Embed Size (px)
Citation preview
GRADUATE PROJECT IT Policy and Audit FA13-900
D’Mico Johnson
INTRODUCTION
During this presentation we will look at the current and future rules and the policies that regulate new technology implementations at Silgan Containers. We will also examine and compare Silgan to the industry standards.
ABOUT SILGAN CONTAINERS
o Established in 1987o Largest provider of metal food packagingo More than 3500 Employeeso More than 2500 PC’so More than 350 Servers (Physical and Virtual)o More than 75 different applications ran o IT Staff of 30 employees (7 programmers, 1
database admin, 6 network engineers, 5 help desk personnel, 3 operations support specialist, 8 ERP developers and 6 management personnel).
o Annual IT budget of 2.5 million dollars.
SILGAN’S CURRENT POLICY AND REGULATION
New Technology Implementation New technology under 5K, less than 40 IT man hrs.
IT Director approves or denies these proposals. New technology under 100k, more than 40 IT hrs.
Approval from the CFO Approval from IT steering committee
New technology over 100K Approval from CEO Approval from IT steering committee
SILGAN’S CURRENT POLICY AND REGULATION
SOX Testing Technology that affects Financial/ Security aspects
Test new technology Analysis reviews testing data End user evaluation SOX Auditing
Non SOX Testing Technology that doesn’t affect Financial/Security
Test new technology End user evaluation
CURRENT INDUSTRY POLICY AND REGULATIONS
New Technology Implementation Internal IT control frameworks
SDLC COBIT
Regulatory Sarbanes-Oxley Act (SOX)
INTERNAL FRAMEWORK
SDLC
Process for planning, creating, testing and deploying an information system.
Phases Design Implementation Maintenance Planning Analysis
INTERNAL FRAMEWORK
COBiT
It is a supporting toolset that allows managers to bridge the gap between control requirements, technical issues and business risks.
Domains Plan and Organize Acquire and Implementation Deliver and Support Monitor and Evaluate
SILGAN CONTAINERS VS. INDUSTRY
Custom Internal Framework Cost Dependent
IT Steering Committee SOX regulated
Internal Framework SDLC COBIT
IT Steering Committee Sox Regulated
FUTURE
Silgan’s Future Silgan has no immediate plans to change their
current implementation policies. There is also no foreseeable regulation changes in
the future that will alter Silgan’s current implementation plan.
Industry Future More regulatory audits
Internal and external More Internal frameworks
RECOMMENDATIONS
Future Recommendations Utilize Internal Frameworks
Initial phase implement SDLC Second phase implement COBiT
Add more IT personnel on steering committee Utilize internal auditing Utilize external auditing
DEFINITION OF TERMS
SOX- Sarbanes Oxley (SOX audit) is an audit on a publicly-held company's financial information and internal controls
SDLC- System Design Life Cycle is the process for planning, creating, testing, and deploying an information system
COBiT- Control Objectives for Information and Related Technology is a framework created by ISACA for information technology management and IT governance. It is a supporting toolset that allows managers to bridge the gap between control requirements, technical issues and business risks
CONCLUSION
Silgan’s current implementation and regulatory plans work. However, I do believe that if Silgan was to implement SDLC and COBiT in stages it would stream line a lot of the current processes and make things easier by supplying a . I also believe that with the use of internal and external audits, Silgan would guarantee compliance with SOX and any other regulatory policies they may see in the future.
