SlideShare une entreprise Scribd logo

As

Vishal Sharma
Vishal Sharma
BusinessÉconomie & finance
1  sur  26
Australian Standard 8015 : 2005 Arrianto Mukti Wibowo, M.Sc., CISA IT Governance Lab Faculty of Computer Science University of Indonesia
Agenda • Intro, Tujuan, definisi, • Prinsip-prinsip • Model AS-8015
Keluarga Besar dari AS-8015 • The 8000 series of Corporate Governance standards published in 2004 provide guidance for those wishing to do better. – Good Governance Principles (AS8000) – Fraud and Corruption Control (AS8001) – organisational Codes of Conduct (AS8002) – Corporate Social Responsibility (AS8003) – Whistle Blower protection programs (AS8004) – GCG for ICT (AS8015) • The widely acknowledged AS4360 Risk Management standard was also revised in 2004. • This along with the adoption of BS15000 (now ISO 20000) as AS8018 IT Service Management, provided the context for the drafting and subsequent publishing of AS8015 to provide guidance on the small "c", corporate governance of Information and Communication Technology.
Reasons for AS-8015 • IT is mostly doing its internal job competently: – Rigour – Process – Reporting – Control • But business leaders are STILL not engaging with IT: – Not responsible – Not setting direction – Not planning – Not implementing Improving Supply … … does not fix demand! ITIL CoBIT PRINCE2 CMMI (Mark Toomey, Infonomics Australia)
Tujuan Adanya AS-8015 1. To provide a framework of principles for Directors to use when evaluating, directing and monitoring the information and communication technology (ICT) portfolio in their organizations. 2. To promote effective, efficient, and acceptable use of ICT in all organizations by— (a) providing stakeholders (including consumers, shareholders, and employees) with the confidence that, if the Standard is followed, they can trust in the organization’s corporate governance of ICT; (b) informing and guiding Directors in governing the use of ICT in their organization; and (c) providing a basis for objective evaluation of the corporate governance of ICT.
Australian Standard-8015 Good Corporate Governance for ICT “The system by which the current and future use of ICT is directed and controlled. It involves evaluating and directing the plans for the use of ICT to support the organisation and monitoring this use to achieve plans. It includes the strategy and policies for using ICT within an organisation.”
Who are the directors? • Member of the most senior governing body of an organization. • Includes owners, board members, Directors, partners, senior executives or similar, and officers authorized by Acts of Parliament (mungkin maksudnya para petinggi yang namanya harus ada dalam statuta perusahaan menurut undang-undang tertentu)
Principles of GCG for ICT
The 6 Principles 1. Establish clearly understood responsibilities for ICT 2. Plan ICT to best support the organization 3. Acquire ICT validly 4. Ensure that ICT performs well, whenever required 5. Ensure ICT conforms with formal rules 6. Ensure ICT use respects human factors
Principle 1: Establish clearly understood responsibilities for ICT • Ensure that individuals and groups within the organization understand and accept their responsibilities for ICT.
Principle 2 : Plan ICT to best support the organization • Ensure that ICT plans fit the current and ongoing needs of the organization and that the ICT plans support the corporate plans
Principle 3: Acquire ICT validly • Ensure that ICT acquisitions are made for approved reasons in the approved way; on the basis of appropriate and ongoing analysis. • Ensure that there is appropriate balance between costs, risks, long term and short term benefits.
Principle 4: Ensure that ICT performs well, whenever required • Ensure that ICT is fit for its purpose in supporting the organization, is kept responsive to changing business requirements, and provides support to the business at all times when required by the business.
Principle 5: Ensure ICT conforms with formal rules • Ensure that ICT conforms with all external regulations and complies with all internal policies and practices.
Principle 6: Ensure ICT use respects human factors • Ensure that ICT meets the current and evolving needs of all the `people in the process'.
AS-8015 Model
Three main task of directors 1. Evaluate the use of ICT 2. Direct preparation and implementation of plans and policies. 3. Monitor conformance to policies, and performance against the plans. Responsibility for specific aspects of ICT' may be delegated. However, the accountability for the effective, efficient and acceptable use of ICT by an organization, remains with its Directors Responsibility for specific aspects of ICT' may be delegated. However, the accountability for the effective, efficient and acceptable use of ICT by an organization, remains with its Directors
AS-8015 Model
Evaluation of ICT • In evaluative the use of ICT, directors should consider the pressures acting upon the business. Such as technological change, economic and social trends, and political influences. • Directors should also take account of the business needs the organizational objectives that they must achieve, such as maintaining competitive advantages.
Direct Plan & Implementation ICT • Directors should direct the preparation and implementation of plans and policies and assign responsibilities for this implementation. • Plans should set the direction for investments in ICT projects or changes in ICT operations. • Policies should establish sound behaviour in the use of ICT. • Directors should ensure that the transition from projects to operations takes into account impacts on operational practices and existing ICT infrastructure. Jadi bukan sekedar “IT Project” tetapi sustain sampai ke pelaksanaan sehari-hari pasca proyek…!
Monitor ICT • To complete the cycle the directors should monitor through appropriate performance measurement system the performance of the ICT. • They should reassure themselves that performance is in accordance with plans. – Jadi mengaudit TI bukan sekedar asal audit…! • They should also make sure that the use of ICT conforms with external legal obligations and internal work practices. • If necessary they should direct the submission of proposals for approval to address identified needs.
ICT Governance Framework The following table lists the general principles of sound ICT governance and the actions required by Directors to implement the principles. They are applicable to most organizations most of the time and any variation should be well considered.
Directors should monitor the progress of approved ICT proposals to ensure that they are achieving objectives in required time frames using allocated resources. Directors should monitor the use of ICT to ensure that it is achieving its intended benefits. Directors should direct that proposals are submitted for approval in a timely fashion to address gaps identified in the evaluation of ICT activities. Directors should also encourage the submission of proposals for innovative uses of ICT that enable the organization to undertake new businesses or improve processes. Directors should direct the preparation and use of plans and policies that ensure the organization benefits from developments in ICT. In formulating plans and policies Directors should evaluate ICT activities to ensure they align with the organization's objectives for changing circumstances, consider better practices and satisfy other key stakeholder requirements. Directors should use prudent risk management procedures as described in AS/NZS 4360. Plan ICT to best support the organization 2 Directors retain ultimate responsibility for the execution of the plans and proposals. They should satisfy themselves that appropriate ICT governance mechanisms are established. Directors should monitor the performance of those given responsibility in the governance of ICT (for example. In serving on steering committees or in presenting proposals to Directors). Directors should ensure that they receive the information that they need to meet their responsibilities by establishing and appropriately reviewing measurement systems. Directors should direct that plans are carried out and policies implemented according to the assigned ICT responsibilities. Directors should evaluate the options for assigning the responsibilities for the effective. efficient. and acceptable use of ICT. Directors should ensure that those given responsibility are competent. Generally these will be business managers assisted by ICT specialists who understand business values and processes. Directors should evaluate developments in ICT and business processes to ensure that ICT will provide support for future business needs. Establish clearly understood responsibilities for ICT 1 MonitorDirectEvaluate Actions to Implement the PrinciplesPrincipleRef No. ICT Governance Principles (1-2)
ICT Governance Principles (3-4) Directors should monitor the extent to which ICT does support the business. Directors should monitor ICT to ensure that assets are decommissioned and disposed of in accordance with environmental and data management requirements. Directors should monitor the extent to which the policies for data accuracy and the efficient use of ICT are followed properly. Directors should direct those responsible to ensure that ICT supports the business when required for business reasons, with correct and up-to-date data while protected from loss or misuse, in accordance with AS/NZS ISO/IEC 17799 and AS/NZS 7799.2. Directors should direct that resources be allocated sufficiently to ensure that ICT meets the needs of the organization according to the priorities that they have set. Directors should evaluate the risks to the integrity of information and the protection of ICT assets from damage, abuse, or misuse. Directors should evaluate options to ensure that ICT swill support business processes with the required capability and capacity. Ensure ICT performs well, whenever required 4. Directors should monitor ICT acquisitions to ensure that they do provide the required capabilities. Directors should monitor the extent to which their organization and suppliers maintain the shared understanding of the organization's intent in making any ICT acquisition. Directors should direct that ICT assets (systems and infrastructure) are acquired in an appropriate manner, including the preparation of suitable documentation, while ensuring that required capabilities are provided. Directors should direct that their organization and suppliers develop a shared understanding of the organization's intent in making any ICT acquisition. Directors should monitor the progress of approved ICT proposals to ensure that they are achieving objectives in required time frames using allocated resources. Directors should monitor the use of ICT to ensure that it is achieving its intended benefits. Acquire ICT validity 3. MonitorDirectEvaluate Actions to Implement the PrinciplesPrincipleRef No.
ICT Governance Principles (5-6) Directors should monitor ICT activities to ensure that identified needs remain relevant. Directors should monitor work practices to ensure that they are consistent with the appropriate use of ICT. Directors should direct that ICT activities are consistent with identified needs. Directors should direct that risks may be raised by anyone at any time. They should be managed in accordance with published policies and procedures and escalated to the relevant decision makers. Directors should evaluate ICT activities to ensure that people's concerns are appropriately considered and their needs identified. Ensure ICT use respects human factors 6. Directors should monitor the manner in which managers are reviewing ICT compliance and conformance to ensure that the reviews are timely, comprehensive, and suitable for the evaluation of the extent of satisfaction of internal obligations. Directors should direct those responsible to establish regular and routine mechanisms for ensuring that the use of ICT complies with relevant legislation. Directors should direct that policies are established and enforced to enable the organization to meet its internal obligations in its use of ICT. Directors should direct that ICT staff follow the guidelines set by their professions. Directors should direct that all actions relating to ICT be ethical. Directors should regularly evaluate the extent to which ICT satisfies internal obligations including legislation, internal policies, standards and professional guidelines. Ensure ICT conforms with formal rules 5. MonitorDirectEvaluate Actions to Implement the PrinciplesPrincipleRef No.

