It Governance

Only available on StudyMode
  • Download(s) : 144
  • Published : January 22, 2013
Open Document
Text Preview
IT Governance

Project Report

Table of Contents
IT Governance3
COBIT Framework7
Why?7
Who?11
What?12
IT Resources13
Processes14
Plan and organize (PO)15
Acquire and implement (AI)15
Deliver and support (DS)16
Monitor and evaluate (ME)16
Processes need Controls17
Business and it controls21
Summary23
References24

IT Governance
A governance view that consists of the business governance of IT – ensuring that IT supports and enables the business strategy – and the functional governance of IT – ensuring that the IT function itself runs efficiently and effectively (http://www.takinggovernanceforward.org). Executive Summary

Successful enterprises recognize the benefits of information technology and use it to drive their stakeholders’ value. These enterprises also understand and manage the associated risks, such as increasing regulatory compliance and critical dependence of many business processes on information technology (IT). The need for assurance about the value of IT, the management of IT-related risks and increased requirements for control over information are now understood as key elements of enterprise governance. Value, risk and control constitute the core of IT governance. Control Objectives for Information and related Technology (COBIT®) provides good practices across a domain and process framework and presents activities in a manageable and logical structure. COBIT’s good practices represent the consensus of experts. They are strongly focused more on control, less on execution. These practices will help optimize IT-enabled investments, ensure service delivery and provide a measure against which to judge when things do go wrong. For IT to be successful in delivering against business requirements, management should put an internal control system or framework in place. The COBIT control framework contributes to these needs by: * Making a link to the business requirements

* Organizing IT activities into a generally accepted process model * Identifying the major IT resources to be leveraged
* Defining the management control objectives to be considered An answer to these requirements of determining and monitoring the appropriate IT control and performance level is COBIT’s definition of: * Benchmarking of IT process performance and capability, expressed as maturity models, derived from the Software Engineering Institute’s Capability Maturity Model (CMM) * Goals and metrics of the IT processes to define and measure their outcome and performance based on the principles of Robert Kaplan and David Norton’s balanced business scorecard * Activity goals for getting these processes under control, based on COBIT’s control objectives The assessment of process capability based on the COBIT maturity models is a key part of IT governance implementation. After identifying critical IT processes and controls, maturity modeling enables gaps in capability to be identified and demonstrated to management. Action plans can then be developed to bring these processes up to the desired capability target level. Thus, COBIT supports IT governance by providing a framework to ensure that: * IT is aligned with the business

* IT enables the business and maximizes benefits
* IT resources are used responsibly
* IT risks are managed appropriately

Figure 1 - Adopted for this study Governance Focus Areas
* Strategic alignment focuses on ensuring the linkage of business and IT plans; defining, maintaining and validating the IT value proposition; and aligning IT operations with enterprise operations. * Value delivery is about executing the value proposition throughout the delivery cycle, ensuring that IT delivers the promised benefits against the strategy, concentrating on optimizing costs and proving the intrinsic value of IT. * Resource management is about the optimal investment in, and the proper management of, critical IT resources: applications,...
tracking img