Hello to All!
It’s no surprise that we believe there is a terrific opportunity for BIG gains in efficiency and BIG reductions in risk through enterprise IT process alignment, enablement, and ultimately automation. What makes this time uniquely suited to this opportunity is the availability of widely accepted process & best practice standards–
Specifically, adoption and rationalization of the ITIL and COBIT frameworks is a smart way to increase enterprise efficiency, reduce departmental redundancies, and streamline compliance activities. Most companies suffer from a lack of process within their IT departments, or a silo only focus.
We’re starting to see companies leverage a process framework that combines ITIL and COBIT in initial planning rather than trying to reconcile the two frameworks at a later date. While both frameworks apply to IT, there is little overlap between the two as ITIL is focused on quality of service in IT, while COBIT focuses primarily on control / compliance.
Continue Reading…
Okay, here it is- class is in session. The first domain, Planning and Organization is comprised of the following high level process, IT Strategic Plan. I would like to give a summary of IT Strategic Plan and then follow up with some questions and answers.
SUMMARY:
Here it goes- per the IT Governance Institute an IT Strategic Plan needs to clearly define the following:
Continue Reading…
So what are companies supposed to do, you ask? Faced with increase scrutiny on budgetary spending and pressure from regulators, companies are stuck between a rock and a hard place. Already burned by attempting to fix fundamental business issues with technology, companies understand that implementing new technology in a like for like fashion on a foundation of flawed business processes will lead to only to project failure.
So if there is not a magic box, how can companies obtain the proper controls required to alleviate SOX issues, higher audit costs, and most importantly keep Wall Street at bay?
Continue Reading…
I found a site that pulls papers focused on compliance issues together. Check it out if you’re looking for information to help establish a direction to get started on your IT Change Managment program. I found the short synopsis of each article very helpful.
http://www.black-beans.com.br/change_management_sarbox.htm
—–
Control Objectives for Information and related Technology (COBIT) is the standard most auditors use to determine if internal controls are in place, active and documented for your IT systems and processes. But if COBIT standards are applied without a sufficient baseline and a modicum of common sense, many enterprises find that they have hundreds of discrepancies to address. Not only does that diminish that value of COBIT as an effective standard, it brings IT to a standstill while addressing the audit findings. If your firm’s auditor have used a contol standard other than COBIT to assess internal controls, what have they used? In addition to Financial Best Practices, was your standard also based upon IT Best Practices? How was that determined and by whom?
—–