Recommandé

IT Capability Maturity Framework & Capability Improvement Program
IT Capability Maturity Framework & Capability Improvement ProgramIT Capability Maturity Framework & Capability Improvement Program
IT Capability Maturity Framework & Capability Improvement ProgramStrategic Business & IT Services
 
IT-CMF BAR
IT-CMF BARIT-CMF BAR
IT-CMF BARVishal Sharma
 
IT-CMF Overview
IT-CMF OverviewIT-CMF Overview
IT-CMF OverviewVishal Sharma
 
Executive Overview of IT Strategy and Capability Maturity Framework
Executive Overview of IT Strategy and Capability Maturity FrameworkExecutive Overview of IT Strategy and Capability Maturity Framework
Executive Overview of IT Strategy and Capability Maturity FrameworkVishal Sharma
 
Zimele presentation IT strategy
Zimele presentation IT strategyZimele presentation IT strategy
Zimele presentation IT strategySam Mandebvu
 
Define an IT Strategy and Roadmap
Define an IT Strategy and RoadmapDefine an IT Strategy and Roadmap
Define an IT Strategy and RoadmapAndrew Byers
 
An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019Gregor Polančič
 
Governance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 FrameworkGovernance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 FrameworkGoutama Bachtiar
 

Recommandé

IT Capability Maturity Framework & Capability Improvement Program
IT Capability Maturity Framework & Capability Improvement ProgramIT Capability Maturity Framework & Capability Improvement Program
IT Capability Maturity Framework & Capability Improvement ProgramStrategic Business & IT Services
 
IT-CMF BAR
IT-CMF BARIT-CMF BAR
IT-CMF BARVishal Sharma
 
IT-CMF Overview
IT-CMF OverviewIT-CMF Overview
IT-CMF OverviewVishal Sharma
 
Executive Overview of IT Strategy and Capability Maturity Framework
Executive Overview of IT Strategy and Capability Maturity FrameworkExecutive Overview of IT Strategy and Capability Maturity Framework
Executive Overview of IT Strategy and Capability Maturity FrameworkVishal Sharma
 
Zimele presentation IT strategy
Zimele presentation IT strategyZimele presentation IT strategy
Zimele presentation IT strategySam Mandebvu
 
Define an IT Strategy and Roadmap
Define an IT Strategy and RoadmapDefine an IT Strategy and Roadmap
Define an IT Strategy and RoadmapAndrew Byers
 
An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019Gregor Polančič
 
Governance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 FrameworkGovernance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 FrameworkGoutama Bachtiar
 
IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing world IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing worldPECB
 
How to pass cobit exam
How to pass cobit exam How to pass cobit exam
How to pass cobit exam Egyptian Engineers Association
 
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500PECB
 
ITIL vs. COBIT
ITIL vs. COBITITIL vs. COBIT
ITIL vs. COBITMohsen Yousefi
 
What is Cobit
What is CobitWhat is Cobit
What is CobitBen Kalland
 
Cobit 2019 framework by ISACA
Cobit 2019 framework by ISACACobit 2019 framework by ISACA
Cobit 2019 framework by ISACAMDFazlaRabbiAbir
 
Define an EA Operating Model
Define an EA Operating ModelDefine an EA Operating Model
Define an EA Operating ModelInfo-Tech Research Group
 
Business IT Management - Intro to CobiT & ITIL
Business IT Management - Intro to CobiT & ITILBusiness IT Management - Intro to CobiT & ITIL
Business IT Management - Intro to CobiT & ITILAhmad Hafeezi
 
It Governance OC CIO Nov,2013
It Governance OC CIO Nov,2013It Governance OC CIO Nov,2013
It Governance OC CIO Nov,2013Jim Sutter
 
Enterprise Architecture Implementation And The Open Group Architecture Framew...
Enterprise Architecture Implementation And The Open Group Architecture Framew...Enterprise Architecture Implementation And The Open Group Architecture Framew...
Enterprise Architecture Implementation And The Open Group Architecture Framew...Alan McSweeney
 
Ivi external briefing_pack_v.aim
Ivi external briefing_pack_v.aimIvi external briefing_pack_v.aim
Ivi external briefing_pack_v.aimAIMIreland
 
Business and ITSM on the same page at last! ITIL, TOGAF and COBIT working to...
Business and ITSM on the same page at last! ITIL, TOGAF and COBIT working to...Business and ITSM on the same page at last! ITIL, TOGAF and COBIT working to...
Business and ITSM on the same page at last! ITIL, TOGAF and COBIT working to...CTE Solutions Inc.
 
Whitepaper Business Performance Measurement For Success
Whitepaper Business Performance Measurement For SuccessWhitepaper Business Performance Measurement For Success
Whitepaper Business Performance Measurement For SuccessAlan McSweeney
 
Cobit 5 introduction plgr
Cobit 5 introduction plgrCobit 5 introduction plgr
Cobit 5 introduction plgrPedro Garcia Repetto
 
Whitepaper Practical Information Technology Governance
Whitepaper Practical Information Technology GovernanceWhitepaper Practical Information Technology Governance
Whitepaper Practical Information Technology GovernanceAlan McSweeney
 
Comprehending Information Technology Governance
Comprehending Information Technology GovernanceComprehending Information Technology Governance
Comprehending Information Technology GovernanceGoutama Bachtiar
 
COBIT 5 as a standard in the Jordanian banking system
COBIT 5 as a standard in the Jordanian banking systemCOBIT 5 as a standard in the Jordanian banking system
COBIT 5 as a standard in the Jordanian banking systemMark Constable
 
Cobit 5 Business Framework -Governance and Management of Enterprise IT
Cobit 5 Business Framework -Governance and Management of Enterprise ITCobit 5 Business Framework -Governance and Management of Enterprise IT
Cobit 5 Business Framework -Governance and Management of Enterprise ITBalasubramanian.C PMP®,ITIL®,PRINCE2®,COBIT®5
 
Trends in the commoditisation of information technology and the need for stra...
Trends in the commoditisation of information technology and the need for stra...Trends in the commoditisation of information technology and the need for stra...
Trends in the commoditisation of information technology and the need for stra...Alan McSweeney
 
Shadow IT And The Failure Of IT Architecture
Shadow IT And The Failure Of IT ArchitectureShadow IT And The Failure Of IT Architecture
Shadow IT And The Failure Of IT ArchitectureAlan McSweeney
 
Iso iec 38500 ict governance workbook
Iso iec 38500 ict governance workbookIso iec 38500 ict governance workbook
Iso iec 38500 ict governance workbookHazel Jennings
 
Information Security Governance and Strategy
Information Security Governance and Strategy Information Security Governance and Strategy
Information Security Governance and Strategy Dam Frank
 

Contenu connexe

Tendances

IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing world IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing worldPECB
 
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500PECB
 
Cobit 2019 framework by ISACA
Cobit 2019 framework by ISACACobit 2019 framework by ISACA
Cobit 2019 framework by ISACAMDFazlaRabbiAbir
 
Business IT Management - Intro to CobiT & ITIL
Business IT Management - Intro to CobiT & ITILBusiness IT Management - Intro to CobiT & ITIL
Business IT Management - Intro to CobiT & ITILAhmad Hafeezi
 
It Governance OC CIO Nov,2013
It Governance OC CIO Nov,2013It Governance OC CIO Nov,2013
It Governance OC CIO Nov,2013Jim Sutter
 
Enterprise Architecture Implementation And The Open Group Architecture Framew...
Enterprise Architecture Implementation And The Open Group Architecture Framew...Enterprise Architecture Implementation And The Open Group Architecture Framew...
Enterprise Architecture Implementation And The Open Group Architecture Framew...Alan McSweeney
 
Ivi external briefing_pack_v.aim
Ivi external briefing_pack_v.aimIvi external briefing_pack_v.aim
Ivi external briefing_pack_v.aimAIMIreland
 
Business and ITSM on the same page at last! ITIL, TOGAF and COBIT working to...
Business and ITSM on the same page at last! ITIL, TOGAF and COBIT working to...Business and ITSM on the same page at last! ITIL, TOGAF and COBIT working to...
Business and ITSM on the same page at last! ITIL, TOGAF and COBIT working to...CTE Solutions Inc.
 
Whitepaper Business Performance Measurement For Success
Whitepaper Business Performance Measurement For SuccessWhitepaper Business Performance Measurement For Success
Whitepaper Business Performance Measurement For SuccessAlan McSweeney
 
Whitepaper Practical Information Technology Governance
Whitepaper Practical Information Technology GovernanceWhitepaper Practical Information Technology Governance
Whitepaper Practical Information Technology GovernanceAlan McSweeney
 
Comprehending Information Technology Governance
Comprehending Information Technology GovernanceComprehending Information Technology Governance
Comprehending Information Technology GovernanceGoutama Bachtiar
 
COBIT 5 as a standard in the Jordanian banking system
COBIT 5 as a standard in the Jordanian banking systemCOBIT 5 as a standard in the Jordanian banking system
COBIT 5 as a standard in the Jordanian banking systemMark Constable
 
Trends in the commoditisation of information technology and the need for stra...
Trends in the commoditisation of information technology and the need for stra...Trends in the commoditisation of information technology and the need for stra...
Trends in the commoditisation of information technology and the need for stra...Alan McSweeney
 
Shadow IT And The Failure Of IT Architecture
Shadow IT And The Failure Of IT ArchitectureShadow IT And The Failure Of IT Architecture
Shadow IT And The Failure Of IT ArchitectureAlan McSweeney
 

Tendances (20)

IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing world IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing world
 
How to pass cobit exam
How to pass cobit exam How to pass cobit exam
How to pass cobit exam
 
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500
 
ITIL vs. COBIT
ITIL vs. COBITITIL vs. COBIT
ITIL vs. COBIT
 
What is Cobit
What is CobitWhat is Cobit
What is Cobit
 
Cobit 2019 framework by ISACA
Cobit 2019 framework by ISACACobit 2019 framework by ISACA
Cobit 2019 framework by ISACA
 
Define an EA Operating Model
Define an EA Operating ModelDefine an EA Operating Model
Define an EA Operating Model
 
Business IT Management - Intro to CobiT & ITIL
Business IT Management - Intro to CobiT & ITILBusiness IT Management - Intro to CobiT & ITIL
Business IT Management - Intro to CobiT & ITIL
 
It Governance OC CIO Nov,2013
It Governance OC CIO Nov,2013It Governance OC CIO Nov,2013
It Governance OC CIO Nov,2013
 
Enterprise Architecture Implementation And The Open Group Architecture Framew...
Enterprise Architecture Implementation And The Open Group Architecture Framew...Enterprise Architecture Implementation And The Open Group Architecture Framew...
Enterprise Architecture Implementation And The Open Group Architecture Framew...
 
Ivi external briefing_pack_v.aim
Ivi external briefing_pack_v.aimIvi external briefing_pack_v.aim
Ivi external briefing_pack_v.aim
 
Business and ITSM on the same page at last! ITIL, TOGAF and COBIT working to...
Business and ITSM on the same page at last! ITIL, TOGAF and COBIT working to...Business and ITSM on the same page at last! ITIL, TOGAF and COBIT working to...
Business and ITSM on the same page at last! ITIL, TOGAF and COBIT working to...
 
Whitepaper Business Performance Measurement For Success
Whitepaper Business Performance Measurement For SuccessWhitepaper Business Performance Measurement For Success
Whitepaper Business Performance Measurement For Success
 
Cobit 5 introduction plgr
Cobit 5 introduction plgrCobit 5 introduction plgr
Cobit 5 introduction plgr
 
Whitepaper Practical Information Technology Governance
Whitepaper Practical Information Technology GovernanceWhitepaper Practical Information Technology Governance
Whitepaper Practical Information Technology Governance
 
Comprehending Information Technology Governance
Comprehending Information Technology GovernanceComprehending Information Technology Governance
Comprehending Information Technology Governance
 
COBIT 5 as a standard in the Jordanian banking system
COBIT 5 as a standard in the Jordanian banking systemCOBIT 5 as a standard in the Jordanian banking system
COBIT 5 as a standard in the Jordanian banking system
 
Cobit 5 Business Framework -Governance and Management of Enterprise IT
Cobit 5 Business Framework -Governance and Management of Enterprise ITCobit 5 Business Framework -Governance and Management of Enterprise IT
Cobit 5 Business Framework -Governance and Management of Enterprise IT
 
Trends in the commoditisation of information technology and the need for stra...
Trends in the commoditisation of information technology and the need for stra...Trends in the commoditisation of information technology and the need for stra...
Trends in the commoditisation of information technology and the need for stra...
 
Shadow IT And The Failure Of IT Architecture
Shadow IT And The Failure Of IT ArchitectureShadow IT And The Failure Of IT Architecture
Shadow IT And The Failure Of IT Architecture
 

Similaire à As

Iso iec 38500 ict governance workbook
Iso iec 38500 ict governance workbookIso iec 38500 ict governance workbook
Iso iec 38500 ict governance workbookHazel Jennings
 
Information Security Governance and Strategy
Information Security Governance and Strategy Information Security Governance and Strategy
Information Security Governance and Strategy Dam Frank
 
Governance and management of IT.pptx
Governance and management of IT.pptxGovernance and management of IT.pptx
Governance and management of IT.pptxPrashant Singh
 
CoBIT 5 (A brief Description)
CoBIT 5 (A brief Description)CoBIT 5 (A brief Description)
CoBIT 5 (A brief Description)Sam Mandebvu
 
Lecture 06 - CoBit - Control Objectives for Information and Related Technolog...
Lecture 06 - CoBit - Control Objectives for Information and Related Technolog...Lecture 06 - CoBit - Control Objectives for Information and Related Technolog...
Lecture 06 - CoBit - Control Objectives for Information and Related Technolog...TRANANHQUAN4
 
Principal 4 Enabling A Holistic Approach
Principal 4 Enabling A Holistic ApproachPrincipal 4 Enabling A Holistic Approach
Principal 4 Enabling A Holistic ApproachMohammad Reda Katby
 
Executive's Handbook on IT Strategy and Governance
Executive's Handbook on IT Strategy and GovernanceExecutive's Handbook on IT Strategy and Governance
Executive's Handbook on IT Strategy and GovernanceKuda Musundire CA (Z), RPA
 
01 integrated management system telkom 2016 opening
01 integrated management system telkom 2016 opening01 integrated management system telkom 2016 opening
01 integrated management system telkom 2016 openingwisnu wardhana, i nyoman
 
Implementing Asset Management System with ISO 55001
Implementing Asset Management System with ISO 55001Implementing Asset Management System with ISO 55001
Implementing Asset Management System with ISO 55001PECB
 
Penerapan it governance pada pemerintahan
Penerapan it governance pada pemerintahanPenerapan it governance pada pemerintahan
Penerapan it governance pada pemerintahanKenneth Aurel
 
Stage 4 and 5 technology planning
Stage 4 and 5 technology planningStage 4 and 5 technology planning
Stage 4 and 5 technology planningLem CHen
 
Implementation roadmap.docx
Implementation roadmap.docxImplementation roadmap.docx
Implementation roadmap.docxssuserf1bae5
 
IT Governance Presentation by omaha 2008
IT Governance Presentation by omaha 2008IT Governance Presentation by omaha 2008
IT Governance Presentation by omaha 2008ssusera19f45
 
CISA DOMAIN 2 Governance & Management of IT
CISA DOMAIN 2 Governance & Management of ITCISA DOMAIN 2 Governance & Management of IT
CISA DOMAIN 2 Governance & Management of ITShivamSharma909
 
ISO27001_COBIT_Students.pptx
ISO27001_COBIT_Students.pptxISO27001_COBIT_Students.pptx
ISO27001_COBIT_Students.pptxjojo82637
 
Ea As A Strategy M Veeraragaloo Approach
Ea As A Strategy M Veeraragaloo ApproachEa As A Strategy M Veeraragaloo Approach
Ea As A Strategy M Veeraragaloo ApproachMaganathin Veeraragaloo
 
WLS Services Brochure March 2013
WLS Services Brochure March 2013WLS Services Brochure March 2013
WLS Services Brochure March 2013Mike Wright
 

Similaire à As (20)

Iso iec 38500 ict governance workbook
Iso iec 38500 ict governance workbookIso iec 38500 ict governance workbook
Iso iec 38500 ict governance workbook
 
Information Security Governance and Strategy
Information Security Governance and Strategy Information Security Governance and Strategy
Information Security Governance and Strategy
 
Governance and management of IT.pptx
Governance and management of IT.pptxGovernance and management of IT.pptx
Governance and management of IT.pptx
 
CoBIT 5 (A brief Description)
CoBIT 5 (A brief Description)CoBIT 5 (A brief Description)
CoBIT 5 (A brief Description)
 
Lecture 06 - CoBit - Control Objectives for Information and Related Technolog...
Lecture 06 - CoBit - Control Objectives for Information and Related Technolog...Lecture 06 - CoBit - Control Objectives for Information and Related Technolog...
Lecture 06 - CoBit - Control Objectives for Information and Related Technolog...
 
Principal 4 Enabling A Holistic Approach
Principal 4 Enabling A Holistic ApproachPrincipal 4 Enabling A Holistic Approach
Principal 4 Enabling A Holistic Approach
 
It governance & cobit 5
It governance & cobit 5It governance & cobit 5
It governance & cobit 5
 
Presentation on the Proposed Technology-related Revisions to the Code
Presentation on the Proposed Technology-related Revisions to the CodePresentation on the Proposed Technology-related Revisions to the Code
Presentation on the Proposed Technology-related Revisions to the Code
 
Executive's Handbook on IT Strategy and Governance
Executive's Handbook on IT Strategy and GovernanceExecutive's Handbook on IT Strategy and Governance
Executive's Handbook on IT Strategy and Governance
 
01 integrated management system telkom 2016 opening
01 integrated management system telkom 2016 opening01 integrated management system telkom 2016 opening
01 integrated management system telkom 2016 opening
 
Cobit 41 framework
Cobit 41 frameworkCobit 41 framework
Cobit 41 framework
 
Implementing Asset Management System with ISO 55001
Implementing Asset Management System with ISO 55001Implementing Asset Management System with ISO 55001
Implementing Asset Management System with ISO 55001
 
Penerapan it governance pada pemerintahan
Penerapan it governance pada pemerintahanPenerapan it governance pada pemerintahan
Penerapan it governance pada pemerintahan
 
Stage 4 and 5 technology planning
Stage 4 and 5 technology planningStage 4 and 5 technology planning
Stage 4 and 5 technology planning
 
Implementation roadmap.docx
Implementation roadmap.docxImplementation roadmap.docx
Implementation roadmap.docx
 
IT Governance Presentation by omaha 2008
IT Governance Presentation by omaha 2008IT Governance Presentation by omaha 2008
IT Governance Presentation by omaha 2008
 
CISA DOMAIN 2 Governance & Management of IT
CISA DOMAIN 2 Governance & Management of ITCISA DOMAIN 2 Governance & Management of IT
CISA DOMAIN 2 Governance & Management of IT
 
ISO27001_COBIT_Students.pptx
ISO27001_COBIT_Students.pptxISO27001_COBIT_Students.pptx
ISO27001_COBIT_Students.pptx
 
Ea As A Strategy M Veeraragaloo Approach
Ea As A Strategy M Veeraragaloo ApproachEa As A Strategy M Veeraragaloo Approach
Ea As A Strategy M Veeraragaloo Approach
 
WLS Services Brochure March 2013
WLS Services Brochure March 2013WLS Services Brochure March 2013
WLS Services Brochure March 2013
 

Plus de Vishal Sharma

Generative AI - The New Reality: How Key Players Are Progressing
Generative AI - The New Reality: How Key Players Are Progressing Generative AI - The New Reality: How Key Players Are Progressing
Generative AI - The New Reality: How Key Players Are Progressing Vishal Sharma
 
ABB Aus FY23 Results
ABB Aus FY23 ResultsABB Aus FY23 Results
ABB Aus FY23 ResultsVishal Sharma
 
Digital Transformation - M2M to IoT
Digital Transformation - M2M to IoTDigital Transformation - M2M to IoT
Digital Transformation - M2M to IoTVishal Sharma
 
Next Generation Digital Transformation
Next Generation Digital TransformationNext Generation Digital Transformation
Next Generation Digital TransformationVishal Sharma
 
Vodafone India - Why Govt. of India Intervened
Vodafone India - Why Govt. of India IntervenedVodafone India - Why Govt. of India Intervened
Vodafone India - Why Govt. of India IntervenedVishal Sharma
 
OPTUS Australia Dec 22 Results
OPTUS Australia Dec 22 ResultsOPTUS Australia Dec 22 Results
OPTUS Australia Dec 22 ResultsVishal Sharma
 
TPG Telecom Feb FY 23 Results
TPG Telecom Feb FY 23 Results TPG Telecom Feb FY 23 Results
TPG Telecom Feb FY 23 Results Vishal Sharma
 
State of Global IT Services and Software Industry - 2023
State of Global IT Services and Software Industry - 2023State of Global IT Services and Software Industry - 2023
State of Global IT Services and Software Industry - 2023Vishal Sharma
 
Global Telecom Industry Overview - 2023
Global Telecom Industry Overview - 2023 Global Telecom Industry Overview - 2023
Global Telecom Industry Overview - 2023 Vishal Sharma
 
Future of Cloud 2022 - Grow and Be Green
Future of Cloud 2022 - Grow and Be GreenFuture of Cloud 2022 - Grow and Be Green
Future of Cloud 2022 - Grow and Be GreenVishal Sharma
 
Future of Cloud 2022
Future of Cloud 2022Future of Cloud 2022
Future of Cloud 2022Vishal Sharma
 
NBN - Economies of Scale vs Scope
NBN - Economies of Scale vs ScopeNBN - Economies of Scale vs Scope
NBN - Economies of Scale vs ScopeVishal Sharma
 
NBN and 5G - Threat or Complement
NBN and 5G - Threat or Complement NBN and 5G - Threat or Complement
NBN and 5G - Threat or Complement Vishal Sharma
 
Inflation Impact on IT and Levers to Destress Balance Sheet
Inflation Impact on IT and Levers to Destress Balance SheetInflation Impact on IT and Levers to Destress Balance Sheet
Inflation Impact on IT and Levers to Destress Balance SheetVishal Sharma
 
Sales Trigger Spectrum with Cloud Adoption Curve
Sales Trigger Spectrum with Cloud Adoption Curve Sales Trigger Spectrum with Cloud Adoption Curve
Sales Trigger Spectrum with Cloud Adoption CurveVishal Sharma
 
Telecom Industry - Revitalise for Revenue Generation
Telecom Industry - Revitalise for Revenue GenerationTelecom Industry - Revitalise for Revenue Generation
Telecom Industry - Revitalise for Revenue GenerationVishal Sharma
 
Post COVID B2B Sales Planning and Execution
Post COVID B2B Sales Planning and Execution Post COVID B2B Sales Planning and Execution
Post COVID B2B Sales Planning and Execution Vishal Sharma
 

Plus de Vishal Sharma (20)

Generative AI - The New Reality: How Key Players Are Progressing
Generative AI - The New Reality: How Key Players Are Progressing Generative AI - The New Reality: How Key Players Are Progressing
Generative AI - The New Reality: How Key Players Are Progressing
 
ABB Aus FY23 Results
ABB Aus FY23 ResultsABB Aus FY23 Results
ABB Aus FY23 Results
 
TPG H2 FY23 Results
TPG H2 FY23 ResultsTPG H2 FY23 Results
TPG H2 FY23 Results
 
Digital Transformation - M2M to IoT
Digital Transformation - M2M to IoTDigital Transformation - M2M to IoT
Digital Transformation - M2M to IoT
 
Next Generation Digital Transformation
Next Generation Digital TransformationNext Generation Digital Transformation
Next Generation Digital Transformation
 
Vodafone India - Why Govt. of India Intervened
Vodafone India - Why Govt. of India IntervenedVodafone India - Why Govt. of India Intervened
Vodafone India - Why Govt. of India Intervened
 
OPTUS Australia Dec 22 Results
OPTUS Australia Dec 22 ResultsOPTUS Australia Dec 22 Results
OPTUS Australia Dec 22 Results
 
TPG Telecom Feb FY 23 Results
TPG Telecom Feb FY 23 Results TPG Telecom Feb FY 23 Results
TPG Telecom Feb FY 23 Results
 
State of Global IT Services and Software Industry - 2023
State of Global IT Services and Software Industry - 2023State of Global IT Services and Software Industry - 2023
State of Global IT Services and Software Industry - 2023
 
Global Telecom Industry Overview - 2023
Global Telecom Industry Overview - 2023 Global Telecom Industry Overview - 2023
Global Telecom Industry Overview - 2023
 
Future of Cloud 2022 - Grow and Be Green
Future of Cloud 2022 - Grow and Be GreenFuture of Cloud 2022 - Grow and Be Green
Future of Cloud 2022 - Grow and Be Green
 
Future of Cloud 2022
Future of Cloud 2022Future of Cloud 2022
Future of Cloud 2022
 
NBN - Economies of Scale vs Scope
NBN - Economies of Scale vs ScopeNBN - Economies of Scale vs Scope
NBN - Economies of Scale vs Scope
 
Inflation Spectrum
Inflation SpectrumInflation Spectrum
Inflation Spectrum
 
NBN and 5G - Threat or Complement
NBN and 5G - Threat or Complement NBN and 5G - Threat or Complement
NBN and 5G - Threat or Complement
 
Digital vs IT
Digital vs IT Digital vs IT
Digital vs IT
 
Inflation Impact on IT and Levers to Destress Balance Sheet
Inflation Impact on IT and Levers to Destress Balance SheetInflation Impact on IT and Levers to Destress Balance Sheet
Inflation Impact on IT and Levers to Destress Balance Sheet
 
Sales Trigger Spectrum with Cloud Adoption Curve
Sales Trigger Spectrum with Cloud Adoption Curve Sales Trigger Spectrum with Cloud Adoption Curve
Sales Trigger Spectrum with Cloud Adoption Curve
 
Telecom Industry - Revitalise for Revenue Generation
Telecom Industry - Revitalise for Revenue GenerationTelecom Industry - Revitalise for Revenue Generation
Telecom Industry - Revitalise for Revenue Generation
 
Post COVID B2B Sales Planning and Execution
Post COVID B2B Sales Planning and Execution Post COVID B2B Sales Planning and Execution
Post COVID B2B Sales Planning and Execution
 

Dernier

Traction part 2 - EOS Model JAX Bridges.
Traction part 2 - EOS Model JAX Bridges.Traction part 2 - EOS Model JAX Bridges.
Traction part 2 - EOS Model JAX Bridges.Anamaria Contreras
 
Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03DallasHaselhorst
 
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deckPitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deckHajeJanKamps
 
APRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfAPRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfRbc Rbcua
 
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCRashishs7044
 
IoT Insurance Observatory: summary 2024
IoT Insurance Observatory: summary 2024IoT Insurance Observatory: summary 2024
IoT Insurance Observatory: summary 2024Matteo Carbone
 
Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...
Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...
Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...ShrutiBose4
 
2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis UsageNeil Kimberley
 
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607dollysharma2066
 
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptxContemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptxMarkAnthonyAurellano
 
India Consumer 2024 Redacted Sample Report
India Consumer 2024 Redacted Sample ReportIndia Consumer 2024 Redacted Sample Report
India Consumer 2024 Redacted Sample ReportMintel Group
 
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCRashishs7044
 
Digital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdfDigital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdfJos Voskuil
 
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfIntro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfpollardmorgan
 
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCRashishs7044
 
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...ictsugar
 
Investment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy CheruiyotInvestment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy Cheruiyotictsugar
 
Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...Seta Wicaksana
 
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfNewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfKhaled Al Awadi
 

Dernier (20)

Traction part 2 - EOS Model JAX Bridges.
Traction part 2 - EOS Model JAX Bridges.Traction part 2 - EOS Model JAX Bridges.
Traction part 2 - EOS Model JAX Bridges.
 
Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03
 
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deckPitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
 
APRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfAPRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdf
 
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
 
No-1 Call Girls In Goa 93193 VIP 73153 Escort service In North Goa Panaji, Ca...
No-1 Call Girls In Goa 93193 VIP 73153 Escort service In North Goa Panaji, Ca...No-1 Call Girls In Goa 93193 VIP 73153 Escort service In North Goa Panaji, Ca...
No-1 Call Girls In Goa 93193 VIP 73153 Escort service In North Goa Panaji, Ca...
 
IoT Insurance Observatory: summary 2024
IoT Insurance Observatory: summary 2024IoT Insurance Observatory: summary 2024
IoT Insurance Observatory: summary 2024
 
Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...
Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...
Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...
 
2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage
 
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
 
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptxContemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
 
India Consumer 2024 Redacted Sample Report
India Consumer 2024 Redacted Sample ReportIndia Consumer 2024 Redacted Sample Report
India Consumer 2024 Redacted Sample Report
 
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
 
Digital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdfDigital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdf
 
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfIntro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
 
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
 
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
 
Investment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy CheruiyotInvestment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy Cheruiyot
 
Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...
 
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfNewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
 

As

  • 1. Australian Standard 8015 : 2005 Arrianto Mukti Wibowo, M.Sc., CISA IT Governance Lab Faculty of Computer Science University of Indonesia
  • 2.
  • 3. Agenda • Intro, Tujuan, definisi, • Prinsip-prinsip • Model AS-8015
  • 4. Keluarga Besar dari AS-8015 • The 8000 series of Corporate Governance standards published in 2004 provide guidance for those wishing to do better. – Good Governance Principles (AS8000) – Fraud and Corruption Control (AS8001) – organisational Codes of Conduct (AS8002) – Corporate Social Responsibility (AS8003) – Whistle Blower protection programs (AS8004) – GCG for ICT (AS8015) • The widely acknowledged AS4360 Risk Management standard was also revised in 2004. • This along with the adoption of BS15000 (now ISO 20000) as AS8018 IT Service Management, provided the context for the drafting and subsequent publishing of AS8015 to provide guidance on the small "c", corporate governance of Information and Communication Technology.
  • 5. Reasons for AS-8015 • IT is mostly doing its internal job competently: – Rigour – Process – Reporting – Control • But business leaders are STILL not engaging with IT: – Not responsible – Not setting direction – Not planning – Not implementing Improving Supply … … does not fix demand! ITIL CoBIT PRINCE2 CMMI (Mark Toomey, Infonomics Australia)
  • 6. Tujuan Adanya AS-8015 1. To provide a framework of principles for Directors to use when evaluating, directing and monitoring the information and communication technology (ICT) portfolio in their organizations. 2. To promote effective, efficient, and acceptable use of ICT in all organizations by— (a) providing stakeholders (including consumers, shareholders, and employees) with the confidence that, if the Standard is followed, they can trust in the organization’s corporate governance of ICT; (b) informing and guiding Directors in governing the use of ICT in their organization; and (c) providing a basis for objective evaluation of the corporate governance of ICT.
  • 7. Australian Standard-8015 Good Corporate Governance for ICT “The system by which the current and future use of ICT is directed and controlled. It involves evaluating and directing the plans for the use of ICT to support the organisation and monitoring this use to achieve plans. It includes the strategy and policies for using ICT within an organisation.”
  • 8. Who are the directors? • Member of the most senior governing body of an organization. • Includes owners, board members, Directors, partners, senior executives or similar, and officers authorized by Acts of Parliament (mungkin maksudnya para petinggi yang namanya harus ada dalam statuta perusahaan menurut undang-undang tertentu)
  • 10. The 6 Principles 1. Establish clearly understood responsibilities for ICT 2. Plan ICT to best support the organization 3. Acquire ICT validly 4. Ensure that ICT performs well, whenever required 5. Ensure ICT conforms with formal rules 6. Ensure ICT use respects human factors
  • 11. Principle 1: Establish clearly understood responsibilities for ICT • Ensure that individuals and groups within the organization understand and accept their responsibilities for ICT.
  • 12. Principle 2 : Plan ICT to best support the organization • Ensure that ICT plans fit the current and ongoing needs of the organization and that the ICT plans support the corporate plans
  • 13. Principle 3: Acquire ICT validly • Ensure that ICT acquisitions are made for approved reasons in the approved way; on the basis of appropriate and ongoing analysis. • Ensure that there is appropriate balance between costs, risks, long term and short term benefits.
  • 14. Principle 4: Ensure that ICT performs well, whenever required • Ensure that ICT is fit for its purpose in supporting the organization, is kept responsive to changing business requirements, and provides support to the business at all times when required by the business.
  • 15. Principle 5: Ensure ICT conforms with formal rules • Ensure that ICT conforms with all external regulations and complies with all internal policies and practices.
  • 16. Principle 6: Ensure ICT use respects human factors • Ensure that ICT meets the current and evolving needs of all the `people in the process'.
  • 18. Three main task of directors 1. Evaluate the use of ICT 2. Direct preparation and implementation of plans and policies. 3. Monitor conformance to policies, and performance against the plans. Responsibility for specific aspects of ICT' may be delegated. However, the accountability for the effective, efficient and acceptable use of ICT by an organization, remains with its Directors Responsibility for specific aspects of ICT' may be delegated. However, the accountability for the effective, efficient and acceptable use of ICT by an organization, remains with its Directors
  • 20. Evaluation of ICT • In evaluative the use of ICT, directors should consider the pressures acting upon the business. Such as technological change, economic and social trends, and political influences. • Directors should also take account of the business needs the organizational objectives that they must achieve, such as maintaining competitive advantages.
  • 21. Direct Plan & Implementation ICT • Directors should direct the preparation and implementation of plans and policies and assign responsibilities for this implementation. • Plans should set the direction for investments in ICT projects or changes in ICT operations. • Policies should establish sound behaviour in the use of ICT. • Directors should ensure that the transition from projects to operations takes into account impacts on operational practices and existing ICT infrastructure. Jadi bukan sekedar “IT Project” tetapi sustain sampai ke pelaksanaan sehari-hari pasca proyek…!
  • 22. Monitor ICT • To complete the cycle the directors should monitor through appropriate performance measurement system the performance of the ICT. • They should reassure themselves that performance is in accordance with plans. – Jadi mengaudit TI bukan sekedar asal audit…! • They should also make sure that the use of ICT conforms with external legal obligations and internal work practices. • If necessary they should direct the submission of proposals for approval to address identified needs.
  • 23. ICT Governance Framework The following table lists the general principles of sound ICT governance and the actions required by Directors to implement the principles. They are applicable to most organizations most of the time and any variation should be well considered.
  • 24. Directors should monitor the progress of approved ICT proposals to ensure that they are achieving objectives in required time frames using allocated resources. Directors should monitor the use of ICT to ensure that it is achieving its intended benefits. Directors should direct that proposals are submitted for approval in a timely fashion to address gaps identified in the evaluation of ICT activities. Directors should also encourage the submission of proposals for innovative uses of ICT that enable the organization to undertake new businesses or improve processes. Directors should direct the preparation and use of plans and policies that ensure the organization benefits from developments in ICT. In formulating plans and policies Directors should evaluate ICT activities to ensure they align with the organization's objectives for changing circumstances, consider better practices and satisfy other key stakeholder requirements. Directors should use prudent risk management procedures as described in AS/NZS 4360. Plan ICT to best support the organization 2 Directors retain ultimate responsibility for the execution of the plans and proposals. They should satisfy themselves that appropriate ICT governance mechanisms are established. Directors should monitor the performance of those given responsibility in the governance of ICT (for example. In serving on steering committees or in presenting proposals to Directors). Directors should ensure that they receive the information that they need to meet their responsibilities by establishing and appropriately reviewing measurement systems. Directors should direct that plans are carried out and policies implemented according to the assigned ICT responsibilities. Directors should evaluate the options for assigning the responsibilities for the effective. efficient. and acceptable use of ICT. Directors should ensure that those given responsibility are competent. Generally these will be business managers assisted by ICT specialists who understand business values and processes. Directors should evaluate developments in ICT and business processes to ensure that ICT will provide support for future business needs. Establish clearly understood responsibilities for ICT 1 MonitorDirectEvaluate Actions to Implement the PrinciplesPrincipleRef No. ICT Governance Principles (1-2)
  • 25. ICT Governance Principles (3-4) Directors should monitor the extent to which ICT does support the business. Directors should monitor ICT to ensure that assets are decommissioned and disposed of in accordance with environmental and data management requirements. Directors should monitor the extent to which the policies for data accuracy and the efficient use of ICT are followed properly. Directors should direct those responsible to ensure that ICT supports the business when required for business reasons, with correct and up-to-date data while protected from loss or misuse, in accordance with AS/NZS ISO/IEC 17799 and AS/NZS 7799.2. Directors should direct that resources be allocated sufficiently to ensure that ICT meets the needs of the organization according to the priorities that they have set. Directors should evaluate the risks to the integrity of information and the protection of ICT assets from damage, abuse, or misuse. Directors should evaluate options to ensure that ICT swill support business processes with the required capability and capacity. Ensure ICT performs well, whenever required 4. Directors should monitor ICT acquisitions to ensure that they do provide the required capabilities. Directors should monitor the extent to which their organization and suppliers maintain the shared understanding of the organization's intent in making any ICT acquisition. Directors should direct that ICT assets (systems and infrastructure) are acquired in an appropriate manner, including the preparation of suitable documentation, while ensuring that required capabilities are provided. Directors should direct that their organization and suppliers develop a shared understanding of the organization's intent in making any ICT acquisition. Directors should monitor the progress of approved ICT proposals to ensure that they are achieving objectives in required time frames using allocated resources. Directors should monitor the use of ICT to ensure that it is achieving its intended benefits. Acquire ICT validity 3. MonitorDirectEvaluate Actions to Implement the PrinciplesPrincipleRef No.
  • 26. ICT Governance Principles (5-6) Directors should monitor ICT activities to ensure that identified needs remain relevant. Directors should monitor work practices to ensure that they are consistent with the appropriate use of ICT. Directors should direct that ICT activities are consistent with identified needs. Directors should direct that risks may be raised by anyone at any time. They should be managed in accordance with published policies and procedures and escalated to the relevant decision makers. Directors should evaluate ICT activities to ensure that people's concerns are appropriately considered and their needs identified. Ensure ICT use respects human factors 6. Directors should monitor the manner in which managers are reviewing ICT compliance and conformance to ensure that the reviews are timely, comprehensive, and suitable for the evaluation of the extent of satisfaction of internal obligations. Directors should direct those responsible to establish regular and routine mechanisms for ensuring that the use of ICT complies with relevant legislation. Directors should direct that policies are established and enforced to enable the organization to meet its internal obligations in its use of ICT. Directors should direct that ICT staff follow the guidelines set by their professions. Directors should direct that all actions relating to ICT be ethical. Directors should regularly evaluate the extent to which ICT satisfies internal obligations including legislation, internal policies, standards and professional guidelines. Ensure ICT conforms with formal rules 5. MonitorDirectEvaluate Actions to Implement the PrinciplesPrincipleRef No.