jumshat consultations & solutions governance, risk, and...
TRANSCRIPT
![Page 1: Jumshat Consultations & Solutions Governance, Risk, and ...jumshat.com/images/pdf/Jumshat_GRC-Portfolio.pdf · professional services and solutions in the Middle East region. We are](https://reader035.vdocuments.us/reader035/viewer/2022070804/5f0357837e708231d408bd17/html5/thumbnails/1.jpg)
Jumshat Consultations & Solutions Governance, Risk, and Compliance jumshat.com
![Page 2: Jumshat Consultations & Solutions Governance, Risk, and ...jumshat.com/images/pdf/Jumshat_GRC-Portfolio.pdf · professional services and solutions in the Middle East region. We are](https://reader035.vdocuments.us/reader035/viewer/2022070804/5f0357837e708231d408bd17/html5/thumbnails/2.jpg)
+962 6 515 5536 | [email protected]
1
Contents About Jumshat .............................................................................................................................................. 2
Consultations ................................................................................................................................................ 4
Information Technology Management and Governance: COBIT5 ® Implementation .............................. 5
COBIT® Consultancy Services .................................................................................................................... 6
What are the benefits of COBIT? .............................................................................................................. 6
How can COBIT help your organization to improve its overall performance and market position? ........ 7
How can Jumshat help you to succeed with COBIT? ................................................................................ 8
What is Risk Management? ...................................................................................................................... 9
M_o_R Framework ................................................................................................................................. 10
Managing risk for the long, medium or short-term ................................................................................ 11
Support ....................................................................................................................................................... 12
Consultation Support .............................................................................................................................. 13
Implementation Support ........................................................................................................................ 13
Training ....................................................................................................................................................... 14
COBIT5® Trainings ................................................................................................................................... 15
Risk Management Trainings .................................................................................................................... 15
Contact Us ............................................................................................................................................... 16
![Page 3: Jumshat Consultations & Solutions Governance, Risk, and ...jumshat.com/images/pdf/Jumshat_GRC-Portfolio.pdf · professional services and solutions in the Middle East region. We are](https://reader035.vdocuments.us/reader035/viewer/2022070804/5f0357837e708231d408bd17/html5/thumbnails/3.jpg)
+962 6 515 5536 | [email protected]
2
About Jumshat
Jumshat is an IT company with futuristic vision, established to provide world class solutions and professional services and solutions in the Middle East region. We are focused on doing right things with commitment to integrity and responsibility. Headquartered in Amman - Jordan, Jumshat is staffed by experienced and certified professionals with over 15 years combined experience. What Jumshat does? We help organizations to define and execute their IT Management strategies being the organization delivers a service, project or product. Jumshat can help organizations adopt the suitable framework and best practices which provides business value, for any organization size and maturity.
FIGURE 1 - JUMSHAT APPROACH
Jumshat’s approach to deliver value has four pillars and consultations is one of those pillars, Jumshat is equipped with a highly qualified team of certified professionals with global market experience in ITSM, COBIT, Project Management and Enterprise Architecture. Implementation is the second pillar of Jumshat’s approach, therefore Jumshat has partnered and became the exclusive distributer of CITSmart Enterprise ITSM, a PinkVerify certified for 13 processes. Support and Training are the other pillars of the approach that makes it a complete and comprehensive solution to add value to our customers.
![Page 4: Jumshat Consultations & Solutions Governance, Risk, and ...jumshat.com/images/pdf/Jumshat_GRC-Portfolio.pdf · professional services and solutions in the Middle East region. We are](https://reader035.vdocuments.us/reader035/viewer/2022070804/5f0357837e708231d408bd17/html5/thumbnails/4.jpg)
+962 6 515 5536 | [email protected]
3
Our Vision • To become a center of excellence for IT Management Services in the Middle East region.
Our Mission • Do the right things, doing things right.
Our Values • Delivering results of value • Leadership excellence • Growing with integrity
![Page 6: Jumshat Consultations & Solutions Governance, Risk, and ...jumshat.com/images/pdf/Jumshat_GRC-Portfolio.pdf · professional services and solutions in the Middle East region. We are](https://reader035.vdocuments.us/reader035/viewer/2022070804/5f0357837e708231d408bd17/html5/thumbnails/6.jpg)
+962 6 515 5536 | [email protected]
5
Information Technology Management and Governance: COBIT5 ® Implementation
Control Objective for Information Technology Management (COBIT® 5) is a framework that
allows enterprises achieve strategic goals and realize business benefits through the effective and
innovative use of technology. It helps organizations achieve operational excellence through
reliable and efficient application of technology and puts IT-related risk at an acceptable level.
Organizations can optimize the cost of IT service and technology by maintaining quality
information that supports business decisions through the COBIT® framework. It enables
information and related technology to be governed and managed in a holistic manner for the
entire enterprise, taking in the full end-to-end business and functional areas of responsibility,
considering the IT-related interests of internal and external stakeholders.
COBIT® 5 is the latest version of the standard. The framework is based on five principles which
are generic and useful for organizations of all sizes, whether public, private or non-profit. Its
comprehensiveness enables managers plug the gap between control requirements, technical
issues and business risks.
