12:00 PM – 12:15 PM Understanding COBIT 5.0 (IT Governance) Mr. Avinash TotadePresident of Information Systems Audit and Control Association (ISACA) UAE Chapter

Critical Skills for Auditors11:45 PM – 1:20 PM1.5 CPEs

IT Governance

Avinash Totade

B.Sc. B.E. CMA, CISA CISSP CGEIT

Chief Internal Auditor

Emirates Aluminium Company

President ISACA UAE Chapter

The leadership and organisational structures and processes that ensure that the organisation’s IT sustains and

extends the organisation strategies and objectives.

-- IT Governance Institute

What is IT Governance?

© Avinash Totade 17

• Planning IT projects involves an array of political, organizational, legal, technical, cultural, and personnel issues

• A robust governance structure ensures that the voices of stakeholders are heard, formalizes quality of decision making, and is the vehicle through which complex IT projects are effectively implemented.

Purpose of IT Governance

© Avinash Totade 18

• IT delivers value to the business• IT risks are managed

Outcomes Drivers

Value Delivery Risk Management Strategic Alignment Performance Measurement

Driven by Stakeholder value

Resource Management

Fundamental elements of I.T. Governance

© Avinash Totade 19

One of the goals of IT Governance is to align with the business objectives defined by Enterprise Governance.• Organisational goals are used as inputs to derive IT Goals,

Objectives, and Performance Metrics• Auditing processes are put in place to measure and analyse

the performance of the organisation.

IT Results

Chain

Organisational Goals and Objectives

IT Purpose (Mission / Vision)

IT Goals

IT Objectives

IT Measures IT Mgmt. and Staff Performance

Expectation

Measure, Analyse, and Communicate Performance

Measurement, Development, and

Alignment

Aligning Enterprise Objectives & ITIntroduction

© Avinash Totade 20

Value DeliveryStra

tegic

Alignment

ResourceManagement

Perfo

rman

ce

Man

agem

ent

Ris

k M

anag

emen

tI.T.Governance

FocusAreas

Executing the value proposition throughout the delivery cycle

Ensuring IT delivers the benefits in line with the strategy

Concentrating on optimising expenses & proving IT’s value

Controlling projects and processes with best practices to ensure success

Linking business and IT Defining, maintaining and

validating IT value proposition

Aligning IT operations with the enterprise operations

Using balanced scorecard to translate strategy into action to achieve goals

Tracking project delivery and monitoring IT KPIs

Measuring and reporting IT services

Optimal investment, use and allocation of resources, and capabilities (people, applications, infrastructure)

Optimising knowledge and IT infrastructure Knowing where and how to outsource

Clear understanding of enterprise’s appetite for risk and risk transparency

Embed risk management responsibilities in the operation

Safeguard of IT assets, disaster recovery and continuity of operations

IT Governance using ITGI FrameworkIntroduction

21

IT Governance in summary

• To align IT strategy to business strategy • To assure investors, shareholders and other stakeholders that

IT risks are being mitigated and managed• To obtain value from IT investments• To ensure that organizational structure facilitates the

implementation of strategy and goals• To create constrictive and sustainable relationships and

effective communication between business and IT, and with external partners

• For measuring IT performance• To support good Corporate Governance

22

Thank YouAvinash Totade

Chief Internal Auditor Emirates Aluminium Company President ISACA UAE Chapter

Email: avinash.totade@gmail.com