Presentation is loading. Please wait.

Presentation is loading. Please wait.

COBIT - IT Governance.

Published byAdrian Flowers Modified over 8 years ago

Similar presentations

Presentation on theme: "COBIT - IT Governance."— Presentation transcript:

1 COBIT - IT Governance

2 Maintain Security Smooth running of the system Meet Organization Mission Network Platform Ongoing Compliance Cost Effective Turnover IT governance is an integrated part of the organization and main resistibility of Executive and senior management. : With vast dependence on technology devices and to achieve the above objective. Organization are in need to introduce an It governance in place; Organization need a clear structure policy or set or responsibilities for all organization IT users Mitigating any possible riks that can interrupt the smooth of operational activities. Verification of different employees access levels and identity.

3 IT Governance Measures
Vision/Mission It ensure the integration between business objectives to meet with different IT plans that do interrupt the smooth of operations Value Added Enhance IT outputs with promising costs that can added value to the main organization strategy i.e. ensure the value of IT. Better Resource Utilization Here resources are not only the operators that use the system, but a proper management of different resources times , IT resources, applications, integration and speed i.e. knowledge and interfaces Risk management Highlight the different risks that may occur on different operational activities. Raise the awareness of such risks, giving an opportunity to analyse and mitigate them. Dedicate different responsibilities that can manage, monitor and identify any risks as soon as it occurs or a chance of its occurrence. This slide highlights the five focus areas of IT governance as defined by ITGI. Performance Efficiency Plan, act, check (track) and monitor different project phases for a successful completion. Managing of resource, process performance measures i.e. maintain value added activities with the process, ensure completion of the service on time and as required to meet the market demand and organization strategy

4 IT Governance Principles
Ensuring Confidentiality Allowing authorized user to modify/ access to information Preventing unauthorized users to access information Ensuring that information and resources are accessible when needed Preventing information and resources from being inaccessible when needed Functional Policies Procedures Standards Guidelines Baselines Laws, Regulations, Requirements, Organizational Goals, Objectives General Organizational Policies

5 Policies and Procedures
are statements of management intentions and goals Backup Stakeholders and senior management support Meet organization mission Clear instruction for the use of internet, log on and different internet information Procedures Clear steps to perform different activities Detailed of the identify organization Detailed user accounts setting up, passwords , access level Identify roles and responsibilities

6 Standards and Guidelines
formalize the use of technology in a structured manner Identify the use of different platforms settings and configuration, applications and tools Guidelines are recommended methods for performing a task Recommended, but not required Malware cleanup, spyware removal, data conversion, sanitization, etc Baselines Applying different technologies and versions from different vendors Install network server baselines

7 COBIT Framework Characteristics
COBIT is a framework that mitigate the gaps between business process control needs, control needs and technical problem i.e. standardisation of good practices COBIT - Control Objectives for Information and Related Technology : Starts from mapping business requirements Leverage resource required for IT process-orientation and activities into an effective model Defines the stakeholders and management policy Monitor, control and sustain different objectives to be met on time. Incorporates major international standards This slide summarises the main attributes of the COBIT framework.

8 COBIT Framework Characteristics
It recognizes globally as IT standard practice and audit Defines IT goals to meet with the business ones and vice versa User friendly and can be understood by different operators level Maintain security of different devices that be used through network nodes. Clear identification of ownership and responsibilities General acceptability with third parties and regulators Shared understanding amongst all stakeholders, based on a common language Meet COSO IT control requirements This slide summarises the main attributes of the COBIT framework.

9 COBIT: Framework Advantages
It can be work in parallel with our IT techniques and framework, Provide a well structure and flexible working environment Provides a well maintained control environment Update its owns interference according to different safety regulatory Recent corporate scandals have increased regulatory pressures on boards of directors to report their status and ensure that internal controls are appropriate. This pressure covers IT controls as well It is a proven to be globally accepted standard to enhance the use of IT for organizational success. Implement Global IT professionals ideas to improve its activities and to keep in pace with good practice and market needs It direct and improves IT governance procedures in organizations.

