Enviar pesquisa
Carregar
5. cobit 4 1 assessmnt present. techniques
•
Transferir como PPTX, PDF
•
2 gostaram
•
1,573 visualizações
A
Abuallia
Seguir
Negócios
Tecnologia
Denunciar
Compartilhar
Denunciar
Compartilhar
1 de 10
Baixar agora
Recomendados
SharePoint quickstart
SharePoint quickstart
Infogain
Integrated ERP
Integrated ERP
kprao1979
M2MSys ITIL Executive Summary
M2MSys ITIL Executive Summary
Filipe Pinto
P 001 Titan Corporate Overview For Customers Aug09 V4
P 001 Titan Corporate Overview For Customers Aug09 V4
jborne2222
Business Intelligence Solutions
Business Intelligence Solutions
Estuate, Inc.
ITS 1 Page Overview
ITS 1 Page Overview
ITS Partners
Unit4 Overview Brochure
Unit4 Overview Brochure
Kimbellunit4
Introduction
Introduction
Peleg
Recomendados
SharePoint quickstart
SharePoint quickstart
Infogain
Integrated ERP
Integrated ERP
kprao1979
M2MSys ITIL Executive Summary
M2MSys ITIL Executive Summary
Filipe Pinto
P 001 Titan Corporate Overview For Customers Aug09 V4
P 001 Titan Corporate Overview For Customers Aug09 V4
jborne2222
Business Intelligence Solutions
Business Intelligence Solutions
Estuate, Inc.
ITS 1 Page Overview
ITS 1 Page Overview
ITS Partners
Unit4 Overview Brochure
Unit4 Overview Brochure
Kimbellunit4
Introduction
Introduction
Peleg
Soa207
Soa207
srni kondapaneni
COBIT 5 & 4.1 Comparison
COBIT 5 & 4.1 Comparison
Anthony Dehnashi
Russia - Application Management
Russia - Application Management
Application Management
Itil 2011 Mind Maps
Itil 2011 Mind Maps
Hussein Elmenshawy
GXS Strategy
GXS Strategy
mramos12995
Taking a Performance-Based Services Approach to Improve the Effectiveness of ...
Taking a Performance-Based Services Approach to Improve the Effectiveness of ...
Alan McSweeney
Sharepoint webinar
Sharepoint webinar
Infogain
KPIwoven from NavisRx
KPIwoven from NavisRx
Kedar_BAGUL
Child Wear Ea Blueprint V0.7
Child Wear Ea Blueprint V0.7
Balaji Balasubramanian
EBI Presentation 2011
EBI Presentation 2011
Rod Kimber
JSoft Corporate presentation
JSoft Corporate presentation
JSoft Solutions Ltd.
MEGA Webinar - PwC - Baker/Tong - EA & GRC, Separated at Birth
MEGA Webinar - PwC - Baker/Tong - EA & GRC, Separated at Birth
David Baker
Heizer 02
Heizer 02
Rizwan Khurram
Ch07
Ch07
Khaled Musheeb
Heizer 07
Heizer 07
Rizwan Khurram
What is EA In a Nutshell
What is EA In a Nutshell
Anthony Dehnashi
Heizer supp 07
Heizer supp 07
Rizwan Khurram
Optimized Business Processes in the Age of Cloud Computing
Optimized Business Processes in the Age of Cloud Computing
Oracle Day
Fusion Middleware 11g Keynote Foundation For Innovation
Fusion Middleware 11g Keynote Foundation For Innovation
Mark Rabne
Silicus share point-overview-slideshare2
Silicus share point-overview-slideshare2
Silicus Technologies
Itil v3
Itil v3
Peleg
Optimising and prioritising your SDLC using business intelligence
Optimising and prioritising your SDLC using business intelligence
Kurt Solarte
Mais conteúdo relacionado
Mais procurados
Soa207
Soa207
srni kondapaneni
COBIT 5 & 4.1 Comparison
COBIT 5 & 4.1 Comparison
Anthony Dehnashi
Russia - Application Management
Russia - Application Management
Application Management
Itil 2011 Mind Maps
Itil 2011 Mind Maps
Hussein Elmenshawy
GXS Strategy
GXS Strategy
mramos12995
Taking a Performance-Based Services Approach to Improve the Effectiveness of ...
Taking a Performance-Based Services Approach to Improve the Effectiveness of ...
Alan McSweeney
Sharepoint webinar
Sharepoint webinar
Infogain
KPIwoven from NavisRx
KPIwoven from NavisRx
Kedar_BAGUL
Child Wear Ea Blueprint V0.7
Child Wear Ea Blueprint V0.7
Balaji Balasubramanian
EBI Presentation 2011
EBI Presentation 2011
Rod Kimber
JSoft Corporate presentation
JSoft Corporate presentation
JSoft Solutions Ltd.
MEGA Webinar - PwC - Baker/Tong - EA & GRC, Separated at Birth
MEGA Webinar - PwC - Baker/Tong - EA & GRC, Separated at Birth
David Baker
Heizer 02
Heizer 02
Rizwan Khurram
Ch07
Ch07
Khaled Musheeb
Heizer 07
Heizer 07
Rizwan Khurram
What is EA In a Nutshell
What is EA In a Nutshell
Anthony Dehnashi
Heizer supp 07
Heizer supp 07
Rizwan Khurram
Optimized Business Processes in the Age of Cloud Computing
Optimized Business Processes in the Age of Cloud Computing
Oracle Day
Fusion Middleware 11g Keynote Foundation For Innovation
Fusion Middleware 11g Keynote Foundation For Innovation
Mark Rabne
Silicus share point-overview-slideshare2
Silicus share point-overview-slideshare2
Silicus Technologies
Mais procurados
(20)
Soa207
Soa207
COBIT 5 & 4.1 Comparison
COBIT 5 & 4.1 Comparison
Russia - Application Management
Russia - Application Management
Itil 2011 Mind Maps
Itil 2011 Mind Maps
GXS Strategy
GXS Strategy
Taking a Performance-Based Services Approach to Improve the Effectiveness of ...
Taking a Performance-Based Services Approach to Improve the Effectiveness of ...
Sharepoint webinar
Sharepoint webinar
KPIwoven from NavisRx
KPIwoven from NavisRx
Child Wear Ea Blueprint V0.7
Child Wear Ea Blueprint V0.7
EBI Presentation 2011
EBI Presentation 2011
JSoft Corporate presentation
JSoft Corporate presentation
MEGA Webinar - PwC - Baker/Tong - EA & GRC, Separated at Birth
MEGA Webinar - PwC - Baker/Tong - EA & GRC, Separated at Birth
Heizer 02
Heizer 02
Ch07
Ch07
Heizer 07
Heizer 07
What is EA In a Nutshell
What is EA In a Nutshell
Heizer supp 07
Heizer supp 07
Optimized Business Processes in the Age of Cloud Computing
Optimized Business Processes in the Age of Cloud Computing
Fusion Middleware 11g Keynote Foundation For Innovation
Fusion Middleware 11g Keynote Foundation For Innovation
Silicus share point-overview-slideshare2
Silicus share point-overview-slideshare2
Semelhante a 5. cobit 4 1 assessmnt present. techniques
Itil v3
Itil v3
Peleg
Optimising and prioritising your SDLC using business intelligence
Optimising and prioritising your SDLC using business intelligence
Kurt Solarte
Webhomes what we do v1.3
Webhomes what we do v1.3
Peter Ashworth
Microsoft Business Intelligence Vision and Strategy
Microsoft Business Intelligence Vision and Strategy
Nic Smith
Frameworks detail
Frameworks detail
Angela Ruthenberg
Data center flexibility and efficiency: increasing the business value of IT
Data center flexibility and efficiency: increasing the business value of IT
IBM India Smarter Computing
Bridging the c suite gap
Bridging the c suite gap
Interop
Webhomes - What We Do
Webhomes - What We Do
Peter Ashworth
Unleashing Business Innovation with Integrated Service Management - IBM Smart...
Unleashing Business Innovation with Integrated Service Management - IBM Smart...
IBM Sverige
[WSO2 API Day Chicago 2019] Pace Layering to Prioritize Business Initiatives ...
[WSO2 API Day Chicago 2019] Pace Layering to Prioritize Business Initiatives ...
WSO2
ITIL service design
ITIL service design
Robert Edward Pinnington
Final introduction
Final introduction
Peleg
01-COBIT5-ExecSummary
01-COBIT5-ExecSummary
marquezricardo
Company profile presentation
Company profile presentation
Satya Patri
IT Rationalization: Leveraging Service-Oriented Abstraction
IT Rationalization: Leveraging Service-Oriented Abstraction
Bob Rhubart
Option One Case Study
Option One Case Study
David Donaldson
Tatakelola Teknologi Informasi
Tatakelola Teknologi Informasi
Cahyo Darujati
Itil the basics
Itil the basics
MaryFrances Schurb
ITIL basics
ITIL basics
Mandar Kharkar
Business Modeling and the Business Analyst
Business Modeling and the Business Analyst
Patrick van Abbema, PMP, CBAP, CSP
Semelhante a 5. cobit 4 1 assessmnt present. techniques
(20)
Itil v3
Itil v3
Optimising and prioritising your SDLC using business intelligence
Optimising and prioritising your SDLC using business intelligence
Webhomes what we do v1.3
Webhomes what we do v1.3
Microsoft Business Intelligence Vision and Strategy
Microsoft Business Intelligence Vision and Strategy
Frameworks detail
Frameworks detail
Data center flexibility and efficiency: increasing the business value of IT
Data center flexibility and efficiency: increasing the business value of IT
Bridging the c suite gap
Bridging the c suite gap
Webhomes - What We Do
Webhomes - What We Do
Unleashing Business Innovation with Integrated Service Management - IBM Smart...
