May 8, 2012 10:10 PM
Posted by: Robert Davis
COBIT,
Control Environment,
Infrastructure,
ISO,
ITSM,
Service Delivery,
SystemsContributing foundational control environment factors are values and attitudes. Values and attitudes represent a view of what is desirable or undesirable behavior. Behavior refers to “the way one acts,” especially to actions that can be observed. Circularly, individual and group behavior is...
May 4, 2012 11:35 PM
Posted by: Robert Davis
COBIT,
Control Environment,
Control Techniques,
Infrastructure,
ISO,
ITSM,
Service Delivery,
Service Support,
SystemsThe control environment is an important component of an entity’s control structure or system that directly impacts IT governance. Literally, an entity’s control environment sets the “
October 11, 2011 7:51 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
COBIT,
Control Environment,
External Audit,
Information Security Governance,
Internal Audit,
ISG,
IT AuditPrimary drivers for ISG assurance planning is the verification of governance existence, adequacy, and risk management. However, as with standard IT audits, a general control environment, information systems, and control procedures understanding should be obtained during engagement planning to...
September 20, 2011 8:33 PM
Posted by: Robert Davis
COBIT,
Control Environment,
IT Architecture,
Project Management,
Risk Management,
Risk Mitigation,
Risk ToleranceAt the departmental-level, value delivery risks are generally an inducement for the entity’s executive management to designate an IT managerial group (e.g. IT Portfolio Management Committee) or individual (e.g. Chief Information Officer) to oversee
September 16, 2011 9:24 PM
Posted by: Robert Davis
COBIT,
Control Environment,
IT Architecture,
Project Management,
Risk Management,
Risk Mitigation,
Risk ToleranceAs a logical assumption, IT project management is a primary governance point for the entity’s ITG program. Therefore, derivatively, management’s CE due diligence regarding IT project governance policies will significantly reduce systems and infrastructure life cycle risks.
At the...
September 13, 2011 8:56 PM
Posted by: Robert Davis
Audit Oversight Committee,
COBIT,
Control Environment,
Due Diligence,
IT Architecture,
Project Management,
Risk Management,
Risk Mitigation,
Risk ToleranceAn entity's oversight committee should provide internal and external controls due diligence. In this regard, entity oversight committees normally delegate responsibility, accountability, and authority to an audit oversight committee that: evaluates project controls, interfaces...
September 9, 2011 8:31 PM
Posted by: Robert Davis
COBIT,
Control Environment,
IT Architecture,
Project Management,
Risk Management,
Risk Mitigation,
Risk ToleranceIT project governance can only be effective if those influencing project decisions are adequately informed. Project management policies, procedures, rules, and individual responsibilities should be distributed to all affected parties. Furthermore, the risk awareness program...
September 6, 2011 7:35 PM
Posted by: Robert Davis
COBIT,
Control Environment,
IT Architecture,
Project Management,
Risk Management,
Risk Mitigation,
Risk ToleranceFundamentally, IT policies and procedures should be deployed based on assessed effectiveness and efficiency in addressing managements’ risk appetite. Supporting CE
September 2, 2011 9:23 PM
Posted by: Robert Davis
COBIT,
Control Environment,
IT Architecture,
ITG,
Project ManagementControlled environments provide a structured method for effective IT project management. Partially reflecting the COBIT framework; systems and infrastructure delivered to the core business processes through procurement...
