Presentation is loading. Please wait.

Presentation is loading. Please wait.

Pertemuan 11-12 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "Pertemuan 11-12 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007."— Presentation transcript:

1 Pertemuan 11-12 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007

2 Bina Nusantara PLANNING AND CONTROLLING

3 Bina Nusantara

4

5

6 The Important of Project Planning and Control in SDLC SDLC flow follow steps: A new idea is generated for a system or improvement The idea is preliminarily accepted for potential funding by a sponsor, owner, or user group.

7 Bina Nusantara The Important of Project Planning and Control in SDLC Problem analysis – The feasibility of the idea is investigated and data is gathered and analyzed related to the cost and benefits, along with other alternative courses of action – Classic problem definition and current state analysis is performed and documented to understand the primary problem that is to be solved using root cause analysis techniques – The constraints of existing and potentially future solutions are identified – The resultant idea feasibility and options for moving forward are documented and presented to the sponsor for approval

8 Bina Nusantara The Important of Project Planning and Control in SDLC Solution design: – If approved for further study, criteria are developed for a successful implementation and are documented along with the functional requirements for the system to meet the needs of the sponsor and the proposed idea – Processes are defined by system flowcharts and data flow diagrams to better understand the possible solutions and project tasks involved with deploying the various solutions – Various solutions are analyzed, buy versus build analysis is performed, software acquisition strategies are investigated, and in-house versus contract services are reviewed as options – The technical feasibility of the various solutions is examined and reconciled with the organizations infrastructure, data model, current and planed system architectures, configurations and so forth

9 Bina Nusantara The Important of Project Planning and Control in SDLC Solution design: – The economic feasibility also is examined of the top choices for solutions and compared to ROIs and the budgeted resources available. – Risk analysis of the various options, including security and control concerns, are documented and prepared for the final proposal along with recommendations for risk mitigation – Solution proposals are made with recommendations of the systems development goals, costs, and deliverables expectations for approval by system owner/sponsor

10 Bina Nusantara The Important of Project Planning and Control in SDLC System design: – Based on the approved and agreed upon scope and constraints the system is designed and developed considering users needs, data requirements, functional and processing requirements, training, interfaces, inputs, outputs, internal and application controls, audit trails, availability, data integrity, security requirements, and reports – Requests for Proposals (RFPs) are designed and submitted as appropriate and contracts are negotiated with various providers and vendors. For contract programmers, a specific contract language ensures that the adequate controls over deliverables, quality, performance to standards, and worksmanship, as well as supportability issues exist.

11 Bina Nusantara The Important of Project Planning and Control in SDLC System design: – Project plans are built defining the required resources, timeframes, deliverable milestones, and so forth. This is the point where review criteria is developed and agreed upon to ensure that design goals are met. – Mock ups and a cost benefit analysis are presented for approval and final sign off of development by the departments of management and the affected users.

12 Bina Nusantara The Important of Project Planning and Control in SDLC System development: – Equipment is purchased and installed properly – Systems are developed in the test environments – Programming occurs either through internal or contracts resources – Several iterations of programming and testing are staged and integrated to achieve the final objectives

13 Bina Nusantara The Important of Project Planning and Control in SDLC System development: – The testing staged includes unit testing, integration testing, regression testing, hardware and component testing, load and stress testing, pilot testing, user acceptance testing, performance testing, and total system testing. This testing should have provisions for protecting sensitive data in the testing phases. The testing duties should be segregated from development tasks as much as possible to ensure the fair analysis and testing of the resultant system or programming components

14 Bina Nusantara The Important of Project Planning and Control in SDLC System development: – User screens are developed and tested – Initial systems documentation is produced – Test data is processed for the required objectives testing – Facilities planning and implementation is developed with acceptance procedures defined for all of the environment and support needs

15 Bina Nusantara The Important of Project Planning and Control in SDLC System implementation: – Based on approval and sign off, implementation and production deployment is planned – File conversion is performed to populate the final system – Systems conversion is planned and executed using pilot, parallel or full system cutover methodologies – User and operations manuals are documented and completed – User and operators are trained – The final cutover is created, involving close interaction and communication with the system users

16 Bina Nusantara The Important of Project Planning and Control in SDLC Maintenance and Modifications: – The system undergoes routine maintenance and bug fixes with scheduled improvements prepared over time using mini SDLCs – An ongoing, operational use and utilization of system occurs. – The periodic assessment of design and performance based on the needs and changes in technologies also occurs.

