Académique Documents
Professionnel Documents
Culture Documents
Ascertaining that risks are managed appropriately Verifying that the enterprises resources are used responsibly
RESOURCE MANAGEMENT
Leveraging IT Governance Principles for better Technology Management : By Abdulmajid Said : saidabdulmajid@gmail.com
Performance
Conformance
Enterprise governance and IT governance require a balance between conformance and performance goals directed by the board.
IT Governance
IT governance is:
The responsibility of the board of directors and executive management An integral part of enterprise governance, consisting of the leadership, organisational structures and processes that ensure that the enterprises IT sustains and extends the organisations strategies and objectives
www.itgi.org www.itgi.org
2011
RESOURCE MANAGEMENT
5%
2005 2003
36 %
58 %
Source: Surveys by PwC for the IT Governance Institute Sep-Oct 2003 and January 2011
How RTA Measures Technology Performance inline with Strategic Objectives and Value proposition
How RTA manages its critical Technology resources : (Technology, Applications, Infrastructure and People)
1-Sep-12
Governance Models
1. Centralized 2. Decentralized
3. Federated/Hybrid
1-Sep-12
Value/Cost
Regulatory Compliance
RTA required a structured approach for managing these and other challenges. This will ensure that there are agreed objectives for IT, good management controls in place and effective monitoring of performance to keep on track and avoid unexpected outcomes.
The COBIT framework is based on the premise that IT needs to deliver the information that an enterprise requires to achieve its objectives.
for achieving
Business Objectives
i
Information provide IT Resources and Processes
to
Business Processes
The COBIT framework helps align IT with the business by focusing on business information requirements and organising IT resources. COBIT provides the framework and guidance to implement IT governance.
COBIT
ISO 27001/2 PMI WHAT ISO 9000 HOW
ITIL
SCOPE OF COVERAGE
Monitor and evaluate IT performance. Monitor and evaluate internal control. Ensure compliance with external requirements. Provide IT governance.
MONITOR AND EVALUATE
PO1 PO2
DS1 DS2 DS3 DS4 DS5 DS6 DS7 DS8 DS9 DS10 DS11 DS12 DS13
Define and manage service levels. Manage third-party services. Manage performance and capacity. Ensure continuous service. Ensure systems security. Identify and allocate costs. Educate and train users. Manage service desk and incidents. Manage the configuration. Manage problems. Manage data. Manage the physical environment. Manage operations.
IT RESOURCES
Define a strategic IT plan. Define the information architecture. PO3 Determine technological direction. PO4 Define the IT processes, organisation and relationships. PO5 Manage the IT investment. PO6 Communicate management aims and direction. PO7 Manage IT human resources. PO8 Manage quality. PO9 Assess and manage IT risks. PO10 Manage projects.
Applications Information Infrastructure People DELIVER AND SUPPORT ACQUIRE AND IMPLEMENT
Identify automated solutions. Acquire and maintain application software. Acquire and maintain technology infrastructure. Enable operation and use. Procure IT resources. Manage changes. Install and accredit solutions and changes.
Scope: Are new projects likely to deliver solutions that meet business needs? Are new projects likely to be delivered on time and within budget? Will the new systems work properly when implemented? Will changes be made without upsetting current business operations?
?
New Projects Organisation
AI1 Identify automated solutions. AI2 Acquire and maintain application software. AI3 Acquire and maintain technology infrastructure. AI4 Enable operation and use. AI5 Procure IT resources. AI6 Manage changes. AI7 Install and accredit solutions and changes.
We may apply Project Management Methodology i.e. PMI Standards for Project Governance by establishing a set of defined processes to guide project implementation. i.e. What kind of PMO is required What PM processes to be used Based on Projects Classification Criteria
Geographic representationA target of 21 countries was set, representing broad geographic coverage. Brazil, Russia, India and China (the BRIC countries) were included as important representatives of newly advanced economic growth. Number of respondentsA target of 730 participants was established, representing at least 20 participants per country. (Including fortune 500 Companies)
1-Sep-12
12
95 % of Companies surveyed have either implemented or are planning to implement Enterprise Technology Governance
1-Sep-12
13
1-Sep-12
14
1-Sep-12
15
THANK YOU
Prepared by : Abdulmajid Said CISA,CISM, CGEIT ,PMP ,CISSP ISACA member ID : : 341726
Statistics and Cobit Implementation information obtained @ ISACA and IT Governance Institute 1-Sep-12 16