IT Governance, Risk, and Compliance

Apr 19 2011   8:27PM GMT

Right-sizing IT Controls – Part IV

Robert Davis Robert Davis Profile: Robert Davis

Processes modify system elements deployed to assist in achieving IT program goals. When pursuing identification, process maps are a standard method to document all pertinent system information. Developmentally, process maps should include data, timing, methods, personnel, material, equipment, environment, inputs, outputs, and other relevant factors. Subsequently, each identified IT process must be defined to enable event expectation and causation analysis.

While documenting entity processes, internal as well as external responsibilities should be examined for synchronization to the IT mission. Depending on the control environment; control processes can range from top-heavy responsibility concentration with inaccurate measurements and employee opposition to widespread responsibility with accurate measurements and no employee opposition. Entity-IT organizational alignment determination, with processes identified, permits inefficient or ineffective IT units consolidation and/or elimination.

View Part I of the Right-sizing IT Controls series here

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: