Scribd Logo
Importer

Bienvenue sur Scribd !

  • Transparency For Effective IT Governance

    Transféré par

    Ahmed Buhazza
    53 vues22 pages
    A Transparency practice that make Governance, Risk and compliance practical and effective

    Titre original

    Transparency for Effective IT Governance

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Formats disponibles

    PDF, TXT ou lisez en ligne sur Scribd

    Avez-vous trouvé ce document utile ?

    Ce contenu est-il inapproprié ?

    Signaler ce document
    A Transparency practice that make Governance, Risk and compliance practical and effective

    Droits d'auteur :

    Attribution Non-Commercial (BY-NC)
    Téléchargez comme PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    53 vues22 pages

    Transparency For Effective IT Governance

    Transféré par

    Ahmed Buhazza
    A Transparency practice that make Governance, Risk and compliance practical and effective

    Droits d'auteur :

    Attribution Non-Commercial (BY-NC)
    Téléchargez comme PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    sur 22

    Transparency

    for effective IT Governance


    By Ahmed Buhazza E-Government Authority
    1

    What

    Transparency

    Lack of hidden agendas and conditions, accompanied by the availability of full information required for collaboration, cooperation and collective decision making.
    (Source: businessdictionary.com)

    What

    360 Transparency

    What

    IT Governance
    The framework for the leadership, organizational structures and business processes, standards and compliance to these standards, which ensures that the organization's information systems support and enable the achievement of its strategies and objectives.
    5

    What

    Governance Drivers
    Quality Assurance

    Internal Controls & Audit demands Compliance Drivers

    Government Policies & Regulations

    Risk Mitigation

    Managing Corporate Compliance

    Active regulators

    Risk Drivers

    Why

    Without IT Governance & Transparency

    Many Failures

    Bad planning
    Misused budgets and resources. Random and Wrong decisions Misunderstandings

    Financial Loses Bad Reputation

    Closed Business
    Legal Actions
    7

    Why

    No Transparency

    Avoiding the Blame

    Hidden Agenda

    Lack of Awareness Require Additional Effort

    Tight Control

    Many Restrictions

    Additional Unnecessary hassle

    Not Credited

    Not worthy

    Not in culture

    How

    The Treatment

    How

    Principles

    Transparency

    Mission

    Accountability

    Measurability

    Vision

    Strategy
    10

    How

    Integrated Strategy

    11

    How

    Management Engagement

    Formal Committees

    Top Management Involvements

    Active Engagement

    Weill, P. & Ross, J.W. (2004)


    12

    How

    Solid, Flexible Practical Governance

    Limited Renegade exceptions

    Fewer annual changes

    Weill, P. & Ross, J.W. (2004)


    13

    How

    Resource Management
    Code of Ethics Disclosures & Work Ethics Training

    Suitable Tools Appropriate Skills Clear Objectives


    Forming

    Selection

    Performing

    Storming

    Define your required transparency

    Norming

    Top Down Hierarchy

    14

    How

    SMART, focused and Mapped Objectives

    Mapped Focused
    (i.e. KPIKRI)

    Built-in
    (i.e. JD)

    SMART

    Performance Review

    If you want people to pay attention to something, measure them on it, Mitchell said. It sends a serious message.

    15

    How

    Monitoring; the Built-in Assurance

    IT Governance Structure Audit Committee Audit (Internal/External)

    Assessment (i.e. Risk-based planning)

    Actively monitor and regularly review risks on a constructive, no-blame basis.

    16

    How

    Automation i.e. IT Compliance

    IT Strategy & Operations

    Query: SIC/NAICS, Geography

    C-GRID Global Regulatory Information Database


    Relevant Regulations

    IT Compliance Policies/Procedures

    Relevant Regulations Requirements

    Rules

    Updates

    Vendors Gap Analysis Rules

    Users

    Auditors

    Other Stake-holders

    Regulators

    Goal: Automated Detection of New Regulatory Requirements and Rule-Based Generation of Policies
    17

    How

    Adapting a solid framework


    Model
    COBIT

    General use
    IT Control Objectives Governance of IT investments

    What

    Val IT

    ISO 38500
    ITIL, ISO 20000 ISO 27001, 27002 PMBOK, PMMM, PRINCE2 BS 25999 Weill and Ross model ISO 9001, Six Sigma CMMI People-CMM (P-CMM): Balance Score Card (BSC) E-Souring Capability Model

    Corporate Governance of Information and Communication Technology


    IT Service and operations management Information Security Management System for Project Management Business Continuity Management (BCM) decision making structure for Quality improvement for System and Software development for Human Asset Management control and measurement scheme Sourcing management for both service providers and customers

    How

    How

    Communication & Awareness


    Annual IT Review Forum

    General Meetings

    Annual IT Planning Surveys

    IT Governance
    Correspondence Feedback

    Business Demand IT Services Best Practices

    Direct or Escalated Matters

    Biyearly IT Audit Biyearly Service Survey

    Requirements and Suggestions

    19

    How

    Cultural Change
    Rules are made to be broken Tone at the top Not only talk the talk, but more walk the walk The Wisdom of Crowds and Mistakes were madepossibly by me Gradual Change Cultural Audit
    20

    How

    Transparency Framework
    Culture

    Process

    Organization

    Communication

    Technology
    21

    Thank You

    22

    Vous aimerez peut-être aussi