Upload
jponnoly
View
1.685
Download
5
Embed Size (px)
DESCRIPTION
Citation preview
Joseph PonnolyMBA, MSc, CGEIT, CISM, CISA, CISSP
Business & IT
IT projects fail
IT talents and skills
Returns on IT investments
Information risks
IT performance
Quality service delivery
Obsolete Technology
Responsibility for IT
Business IT
Governance
Enterprise System Architecture: Strategy, Business, Information, Systems and Technology. System Architect promotes: Increased Organizational Agility Alignment of Business Processes and IT Systems to Business
Objectives Planning, Modeling, and Execution of Business Processes (BPM) Rapid, Effective and Positive Response to Business Change
Architectural Frameworks The Zachman Framework TOGAF
Enterprise Risk Management (ERM)
HAZARD RISK STRATEGIC
RISK OPERATIONAL
RISK
PEOPLE
PROCESS
TECHNOLOGY
INFORMATION RISK
Risk Defined (LOSS –possibility/probability or exposure)
Risk/Management Internal Control Framework
COSO AS/NZ 4360:2004
Information Risk Management Framework/ Standard:
• ISO 27002- Information Risk Management Standard
• NIST SP 800-30 / 800-53
• CRAMM
• OCTAVE
•FAIR
Dealing with Risk
AVOID
TRANSFER
MITIGATE
ACCEPT
People
Application Systems
Technology
Facilities
Data
IT Resources
Portfolio & Project Management PRINCE 2 and PMBOK Balanced Score Card
Performance Management
Resources management
Risk Management
IT investments value governance
IT Strategy-Business IT alignment
leadership effective organizational
structures business processes
Key Areas
• IT Strategy
•Finance, Budgeting & Investments
•Enterprise Architecture
•Business Analysis
•Solutions Development
•Service Delivery
•Supply Management
•Risk Management
•Compliance
•Resources Management
•Talent Management
•Data Governance
•Performance Metrics/ Balanced Score Card
•Portfolio & Project Management
•Auditing & Assurance
CGEIT (Certified in Governance of Enterprise
IT)
business skills
legal skills
technology skills
Risk management
skills
financial skills
Performance management
Resource management
risk management,
Value delivery
Business – IT strategic alignment
leadership effective organizational
structures business processes
•Creation of an IT strategy that aligns with business strategiesIT Strategy
•Optimization of IT investments using the COBIT/VAL-IT framework using financial engineering concepts and analysis.IT Investment management
•Risk Management using ISO 27002 and the COSO frameworkRisk Management
• Knowledge Management , Information Management, DSS/ Business Intelligence, Technology Architecture & Solutions Management, TrainingResource Management
• portfolio and project management , ITSM, ITIL framework for service delivery, CMMI for software acquisition and implementation maturityPerformance Management
•Implementation of the Balanced Score Card for effective monitoring of IT performance, Performance Metrics
Performance Measurement-Balanced Score Card
•Compliance initiatives for Governance, Risk & Control.Compliance (GRC)
Auditor’s role in IT Governance Assessment & Assurance to Board of Directors & Executive
Management
Auditing IT Governance IT Strategies Value Governance & IT Investments & Finance Management Risk Management Resources Management Performance Metrics