it governance - openthinking day
DESCRIPTION
Understanding COBIT 5.0 (IT Governance) by Mr. Avinash Totade President of Information Systems Audit and Control Association (ISACA) UAE Chapter OpenThinking Day 2012TRANSCRIPT
12:00 PM – 12:15 PM Understanding COBIT 5.0 (IT Governance) Mr. Avinash TotadePresident of Information Systems Audit and Control Association (ISACA) UAE Chapter
Critical Skills for Auditors11:45 PM – 1:20 PM1.5 CPEs
IT Governance
Avinash Totade
B.Sc. B.E. CMA, CISA CISSP CGEIT
Chief Internal Auditor
Emirates Aluminium Company
President ISACA UAE Chapter
The leadership and organisational structures and processes that ensure that the organisation’s IT sustains and
extends the organisation strategies and objectives.
-- IT Governance Institute
What is IT Governance?
© Avinash Totade 17
• Planning IT projects involves an array of political, organizational, legal, technical, cultural, and personnel issues
• A robust governance structure ensures that the voices of stakeholders are heard, formalizes quality of decision making, and is the vehicle through which complex IT projects are effectively implemented.
Purpose of IT Governance
© Avinash Totade 18
• IT delivers value to the business• IT risks are managed
Outcomes Drivers
Value Delivery Risk Management Strategic Alignment Performance Measurement
Driven by Stakeholder value
Resource Management
Fundamental elements of I.T. Governance
© Avinash Totade 19
One of the goals of IT Governance is to align with the business objectives defined by Enterprise Governance.• Organisational goals are used as inputs to derive IT Goals,
Objectives, and Performance Metrics• Auditing processes are put in place to measure and analyse
the performance of the organisation.
IT Results
Chain
Organisational Goals and Objectives
IT Purpose (Mission / Vision)
IT Goals
IT Objectives
IT Measures IT Mgmt. and Staff Performance
Expectation
Measure, Analyse, and Communicate Performance
Measurement, Development, and
Alignment
Aligning Enterprise Objectives & ITIntroduction
© Avinash Totade 20
Value DeliveryStra
tegic
Alignment
ResourceManagement
Perfo
rman
ce
Man
agem
ent
Ris
k M
anag
emen
tI.T.Governance
FocusAreas
Executing the value proposition throughout the delivery cycle
Ensuring IT delivers the benefits in line with the strategy
Concentrating on optimising expenses & proving IT’s value
Controlling projects and processes with best practices to ensure success
Linking business and IT Defining, maintaining and
validating IT value proposition
Aligning IT operations with the enterprise operations
Using balanced scorecard to translate strategy into action to achieve goals
Tracking project delivery and monitoring IT KPIs
Measuring and reporting IT services
Optimal investment, use and allocation of resources, and capabilities (people, applications, infrastructure)
Optimising knowledge and IT infrastructure Knowing where and how to outsource
Clear understanding of enterprise’s appetite for risk and risk transparency
Embed risk management responsibilities in the operation
Safeguard of IT assets, disaster recovery and continuity of operations
IT Governance using ITGI FrameworkIntroduction
21
IT Governance in summary
• To align IT strategy to business strategy • To assure investors, shareholders and other stakeholders that
IT risks are being mitigated and managed• To obtain value from IT investments• To ensure that organizational structure facilitates the
implementation of strategy and goals• To create constrictive and sustainable relationships and
effective communication between business and IT, and with external partners
• For measuring IT performance• To support good Corporate Governance
22
Thank YouAvinash Totade
Chief Internal Auditor Emirates Aluminium Company President ISACA UAE Chapter
Email: [email protected]