Our COBIT® 5 services include:
COBIT® 5 Assessment
We evaluate organizations’ Information Technology Management and Governance against the standard and propose remediation solutions.
COBIT® 5 Implementation
We implement COBIT® 5 framework for organizations, incorporating Information Technology Management and Governance structure into their system.
COBIT® 5 Trainings
We train and certify personnel on the following:
COBIT® 5 Awareness
COBIT® 5 Foundation
COBIT® 5 Implementation
COBIT® 5 Assessor
![Page 7: Jumshat Consultations & Solutions Governance, Risk, and ...jumshat.com/images/pdf/Jumshat_GRC-Portfolio.pdf · professional services and solutions in the Middle East region. We are](https://reader035.vdocuments.us/reader035/viewer/2022070804/5f0357837e708231d408bd17/html5/thumbnails/7.jpg)
+962 6 515 5536 | [email protected]
6
COBIT® Consultancy Services
Jumshat offer an expert COBIT consultancy service to help you start your project and keep it on track, as well as training courses, documentation toolkits and resources.
Everything is designed to help bridge the gap between control requirements, technical issues, and business risks in a way that supports your organization’s specific challenges when implementing COBIT.
COBIT enables clear policy development and good practice for IT control throughout organizations, emphasizing regulatory compliance whilst also helping you to increase the value attained from IT.
When properly implemented, the COBIT standard allows evaluation and control of the information environment so that it constantly contributes to the company’s operational and business objectives.
What are the benefits of COBIT? COBIT helps enterprises of all sizes to:
maintain high-quality information to support business decisions;
achieve strategic goals and realize business benefits through the effective and innovative use of IT;
achieve operational excellence through reliable, efficient application of technology;
maintain IT-related risk at an acceptable level;
optimise the cost of IT services and technology;
support compliance with relevant laws, regulations, contractual agreements and policies.
![Page 8: Jumshat Consultations & Solutions Governance, Risk, and ...jumshat.com/images/pdf/Jumshat_GRC-Portfolio.pdf · professional services and solutions in the Middle East region. We are](https://reader035.vdocuments.us/reader035/viewer/2022070804/5f0357837e708231d408bd17/html5/thumbnails/8.jpg)
+962 6 515 5536 | [email protected]
7
How can COBIT help your organization to improve its overall performance and market position?
COBIT implementation can make sound business sense in many situations, especially if you have
the following internal challenges that a framework of management controls can help you to
address:
COBIT enables clear policy development and good practice for IT control throughout
organizations.
Aligning IT strategy with the business strategy
Measuring IT performance
Providing assurance to investors and shareholders
that a ‘standard of due care’ around mitigating IT risks is
being met by the organisation
Meeting regulatory requirements for IT controls in areas such as privacy and financial reportingPutting in place measures that ensure
IT achieves its objectives
Making IT resilient enough to learn and adapt
Whether IT appropriately recognising opportunities
and acting upon them
Obtaining demonstrable value from IT investments
Managing the selection of service providers, service
outsourcing and acquisition
Managing the increasingly complex IT-related risks, such
as network security
Benchmarking to compare enterprise performance
against accepted standards and peers
![Page 9: Jumshat Consultations & Solutions Governance, Risk, and ...jumshat.com/images/pdf/Jumshat_GRC-Portfolio.pdf · professional services and solutions in the Middle East region. We are](https://reader035.vdocuments.us/reader035/viewer/2022070804/5f0357837e708231d408bd17/html5/thumbnails/9.jpg)
+962 6 515 5536 | [email protected]
8
How can Jumshat help you to succeed with COBIT?
Are you considering implementing COBIT in your organization, but are not sure how much work
will be involved and whether your existing management frameworks and control sets can be
adapted?
IT Governance can help you to understand the COBIT requirements, through a combination of
training (COBIT 5 Foundation Course), on-site workshops to explore IT-related risks in your
organization, and consultancy advice on control objectives and appropriate controls and
processes from COBIT all that supported by a tool which facilitates COBIT implementation in your
organization.
Our team can help you to plan the implementation of selected controls and processes,
providing the necessary documentation and assisting you with the other key activities during
the implementation phase.
We can also help you to transition from COBIT version 4.1 to version 5, and integrate COBIT
with other frameworks, such as ITIL (IT Service Management) and ISO27001 (Information
Security).
![Page 10: Jumshat Consultations & Solutions Governance, Risk, and ...jumshat.com/images/pdf/Jumshat_GRC-Portfolio.pdf · professional services and solutions in the Middle East region. We are](https://reader035.vdocuments.us/reader035/viewer/2022070804/5f0357837e708231d408bd17/html5/thumbnails/10.jpg)
+962 6 515 5536 | [email protected]
9
What is Risk Management?
Effective risk management can bring far-reaching benefits to all organizations, whether large or
small, public or private sector, as well as individuals managing projects or programs.
Effective risk management is likely to improve performance against objectives by
contributing to:
Fewer sudden shocks and unwelcome surprises
More efficient use of resources
Reduced waste
Reduced fraud
Better service delivery
Reduction in management time spent fire-fighting
Better management of contingent and maintenance activities
Lower cost of capital
Improved innovation
Increased likelihood of change initiatives being achieved
More focus internally on doing the right things properly
More focus externally to shape effective strategies.
![Page 11: Jumshat Consultations & Solutions Governance, Risk, and ...jumshat.com/images/pdf/Jumshat_GRC-Portfolio.pdf · professional services and solutions in the Middle East region. We are](https://reader035.vdocuments.us/reader035/viewer/2022070804/5f0357837e708231d408bd17/html5/thumbnails/11.jpg)
+962 6 515 5536 | [email protected]
10
M_o_R Framework M_o_R® is a route map for risk management, bringing together principles, an approach, a set of
interrelated processes, and pointers to more detailed sources of advice on risk management
techniques and specialisms.
It also provides advice on how these principles, approach and processes should be embedded,
reviewed and applied differently depending on the nature of the objectives at risk.
An effective framework based on four core concepts:
•these are essential for the development of good risk management practice. They are all derived from corporate governance principles in the recognition that risk management is a subset of an organization's internal controls.
M_o_R Principles:
•the principles need to be adapted and adopted to suit each individual organization. Accordingly, a company's approach to the principles needs to be agreed and defined within a risk management policy, process guide and strategies, and supported by the use of risk registers and issue logs.
M_o_R Approach:
•there are four main process steps, which describe the inputs, outputs and activities involved in ensuring that risks are identified, assessed and controlled.
M_o_R Processes:
•having put in place the principles, approach and processes, an organization needs to ensure they are consistently applied and that their application undergoes continual improvement in order for them to be effective.
Embedding and Reviewing M_o_R:
![Page 12: Jumshat Consultations & Solutions Governance, Risk, and ...jumshat.com/images/pdf/Jumshat_GRC-Portfolio.pdf · professional services and solutions in the Middle East region. We are](https://reader035.vdocuments.us/reader035/viewer/2022070804/5f0357837e708231d408bd17/html5/thumbnails/12.jpg)
+962 6 515 5536 | [email protected]
11
Managing risk for the long, medium or short-term Risk management should be most rigorously applied where critical decisions are being made.
Decisions about risk will vary depending on whether the risk relates to long-, medium- or short-
term goals.
Long-term - the risks associated with strategic decisions may not become apparent until well into the future. That's why it's essential to review these decisions and associated risks on a regular basis.
Medium-term - these goals are usually addressed through programs and projects to bring about business change. Decisions relating to medium-term goals are narrower in scope than strategic ones, particularly in terms of timeframe and financial responsibilities.
Short-term - at the operational level, the emphasis is on short-term goals to ensure ongoing continuity of business services; however, decisions about risk at this level must support the achievement of the long- and medium-term goals too.
![Page 14: Jumshat Consultations & Solutions Governance, Risk, and ...jumshat.com/images/pdf/Jumshat_GRC-Portfolio.pdf · professional services and solutions in the Middle East region. We are](https://reader035.vdocuments.us/reader035/viewer/2022070804/5f0357837e708231d408bd17/html5/thumbnails/14.jpg)
+962 6 515 5536 | [email protected]
13
Consultation Support
Your business will be continuously supported by Jumshat :
Implementation Support
By a highly qualified professional team, Jumshat provides L1, L2 and L3 support for implemented
tools.
Make continuous improvements a reality in
your organization.
Assign maturity level targets for each process, allowing
the identification of bottlenecks.
Keep track of previous evaluations so you can
compare progress – Direct its efforts for continuous
improvement.
Service improvement analysis carried out by a
Jumshat consultant provides recommendations
to assist in the rapid achievement of maturity.
![Page 16: Jumshat Consultations & Solutions Governance, Risk, and ...jumshat.com/images/pdf/Jumshat_GRC-Portfolio.pdf · professional services and solutions in the Middle East region. We are](https://reader035.vdocuments.us/reader035/viewer/2022070804/5f0357837e708231d408bd17/html5/thumbnails/16.jpg)
+962 6 515 5536 | [email protected]
15
COBIT5® Trainings • COBIT® 5 Awareness
• COBIT® 5 Foundation
Risk Management Trainings
M_o_R ® is a registered Trade Mark of AXELOS Limited. COBIT® are registered trademarks of ISACA.
![Page 17: Jumshat Consultations & Solutions Governance, Risk, and ...jumshat.com/images/pdf/Jumshat_GRC-Portfolio.pdf · professional services and solutions in the Middle East region. We are](https://reader035.vdocuments.us/reader035/viewer/2022070804/5f0357837e708231d408bd17/html5/thumbnails/17.jpg)
+962 6 515 5536 | [email protected]
16
Contact Us Phone: +962 (6) 515.5536
Email: [email protected]
Web: jumshat.com
/jumshat
Jumshat Consultations & Solutions
125 Yajouz St., Office 507
Al Jubaiha, Amman
Jordan