IT Governance, Risk, and Compliance:

Value Delivery


February 21, 2012  9:28 PM

Auditing IT Governance – Part IV



Posted by: Robert Davis
Certified Information Systems Auditor, Certified Information Technology Professional, Certified Internal Auditor, Certified Internal Controls Auditor, Certified Public Accountant, External Audit, Internal Audit, IT Audit, ITG, Performance Measurement, Resource Management, Risk Management, Strategic Alignment, Value Delivery

IT governance audits normally have an organizational focus. ‘Organizational-based’ IT governance audits examine deployed frameworks, managerial issues, and departmental activities. However, if during...

February 17, 2012  8:50 PM

Auditing IT Governance – Part III



Posted by: Robert Davis
Certified Information Systems Auditor, Certified Information Technology Professional, Certified Internal Auditor, Certified Internal Controls Auditor, Certified Public Accountant, External Audit, Internal Audit, IT Audit, ITG, Performance Measurement, Resource Management, Risk Management, Strategic Alignment, Value Delivery

To prevent expectation misinterpretation, the IT governance engagement ‘terms of reference’ should minimally address engagement ambit, reporting lines, and IT audit authority. Specifically, IT governance functional areas and issues definitions; identified ‘highest-organization-level’...


February 17, 2012  8:43 PM

Auditing IT Governance – Part II



Posted by: Robert Davis
Certified Information Systems Auditor, Certified Information Technology Professional, Certified Internal Auditor, Certified Internal Controls Auditor, Certified Public Accountant, External Audit, Internal Audit, IT Audit, ITG, Performance Measurement, Resource Management, Risk Management, Strategic Alignment, Value Delivery

Reflective of ISACA standards and guidelines, the IT audit process should be replicated within for-profit and not-for-profit entities. “Topics which should be considered are set by COBIT in the IT Governance Management Guidelines.” However, an audit committee’s perceived mandate and mission...


February 10, 2012  9:36 PM

Auditing IT Governance – Part I



Posted by: Robert Davis
Certified Information Systems Auditor, Certified Information Technology Professional, Certified Internal Auditor, Certified Internal Controls Auditor, Certified Public Accountant, External Audit, Internal Audit, IT Audit, ITG, Performance Measurement, Resource Management, Risk Management, Strategic Alignment, Value Delivery

Governance supports stakeholder expectations related to management’s fiduciary responsibilities. Governance also reflects how an enterprise achieves its stated mission. Specifically, as presented in the Cadbury Committee...


July 27, 2010  3:28 PM

Not-for-profit Risk Management – Part VIII



Posted by: Robert Davis
COBIT, Educational Institutions, Enterprise Governance, Entity Governance, Governance Tree, Government Agencies, ICT, IT Architecture, IT Service Management, ITG, ITSM, Performance Measurement, Risk Assessment, Risk Management, Risk Tolerance, Strategic Planning, Value Delivery

Deploying Enterprise Governance bilaterally connected to IT Governance enables management to focus on value creation drivers that move an entity forward and sustain proper as well as adequate controls. ...


July 23, 2010  6:25 PM

Not-for-profit Risk Management – Part VII



Posted by: Robert Davis
COBIT, Educational Institutions, Enterprise Governance, Entity Governance, Governance Tree, Government Agencies, ICT, IT Architecture, IT Service Management, ITG, ITSM, Performance Measurement, Risk Assessment, Risk Management, Risk Tolerance, Strategic Planning, Value Delivery

Utilizing a maturity model can aid management in identifying risk issues. Procedurally, a maturity model provides a standard means to document and evaluate the state of controls. Collectively, the entity’s not-for-profit managers can contribute to...


July 20, 2010  5:10 PM

Not-for-profit Risk Management – Part VI



Posted by: Robert Davis
COBIT, Educational Institutions, Enterprise Governance, Entity Governance, Governance Tree, Government Agencies, ICT, IT Architecture, IT Service Management, ITG, ITSM, Performance Measurement, Risk Assessment, Risk Management, Strategic Planning, Value Delivery

An IT risk assessment consists of risk identification and risk analysis. For not-for-profit entities, risk identification includes examining external factors such as technological...


July 16, 2010  5:16 PM

Not-for-profit Risk Management – Part V



Posted by: Robert Davis
COBIT, Educational Institutions, Enterprise Governance, Entity Governance, Governance Tree, Government Agencies, ICT, IT Architecture, IT Service Management, ITG, ITSM, Performance Measurement, Risk Assessment, Risk Management, Strategic Planning, Value Delivery

Adequate risk management provides processes whereby the entity methodically addresses risks impacting the IT architecture with the goal of achieving sustained benefit from each IT configuration and across the


July 13, 2010  5:25 PM

Not-for-profit Risk Management – Part IV



Posted by: Robert Davis
COBIT, Educational Institutions, Enterprise Governance, Entity Governance, Governance Tree, Government Agencies, ICT, IT Architecture, IT Service Management, ITG, ITSM, Performance Measurement, Risk Assessment, Risk Management, Strategic Planning, Value Delivery

Management should monitor and evaluate the entity’s control system by reviewing the results generated through cyclical control activities and special evaluations. Cyclical control activities occur at regular intervals, yet they can vary in ambit. Cyclical control activities...


July 9, 2010  5:28 PM

Not-for-profit Risk Management – Part III



Posted by: Robert Davis
COBIT, Educational Institutions, Enterprise Governance, Entity Governance, Governance Tree, Government Agencies, ICT, IT Architecture, IT Service Management, ITG, ITSM, Performance Measurement, Risk Assessment, Risk Management, Strategic Planning, Value Delivery

To adequately govern not-for-profit IT, risk management must be addressed at multiple levels; including entity, project, and service layers.


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: