responsibilities This White Paper describes the formal arrangements for managing the relationship with the provider through a demand and supply organization. This is a governance
More informationTOGAF TOGAF & Major IT Frameworks, Architecting the Family
Fall 08 TOGAF TOGAF & Major IT Frameworks, Architecting the Family Date: February 2013 Prepared by: Danny Greefhorst, MSc., Director of ArchiXL TOGAF is a registered trademark of The Open Group. TOGAF
More informationJOE MOROLONG LOCAL MUNICIPALITY IT GOVERNANCE FRAMEWORK
JOE MOROLONG LOCAL MUNICIPALITY IT GOVERNANCE FRAMEWORK INDEX 1 Introduction... 2 Contextual background... 2.1 The CobiT 5 framework (2012)... 2.2 The ISO 27000 series (2005, 2011)... 2.3 The Risk IT
More informationEffectively Using CobiT in IT Service Management
Effectively Using CobiT in IT Service Management Crown copyright material is reproduced with the permission of the Controller of HMSO and Queen s Printer for Scotland. ITIL is a Registered Trade Mark of
More informationIT Governance Regulatory. P.K.Patel AGM, MoF
IT Governance Regulatory Perspective P.K.Patel AGM, MoF Agenda What is IT Governance? Aspects of IT Governance What banks should consider before implementing these aspects? What banks should do for implementation
More informationCriticism of Implementation of ITSM & ISO20000 in IT Banking Industry. Presented by: Agus Sutiawan, MIT, CISA, CISM, ITIL, BSMR3
Criticism of Implementation of ITSM & ISO20000 in IT Banking Industry Presented by: Agus Sutiawan, MIT, CISA, CISM, ITIL, BSMR3 Outline What is IT Service Management What is ISO 20000 Step by step implementation
More informationPublic Service Corporate Governance of Information and Communication Technology Policy Framework
Public Service Corporate Governance of Information and Communication Technology Policy Framework December 2012 i EXECUTIVE SUMMARY Government transformation is, at a strategic level, informed by government-wide
More informationOur Services. We offer the following services to our clients: IT Strategy and Planning. Value Management. Business Continuity Planning
Consulting Services Consulting Services Injazat Consulting Injazat Consulting collaborates with its clients in the development of their businesses from an end-to-end perspective through the delivery of
More informationMapping COBIT 5 with IT Governance, Risk and Compliance at Ecopetrol S.A. By Alberto León Lozano, CISA, CGEIT, CIA, CRMA
Volume 3, July 2014 Come join the discussion! Alberto León Lozano will respond to questions in the discussion area of the COBIT 5 Use It Effectively topic beginning 21 July 2014. Mapping COBIT 5 with IT
More informationITIL Service Lifecycles and the Project Manager
1 ITIL Service Lifecycles and the Project Manager The intersection of IT Service and Project Delivery Presented to: Kansas City Mid-America PMI Chapter Mark Thomas January 17, 2011 1 Agenda 2 Introduction
More informationCorporate Governance. Approach to Governance. Principle 1 Lay solid foundations for management and oversight. ASX Best Practice Recommendations
Approach to Governance Tap is committed to conducting business in accordance with a high standard of corporate governance. This statement outlines the key principles and practices the Board has adopted
More informationPROJECT MANAGEMENT SURVEY
INDUSTRY TRENDS PROJECT MANAGEMENT SURVEY JANUARY 2015 Introduction 2015 will continue to see organisations across all sectors facing one of the most competitive, challenging and changing corporate environments
More informationARCHITECTURE SERVICES. G-CLOUD SERVICE DEFINITION.
ARCHITECTURE SERVICES. G-CLOUD SERVICE DEFINITION. Table of contents 1 Introduction...3 2 Architecture Services...4 2.1 Enterprise Architecture Services...5 2.2 Solution Architecture Services...6 2.3 Service
More informationPractice Description Business process management and enterprise architecture
Practice Description Business process management and enterprise architecture 1. Description of the practice The BPM & EA practice assists organisations in 1 keeping in control of the performance of their
More informationCOBIT 5 Implementation Certification Course
COBIT 5 Implementation Certification Course About COBIT 5.0 Information is created, used, retained, disclosed and destroyed. Technology plays a key role in these actions and technology is becoming pervasive
More information2005 Kasse Initiatives, LLC version 1.2. ITIL Overview - 1
ITIL IT Infrastructure Library Overview ITIL Overview - 1 Vocabulary Incident - any event which is not part of the standard operation of a service and which causes or may cause an interruption to or reduction
More informationIntegrating the Project Portfolio Management and Service Portfolio Management: The Governance of Enterprise IT Perspective
Integrating the Project Portfolio and Portfolio : The Governance of Enterprise IT Perspective George Papoulias CGEIT. ITIL Expert, PRINCE2 Prac;;oner, CRISC, CISA Senior Project Manager CONTENTS TYPES
More informationCorporate Governance Guidelines
Corporate Governance Guidelines 1. Introduction Entra ASA ( Entra ), and together with its subsidiaries, ( the group ) will be subject to the reporting requirements on corporate governance set out in 3
More informationIT Charter and IT Governance Framework
IT Charter and IT Governance Framework Status: Custodian: Approved Director: Information Technology Date approved: 2013-12-04 Implementation date: 2013-12-05 Decision number: SAQA 02102/13 Due for review:
More informationExecutive's Guide to
Executive's Guide to IT Governance Improving Systems Processes with Service Management, COBIT, and ITIL ROBERT R. MOELLER WILEY John Wiley & Sons, Inc. Contents Preface xiii PART I: IT GOVERNANCE CONCEPTS
More informationAligning IT with Business Needs (Why Right-sourcing works)
Aligning IT with Business Needs (Why Right-sourcing works) Mike Ryan Aligning IT with Business Needs (Why Right-sourcing works) Mike Ryan Challanges running IT Keeping IT Running Value Costs Mastering
More informationBusiness Relationship Manager IT Project and Programme Managers Hospice Managers Nursing Staff 3 rd Party Suppliers CIO Head of IT Infrastructure
Job Title: Informatics Business Analyst Department: IT Service Management, TDA Location: 89 Albert Embankment, London Responsible to: Head of IT Service Management Role Summary: This role will support
More informationWhite Paper. PPP Governance
PPP Governance The Governance of Projects, Programs and Portfolios (PPP) (sometimes called project governance for convenience) is the sub-set of corporate and organisational governance 1 focused on assisting
More informationISACA Roundtable. Cobit and Grab@Pizza 7 september 2015
1 ISACA Roundtable 7 september 2015 ISACA Roundtable Cobit and Grab@Pizza 7 september 2015 2015 KPN Corporate Market B.V. ISACA, is a registered trademark of the Information Systems Audit and Control Association
More informationThe Cadence Partnership Service Definition
The Cadence Partnership Service Definition About Cadence The Cadence Partnership is an independent management consultancy, specialising in working with a wide range of organisations, solving complex issues
More informationBusiness Intelligence Competency Centre (BICC)
Business Intelligence Competency Centre (BICC) June 2013 Strategic Placement within an Organisation Document Number: version 1.0 Date: April, 2013 Status: ISSUED Information contained in this proposal
More informationIT Governance Charter
Version : 1.01 Date : 16 September 2009 IT Governance Network South Africa USA UK Switzerland www.itgovernance.co.za info@itgovernance.co.za 0825588732 IT Governance Network, Copyright 2009 Page 1 1 Terms
More informationITAG RESEARCH INSTITUTE
ITAG RESEARCH INSTITUTE Best Practices in IT governance and alignment Steven De Haes Wim Van Grembergen University of Antwerp Management School IT governance is high on the agenda, but many organizations
More informationCapacity & Demand Management Processes within the ITIL 2011 Update
Capacity & Demand Management Processes within the ITIL 2011 Update Andy Bolton CEO Abstract The 2011 Edition of ITIL, released in July, is billed as resolving errors and inconsistency that were in the
More informationTHE SOUTH AFRICAN HERITAGE RESOURCES AGENCY ENTERPRISE RISK MANAGEMENT FRAMEWORK
THE SOUTH AFRICAN HERITAGE RESOURCES AGENCY ENTERPRISE RISK MANAGEMENT FRAMEWORK ACCOUNTABLE SIGNATURE AUTHORISED for implementation SIGNATURE On behalf of Chief Executive Officer SAHRA Council Date Date
More informationITIL-CMMII Comparison
ITIL-CMMII Comparison Today we can see and understand that many IT organizations are striving to improve how they do business throughout the organization. In doing so, many organizations undertake a number
More informationBridging the IT Business Gap The Role of an Enterprise Architect
Whitepaper Bridging the IT Business Gap The Role of an Enterprise Architect Today s enterprises understand the value that Information Technology (IT) can bring to their business. IT supports day-to-day
More informationStrategic IT audit. Develop an IT Strategic IT Assurance Plan
Strategic IT audit Develop an IT Strategic IT Assurance Plan Speaker Biography Hans Henrik Berthing is Partner at Verifica and Senior Advisor & Associated Professor at Aalborg University. He is specialized
More informationSupply chain maturity study Comparator report HSCNI
Supply chain maturity study Comparator report HSCNI November 21 Supply chain maturity comparator study Contents Page Introduction Results summary Supply chain strategy Supplier relationship management
More informationIntegrated Management Education and Training Guidance
Integrated Management Education and Training Guidance Prepared by the Chartered Quality Institute Integrated Management pecial Interest Group Author: Ian Dalling Unified Management olutions CQI IMIG Integrated
More informationGobierno de TI Enfrentando al Reto. IT Governance Facing the Challenge. Everett C. Johnson, CPA International President ISACA and ITGI
Gobierno de TI Enfrentando al Reto IT Facing the Challenge Everett C. Johnson, CPA International President ISACA and ITGI 1 Add titles Agenda Agenda IT governance keys IT governance focus areas: theory
More informationIT Service Management
IT Service Management Policy Based IT Service Management White Paper Prepared by: Rick Leopoldi March 23, 2004 Copyright 2001. All rights reserved. Duplication of this document or extraction of content
More information"Integrating ITIL and COBIT 5 to Optimize IT Process and Service Delivery"
"Integrating ITIL and COBIT 5 to Optimize IT Process and Service Delivery" 6th itsmf South East Europe Conference Michalis Samiotakis, ISACA Athens Chapter Athens, Greece, April 19, 2013 2 Agenda Who we
More informationAPPLICABLE TO: Flow Systems Group and all employees. Risk Management
PURPOSE: Flow Systems is committed to managing its risks and ensuring compliance with all relevant laws and regulations in a proactive, on-going and positive manner. This document outlines Flow s Risk
More informationQuality Management Systems
Management ystems Introduction An organisation will benefit from establishing an effective quality management system (QM). he cornersne of a quality organisation is the concept of the cusmer and supplier
More informationPrinciples of Execution. Tips and Techniques for Effective Project Portfolio Management
Principles of Execution Tips and Techniques for Effective Project Management Roadmap Develop A Shared Vision for Management Understanding the Difference between Project Management Reviews and Management
More informationPrinciples for An. Effective Risk Appetite Framework
Principles for An Effective Risk Appetite Framework 18 November 2013 Table of Contents Page I. Introduction... 1 II. Key definitions... 2 III. Principles... 3 1. Risk appetite framework... 3 1.1 An effective
More informationSITA Service Management Strategy Implementation. Presented by: SITA Service Management Centre
SITA Service Management Strategy Implementation Presented by: SITA Service Management Centre Contents What is a Service? What is Service Management? SITA Service Management Strategy Methodology Service
More informationSarbanes Oxley Act Statement of Ability. An AdRem Software White Paper
Sarbanes Oxley Act Statement of Ability An AdRem Software White Paper 2009 AdRem Software, Inc. This document is written by AdRem Software and represents the views and opinions of AdRem Software regarding
More informationPreliminary Reference Guide for Software as a Service (SaaS)
Preliminary Reference Guide for Software as a Service (SaaS) for the evaluation of the service providers' software development process Maiara Heil Cancian Florianópolis, March/2009 About the author Maiara
More informationCopyright protected. Use is for Single Users only via a VHP Approved License. For information and printed versions please see www.vanharen.
COBIT 5 A Management Guide Other publications by Van Haren Publishing Van Haren Publishing (VHP) specializes in titles on Best Practices, methods and standards within four domains: - IT and IT Management
More informationIS Audit and Assurance Guideline 2202 Risk Assessment in Planning
IS Audit and Assurance Guideline 2202 Risk Assessment in Planning The specialised nature of information systems (IS) audit and assurance and the skills necessary to perform such engagements require standards
More informationWhite Paper Governance, Risk Management and Compliance: Sustainability and Integration supported by Technology
White Paper Governance, Risk Management and Compliance: White Paper Governance, Risk Management and Compliance: Published by PricewaterhouseCoopers AG by: Christof Menzies Alan Martin Michael Koch Carsten
More informationHow to bridge the gap between business, IT and networks
ericsson White paper Uen 284 23-3272 October 2015 How to bridge the gap between business, IT and networks APPLYING ENTERPRISE ARCHITECTURE PRINCIPLES TO ICT TRANSFORMATION A digital telco approach can
More informationHuman Services Quality Framework. User Guide
Human Services Quality Framework User Guide Purpose The purpose of the user guide is to assist in interpreting and applying the Human Services Quality Standards and associated indicators across all service
More information