IT Governance, Risk, and Compliance » Organizational Formation

Achieving Not-for-profit Organizational Objectives through IT Governance Deployment – Part VII

Robert Davis — Thu, 29 Apr 2010 18:17:33 +0000

IT governance risk management defines not-for-profit strategic alignment, value delivery, resource management, and performance measurement processes through responses to IT risk assessments. Within this context, as with for-profit entities, the IT risk assessment methodology will vary depending on the adopted risk management framework. Nevertheless, IT risk assessment techniques focus on mechanisms for identifying events that may impact objectives, potential consequences of considered events and corresponding likelihood of contemplated occurrences. Regarding not-for-profit IT service delivery, the outcome of an IT governance risk assessment is a prioritized list of possible events that can form the basis for further actions, if warranted, to ensure appropriate controls are deployed.

“View Part I of the Achieving Not-for-profit Organizational Objectives through IT Governance Deployment series here“

Achieving Not-for-profit Organizational Objectives through IT Governance Deployment – Part VI

Robert Davis — Mon, 26 Apr 2010 17:51:28 +0000

Governing an entity mandates management accurately conceptualize information criticality and communication paths. Reflective of the Australian/New Zealand Standard on Risk Management (AS/NZS ISO 31000:2009), risk management is an iterative process consisting of steps, which when taken in sequence, enable continual improvement in decision-making. It is also the logical and systematic method of identifying, analyzing, evaluating, treating, monitoring and conveying risks associated with any system, process, activity, or task in a way that will enable an entity to minimize losses and maximize opportunities. Consequently, management of risk represents the means by which an entity elects to administrate cataloged possibilities. As alternative responses, risks may be addressed by reducing, avoiding, transferring, or accepting potential threats. Specific to not-for-profit entities, these risks typically encompass: objective achievement, organizational credibility, equitable provision of services, and appropriate behavior of officials.

“View Part I of the Achieving Not-for-profit Organizational Objectives through IT Governance Deployment series here“

Achieving Not-for-profit Organizational Objectives through IT Governance Deployment – Part V

Robert Davis — Thu, 22 Apr 2010 18:34:47 +0000

Regarding supplemental value delivery design and development assistance, the Davis’ ‘Governance Tree’ offers a conceptual frame of reference for defining IT governance practices from an information and communication perspective; therefore enabling comprehensive process integration for value realization. Through the Davis’ Governance Tree, details demonstrating governance sub-domain influences can be documented utilizing specific processes and applicable controls. In addition, governance development discussions are enabled to convey evolutionary baselines necessary for measuring managerial progress. Once abstraction elements are understood, management’s role in providing strategic alignment impacting not-for-profit service delivery can be defined and enabled to address control objective deployment subscribing to IT governance mandates. Lastly, the Governance Tree can provide a comparative assessment of best practices for monitoring and evaluating IT governance strategic alignment.

“View Part I of the Achieving Not-for-profit Organizational Objectives through IT Governance Deployment series here“