We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byShane Blanch
Modified about 1 year ago
IT Governance Drivers of Process Maturity Discussant comments Joseph Braithwaite Friday, Oct 21, 2011
© Deloitte & Touche LLP and affiliated entities. Table of contents 1.Author’s Motivation or Justification 2.Theoretical Support 3.Analysis of results 4.Conclusion 5.Contribution to practice 6.Exposition 7.Contact IT Governance Drivers of Process Maturity1
© Deloitte & Touche LLP and affiliated entities. IT Governance Drivers of Process Maturity Author’s Motivation or Justification The author’s defend an opinion that there is a ‘Strong Association’ between the maturity of the IT Processes and the capability of those processes to function –On the surface this opinion is sound, as this is the same view that most generalist would have as the connection appears intuitive; but in practical terms the ability of a process to function as designed drives business value, not the level of maturity of that process. –This approach has outlined how the process maturity can influence how successful an IT organization can be in supporting the business but has missed looking at the business reasoning behind having less mature processes. IT Governance Drivers of Process Maturity2
© Deloitte & Touche LLP and affiliated entities. IT Governance Drivers of Process Maturity Theoretical support One half of the report is based on ‘Literature Reviews’ which has provided a lot of ‘Academic’ references and research materials. -The materials provided throughout this paper appear to be ‘academic’ with little to no ‘Industry’ research supported materials. Understanding the needs around research in the University setting I feel that there is a ‘Gap’ between the theory and the practical applicability of the results. -Industry research firms such as Gartner and Foresters would provide a level of ‘Industry’ perspective out side of the many industry journal perspectives provided. Many of the journals list publish academic papers, so they don’t truly provide a direct industry perspective. IT Governance Drivers of Process Maturity3
© Deloitte & Touche LLP and affiliated entities. IT Governance Drivers of Process Maturity Research methods The research method used had several significant flaws in the design, two are: –The 51 organizations used in the research we volunteers coming mostly from ISACA, which presents a bias with the group from the beginning (this was noted in the report) –Face-to-face interviews, although technically a good approach to gathering information results in information being presented as opinions and not facts. The ability to provide a quantitative analysis from this information needs to be considered. –Interviews introduce a bias as it’s human nature to reflect positively on the person being interviewed. This will almost always result in the values being inflated higher that reality. IT Governance Drivers of Process Maturity4
© Deloitte & Touche LLP and affiliated entities. IT Governance Drivers of Process Maturity Analysis of results The analysis used provided strong support and quantifiable evidence behind the opinion that mature processes provide for more IT capabilities…what does that really mean to me? –CobiT and ITIL are widely used throughout all industries when 40% of CIO’s ‘Thoroughly Follow’ at least one framework. How many follow portions of those same frameworks? From an industry perspective the complete implementation of a complete framework is seldom seen…so what is the impact of not following the processes 100%? –A view on the consistent application of specific CobiT and ITIL processes would provide more practical evidence to support the defined opinion (CM impact for instance) –The resulting analysis and conclusions were difficult to filter through and in some cases contradicted the previous statements. IT Governance Drivers of Process Maturity5
© Deloitte & Touche LLP and affiliated entities. IT Governance Drivers of Process Maturity Analysis of results (continued) –There is evidence presented that supports a need for more interaction at the board level with IT (1/5 of boards had an IT strategy committee, ¼ had a risk or security committee and only 1/3 of the boards had an IT committee) but there was no clear connection provided between the maturity levels and the interactions at the board level –The most mature processes outlined (security and virus detection and prevention) are direct business facing processes and are supported only through IT. The configurations and requirements are wide and varied, with a strong compliance component related to them. These process should not be the bases for the decision that IT Capabilities are influenced by process maturities as their management might reside in IT, but the ownership could reside on the business side IT Governance Drivers of Process Maturity6
