Professional Documents
Culture Documents
Governance and
Management of IT
IT GOVERNANCE
AND
IT GOVERNANCE FRAMEWORKS
IT STRATEGY COMMITTEE
IT Strategy Committee
Advises the board and management on IT
strategy
Is delegated by the board to provide input to the
strategy and prepare its approval
Focuses on current and future strategic IT issues
11
IT Steering Committee
Assists the executive in the delivery of the IT
strategy
Oversees day-to-day management of IT service
delivery and IT projects
Focuses on implementation
12
Information
security
governance
is
the
responsibility of the board of directors and
executive management, and must be an integral
and transparent part of enterprise governance.
13
14
17
18
19
Policies
Policies
POLICIES (CONTINUED)
22
POLICIES (CONTINUED)
High-level documents
Represent the corporate philosophy of an
organization
Must be clear and concise to be effective
23
24
PROCEDURES
POLICIES (CONTINUED)
Detailed documents:
25
26
RISK MANAGEMENT
The
27
28
29
30
31
32
IS MANAGEMENT PRACTICES
33
34
Employee
Hiring
35
36
37
38
39
10
SOURCING PRACTICES
41
42
43
44
11
45
46
47
48
12
Possible advantages
Possible disadvantages
49
50
51
52
13
ORGANIZATIONAL CHANGE
MANAGEMENT
53
QUALITY MANAGEMENT
54
PERFORMANCE OPTIMIZATION
55
56
14
PERFORMANCE
OPTIMIZATION(CONTINUED)
Measure products/services
Manage products/services
Assure accountability
Make budget decisions
Optimize performance
57
58
Transaction authorization
Custody of assets
Access to data
59
Authorization forms
User authorization tables
60
15
Audit trails
Reconciliation
Exception reporting
Transaction logs
Supervisory reviews
Independent reviews
61
REVIEWING DOCUMENTATION
62
63
16