17. Frameworks – COSO COSO for Smaller Public Companies (COSO 3) Image from Volume 2 of COSO’s Internal Control over Financial Reporting – Guidance for Smaller Public Companies
20. Frameworks – COSO Example of Framework Content Image from Resolver’s Compliance Framework
21. Frameworks – COBIT COBIT Products Image from the IT Governance Institute’s COBIT4
22. Frameworks – COBIT The COBIT Cube Image from the IT Governance Institute’s research-PMBOK-Mapping-COBIT
23. Frameworks – COBIT COBIT Mapped to PMBOK COBIT is also Mapped to SEI-CMM, Prince2, ITIL, COSO, TOGAF & ISO 17799 Image from the IT Governance Institute’s research-PMBOK-Mapping-COBIT
24.
25. Frameworks – COBIT VALIT To Optimize IT Investments Image from the IT Governance Institute’s VALIT-Framework
26. Frameworks – COBIT VALIT To Optimize IT Investments Image from the IT Governance Institute’s VALIT-Framework
27. Frameworks – COBIT Example of Framework Content Image from Resolver’s Compliance Framework
28. Frameworks – ITIL From a GC IT Services Perspective With COBIT for Program Management Image from The Treasury Board Profile of GC Information Technology Services http://www.tbs-sct.gc.ca/cio-dpi/webapps/technology/profil/profil05_e.asp
29. Frameworks – ITIL From an HP IT Services Planning Perspective A common ITIL Image, this one from HP’s IT Service Management and IT Governance: Review, Comparative Analysis and their Impact on Utility Computing
30. Frameworks – ITIL From an Application Services Library Perspective Another common ITIL Image, this one from ASLfoundation.org Planning to Implement Service Management Service Management Service Support Service Delivery T h e B u s i n e s s The Business Perspec- tive Applications Management ICT Infra- structure Mgt T h e T e chnology Security Management
31. Frameworks – ITIL From an HP IT Services Operations Perspective A common ITIL Image, this one from HP’s IT Service Management and IT Governance: Review, Comparative Analysis and their Impact on Utility Computing
32. Frameworks – BSC From an IT Governance Perspective Image from the IT Governance Institute’s Information Systems Control Journal The Balanced Scorecard and IT Governance By Wim Van Grembergen, Ph.D.
33. Frameworks – BSC From an IT Governance Perspective Image from the IT Governance Institute’s Information Systems Control Journal The Balanced Scorecard and IT Governance By Wim Van Grembergen, Ph.D.
46. Processes – Six Sigma Six Sigma was invented by Motorola in 1986 as a way to measure defects and improving quality. Since then, it has evolved to a business improvement methodology that focuses an organization on customer requirements, process alignment, analytical rigor and timely execution.
47.
48.
49.
50.
51.
52. Integration – How to Integrate IT Control Objectives for Sarbanes-Oxley Why is this document so important?
53. Integration – How to Integrate IT Control Objectives for Sarbanes-Oxley (Cont.) Internal Controls - Integrated Framework (Not ERM) Version 2.0 benefits from lessons learned during the first two years. Auditing Standard 2 (AS2) COBIT Control Objectives ITIL Activities ISO 17799 Security Sarbanes-Oxley Act of 2002 Bill 198
54.
55. Integration – How to Integrate IT Control Objectives for Sarbanes-Oxley (Cont.) * From the InsideSarbanesOxley.com blog http://www.insidesarbanesoxley.com/sarbanes_oxley_blog/archive/2006_10_01_index.asp
56. Integration – How to Integrate IT Control Objectives for Sarbanes-Oxley (Cont.) * From the InsideSarbanesOxley.com blog http://www.insidesarbanesoxley.com/sarbanes_oxley_blog/archive/2006_10_01_index.asp
57. Integration – How to Integrate IT Control Objectives for Sarbanes-Oxley (Cont.) * From the InsideSarbanesOxley.com blog http://www.insidesarbanesoxley.com/sarbanes_oxley_blog/archive/2006_10_01_index.asp 1. Plan and Scope 2. Assess Risk
58. Integration – How to Integrate IT Control Objectives for Sarbanes-Oxley (Cont.) * From the InsideSarbanesOxley.com blog http://www.insidesarbanesoxley.com/sarbanes_oxley_blog/archive/2006_10_01_index.asp 3 Document Controls 4.1 Evaluate Design 4.2 Evaluate Operational Effectiveness
59. Integration – How to Integrate IT Control Objectives for Sarbanes-Oxley (Cont.) * From the InsideSarbanesOxley.com blog http://www.insidesarbanesoxley.com/sarbanes_oxley_blog/archive/2006_10_01_index.asp 5. Evaluate and Remediate Deficiencies 6. Build Sustainability