10 IT Governance – COBIT Business Requirements
Aligning business objectives with IT ones Ensure the implementation and meeting business strategy. Supported business measures metrics, can ensure to the value delivery and not looking only at the technical aspects. When organizations implement COBIT, their focus is more process-oriented. Incidents and problems no longer divert attention from processes. Exceptions can be clearly defined as part of standard processes.

11 IT Governance – COBIT With process ownership defined, assigned and accepted, the organization is better able to maintain control through periods of rapid change or organizational crisis. COBIT maintains the IT life cycle in four categories: Plan and Organize Organization policy an procedures Acquire and Implement Access level Deliver and Support Meet business mission and goals Monitor and Evaluate Control and Sustain

12 COBIT Cube: Information Criteria (Cont.)
Effectiveness Maintain and availability of relevant information in a timely, correct and useful manner when and where it is needed Efficiency Enhance the synchronization of tasks and activities to improve operational efficiency Confidentiality Protect the sensitivity of information Integrity Maintain the accuracy and completeness of different information access to meet with business mission and objectives Availability Availability of information when and where is needed, hence securing different network platform e.g. mobility and cloud systems Compliance Adherence to laws, policies, regulations along with internal and external policies. Reliability Management approval for different IT governance and regulation to meet with economic , market and social needs Fiduciary Requirements Security Requirements Quality Requirements Information Criteria IT Resources IT Processes

13 References RSD information governance definition [Kooper, M., Maes, R., and Roos Lindgreen, E. (2011). On the governance of information: Introducing a new concept of governance to support the management of information. International Journal of Information Management, 31(3), ] White Paper (2011). Ledergerber, Marcus, ed. How the Information Governance Reference Model (IGRM)Complements ARMA International’s Generally Accepted Recordkeeping Principles). EDRM and ARMA International. p. 15. RSD. "RSD".

Download ppt "COBIT - IT Governance."

Similar presentations

Internal Control–Integrated Framework

Internal Control–Integrated Framework
What is GARP®? GARP® is an Acronym for Generally Accepted Recordkeeping Principles ARMA understands that records must be.

What is GARP®? GARP® is an Acronym for Generally Accepted Recordkeeping Principles ARMA understands that records must be.
Chapter 10 Accounting Information Systems and Internal Controls

Chapter 10 Accounting Information Systems and Internal Controls
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Control and Accounting Information Systems

Control and Accounting Information Systems
ACG 6415 SPRING 2012 KRISTIN DONOVAN & BETH WILDMAN IT Security Frameworks.

ACG 6415 SPRING 2012 KRISTIN DONOVAN & BETH WILDMAN IT Security Frameworks.
TI BISNIS ITG using COBIT &

TI BISNIS ITG using COBIT &
COBIT - II.

COBIT - II.
The Islamic University of Gaza

The Islamic University of Gaza
By Collin Smith http://techinitiatives.blogspot.com COBIT Introduction By Collin Smith http://techinitiatives.blogspot.com.

By Collin Smith COBIT Introduction By Collin Smith
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Internal Control Concepts Knowledge. Best Practices for IT Governance IT Governance Structure of Relationship Audit Role in IT Governance.

Internal Control Concepts Knowledge. Best Practices for IT Governance IT Governance Structure of Relationship Audit Role in IT Governance.
Overview of IT Governance and

Overview of IT Governance and
Security Management Practices Keith A. Watson, CISSP CERIAS.

Security Management Practices Keith A. Watson, CISSP CERIAS.
COSO Framework A company should include IT in all five COSO components: –Control Environment –Risk Assessment –Control activities –Information and communication.

COSO Framework A company should include IT in all five COSO components: –Control Environment –Risk Assessment –Control activities –Information and communication.
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Pertemuan 11-12 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

Pertemuan Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
NIST framework vs TENACE Protect Function (Sestriere, 21-23 Gennaio 2015)

NIST framework vs TENACE Protect Function (Sestriere, Gennaio 2015)
Computer Security: Principles and Practice

Computer Security: Principles and Practice
The Information Systems Audit Process

The Information Systems Audit Process

Similar presentations

Ads by Google