FR | NL | EN
   About us     Contact     Glossary index     Sitemap   
 
   HOME     AUDIT     ADVISORY     TRAINING     REFERENCES     JOB     NEWS     KNOWLEDGE   





   Home > IT Governance

IT Governance     Print

A structure of relationships and processes to direct and control the enterprise in order to achieve the enterprise's goals by adding value while balancing risk versus return over IT and its processes.

The IT Governance Institute (ITGI) exists to assist enterprise leaders in their responsibility to ensure that IT is aligned with the business and delivers value, its performance is measured, its resources properly allocated and its risks mitigated.




Table of contents :

Governance

Enterprise Governance

    The set of responsibilities and practices exercised by the board and executive management with the goal of
    • providing strategic direction,
    • ensuring that objectives are achieved,
    • ascertaining that risks are managed appropriately, and
    • verifying that the enterprise's resources are used responsibly.

IT Governance

    IT governance consists of the leadership and organisational structures and processes that ensure that the organisation's IT sustains and extents the organisation's strategies and objectives. It focuses on the use of technology to fulfil the organization's objectives as directed by management.

    The overall objectives of IT governance are therefore
    • to understand the issues and the strategic importance of IT,
    • to ensure that the enterprise can sustain its operations, and
    • to ascertain that it can implement the strategies required to extend its activities into the future.

    IT governance practices aim at ensuring that
    • expectations of IT are met
    • IT risks are mitigated

go to top

Control, IT Control Objective, IT Governance

Definition of Control

The policies, procedures, practices and organisational structures, designed to provide reasonable assurance that Business Objectives will be achieved and that undesired events will be prevented, detected or corrected.

Definition of IT Control Objective

A statement of the desired result or purpose to be achieved by implementing control procedures in a particular IT activity.

Definition of IT Governance

IT Governance is integral part of enterprise governance and consists of leadership and organisational structures and processes to direct and control the enterprise in order to achieve the enterprise's goals by adding value while balancing risk versus return over IT and its processes.

go to top

A tool to service a variety of needs

Audience
Needs
Executive Manager
  • General IT governance model
  • Evaluate IT Investment decisions
  • Balance Risk and Control of Investment
  • Business Manager
  • Communication with IT
  • Service Level Agreements
  • IT Manager
  • Baseline for control objectives and external certifications

  • Communication with business functions
  • Service Level Agreements
  • Performance measurements
  • IT related policies and norms
  • Project Manager
  • Project standards
  • Quality assurance standards
  • Developer
  • Controls within development process
  • Controls to built into system
  • Operations
  • Controls for service delivery and support
  • User
  • Controls to be fully operational/built into system
  • Information Security Officer
  • Integrate security with IT objectives
  • Auditor
  • IT audit universe
  • IT control reference
  • go to top

    History

    • Information Systems Audit and Control Foundation (ISACF), now ISACA created in 1976 to expand the knowledge and value of the IT governance and control field
    • Based on the ISACA's control objectives  (CobiT - Control Objectives for Information and related Technology)
    • CobiT combines the principles embedded in existing reference models (e.g. COSO, CICA, GAO, IIA, ISACA)
    • Align with industry standards (e.g. ISO9000, ISO27000, CMMI, Information Technology Infrastructure Library (ITIL), ...)
    • Founded IT Governance Institute in 1998 to expand awareness of effective IT Governance.
    • Compliant with the IT Balanced Scorecard (BSC)
    • Focuses on Audit, Control and Security Issues
    go to top

    <<<
    QAP © 2010 | advice[at]qap.eu | audit[at]qap.eu
       Audit     Advisory     Training     Change     Disclaimer     Copyright   
    pen4web