IT Audit Process. Prof. Mike Romeu. February 13, IT Audit Process. Prof. Mike Romeu

Similar documents
COBIT 5. COBIT 5 Online Collaborative Environment

COBIT 5. COBIT 5 Online Collaborative Environment

COBIT 5. COBIT 5 Online Collaborative Environment

COBIT 5. COBIT 5 Online Collaborative Environment

Translate stakeholder needs into strategy. Governance is about negotiating and deciding amongst different stakeholders value interests.

IT Management & Governance Tool Assess the importance and effectiveness of your core IT processes

Changes Reviewed by Date. JO Technology Manager - Samer Huwwari JO Manager, Risk & Control Technology: Issa Laty. CIO, Jordan- Mohammad Aburoub

Selftestengine COBIT5 36q

Log of Changes Implemented to the COBIT 5 Product Family

Braindumps COBIT5 50q

COBIT 5 Foundation Exam

IT Assurance Services And Role Of CA In BPO-KPO. IT Enabled Services And Emerging Technologies

IS STRATEGY & ICT GOVERNANCE PLAN FOR VICROADS

Governance and Management of Information and Related Technologies Guide. Prepared for Jordan Ahli Bank

CGEIT Certification Job Practice

Portfolio, Program and Project Management Using COBIT 5

An IT Governance Journey April Disclaimer: opinion being those of presenter(s) and not necessarily State Farm

Using Enterprise Portfolio Management for Business Change Management

Proposed IT Governance at Hospital Based on COBIT 5 Framework

COBIT 5 for Business Benefits Realization: A Preview. Sushil Chatterji, CGEIT

Position description

COBIT 5: IT is complicated. IT governance does not have to be

The Road to SIAM. Dutch Service Management Day. 23 rd March Copyright 2015 Tata Consultancy Services Limited

ISO/IEC Process Mapping to COBIT 4.1 to Derive a Balanced Scorecard for IT Governance

Enterprise. Service. Transformation. Deloitte driving your digital service excellence with ServiceNow

Enterprise Architecture and COBIT

The IBM Rational Software Development Platform

Measuring Operational Management Information Technology: COBIT 5.0 and Capability Level

BMC - Business Service Management Platform

Chapter 2 Strategic Planning of IT

Governance SPICE. Using COSO and COBIT Process Assessment Models BPM GOSPEL

TBAA s Offshore Capabilities

Asset Management Policy

ECQA Certified Profession. Governance SPICE Model. Internal Financial Control Assessor Training Programme

Governance in a Multi-Supplier Environment

Feature. IT Governance and Business-IT Alignment in SMEs

Contents. viii. List of figures. List of tables. OGC s foreword. 6 Organizing for Service Transition 177. Chief Architect s foreword.

Enhancement of etom Assurance Domain by Integration with COBIT5 Framework

At the Heart of Connected Manufacturing

The Case for the SIO. A guide to navigate the new challenges of Service Management. kpmg.ca

Introduction to Information Systems

COBIT 5. Isaca - COBIT 5 COBIT 5 Foundation Version: 4.0

INTERNATIONAL PROFESSIONAL CERTIFICATION PROGRAM IN PURCHASING AND SUPPLY CHAIN MANAGEMENT IPSCM

INTEGRATED APPLICATION LIFECYCLE MANAGEMENT

INFORMATION SERVICES FY 2018 FY 2020

SimCorp s Product Positioning. SimCorp Capital Market day 27/5 2009

KING III IT GOVERNANCE ALIGNED TO. Simon Liell-Cock Julio Graham Peter Hill CISA CISM CGEIT

MANAGING OTT MESSAGING SERVICES FOR A GLOBAL TELECOM PROVIDER

ECSG SEPA CARDS STANDARDISATION (SCS) VOLUME STANDARDS REQUIREMENTS

How to Ignite More Value

NATO REQUIREMENTS FOR DELIVERABLE QUALITY PLANS

Rules, Procedures, and Internal Controls Manual BRAM Bradesco Asset Management

Process design best practices

Index. client-supplier paradigm 202

Test Environment Management. Full Lifecycle Delivery and Support

ServiceNow Knowledge 2016

IBM Data Mobility Services Softek LDMF

Developing a successful governance strategy. By Muhammad Iqbal Hanafri, S.Pi., M.Kom. IT GOVERNANCE STMIK BINA SARANA GLOBAL

AUDITING. Auditing PAGE 1

IT4IT : the new enterprise architecture framework

System Under Development Review of the Departmental Financial Management System Renewal Project

SMART Service Desk. SMART Service Desk ITIL Help Desk for Government & Public Sector

Business Resilience: Proactive measures for forward-looking enterprises

Fujitsu Forum Munich Managed SAP. The key to optimized SAP operations around the globe 0 FUJITSU LIMITED 2013

Record requests, Capture events, Analyze results and trends. Prioritize based in facts and finding.

WNS Technology Services Product Demonstration

CMMI ACQUISITION MODEL (CMMI-ACQ):

Why You Should Take a Holistic Approach

Optimising COBIT 5 for IT Governance: Examples from the Public Sector

Service Manager (Workplace Computing) Information Services (IS)

Table of Contents 1. What s New... 1

Let s Build A Smarter Planet. Uncover what is possible on a Smarter Planet. An Introduction to IBM s Smarter Planet Initiative

JOB AND TASK DESCRIPTION

IoDSA Director Competency Framework

Seize Opportunities. SAP Solution Overview SAP Business Suite

The Value of Asset Management to an Organization

Information Systems in the Enterprise

Governing the cloud. insights for 5executives. Drive innovation and empower your workforce through responsible adoption of the cloud

Legacy System Modernization Using Open Source Tools and Agile. Adam D Angelo

A Model for CAS Self Assessment

TECHNOLOGY POLICY SUMMARY FOR THIRD PARTY SUPPLIERS

Management of Project Portfolios (EPM) Ravi Shankar

Materials Management at TubeLines Limited on the London Underground

profitability in business systems BSS consolidation and harmonization Your business technologists. Powering progress

Risk Management Strategy

Asset management Overview, principles and terminology

Demand-driven IT service management through enterprise resource planning for IT.

Successful Service Virtualization

Best of Breed Automation September 2014

( %)'* + 7# (&)*)')%&&+)*)-.)/##############################################################!

Improving the RFP and Contracts Process With COBIT 5

Methods used to Evaluate the Effectiveness of CRM Training in the Aviation Industry.

ROLE PURPOSE and KEY THEMES

PTC Service Parts Management for Aerospace and Defense

Offshore Enablement Process

A CASA Cabin Safety Inspector perspective for the Asia Pacific Cabin Safety Working Group Sue Rice School of Aviation UNSW 03 July 2012

Integral Plant Maintenance

Capgemini BPO Portfolio

case study Listen to the Voice of your Customer and Engage in their story. African Bank Investments Limited

ITCertMaster. Safe, simple and fast. 100% Pass guarantee! IT Certification Guaranteed, The Easy Way!

Transcription:

February 13, 2017 1

IT Assurance and COBIT 5 Enablers Enablers are factors that, individually and collectively, influence whether something will work. 2. Processes 3. Organizational Structures 4. Culture, Ethics and Behaviour 1. Principles, Policies and Frameworks 5. Information 6. Services, Infrastructure and Applications Resources 7. People, Skills and Competencies 2

All World Airways (AWA) Company/Industry Profile All World Airways Reservation Centers Detroit, Michigan (EEUU) Wiestbaden, Germany (DE) All World Airways International Airline Reservation Centers EEUU DE Losses posted 6 QTRs Airline Industry Affected by Economic Downturn Oil Prices Labor Disputes Competition Outsourcing Reservation Systems Technical Services 3

All World Airways General Outsourcing Strategies Why Outsource? Focus on Core Competencies or Initiatives AWA Transportation Vendor IT Operations, infrastructure management, software development and maintenance (India) Pressure on profit margins and increasing competition Profit Margin = Sales Price Cost of Goods or Service AWA is facing both: pressure on profit margin and a highly competitive industry. i.e. pressures to lower costs Organizational and Structural Flexibility AWA Organizational: IT Footprint small or non existent AWA Structural: Choice of Vendors at the right price. 4

All World Airways Organization In house Staff No experience with Outsourcing No experience with Risk Assessments 5

All World Airways IT Landscape Hardware/Infrastructure: IBM Mainframes Operating System: z/os Application Software: Airline Control Systems (ALCS) Maintenance Flight and Crew Scheduling Airfare Sensitivity Analysis Freight System 6

COBIT 5 Based Assurance Engagement Approach A. Determine Scope of Assurance Engagement B. Understand Enabler, Set Suitable Criteria and Perform Assessment C. Communicate Results of the Assessment 7

Process for Governance of Enterprise IT Evaluate, Direct and Monitor EDM01 Ensure EDM04 Ensure Governance EDM02 Ensure EDM03 Ensure Risk Resource IT Framework Assurance Setting Benefits Delivery Optimisation and COBIT 5 Assurance Optimisation Process and Maintenance EDM05 Ensure Stakeholder Transparency Align, Plan and Organize aap001 Manage the IT management Framework AP008 Manage Relationships AP002 Manage Strategy AP009 Manage Service Agreements AP003 Manage C. Communicate Enterprise AP004 Manage AP005 Manage AP006 Manage the Results of the Architecture Innovation Innovation Budget and Costs AP011 Manage Assessment AP012 Manage AP010 Manage Suppliers Innovation Risk AP013 Manage Security AP007 Manage Human Resources Monitor, Evaluate and Assess MEA01 Monitor, Evaluate and Assess Performance and Conformance C 1 Document exceptions and gaps. BAI03 Manage BAI05 Manage BAI02 Manage C 2 Communicate the work performed and findings. Solutions BAI04 Manage Organisational Build, Acquire and Implement BAI01 Manage Programmes and Projects Requirements Definition Identification and Build Availability and Capacity Change Enablement BAI06 Manage Changes BAI07 Manage Change Acceptance and Transitioning MEA02 Monitor, Evaluate and Assess the System of Internal Controls BAI08 Manage Knowledge BAI09 Manage Assets BAI010 Manage Configurations Deliver, Service and Support DSS01 Manage Operations DSS02 Manage Service Requests and Incidents DSS03 Manage Problems DSS04 Manage Continuity DSS05 Manage Security Services DSS06 Manage Business Process Controls MEA03 Monitor, Evaluate and Assess Compliance With External Requirements Processes for Management of Enterprise IT 8

COBIT 5 Based Assurance Engagement Approach Who are the stakeholders? What are the stakeholders stakes? What are the overall enterprise objectives? What are business requirements and associated risk and opportunities? What is the organizational structure? What are the roles and responsibilities? What are the governing policies and procedures? What are the applicable laws, regulations and contractual agreements? What management practices and associated activities are in place? What management reporting (status, performance, actions) is in place? What past issues have arisen and corrective actions have been taken? What are the current issues and concerns? What does management hope to obtain as a result of the assurance initiative? 9

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback