IT Governance, Risk, and Compliance:

April, 2011

1

April 29, 2011  8:28 PM

Right-sizing IT Controls – Part VII

Robert Davis Robert Davis Profile: Robert Davis

An entity’s controlling and monitoring activities should reflect management’s strategy for ensuring an adequate IT control system. Consequently, IT policies, directives, standards, procedures, and rules should have a one-to-one or one-to-many correspondence with the assessed...

April 26, 2011  8:53 PM

Right-sizing IT Controls – Part VI

Robert Davis Robert Davis Profile: Robert Davis

The risk management process introduces a systematic approach for identifying, assessing, and reducing risks as well as maintaining defined acceptable risk levels. An IT risk assessment should be considered a key risk management practice area. When management institutionalizes an...


April 22, 2011  8:16 PM

Right-sizing IT Controls – Part V

Robert Davis Robert Davis Profile: Robert Davis

IT organization is implemented to prevent chaos and assist in identifying processes for objective achievement. The organizing process transforms the entity plan into controllable areas and includes:

  • Identification and...


April 19, 2011  8:27 PM

Right-sizing IT Controls – Part IV

Robert Davis Robert Davis Profile: Robert Davis

Processes modify system elements deployed to assist in achieving IT program goals. When pursuing identification, process maps are a standard method to document all pertinent system information. Developmentally,...


April 15, 2011  8:01 PM

Right-sizing IT Controls – Part III

Robert Davis Robert Davis Profile: Robert Davis

During IT governance framework construction; personnel, structures, processes, and risk management integration are foundational. Nevertheless, professionals generally agree defining...


April 12, 2011  3:11 PM

Right-sizing IT Controls – Part II

Robert Davis Robert Davis Profile: Robert Davis

As illustrated by the ‘Governance Tree’ model, an entity’s ‘Tone at the Top’ impacts IT governance effectiveness. IT governance effectiveness and efficiency are...


April 8, 2011  8:39 PM

Right-sizing IT Controls – Part I

Robert Davis Robert Davis Profile: Robert Davis

IT has enhanced control processes. It has enabled opportunities for utilizing close-loop control systems and provided the means for more timely corrective actions. Unfortunately, IT has also introduced the potential...


April 5, 2011  5:45 PM

Managing the Dynamic Uncertainties of IT – Part VIII

Robert Davis Robert Davis Profile: Robert Davis

Technology is an enabler, not a solution, for deploying and executing a sound operational strategy. To ensure effectiveness, responsibility for executing an adopted strategy should be shared across the entity, making all employees accountable as...


April 1, 2011  6:32 PM

Managing the Dynamic Uncertainties of IT – Part VII

Robert Davis Robert Davis Profile: Robert Davis

An IT risk assessment can classify information assets by criticality, sensitivity, and impact on operations. For most entities, comprehensive IT risks evaluations should be iterative and adaptive processes. Therefore, adequate IT risk management...


1

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: