Download - Emilio Gratton Isaca And It Governance
![Page 1: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/1.jpg)
IT Governance- the ISACA solution -
October 2010Emilio Gratton
ISACA MEMBER 630629
![Page 2: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/2.jpg)
OUTLINE
1. NEED AND MEANING
2. MANAGEMENT SELECTION
3. COBIT FOCUS AREAS
4. COBIT FRAMEWORK
5. VALIT AT A GLANCE
6. RISKIT AT A GLANCE
7. COBIT PROCESS EXAMPLE
8. CONCLUSIONS
![Page 3: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/3.jpg)
1. HOW TO EXPLOIT THE BENEFIT OF IT (IT VALUE) IN FAVOUR OF AN ENTERPRISE2. HOW TO MANAGE IT ASSOCIATED RISKS (NON COMPLIANCE / CRITICAL
DEPENDENCIES)3. HOW TO MAINTAIN THE CONTROL OVER VALUE AND RISK
IT Governance
IT Value
IT Risks
IT Controls
NEED AND MEANING
![Page 4: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/4.jpg)
NEED AND MEANING
IT Governance
RESPONSIBILITY OF THE
EXECUTIVES AND
BOARD OF DIRECTORS
CONSIST OF:― LEADERSHIP― ORGANISATIONAL STRUCTURES― PROCESSES
ENTERPRISE’S IT MANAGEMENTSUSTAIN AND EXTENDS
THE ORGANIZATION’S STRATEGIES & OBJECTIVES
![Page 5: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/5.jpg)
MANAGEMENT SELECTIONwhat IT
management ?
![Page 6: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/6.jpg)
MANAGEMENT SELECTION
what IT management ?
Professional association with 95,000 constituents. Worldwide (160) leader in IT governance,
control, security and assurance.Offers the CISA, CISM, CRISC and
CGEIT certifications.
Controlled OBjectives for Information and related Technologies
ISACACOBIT
![Page 7: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/7.jpg)
MANAGEMENT SELECTION
IT Governance
ISACAINTEGRATES
INSTITUTIONALISES
GOOD PRACTISES
ENTERPRISE’S IT SUPPORTS THE
BUSINESS OBJECTIVES
COBIT• linking to the business requirements• Organising IT activities into a process model• Identifying the major IT resources to be leveraged• Defining the management control objectives
![Page 8: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/8.jpg)
COBIT FOCUS AREAS
ResourceManagement
Strategic
Alignment ValueDelivery
Performance
Measurem
entRi
skM
anag
emen
t
IT Governanc
e
COBIT
![Page 9: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/9.jpg)
COBIT FOCUS AREAS• STRATEGIC ALIGNMENT linkage of business and IT plans
defining, maintaining and validating the IT value proposition
aligning IT operations with enterprise operations.
• VALUE DELIVERY executing the value throughout the delivery cycle,
ensuring that IT delivers the promised benefits against the strategy, optimising costs and proving the intrinsic value of IT.
• RESOURCE MANAGEMENT investment in – management of – critical IT resources: applications, information, infrastructure and people.
Key issues optimisation of knowledge and infrastructure.
• RISK MANAGEMENT Requires : risk awareness by senior corporate officers, understanding of the enterprise’s appetite for risk, understanding of compliance requirements, transparency about the significant risks to the enterprise and embedding of risk management responsibilities into the organisation.
• PERFORMANCE MEASUREMENT Tracks and monitors strategy implementation, project completion, resource usage, process performance and service delivery, using, for example, balanced scorecards that translate strategy into action to achieve goals measurable beyond conventional accounting.
![Page 10: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/10.jpg)
COBITCOBITFRAMEWORK
BUSINESS-FOCUSED• BASIC PRINCIPLE• INFORMATION CRITERIA• ALIGN BUSINESS GOALS TO IT GOALS• ALIGN RESOURCE AND IT
ARCHITECTURE
PROCESS-ORIENTED• 4 DOMAINS• 34 IT PROCESSES
CONTROL-BASED• 6 PROCESS CONTROLS• 6 APPLICATION CONTROLS
MEASUREMENT-DRIVEN• MATURITY SCALE• MATURITY LEVELS• MATURITY MODELS
![Page 11: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/11.jpg)
COBIT FRAMEWORK – THE BUSINESSBASIC COBIT PRINCIPLE
![Page 12: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/12.jpg)
COBIT FRAMEWORK – THE BUSINESSINFORMATION CRITERIA
BUSINESS REQUIREMENT FOR INFORMATION
1. Effectiveness : information being relevant and pertinent to the business process as well as delivery in a timely, correct, consistent and usable manner.
2. Efficiency : provision of information through the optimal (most productive and economical) use of resources.
3. Confidentiality : protection of sensitive information from unauthorised disclosure.
4. Integrity : accuracy and completeness of information as well as validity in accordance with business values and expectations.
5. Availability : information being available when required by the business process now and in the future, safeguarding of necessary resources and associated capabilities.
6. Compliance : complying with the laws, regulations and contractual arrangements to which the business process is subject.
7. Reliability : provision of appropriate information for management to operate the entity and exercise its fiduciary and governance responsibilities.
![Page 13: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/13.jpg)
COBIT FRAMEWORK – THE GOALSDEFINING IT GOALS AND ENTERPRISE ARCHITECTURE FOR IT
![Page 14: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/14.jpg)
COBIT FRAMEWORK – THE RESOURCESIT RESOURCES CLASSIFICATION
![Page 15: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/15.jpg)
P01 PROCESS “PLAN AND ORGANISE - DEFINE A STRATEGIC IT PLAN”SCREENSHOTS
COBIT FRAMEWORK – THE PROCESSES4 DOMAINS – 34 PROCESSES
![Page 16: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/16.jpg)
PLAN AND ORGANISE
![Page 17: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/17.jpg)
ACQUIRE AND IMPLEMENT
![Page 18: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/18.jpg)
DELIVERY AND SUPPORT
![Page 19: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/19.jpg)
MONITOR AND EVALUATE
![Page 20: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/20.jpg)
COBIT FRAMEWORK – THE CONTROLSCONTROL MODEL
![Page 21: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/21.jpg)
COBIT FRAMEWORK – THE CONTROLSBOUNDARIES BETWEEN CONTROLS
![Page 22: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/22.jpg)
COBIT FRAMEWORK - MEASUREMENTSGRAPHIC REPRESENTATION OF A MATURITY MODEL
![Page 23: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/23.jpg)
COBIT FRAMEWORK - MEASUREMENTSMATURITY LEVELS OF AN IT PROCESS
![Page 24: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/24.jpg)
COBIT FRAMEWORK - MEASUREMENTSTHE THREE DIMENSIONS OF MATURITY
![Page 25: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/25.jpg)
COBIT FRAMEWORK – THE COBIT CUBETHE THREE DIMENSIONS OF IT CONTROLLED MANAGEMENT
![Page 26: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/26.jpg)
COBIT FRAMEWORK – THE GOVERNANCE MAPPING
HOW COBIT FRAMEWORK MAP IT GOVERNANCE FOCUS AREAS
![Page 27: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/27.jpg)
IT GOVERNANCE FOCUS AREAS
ResourceManagement
Strategic
Alignment ValueDelivery
Performance
Measurem
entRi
skM
anag
emen
t
IT Governanc
e
COBIT
ValITB A S E D O N C O B I T
![Page 28: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/28.jpg)
• Many enterprises practice elements of Val IT™ already• Val IT™ provides a consistent, repeatable and comprehensive
approach• IT and business become equal shareholders because Val IT™ helps
management to answer these key questions:*
The strategic question
The architecture question
The value question
The delivery question
* Based on the Four ‘Area's as described by John Thorp in his book The Information Paradox, written jointly with Fujitsu, first published in 1998 and revised in 2003
A COMPREHENSIVE APPROACH
VALIT AT A GLANCE 1ValIT
![Page 29: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/29.jpg)
DOMAINS AND PROCESSES
VALIT AT A GLANCE 2ValIT
![Page 30: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/30.jpg)
CONTRIBUTION TO IT GOVERNANCE
VALIT AT A GLANCE 3ValIT
![Page 31: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/31.jpg)
IT GOVERNANCE FOCUS AREAS
ResourceManagement
Strategic
Alignment ValueDelivery
Performance
Measurem
entRi
skM
anag
emen
t
IT Governanc
e
COBIT
ValITB A S E D O N C O B I T
RiskITB A S E D O N C O B I T
![Page 32: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/32.jpg)
RISK AND OPPORTUNITY MANAGEMENT
RISKIT AT A GLANCE 1RiskIT
![Page 33: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/33.jpg)
BUSINESS OBJECTIVE
RISKIT AT A GLANCE 2RiskIT
![Page 34: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/34.jpg)
RISKIT AT A GLANCE 3
RISKIT AT A GLANCE 3
RISK IT’S THREE DOMAINS
RiskIT
![Page 35: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/35.jpg)
RISKIT AT A GLANCE 4
RISKIT AT A GLANCE 3
RISK RESPONSE APPROACH
RiskIT
![Page 36: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/36.jpg)
RISKIT AT A GLANCE 5CONTRIBUTION TO IT GOVERNANCE
RISKIT AT A GLANCE 4RiskIT
![Page 37: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/37.jpg)
COBIT PROCESS EXAMPLE 1
![Page 38: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/38.jpg)
COBIT PROCESS EXAMPLE 2
![Page 39: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/39.jpg)
COBIT PROCESS EXAMPLE 3
![Page 40: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/40.jpg)
COBIT PROCESS EXAMPLE 4
![Page 41: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/41.jpg)
COBIT PROCESS EXAMPLE 5
![Page 42: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/42.jpg)
COBIT PROCESS EXAMPLE 6
![Page 43: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/43.jpg)
COBIT PROCESS EXAMPLE 7
![Page 44: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/44.jpg)
COBIT PROCESS EXAMPLE 8
![Page 45: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/45.jpg)
CONCLUSIONS
1. UNIQUE SET OF TOOLS AND STANDARDIZED DOCUMENTATION
2. VAST PARTECIPATION OF PROFESSIONALS
3. EXPANDIBILITY OF SCOPES
4. CONTINUOS UPDATE
5. LARGE SET OF CERTIFICATIONS
SOLUTION STRENGHT
![Page 46: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/46.jpg)
CONCLUSIONS
1. CLEAR GUIDANCES AND THOROUGH EXPLANATIONS
2. PROCESSES ADAPTABILITY TO MANY MANAGEMENT SOFTWARE
3. FACILITATE MIGRATION FROM OTHER MANAGEMENT WORLDS
4. CONSISTENCY AMONG ISACA DOCUMENTATION
SOLUTION EASINESS
![Page 47: Emilio Gratton Isaca And It Governance](https://reader035.vdocuments.net/reader035/viewer/2022062307/554c62c7b4c9053e308b57a9/html5/thumbnails/47.jpg)
PERMISSIONS
COBIT 4.1 including select text and figures featured within this presentation are the property of ISACA/ITGI. Copyright © 1996-2007 ITGI. All rights reserved. ISACA, ITGI and COBIT are registered trademarks of ISACA.