IT Governance, Risk, and Compliance

Mar 16 2013   3:40PM GMT

Risk Management: Is it just another set of business buzzwords? – Part VII

Robert Davis Robert Davis Profile: Robert Davis

Management should establish standards as baselines for measuring quantity, weight, extent, value, or quality.  Standards can be considered specific goals or objectives against which performance is compared.  Selection of points where performance will be measured is critical to effective standards.  Employee accountability affects responsibility for meeting standards.  Consequently, responsibility for a standard should be directly correlated to activity responsibility.  Without accountability, standards become ineffective measurement tools.

Procedures establish methods for accomplishing an activity, through specific performance, while simultaneously complying with prescribed policies. Prior to determining procedures, processes should be identified and classified to determine control objective impact. In order to create an adequate IT governance framework, management must understand and document operational procedures.

Rules are specific and detailed guides that confine and restrict behavior. Comparatively, rules are the simplest operational plan. A rule requires a specific action to be taken regarding a given situation. For example, “This building is a smoke free environment. Violators will be dismissed without exception.”

Source

Davis, Robert E. (2011). Assuring IT Governance. Available from http://www.amazon.com/Assuring-Governance-Assurance-Services-ebook/dp/B0058P58E0 and http://www.smashwords.com/books/view/70359

Davis, Robert E. (2006). IT Auditing: IT Governance. Mission Viejo: Pleier. CD-ROM.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: