IT Governance, Risk, and Compliance:

Control Environment


December 27, 2012  1:31 AM

eBook excerpt: Assuring Information Security – Part V



Posted by: Robert Davis
Accountability, Acquire and Implement, Adaptive Systems, Asset Management, Availability Management, COBIT, COBIT Domains, Control Environment, Control Objectives for Information and related Technology, Deliver and Support, Due Diligence, Fiduciary Responsibility, Framework, Information Assets Protection, Information Security Governance, Information Security Management, ISG, Key Performance Indicators, Monitor and Evaluate, Performance Measurement, Plan and Organize, Risk Management, Security Frameworks, Strategic Alignment, Value Delivery

1.1 Control Environment

“…culture determines the behaviour of people in an organisation and should, therefore, be used to influence the behaviour of people with regard to information security.” – Kerry-Lynn Thomson and Rossouw von...

June 12, 2012  9:46 PM

What Every IT Manager Should Know About Service Delivery and Support – Part XII



Posted by: Robert Davis
Audit, COBIT, Control Environment, Control Methods, Ethics, Human Resources, Infrastructure, Integrity, ISACA, ISO, IT Audit, ITSM, Organizational Structure, Service Delivery, Systems

Audit professionals have a significant role in supporting an adequate control environment when providing contributions to strategic, tactical, and operational value through governance improvement recommendations. Consistent with entity oversight responsibilities, board of directors should insist...


June 8, 2012  10:32 PM

What Every IT Manager Should Know About Service Delivery and Support – Part XI



Posted by: Robert Davis
COBIT, Control Environment, Control Methods, Ethics, Human Resources, Infrastructure, Integrity, ISACA, ISO, ITSM, Organizational Structure, Service Delivery, Systems

Foundationally, the IT control environment should assist in enabling the governing body, management and all other staff in providing reasonable assurance regarding achievement of the following general objectives:  Operational Efficiency  Operational Effectiveness  Operational...


June 5, 2012  9:55 PM

What Every IT Manager Should Know About Service Delivery and Support – Part X



Posted by: Robert Davis
COBIT, Control Environment, Control Methods, Ethics, Human Resources, Infrastructure, Integrity, ISACA, ISO, ITSM, Organizational Structure, Service Delivery, Systems

Management’s control methods over compliance with laws and regulations should ensure appropriate measures are deployed to ascertain whether entity personnel understand implemented governance practices, and governance processes are being...


June 1, 2012  9:54 PM

What Every IT Manager Should Know About Service Delivery and Support – Part IX



Posted by: Robert Davis
COBIT, Control Environment, Ethics, Human Resources, Infrastructure, Integrity, ISACA, ISO, ITSM, Organizational Structure, Service Delivery, Systems

Human resources policies are definite courses or methods of action selected by management from alternatives, considering the environment, that guide as well as determine present and future employment decisions. For example, training policies that communicate prospective roles and...


May 29, 2012  10:55 PM

What Every IT Manager Should Know About Service Delivery and Support – Part VIII



Posted by: Robert Davis
COBIT, Control Environment, Ethics, Infrastructure, Integrity, ISACA, ISO, ITSM, Organizational Structure, Service Delivery, Systems

Knowledge management activities and initiatives enable competence. Commitment to competence is required to ensure adequate leadership and workmanship when engaged in entity endeavors. Therefore, well qualified,...


May 25, 2012  9:20 PM

What Every IT Manager Should Know About Service Delivery and Support – Part VII



Posted by: Robert Davis
COBIT, Control Environment, Ethics, Infrastructure, Integrity, ISACA, ISO, ITSM, Organizational Structure, Service Delivery, Systems

Authority is the power or right to give commands, enforce obedience, take action, or make final decisions. How operating activities are assigned as well as how reporting relationships and authorization hierarchies are established reflect authority status. Managerial authority...


May 22, 2012  9:46 PM

What Every IT Manager Should Know About Service Delivery and Support – Part VI



Posted by: Robert Davis
COBIT, Control Environment, Ethics, Infrastructure, Integrity, ISACA, ISO, ITSM, Organizational Structure, Service Delivery, Systems

An entity’s organizational structure provides the framework within which its activities for achieving entity-wide objectives are planned, executed, controlled, and reviewed. An entity should develop an


May 18, 2012  11:06 PM

What Every IT Manager Should Know About Service Delivery and Support – Part V



Posted by: Robert Davis
COBIT, Control Environment, Ethics, Infrastructure, Integrity, ISACA, ISO, ITSM, Operating Style, Service Delivery, Systems

Management’s operating style is usually derived from devotion to tasks, symbolic behavior, and engrained cultural norms. Operating style will typically be reflected, directly or indirectly, in entity-centric imperatives presented in items such as the mission statement,...


May 15, 2012  10:28 PM

What Every IT Manager Should Know About Service Delivery and Support – Part IV



Posted by: Robert Davis
COBIT, Control Environment, Ethics, Infrastructure, Integrity, ISO, ITSM, Murdoch, Service Delivery, Systems

Management’s philosophy encompasses a broad range of beliefs, concepts, and attitudes that have a significant impact not only on the entity’s basic policies, but also on determining the entity’s culture. Management’s beliefs are the focal point for directing activities. ...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: