SlideShare une entreprise Scribd logo

It governance in_higher_education_by_james_yung

Télécharger en tant que PPT, PDF
N
norsaidatul_akmar
BusinessTechnologie
1  sur  42
IT Governance In Higher Education “ What is it, and how does it benefit your Institution?” Pre-Conference Seminar – June 23, 2007
James Yung, CISA Associate Director, IS Audit Harvard University Risk Management and Audit Services Presenter
Agenda ,[object Object],[object Object],[object Object]
Questions ,[object Object],[object Object],[object Object]
How do most research universities govern the large and rapidly evolving set of information technology initiatives that take place on their campuses? ANSWER: Inefficiently, ineffectively and not as well as they should. ~ Source: Educause – IT Governance in Higher Education 2006 ~
What is IT Governance? ,[object Object],[object Object],[object Object],[object Object],[object Object]
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],©2007 IT Governance Institute
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Enterprise governance and IT governance require a balance between conformance and performance goals directed by the board. Performance Conformance ©2007 IT Governance Institute
[object Object],[object Object],[object Object],[object Object],64% Doing something about it 42% Not doing something about it 2003 2005 Source: Surveys by PwC for the IT Governance Institute Sep-Oct 2003 and Sep-Oct 2005 36% 58% ©2007 IT Governance Institute PERFORMANCE MEASUREMENT RESOURCE MANAGEMENT RISK MANAGEMENT VALUE DELIVERY STRATEGIC ALIGNMENT www.itgi.org www.itgi.org
[object Object],Value delivery Focuses on ensuring the linkage of business and IT plans and on aligning IT operations with enterprise operations IT delivers the promised benefits against the strategy , concentrating on optimizing costs and proving the intrinsic value of IT Is about the optimal investment in , and the proper management of , critical IT resources : applications, information, infrastructure and people Senior management, appetite for risk , compliance requirements , transparency about the significant risks to the organisation Tracks and monitors strategy implementation, project completion, resource usage, process performance and service delivery to achieve goals measurable beyond conventional accounting Performance measurement Risk management Resource management Strategic alignment ©2007 IT Governance Institute
©2007 IT Governance Institute ,[object Object],Business management Set direction for IT, monitor results and insist on corrective measures Defines business requirements for IT and ensures that value is delivered and risks are managed Delivers and improves IT services as required by the business Provides independent assurance to demonstrate that IT delivers what is needed Measures compliance with policies and focuses on alerts to new risks Risk and compliance IT audit IT management Board and executive
IT Governance at Harvard
Harvard University Facts ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
IT Governance Risks at Harvard ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Why Audit IT Governance at Harvard ,[object Object],[object Object],[object Object],[object Object]
[object Object],Keeping IT Running Security Value/Cost Managing Complexity Aligning IT with Business Regulatory Compliance ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
[object Object],[object Object],[object Object],[object Object],[object Object],Stakeholders need to know that:
Risk Management and Audit Services Mission “ To Assist University Management and Governing Boards in Identifying, Managing and Mitigating Risk and Ensuring Risk Management Processes are Integrated Into the University’s Business Practices and Academic and Research Activities”
RMAS Organization
System Base Audit Integrated Audit IT Governance Audit Level of Complexity Value Add Evolution of RMAS IS Audit Low High Tactical Strategic ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],2006 2000 Pre-2000
CoBIT and IT Governance Control Objectives IT (CoBIT) is an International standard in directing and controlling an enterprise’s information technology. CoBIT sets the standards of measuring IT Governance process maturity. ,[object Object],[object Object],[object Object],[object Object],Process Maturity Domain IT Processes Business Requirements IT Resources Basic CoBIT Principle
Benefits of CoBIT ,[object Object],[object Object],[object Object]
C OBI T Framework ,[object Object],[object Object],[object Object],[object Object],[object Object],©2007 IT Governance Institute C OBI T Framework Characteristics
PERFORMANCE: Business Goals CONFORMANCE Basel II, Sarbanes- Oxley Act, etc. Enterprise Governance IT Governance ISO 9001:2000 ISO 17799 ISO 20000 Best Practice Standards QA Procedures Processes and Procedures Drivers C OBI T COSO Security Principles ITIL Balanced Scorecard ,[object Object],©2007 IT Governance Institute
CoBIT Approach In Assessing IT Governance At Harvard
Background ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
[object Object],[object Object],[object Object],Assessing IT Governance Detailed review of the school IT Governance and internal controls within Information Technology Services.
Audit Approach Identify Business Goals IT Goals Key IT processes and Key IT resources Identify Control Objectives ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Planning Scoping Testing
©2007 IT Governance Institute IT Governance Audit Objectives Effectiveness Information being relevant and pertinent to the business process as well as being delivered in a timely, correct, consistent and usable manner Efficiency Provision of information through the optimal (most productive and economical ) use of resources Confidentiality The protection of sensitive information from unauthorised disclosure Integrity Relates to the accuracy and completeness of information Availability Information being available when required by the business process now and in the future; it also concerns the safeguarding of necessary resources and associated capabilities Compliance Complying with those laws, regulations and contractual arrangements to which the business process is subject, i.e., externally imposed business criteria as well as internal policies Reliability The provision of appropriate information for management to operate the entity and to exercise its fiduciary and governance responsibilities
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Scope of Work Observations and Recommendations Risk Analysis ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Approach IT Audit IT Governance Process Strategy Controls Interviews Documentation ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
CoBIT Four IT Process Domains ,[object Object],[object Object],[object Object],[object Object],Business Requirements IT Resources
©2007 IT Governance Institute ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Plan and Organize (PO) PO1 Define a strategic IT plan. PO2 Define the information architecture. PO3 Determine technological direction. PO4 Define the IT processes, organization and relationships. PO5 Manage the IT investment. PO6 Communicate management aims and direction. PO7 Manage IT human resources. PO8 Manage quality. PO9 Assess and manage IT risks. PO10 Manage projects. Plan and Organize
©2007 IT Governance Institute ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Acquire and Implement (AI) AI1 Identify automated solutions. AI2 Acquire and maintain application software. AI3 Acquire and maintain technology infrastructure. AI4 Enable operation and use . AI5 Procure IT resources. AI6 Manage changes. AI7 Install and accredit solutions and changes. Acquire and Implement (AI)
©2007 IT Governance Institute Deliver and Support (DS) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],DS1 Define and manage service levels. DS2 Manage third-party services. DS3 Manage performance and capacity. DS4 Ensure continuous service. DS5 Ensure systems security. DS6 Identify and allocate costs. DS7 Educate and train users. DS8 Manage service desk and incidents. DS9 Manage the configuration. DS10 Manage problems. DS11 Manage data. DS12 Manage the physical environment. DS13 Manage operations. Deliver and Support
©2007 IT Governance Institute Monitor and Evaluate (ME) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],ME1 Monitor and evaluate IT performance. ME2 Monitor and evaluate internal control. ME3 Ensure compliance with external requirements. ME4 Provide IT governance. Monitor and Evaluate
Align Business Goals with Key IT Goals
School Harvard Target IT Governance Maturity Benchmark 1.5 ,[object Object],[object Object],[object Object]
Key Recommendations Listed in priority order: ,[object Object],[object Object]
Benefits to the Auditee ,[object Object],[object Object],[object Object],[object Object]
Lessons Learned ,[object Object],[object Object],[object Object],[object Object],[object Object],IT GOVERNANCE AUDIT IS NOT FOR FAINT-HEARTED
Questions
References IT Governance Institute - http://www.itgi.org/ ISACA - http://www.isaca.org / IT Audit - http://www.theiia.org/itaudit/

Recommandé

Measurand demovalueofit
Measurand demovalueofitMeasurand demovalueofit
Measurand demovalueofitVishal Sharma
 
It governance
It governanceIt governance
It governanceLusungu Mkandawire CISA,CISM,CGEIT,CPF,PRINCE2
 
IT Governance - OpenThinking Day
IT Governance - OpenThinking DayIT Governance - OpenThinking Day
IT Governance - OpenThinking DayIyad Mourtada, CMA, CIA, CFE, CCSA, CRMA, CPLP
 
IT Governance & ISO 38500
IT Governance & ISO 38500IT Governance & ISO 38500
IT Governance & ISO 38500Ramiro Cid
 
What Every Executive Needs To Know About IT Governance
What Every Executive Needs To Know About IT GovernanceWhat Every Executive Needs To Know About IT Governance
What Every Executive Needs To Know About IT GovernanceBill Lisse
 
Cobit 41 framework
Cobit 41 frameworkCobit 41 framework
Cobit 41 frameworkYulias Sihombing, Ak, MAk, CIA
 
Research Paper on "Project Management and IT Governance"
Research Paper on "Project Management and IT Governance"Research Paper on "Project Management and IT Governance"
Research Paper on "Project Management and IT Governance"guest1c7740
 
Iso iec 38500 ict governance workbook
Iso iec 38500 ict governance workbookIso iec 38500 ict governance workbook
Iso iec 38500 ict governance workbookHazel Jennings
 

Recommandé

Measurand demovalueofit
Measurand demovalueofitMeasurand demovalueofit
Measurand demovalueofitVishal Sharma
 
It governance
It governanceIt governance
It governanceLusungu Mkandawire CISA,CISM,CGEIT,CPF,PRINCE2
 
IT Governance - OpenThinking Day
IT Governance - OpenThinking DayIT Governance - OpenThinking Day
IT Governance - OpenThinking DayIyad Mourtada, CMA, CIA, CFE, CCSA, CRMA, CPLP
 
IT Governance & ISO 38500
IT Governance & ISO 38500IT Governance & ISO 38500
IT Governance & ISO 38500Ramiro Cid
 
What Every Executive Needs To Know About IT Governance
What Every Executive Needs To Know About IT GovernanceWhat Every Executive Needs To Know About IT Governance
What Every Executive Needs To Know About IT GovernanceBill Lisse
 
Cobit 41 framework
Cobit 41 frameworkCobit 41 framework
Cobit 41 frameworkYulias Sihombing, Ak, MAk, CIA
 
Research Paper on "Project Management and IT Governance"
Research Paper on "Project Management and IT Governance"Research Paper on "Project Management and IT Governance"
Research Paper on "Project Management and IT Governance"guest1c7740
 
Iso iec 38500 ict governance workbook
Iso iec 38500 ict governance workbookIso iec 38500 ict governance workbook
Iso iec 38500 ict governance workbookHazel Jennings
 
Corporate governance of INFORMATION TECHNOLOGY (IT)
Corporate governance of INFORMATION TECHNOLOGY (IT)Corporate governance of INFORMATION TECHNOLOGY (IT)
Corporate governance of INFORMATION TECHNOLOGY (IT)Osman Hasan
 
rethinking marketing
rethinking marketingrethinking marketing
rethinking marketingNavneet Singh
 
Standardization of IT Processes
Standardization of IT ProcessesStandardization of IT Processes
Standardization of IT ProcessesNatarajan V
 
It governance
It governanceIt governance
It governanceMahetab Khan
 
IT Governance Made Easy
IT Governance Made EasyIT Governance Made Easy
IT Governance Made EasyJerry Bishop
 
The measurement of maturity level of information technology service based on ...
The measurement of maturity level of information technology service based on ...The measurement of maturity level of information technology service based on ...
The measurement of maturity level of information technology service based on ...TELKOMNIKA JOURNAL
 
It governance practices and enterprise effectiveness in zimbabwe a case of a ...
It governance practices and enterprise effectiveness in zimbabwe a case of a ...It governance practices and enterprise effectiveness in zimbabwe a case of a ...
It governance practices and enterprise effectiveness in zimbabwe a case of a ...Alexander Decker
 
Information Security Governance and Strategy - 3
Information Security Governance and Strategy - 3Information Security Governance and Strategy - 3
Information Security Governance and Strategy - 3Dam Frank
 
IT Governances
IT GovernancesIT Governances
IT GovernancesJerald Burget
 
Information systems strategy formulation
Information systems strategy formulationInformation systems strategy formulation
Information systems strategy formulationAssignment Studio
 
Governance Of Enterprise Information Technology V3
Governance Of Enterprise Information Technology V3Governance Of Enterprise Information Technology V3
Governance Of Enterprise Information Technology V3pjmartinez
 
Management ( Six Business Objectives)
Management ( Six Business Objectives)Management ( Six Business Objectives)
Management ( Six Business Objectives)Abdullateif Abdullkareim, ITIL4
 
Implementation of a Decision System for a Suitable IT Governance Framework
Implementation of a Decision System for a Suitable IT Governance FrameworkImplementation of a Decision System for a Suitable IT Governance Framework
Implementation of a Decision System for a Suitable IT Governance FrameworkIJCSIS Research Publications
 
Return on Investment of Diversity and Inclusion Initiatives in Information Go...
Return on Investment of Diversity and Inclusion Initiatives in Information Go...Return on Investment of Diversity and Inclusion Initiatives in Information Go...
Return on Investment of Diversity and Inclusion Initiatives in Information Go...International Journal of Modern Research in Engineering and Technology
 
ITIL With Information Security
ITIL With Information SecurityITIL With Information Security
ITIL With Information Securityvikasraina
 
Introduction to mis
Introduction to misIntroduction to mis
Introduction to misRaphael Wanjiku
 
IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing world IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing worldPECB
 
Comprehending Information Technology Governance
Comprehending Information Technology GovernanceComprehending Information Technology Governance
Comprehending Information Technology GovernanceGoutama Bachtiar
 
COBIT 4.0
COBIT 4.0COBIT 4.0
COBIT 4.0bluekiu
 
Accountability Corbit Overview 06262007
Accountability Corbit Overview 06262007Accountability Corbit Overview 06262007
Accountability Corbit Overview 06262007Humberto Bruno Pontes Silva
 
Chap2 2007 Cisa Review Course
Chap2 2007 Cisa Review CourseChap2 2007 Cisa Review Course
Chap2 2007 Cisa Review CourseDesmond Devendran
 
gray_audit_presentation.ppt
gray_audit_presentation.pptgray_audit_presentation.ppt
gray_audit_presentation.pptKhalilIdhman
 

Contenu connexe

Tendances

Corporate governance of INFORMATION TECHNOLOGY (IT)
Corporate governance of INFORMATION TECHNOLOGY (IT)Corporate governance of INFORMATION TECHNOLOGY (IT)
Corporate governance of INFORMATION TECHNOLOGY (IT)Osman Hasan
 
rethinking marketing
rethinking marketingrethinking marketing
rethinking marketingNavneet Singh
 
Standardization of IT Processes
Standardization of IT ProcessesStandardization of IT Processes
Standardization of IT ProcessesNatarajan V
 
IT Governance Made Easy
IT Governance Made EasyIT Governance Made Easy
IT Governance Made EasyJerry Bishop
 
The measurement of maturity level of information technology service based on ...
The measurement of maturity level of information technology service based on ...The measurement of maturity level of information technology service based on ...
The measurement of maturity level of information technology service based on ...TELKOMNIKA JOURNAL
 
It governance practices and enterprise effectiveness in zimbabwe a case of a ...
It governance practices and enterprise effectiveness in zimbabwe a case of a ...It governance practices and enterprise effectiveness in zimbabwe a case of a ...
It governance practices and enterprise effectiveness in zimbabwe a case of a ...Alexander Decker
 
Information Security Governance and Strategy - 3
Information Security Governance and Strategy - 3Information Security Governance and Strategy - 3
Information Security Governance and Strategy - 3Dam Frank
 
Information systems strategy formulation
Information systems strategy formulationInformation systems strategy formulation
Information systems strategy formulationAssignment Studio
 
Governance Of Enterprise Information Technology V3
Governance Of Enterprise Information Technology V3Governance Of Enterprise Information Technology V3
Governance Of Enterprise Information Technology V3pjmartinez
 
Implementation of a Decision System for a Suitable IT Governance Framework
Implementation of a Decision System for a Suitable IT Governance FrameworkImplementation of a Decision System for a Suitable IT Governance Framework
Implementation of a Decision System for a Suitable IT Governance FrameworkIJCSIS Research Publications
 
ITIL With Information Security
ITIL With Information SecurityITIL With Information Security
ITIL With Information Securityvikasraina
 
IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing world IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing worldPECB
 
Comprehending Information Technology Governance
Comprehending Information Technology GovernanceComprehending Information Technology Governance
Comprehending Information Technology GovernanceGoutama Bachtiar
 

Tendances (18)

Corporate governance of INFORMATION TECHNOLOGY (IT)
Corporate governance of INFORMATION TECHNOLOGY (IT)Corporate governance of INFORMATION TECHNOLOGY (IT)
Corporate governance of INFORMATION TECHNOLOGY (IT)
 
rethinking marketing
rethinking marketingrethinking marketing
rethinking marketing
 
Standardization of IT Processes
Standardization of IT ProcessesStandardization of IT Processes
Standardization of IT Processes
 
It governance
It governanceIt governance
It governance
 
IT Governance Made Easy
IT Governance Made EasyIT Governance Made Easy
IT Governance Made Easy
 
The measurement of maturity level of information technology service based on ...
The measurement of maturity level of information technology service based on ...The measurement of maturity level of information technology service based on ...
The measurement of maturity level of information technology service based on ...
 
It governance practices and enterprise effectiveness in zimbabwe a case of a ...
It governance practices and enterprise effectiveness in zimbabwe a case of a ...It governance practices and enterprise effectiveness in zimbabwe a case of a ...
It governance practices and enterprise effectiveness in zimbabwe a case of a ...
 
Information Security Governance and Strategy - 3
Information Security Governance and Strategy - 3Information Security Governance and Strategy - 3
Information Security Governance and Strategy - 3
 
IT Governances
IT GovernancesIT Governances
IT Governances
 
Information systems strategy formulation
Information systems strategy formulationInformation systems strategy formulation
Information systems strategy formulation
 
Governance Of Enterprise Information Technology V3
Governance Of Enterprise Information Technology V3Governance Of Enterprise Information Technology V3
Governance Of Enterprise Information Technology V3
 
Management ( Six Business Objectives)
Management ( Six Business Objectives)Management ( Six Business Objectives)
Management ( Six Business Objectives)
 
Implementation of a Decision System for a Suitable IT Governance Framework
Implementation of a Decision System for a Suitable IT Governance FrameworkImplementation of a Decision System for a Suitable IT Governance Framework
Implementation of a Decision System for a Suitable IT Governance Framework
 
Return on Investment of Diversity and Inclusion Initiatives in Information Go...
Return on Investment of Diversity and Inclusion Initiatives in Information Go...Return on Investment of Diversity and Inclusion Initiatives in Information Go...
Return on Investment of Diversity and Inclusion Initiatives in Information Go...
 
ITIL With Information Security
ITIL With Information SecurityITIL With Information Security
ITIL With Information Security
 
Introduction to mis
Introduction to misIntroduction to mis
Introduction to mis
 
IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing world IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing world
 
Comprehending Information Technology Governance
Comprehending Information Technology GovernanceComprehending Information Technology Governance
Comprehending Information Technology Governance
 

Similaire à It governance in_higher_education_by_james_yung

COBIT 4.0
COBIT 4.0COBIT 4.0
COBIT 4.0bluekiu
 
Chap2 2007 Cisa Review Course
Chap2 2007 Cisa Review CourseChap2 2007 Cisa Review Course
Chap2 2007 Cisa Review CourseDesmond Devendran
 
gray_audit_presentation.ppt
gray_audit_presentation.pptgray_audit_presentation.ppt
gray_audit_presentation.pptKhalilIdhman
 
MAKING SENSE OF IT GOVERNANCE
MAKING SENSE OF IT GOVERNANCEMAKING SENSE OF IT GOVERNANCE
MAKING SENSE OF IT GOVERNANCERudy Shoushany
 
Chris Vanderweylan
Chris VanderweylanChris Vanderweylan
Chris Vanderweylanozewai
 
Ch2-CIISA_IT Governance.pdf
Ch2-CIISA_IT Governance.pdfCh2-CIISA_IT Governance.pdf
Ch2-CIISA_IT Governance.pdfDanteHayashi
 
Data Management Strategies
Data Management StrategiesData Management Strategies
Data Management StrategiesMicheal Axelsen
 
Cobit Training course
Cobit Training courseCobit Training course
Cobit Training courseIman Baradari
 
CISA DOMAIN 2 Governance & Management of IT
CISA DOMAIN 2 Governance & Management of ITCISA DOMAIN 2 Governance & Management of IT
CISA DOMAIN 2 Governance & Management of ITShivamSharma909
 
ITS 833 – INFORMATION GOVERNANCEChapter 2 – Information Gove.docx
ITS 833 – INFORMATION GOVERNANCEChapter 2 – Information Gove.docxITS 833 – INFORMATION GOVERNANCEChapter 2 – Information Gove.docx
ITS 833 – INFORMATION GOVERNANCEChapter 2 – Information Gove.docxvrickens
 
Frameworks For Predictability
Frameworks For PredictabilityFrameworks For Predictability
Frameworks For Predictabilitytlknecht
 
IT Governance.pptx
IT Governance.pptxIT Governance.pptx
IT Governance.pptxFaith Shimba
 
Msp It Goverance And Service Delivery Process
Msp It Goverance And Service Delivery ProcessMsp It Goverance And Service Delivery Process
Msp It Goverance And Service Delivery Processkadhar_masthan
 
2 -governanca_de_tic_-_uma_visao_do_mercado_gartner_-_claudio_chauke
2 -governanca_de_tic_-_uma_visao_do_mercado_gartner_-_claudio_chauke2 -governanca_de_tic_-_uma_visao_do_mercado_gartner_-_claudio_chauke
2 -governanca_de_tic_-_uma_visao_do_mercado_gartner_-_claudio_chaukeMayk Campelo
 
IT Governance and Compliance: Its Importance and the Best Practices to Follow...
IT Governance and Compliance: Its Importance and the Best Practices to Follow...IT Governance and Compliance: Its Importance and the Best Practices to Follow...
IT Governance and Compliance: Its Importance and the Best Practices to Follow...GrapesTech Solutions
 

Similaire à It governance in_higher_education_by_james_yung (20)

COBIT 4.0
COBIT 4.0COBIT 4.0
COBIT 4.0
 
Accountability Corbit Overview 06262007
Accountability Corbit Overview 06262007Accountability Corbit Overview 06262007
Accountability Corbit Overview 06262007
 
Chap2 2007 Cisa Review Course
Chap2 2007 Cisa Review CourseChap2 2007 Cisa Review Course
Chap2 2007 Cisa Review Course
 
gray_audit_presentation.ppt
gray_audit_presentation.pptgray_audit_presentation.ppt
gray_audit_presentation.ppt
 
MAKING SENSE OF IT GOVERNANCE
MAKING SENSE OF IT GOVERNANCEMAKING SENSE OF IT GOVERNANCE
MAKING SENSE OF IT GOVERNANCE
 
Chris Vanderweylan
Chris VanderweylanChris Vanderweylan
Chris Vanderweylan
 
Ch2-CIISA_IT Governance.pdf
Ch2-CIISA_IT Governance.pdfCh2-CIISA_IT Governance.pdf
Ch2-CIISA_IT Governance.pdf
 
Data Management Strategies
Data Management StrategiesData Management Strategies
Data Management Strategies
 
Cobit Training course
Cobit Training courseCobit Training course
Cobit Training course
 
Sharpening the Lens
Sharpening the LensSharpening the Lens
Sharpening the Lens
 
CISA DOMAIN 2 Governance & Management of IT
CISA DOMAIN 2 Governance & Management of ITCISA DOMAIN 2 Governance & Management of IT
CISA DOMAIN 2 Governance & Management of IT
 
Understanding co bit 4.1
Understanding co bit 4.1Understanding co bit 4.1
Understanding co bit 4.1
 
It Governance Methodology Cox
It Governance Methodology CoxIt Governance Methodology Cox
It Governance Methodology Cox
 
Risk - IT Services
Risk - IT ServicesRisk - IT Services
Risk - IT Services
 
ITS 833 – INFORMATION GOVERNANCEChapter 2 – Information Gove.docx
ITS 833 – INFORMATION GOVERNANCEChapter 2 – Information Gove.docxITS 833 – INFORMATION GOVERNANCEChapter 2 – Information Gove.docx
ITS 833 – INFORMATION GOVERNANCEChapter 2 – Information Gove.docx
 
Frameworks For Predictability
Frameworks For PredictabilityFrameworks For Predictability
Frameworks For Predictability
 
IT Governance.pptx
IT Governance.pptxIT Governance.pptx
IT Governance.pptx
 
Msp It Goverance And Service Delivery Process
Msp It Goverance And Service Delivery ProcessMsp It Goverance And Service Delivery Process
Msp It Goverance And Service Delivery Process
 
2 -governanca_de_tic_-_uma_visao_do_mercado_gartner_-_claudio_chauke
2 -governanca_de_tic_-_uma_visao_do_mercado_gartner_-_claudio_chauke2 -governanca_de_tic_-_uma_visao_do_mercado_gartner_-_claudio_chauke
2 -governanca_de_tic_-_uma_visao_do_mercado_gartner_-_claudio_chauke
 
IT Governance and Compliance: Its Importance and the Best Practices to Follow...
IT Governance and Compliance: Its Importance and the Best Practices to Follow...IT Governance and Compliance: Its Importance and the Best Practices to Follow...
IT Governance and Compliance: Its Importance and the Best Practices to Follow...
 

Plus de norsaidatul_akmar

Safco Saudi Arabia Job Opportunities
Safco Saudi Arabia Job OpportunitiesSafco Saudi Arabia Job Opportunities
Safco Saudi Arabia Job Opportunitiesnorsaidatul_akmar
 
Effective interview techniques
Effective interview techniquesEffective interview techniques
Effective interview techniquesnorsaidatul_akmar
 
Dr rory ems and human behaviour
Dr rory ems and human behaviourDr rory ems and human behaviour
Dr rory ems and human behaviournorsaidatul_akmar
 
Live forum - Working Overseas
Live forum - Working OverseasLive forum - Working Overseas
Live forum - Working Overseasnorsaidatul_akmar
 
Live forum -Working Overseas
Live forum -Working OverseasLive forum -Working Overseas
Live forum -Working Overseasnorsaidatul_akmar
 

Plus de norsaidatul_akmar (16)

Meme Crazy for Jobs II
Meme Crazy for Jobs IIMeme Crazy for Jobs II
Meme Crazy for Jobs II
 
Meme Crazy for Jobs
Meme Crazy for JobsMeme Crazy for Jobs
Meme Crazy for Jobs
 
Roadshow
RoadshowRoadshow
Roadshow
 
Safco Saudi Arabia Job Opportunities
Safco Saudi Arabia Job OpportunitiesSafco Saudi Arabia Job Opportunities
Safco Saudi Arabia Job Opportunities
 
Live talk
Live talkLive talk
Live talk
 
Dress to success
Dress to successDress to success
Dress to success
 
Tell me about yourself
Tell me about yourselfTell me about yourself
Tell me about yourself
 
Effective interview techniques
Effective interview techniquesEffective interview techniques
Effective interview techniques
 
Body languange
Body languangeBody languange
Body languange
 
Introduction to iso 9001
Introduction to iso 9001 Introduction to iso 9001
Introduction to iso 9001
 
Ems awareness training
Ems awareness trainingEms awareness training
Ems awareness training
 
Dr rory ems and human behaviour
Dr rory ems and human behaviourDr rory ems and human behaviour
Dr rory ems and human behaviour
 
Live forum - Working Overseas
Live forum - Working OverseasLive forum - Working Overseas
Live forum - Working Overseas
 
Live forum
Live forumLive forum
Live forum
 
Live forum -Working Overseas
Live forum -Working OverseasLive forum -Working Overseas
Live forum -Working Overseas
 
Live forum
Live forumLive forum
Live forum
 

Dernier

Introducing the Analogic framework for business planning applications
Introducing the Analogic framework for business planning applicationsIntroducing the Analogic framework for business planning applications
Introducing the Analogic framework for business planning applicationsKnowledgeSeed
 
Technical Leaders - Working with the Management Team
Technical Leaders - Working with the Management TeamTechnical Leaders - Working with the Management Team
Technical Leaders - Working with the Management TeamArik Fletcher
 
Go for Rakhi Bazaar and Pick the Latest Bhaiya Bhabhi Rakhi.pptx
Go for Rakhi Bazaar and Pick the Latest Bhaiya Bhabhi Rakhi.pptxGo for Rakhi Bazaar and Pick the Latest Bhaiya Bhabhi Rakhi.pptx
Go for Rakhi Bazaar and Pick the Latest Bhaiya Bhabhi Rakhi.pptxRakhi Bazaar
 
WSMM Media and Entertainment Feb_March_Final.pdf
WSMM Media and Entertainment Feb_March_Final.pdfWSMM Media and Entertainment Feb_March_Final.pdf
WSMM Media and Entertainment Feb_March_Final.pdfJamesConcepcion7
 
NAB Show Exhibitor List 2024 - Exhibitors Data
NAB Show Exhibitor List 2024 - Exhibitors DataNAB Show Exhibitor List 2024 - Exhibitors Data
NAB Show Exhibitor List 2024 - Exhibitors DataExhibitors Data
 
Fordham -How effective decision-making is within the IT department - Analysis...
Fordham -How effective decision-making is within the IT department - Analysis...Fordham -How effective decision-making is within the IT department - Analysis...
Fordham -How effective decision-making is within the IT department - Analysis...Peter Ward
 
Unveiling the Soundscape Music for Psychedelic Experiences
Unveiling the Soundscape Music for Psychedelic ExperiencesUnveiling the Soundscape Music for Psychedelic Experiences
Unveiling the Soundscape Music for Psychedelic ExperiencesDoe Paoro
 
Driving Business Impact for PMs with Jon Harmer
Driving Business Impact for PMs with Jon HarmerDriving Business Impact for PMs with Jon Harmer
Driving Business Impact for PMs with Jon HarmerAggregage
 
How Generative AI Is Transforming Your Business | Byond Growth Insights | Apr...
How Generative AI Is Transforming Your Business | Byond Growth Insights | Apr...How Generative AI Is Transforming Your Business | Byond Growth Insights | Apr...
How Generative AI Is Transforming Your Business | Byond Growth Insights | Apr...Hector Del Castillo, CPM, CPMM
 
The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...
The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...
The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...Operational Excellence Consulting
 
Pitch Deck Teardown: Xpanceo's $40M Seed deck
Pitch Deck Teardown: Xpanceo's $40M Seed deckPitch Deck Teardown: Xpanceo's $40M Seed deck
Pitch Deck Teardown: Xpanceo's $40M Seed deckHajeJanKamps
 
Traction part 2 - EOS Model JAX Bridges.
Traction part 2 - EOS Model JAX Bridges.Traction part 2 - EOS Model JAX Bridges.
Traction part 2 - EOS Model JAX Bridges.Anamaria Contreras
 
Entrepreneurship lessons in Philippines
Entrepreneurship lessons in PhilippinesEntrepreneurship lessons in Philippines
Entrepreneurship lessons in PhilippinesDavidSamuel525586
 
Memorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQMMemorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQMVoces Mineras
 
Healthcare Feb. & Mar. Healthcare Newsletter
Healthcare Feb. & Mar. Healthcare NewsletterHealthcare Feb. & Mar. Healthcare Newsletter
Healthcare Feb. & Mar. Healthcare NewsletterJamesConcepcion7
 
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptxThe-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptxmbikashkanyari
 
Guide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDFGuide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDFChandresh Chudasama
 
Welding Electrode Making Machine By Deccan Dynamics
Welding Electrode Making Machine By Deccan DynamicsWelding Electrode Making Machine By Deccan Dynamics
Welding Electrode Making Machine By Deccan DynamicsIndiaMART InterMESH Limited
 
Appkodes Tinder Clone Script with Customisable Solutions.pptx
Appkodes Tinder Clone Script with Customisable Solutions.pptxAppkodes Tinder Clone Script with Customisable Solutions.pptx
Appkodes Tinder Clone Script with Customisable Solutions.pptxappkodes
 

Dernier (20)

Introducing the Analogic framework for business planning applications
Introducing the Analogic framework for business planning applicationsIntroducing the Analogic framework for business planning applications
Introducing the Analogic framework for business planning applications
 
Technical Leaders - Working with the Management Team
Technical Leaders - Working with the Management TeamTechnical Leaders - Working with the Management Team
Technical Leaders - Working with the Management Team
 
Go for Rakhi Bazaar and Pick the Latest Bhaiya Bhabhi Rakhi.pptx
Go for Rakhi Bazaar and Pick the Latest Bhaiya Bhabhi Rakhi.pptxGo for Rakhi Bazaar and Pick the Latest Bhaiya Bhabhi Rakhi.pptx
Go for Rakhi Bazaar and Pick the Latest Bhaiya Bhabhi Rakhi.pptx
 
WSMM Media and Entertainment Feb_March_Final.pdf
WSMM Media and Entertainment Feb_March_Final.pdfWSMM Media and Entertainment Feb_March_Final.pdf
WSMM Media and Entertainment Feb_March_Final.pdf
 
NAB Show Exhibitor List 2024 - Exhibitors Data
NAB Show Exhibitor List 2024 - Exhibitors DataNAB Show Exhibitor List 2024 - Exhibitors Data
NAB Show Exhibitor List 2024 - Exhibitors Data
 
Fordham -How effective decision-making is within the IT department - Analysis...
Fordham -How effective decision-making is within the IT department - Analysis...Fordham -How effective decision-making is within the IT department - Analysis...
Fordham -How effective decision-making is within the IT department - Analysis...
 
WAM Corporate Presentation April 12 2024.pdf
WAM Corporate Presentation April 12 2024.pdfWAM Corporate Presentation April 12 2024.pdf
WAM Corporate Presentation April 12 2024.pdf
 
Unveiling the Soundscape Music for Psychedelic Experiences
Unveiling the Soundscape Music for Psychedelic ExperiencesUnveiling the Soundscape Music for Psychedelic Experiences
Unveiling the Soundscape Music for Psychedelic Experiences
 
Driving Business Impact for PMs with Jon Harmer
Driving Business Impact for PMs with Jon HarmerDriving Business Impact for PMs with Jon Harmer
Driving Business Impact for PMs with Jon Harmer
 
How Generative AI Is Transforming Your Business | Byond Growth Insights | Apr...
How Generative AI Is Transforming Your Business | Byond Growth Insights | Apr...How Generative AI Is Transforming Your Business | Byond Growth Insights | Apr...
How Generative AI Is Transforming Your Business | Byond Growth Insights | Apr...
 
The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...
The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...
The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...
 
Pitch Deck Teardown: Xpanceo's $40M Seed deck
Pitch Deck Teardown: Xpanceo's $40M Seed deckPitch Deck Teardown: Xpanceo's $40M Seed deck
Pitch Deck Teardown: Xpanceo's $40M Seed deck
 
Traction part 2 - EOS Model JAX Bridges.
Traction part 2 - EOS Model JAX Bridges.Traction part 2 - EOS Model JAX Bridges.
Traction part 2 - EOS Model JAX Bridges.
 
Entrepreneurship lessons in Philippines
Entrepreneurship lessons in PhilippinesEntrepreneurship lessons in Philippines
Entrepreneurship lessons in Philippines
 
Memorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQMMemorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQM
 
Healthcare Feb. & Mar. Healthcare Newsletter
Healthcare Feb. & Mar. Healthcare NewsletterHealthcare Feb. & Mar. Healthcare Newsletter
Healthcare Feb. & Mar. Healthcare Newsletter
 
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptxThe-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
 
Guide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDFGuide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDF
 
Welding Electrode Making Machine By Deccan Dynamics
Welding Electrode Making Machine By Deccan DynamicsWelding Electrode Making Machine By Deccan Dynamics
Welding Electrode Making Machine By Deccan Dynamics
 
Appkodes Tinder Clone Script with Customisable Solutions.pptx
Appkodes Tinder Clone Script with Customisable Solutions.pptxAppkodes Tinder Clone Script with Customisable Solutions.pptx
Appkodes Tinder Clone Script with Customisable Solutions.pptx
 

It governance in_higher_education_by_james_yung

  • 1. IT Governance In Higher Education “ What is it, and how does it benefit your Institution?” Pre-Conference Seminar – June 23, 2007
  • 2. James Yung, CISA Associate Director, IS Audit Harvard University Risk Management and Audit Services Presenter
  • 3.
  • 4.
  • 5. How do most research universities govern the large and rapidly evolving set of information technology initiatives that take place on their campuses? ANSWER: Inefficiently, ineffectively and not as well as they should. ~ Source: Educause – IT Governance in Higher Education 2006 ~
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12. IT Governance at Harvard
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18. Risk Management and Audit Services Mission “ To Assist University Management and Governing Boards in Identifying, Managing and Mitigating Risk and Ensuring Risk Management Processes are Integrated Into the University’s Business Practices and Academic and Research Activities”
  • 20.
  • 21.
  • 22.
  • 23.
  • 24.
  • 25. CoBIT Approach In Assessing IT Governance At Harvard
  • 26.
  • 27.
  • 28.
  • 29. ©2007 IT Governance Institute IT Governance Audit Objectives Effectiveness Information being relevant and pertinent to the business process as well as being delivered in a timely, correct, consistent and usable manner Efficiency Provision of information through the optimal (most productive and economical ) use of resources Confidentiality The protection of sensitive information from unauthorised disclosure Integrity Relates to the accuracy and completeness of information Availability Information being available when required by the business process now and in the future; it also concerns the safeguarding of necessary resources and associated capabilities Compliance Complying with those laws, regulations and contractual arrangements to which the business process is subject, i.e., externally imposed business criteria as well as internal policies Reliability The provision of appropriate information for management to operate the entity and to exercise its fiduciary and governance responsibilities
  • 30.
  • 31.
  • 32.
  • 33.
  • 34.
  • 35.
  • 36. Align Business Goals with Key IT Goals
  • 37.
  • 38.
  • 39.
  • 40.
  • 42. References IT Governance Institute - http://www.itgi.org/ ISACA - http://www.isaca.org / IT Audit - http://www.theiia.org/itaudit/

Notes de l'éditeur

  1. IT governance process and structure usually involve a confusing hybrid of autonomous departments and one or more centralized units. There are usually a complex committee structure and a mix of decentralized, independent decision makers who are responsible for most local decisions. The governance process are confusing and time consuming and occasionally fail, as evidenced of damaging IT security breaches on many campuses.
  2. It is about the organization leadership, internal/external stakeholders and how IT investment decisions are made and prioritized.
  3. IT Governance starts with effective enterprise governance that clarifies strategic direction, priorities of objectives, and exert sufficient control to manage risks and enterprise resources to achieve the outcomes. Management is differs from governance in that its primary focus is on the implementation of decisions made through the governance process.
  4. Good governance processes will foster timely decisions, responsible actions, and alignment of an organization’s IT strategy with its overall mission and goals.
  5. 2006 Educause survey suggest IT Governance is a top issue as funding IT is directly related to governance and institutional priority setting.
  6. Assessment of the IT Governance domain can be integrated or independent based on organization operating environment and risks.
  7. The risk of inadequate funding of IT and/or mismanagement of IT investments that squandering institutional resources through duplication of efforts and/or lack of planning.
  8. How critical does your university success depends on IT? How much investment in IT is too much or not enough?
  9. IT governance framework provides the ability to measure the effectiveness of IT operational, compliance with significant laws and regulations and the delivered value to the business.
  10. Adoption of CoBIT Framework as an IT Audit standard. Use of CoBIT established creditability of IS Auditor.
  11. IT Governance Assessment reviews strategic alignment, operational effectiveness, and systems of internal control.
  12. Seven key IT Governance audit objectives