17 Bina Nusantara The Important of Project Planning and Control in SDLC Cycle repeats: – A new idea is generated for the improved system to better meet the needs of the owner/sponsor of the user group

18 Bina Nusantara The Important of Project Planning and Control in SDLC Why control important? Discussion of methods, tools, tasks, resources, project schedules and user inputs are critical review point for the IT auditor Project plan are personnel assignments, cost estimates, risks, and organizational impacts associated with the project, and plans for future phases of development including the related cost estimates.

19 Bina Nusantara Project Planning and Control : E-Commerce Security as a Strategic and Structural Problem An effective security management system should be made an integral part of an organization’s business strategy. The development and management of security should support the core business of the organization. Security management consists of guidelines that are based on the security practices that support the business strategy as a whole. In E-commerce businesses, information security should be seen as strategic asset and not as a cost.

20 Bina Nusantara Information Security Management Systems Policy and procedures Scope Risk assessment Risk areas Controls Documentation

21 Bina Nusantara The Planning and Control Approach to E-Commerce Security Management Strategic Aspect – Planning corporate objectives – Defining budgets – Defining information security policy Organizational Aspect – Setting up security team of managers and technical personnel – Defining responsibility – Drawing up training program in technology and methods – Documenting information security procedures – Application of security procedures – Compliance with security procedures

22 Bina Nusantara The Planning and Control Approach to E-Commerce Security Management Technical aspect Financial aspect Legal Aspect

23 Bina Nusantara Conclusion Auditor influence is significantly increased when there are formal procedures and guidelines identifying each phase in the SDLC and the extent of auditor involvement Auditors will be able to review all relevant areas and phases of the SDLC and report independently to management the adherence to planned objectives and company procedures Auditors can identify selected parts of the system and become involved in the technical aspects based upon their skills and abilities

24 Bina Nusantara Audit Involvement in Planning and Analysis The auditor makes a determination of the reasonableness and merits of the project, potential for satisfying the business need and consistent agreement with company policy and objectives The auditor identifies the existence of the communication of the organizational goals from top management downward. Auditor requirements are introduced in a timely manner.

Download ppt "Pertemuan 11-12 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007."

Similar presentations

Chapter 2 Analyzing the Business Case.

Chapter 2 Analyzing the Business Case.
Acquiring Information Systems and Applications

Acquiring Information Systems and Applications
Pertemuan 5-6 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

Pertemuan 5-6 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
Pertemuan 16 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

Pertemuan 16 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
Managing the Information Technology Resource Jerry N. Luftman

Managing the Information Technology Resource Jerry N. Luftman
Pertemuan 25 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

Pertemuan 25 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
System Implementations American corporations spend about $300 Billion a year on software implementation/upgrade projects.

System Implementations American corporations spend about $300 Billion a year on software implementation/upgrade projects.
Fundamentals of Information Systems, Second Edition

Fundamentals of Information Systems, Second Edition
System Development Life Cycle (SDLC)

System Development Life Cycle (SDLC)
Pertemuan 15 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

Pertemuan 15 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
System Implementations American corporations spend about $300 Billion a year on software implementation/upgrade projects.

System Implementations American corporations spend about $300 Billion a year on software implementation/upgrade projects.
Pertemuan 17-18 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

Pertemuan Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
Systems Development (SD) Presentation Michael Webb IT Director for Medicaid Utah Department of Health UDOH Informatics Brownbag August.

Systems Development (SD) Presentation Michael Webb IT Director for Medicaid Utah Department of Health UDOH Informatics Brownbag August.
The Agile vs. Waterfall Methodologies Systems Development:  the activity of creating new or modifying / enhancing existing business systems.  Objectives.

The Agile vs. Waterfall Methodologies Systems Development:  the activity of creating new or modifying / enhancing existing business systems.  Objectives.
1 Principles of Information Systems, Ninth Edition Chapter 13 Systems Development: Design, Implementation, Maintenance, and Review.

1 Principles of Information Systems, Ninth Edition Chapter 13 Systems Development: Design, Implementation, Maintenance, and Review.
Acquiring Information Systems and Applications

Acquiring Information Systems and Applications
Chapter 17 Acquiring and Implementing Accounting Information Systems

Chapter 17 Acquiring and Implementing Accounting Information Systems
Acquiring Information Systems and Applications

Acquiring Information Systems and Applications
Introduction to Computer Technology

Introduction to Computer Technology
Enterprise Architecture

Enterprise Architecture

Similar presentations

Ads by Google