© Deloitte & Touche LLP and affiliated entities. IT Governance Drivers of Process Maturity Conclusion The conclusion that IT processes and their maturity levels provide a comprehensive IT Lifecycle view of IT organizations –This statement has several problems in it generality; the first being the determination that the IT Lifecycle and IT processes are mutually exclusive in nature when in reality they should coexist in harmony –The fact that some processes are intentionally left at a less mature state hasn’t been taken into consideration with regards to the functionality or capabilities of the IT organization. –The concept that the more mature your process is the more capable your IT department will be is sound, but what is the end result. Future research needs to look at the ability of IT to great and sustain value for the business –Enterprises exist to create value for their stakeholders, so the governance objective for any enterprise— commercial or not—is value creation - ISACA IT Governance Drivers of Process Maturity7
© Deloitte & Touche LLP and affiliated entities. IT Governance Drivers of Process Maturity Contribution to practice I’m not positive in what value this has provided to the larger industry outside of academia. In reality the evidence only shows that organizations are diverse in their adherence to higher levels of maturity The fact that there wasn’t a broader view of the business and IT interactions that support the governance processes means the research isn’t finished yet, and as such, the results and conclusions are inconclusive at best. Future research should either focus on the breadth and depth of IT Governance as a holistic approach or be narrowed to focus on the a few specific components within a CobiT process. Expand the research to a broader number of organizations and avoid a disproportionate number of ISACA volunteers. This will reduce the inherent bias. Also, focus on auditable audit results and not questionnaire based interviews as the evidence does not have a bias IT Governance Drivers of Process Maturity8
© Deloitte & Touche LLP and affiliated entities. IT Governance Drivers of Process Maturity Exposition The audience should understand the exposition, but the analytical data provided should be addressed for the non PHD’s who will be using it… IT Governance Drivers of Process Maturity9
© Deloitte & Touche LLP and affiliated entities. IT Governance Drivers of Process Maturity Contact Joseph Braithwaite is a manager in with Deloitte in the Enterprise Risk Services Practice specializing in IT Risk and Governance Contact details JBraithwaite@deloitte.ca 416-775-4785 These views and opinions expressed herein are those of the discussant and do not necessarily represent the views and opinions of Deloitte LLP. IT Governance Drivers of Process Maturity10
The Impact of Information Technology Material Weaknesses on Corporate Governance: Evidence from Executive and Director Turnover, and IT Governance Changes.
Risk Management and Internal Controls ASSAL 20 November 2014 Annick Teubner Chair, IAIS Governance Working Group.
An article review is written for an audience who is knowledgeable in the subject matter instead of a general audience When writing an article review,
COBIT® 5 for Risk Introduction Presented by. © 2013 ISACA. All rights reserved.2 © 2013 ISACA. All rights reserved. For usage guidelines, see
360 Security Model Holistic Approach to Security.
IT Control Weaknesses, IT Governance and Firm Performance Discussant Comments Gary Baker, Partner, Deloitte & Touche LLP Saturday, October 13, 2007.
How to Organize your thesis? & Structure of a Research Paper Advanced Research Methodology by Mr. Bilal Ahmad, Lahore Leads University PK.
Change Management and COBIT®. Estonia & Finland Chapters Presentation Friday, November 5 th 2004 Charles Mansour CISA Tere päevast! ©Charles Mansour.
Pekka Nurminen (k90673) MSc thesis Research Plan.
Linkage of Risk, Capital and Financial Management CAS Annual Meeting Aaron Halpert, ACAS, MAAA Leslie R. Marlo, FCAS, MAAA November 12, 2007 INSURANCE.
IB2090 Marketing MARTIN LAUSEGGER. Marketing is the art of creating genuine customer value. It is the art of helping your customer become better off.
Presented by. COBIT–The ISACA Framework COBIT is an IT governance framework and supporting tool set that allows managers to bridge the gap between control.
ITIL Framework. What is ITIL ? ITIL stands for the Information Technology Infrastructure Library. ITIL is the international de facto management framework.
1 CEO, CFO & CIO Engagement in Information Technology Management: The Disciplinary Effects of Sarbanes-Oxley Information Technology Material Weaknesses.
“the presentation of the thesis falls short,,,substantial proof reading,,,” “the literature,,raises a number of issues,,,many of them are also left open,
From cost to value: 2010 Global Survey on the CIO Agenda June 15 th, 2010 IT ADVISORY KPMG INTERNATIONAL.
Fleming College Quality and Risk Management Review Summary November 10, 2005.
GEELONG REVISITED FROM ESD TO EBFM - future directions for fisheries management A COMMERCIAL INDUSTRY PERSPECTIVE ON THE ESD FRAMEWORK Neil MacDonald,
WHEN TITLE IS NOT A QUESTION N O ‘WE CAN’ Establishing Effective ERM of IT: Implementation and Operational Issues of the New ‘Risk IT Framework’ Robert.
The Audit Process Tahera Chaudry March Clinical audit A quality improvement process that seeks to improve patient care and outcomes through systematic.
Factors Associated with IT Audits by the Internal Audit Function Discussant Comments October 2, 2009 INFORMATION RISK MANAGEMENT ADVISORY.
Accounting 493/593 Review of Introduction to Auditing Lynn Kingston, CPA Adjunct Faculty Portland State University.
WRITING RESEARCH PAPERS Puvaneswary Murugaiah. INTRODUCTION TO WRITING PAPERS Conducting research is academic activity Research must be original work.
Improving Compliance with ISAs Presenters: Al Johnson & Pat Hayle.
Enterprise Architecture Rapid Assessment Colin Wheeler – Principal Consultant 2009.
Selection Committee Training Scholarship Programs Office of Student Access and Completion.
Exploring differences between large and medium organizations’ Corporate Governance of Information Technology Discussant Comments Christopher O’Connor,
PPA 501 – Analytical Methods in Administration Lecture 2c – The Research Proposal.
Microsoft Operations Framework (MOF) 4.0 microsoft.com/MOF.
CSI - Introduction General Understanding. What is ITSM and what is its Value? ITSM is a set of specialized organizational capabilities for providing value.
Ian F. C. Smith Writing a Journal Paper. 2 Disclaimer / Preamble This is mostly opinion. Suggestions are incomplete. There are other strategies. A good.
How to Satisfy Reviewer B and Other Thoughts on the Publication Process: Reviewers’ Perspectives Don Roy Past Editor, Marketing Management Journal.
Overview of COBIT5 and Impact on Local Content for IT By Mrs Tokunbo Martins Director Banking Supervision (Central Bank of Nigeria)
CPD 3 - Advanced Publishing Skills 1 - How to Get Published and to Continue to Get Published in Leading Academic Journals Professor Tarani Chandola with.
An Examination of the Factors Influencing Student Participation in Collaborative Approaches to Examination Preparation Paul Greenbank Edge Hill University.
Commissioning Self Analysis and Planning Exercise activity sheets.
Bruce White Ruth Geer University of South Australia.
Smith/Davis (c) 2005 Prentice Hall Chapter One The Science of Psychology PowerPoint Presentation created by Dr. Susan R. Burns Morningside College.
Morten Blomhøj and Paola Valero Our agenda: 1.The journal NOMAD’s mission, review policy and process 2.Two reviews of a paper 3.Frequent comments in reviews.
Research Briefing Results of Research Studies: Making the Outsourcing Decision and Optimizing Value from outsourcing March 8, 2007.
The Editor’s Perspective on Reviewing and Selecting Manuscripts for Publication Samuel F. Posner, PhD Editor in Chief, Preventing Chronic Disease Deputy.
Students as equal partners? Where do we stand? And how to reach beyond the surface regarding participation? Andrea Blaettler, Academic Affairs Committee.
IT Governance & Quality Management Lekture 1 Introduction 1IT-University of Copenhagen11/01/2014.
Chapter One: The Science of Psychology. Ways to Acquire Knowledge.
Dr. Ray Gen Action Research EDUU 604 Dr. Ray Gen.
AP European History DBQ Ms. Pugh and Mr. Yuscavage.
WELCOME! We will begin our webinar at the top of the hour As you log on, do not be surprised if you don’t hear anyone else; participants are placed on.
The Research Paper English 12. Argumentative Research Papers Present a strong claim to a possibly resistant audience You will gather evidence by looking.
Planning an Applied Research Project Chapter 1 – Reading and Analyzing Research © 2014 John Wiley & Sons, Inc. All rights reserved.
© 2017 SlidePlayer.com Inc. All rights reserved.