Unleashing Business Innovation with Integrated Service Management - IBM Smart...
[WSO2 API Day Chicago 2019] Pace Layering to Prioritize Business Initiatives ...
[WSO2 API Day Chicago 2019] Pace Layering to Prioritize Business Initiatives ...
ITIL service design
ITIL service design
Final introduction
Final introduction
01-COBIT5-ExecSummary
01-COBIT5-ExecSummary
Company profile presentation
Company profile presentation
IT Rationalization: Leveraging Service-Oriented Abstraction
IT Rationalization: Leveraging Service-Oriented Abstraction
Option One Case Study
Option One Case Study
Tatakelola Teknologi Informasi
Tatakelola Teknologi Informasi
Itil the basics
Itil the basics
ITIL basics
ITIL basics
Business Modeling and the Business Analyst
Business Modeling and the Business Analyst
Último
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Service
ritikaroy0888
Call Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room Service
discovermytutordmt
Tech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth Marketing
Shawn Pang
Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usage
Matteo Carbone
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 May
NZSG
Pharma Works Profile of Karan Communications
Pharma Works Profile of Karan Communications
karancommunications
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSM
Ravindra Nath Shukla
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
Call Girls in Delhi
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
Seo
M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.
Aaiza Hassan
HONOR Veterans Event Keynote by Michael Hawkins
HONOR Veterans Event Keynote by Michael Hawkins
Michael W. Hawkins
Regression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear Regression
Ravindra Nath Shukla
BEST ✨ Call Girls In Indirapuram Ghaziabad ✔️ 9871031762 ✔️ Escorts Service...
BEST ✨ Call Girls In Indirapuram Ghaziabad ✔️ 9871031762 ✔️ Escorts Service...
noida100girls
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
Tina Ji
7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...
Paul Menig
Grateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdf
Paul Menig
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
anilsa9823
GD Birla and his contribution in management
GD Birla and his contribution in management
chhavia330
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
divyansh0kumar0
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Lviv Startup Club
Último
(20)
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room Service
Tech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth Marketing
Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usage
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 May
Pharma Works Profile of Karan Communications
Pharma Works Profile of Karan Communications
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSM
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.
HONOR Veterans Event Keynote by Michael Hawkins
HONOR Veterans Event Keynote by Michael Hawkins
Regression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear Regression
BEST ✨ Call Girls In Indirapuram Ghaziabad ✔️ 9871031762 ✔️ Escorts Service...
BEST ✨ Call Girls In Indirapuram Ghaziabad ✔️ 9871031762 ✔️ Escorts Service...
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...
Grateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdf
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
GD Birla and his contribution in management
GD Birla and his contribution in management
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
5. cobit 4 1 assessmnt present. techniques
1.
Assessor Examples of
Presentation Techniques This document contains sample templates and examples that can be used to support the assessment activities described in the publication COBIT ® 4.1 Assessor Guide: Using COBIT ® 4.1, especially process improvement and board presentations. The focus is on providing guidance to assessors on how to present assessment results. It is complementary to the other templates and tools provided in this tool kit. It should be noted that the examples are intended to be generic and simple to use. They should be used as a foundation to be extended and tailored to suit the unique needs of a particular enterprise. The tools for many of the examples outlined here have not been developed. These will be considered for further development when the COBIT assessment programme matures. It should also be noted that many of these examples have been presented in previous tool kits, such as the tool kit for Implementing and Continuously Improving IT Governance. © 2011 ISACA. All rights reserved. © 2011 ISACA. All rights reserved. 1
2.
Example of Business
Goals Questionnaire Business Goals Questionnaire Main Menu Score each of the following business goals on a relative scale from 1 (not important) to 10 (most important). This means that the most important goals are scored 10 and the less important goals Score are scored 1. 1 Provide a good return on investment of IT-enabled business investments 10 Financial 2 Manage IT-related business risk 1 6 3 Improve corporate governance and transparency 8 4 Improve customer orientation and service 10 5 Offer competitive products and services 5 6 Establish service continuity and availability 2 Customer 7 7 Create agility in responding to changing business requirements (time to market) 8 8 Achieve cost optimisation of service delivery 10 9 Obtain reliable and useful information for strategic decision making 8 10 Improve and maintain business process functionality 10 11 Lower process costs 5 12 Provide compliance with external laws, regulations and contracts 4 Internal 6 13 Provide compliance with internal policies 9 14 Manage business change 6 15 Improve and maintain operational and staff productivity 1 16 Manage product and business innovation 3 Learning 5 17 Acquire and maintain skilled and motivated people 7 6.3 Avg © 2011 ISACA. All rights reserved. 2
3.
Example Heat Map:
Example of IT Process Questionnaire IT Goals Questionnaire Main Menu Each of the following IT goals is scored on a scale from 1 (not important) to 10 (most important) based on the business goals scoring. The IT goals scores are automatically calculated based on the business goals Score scores and filled in by the system. 1 Respond to business requirements in alignment with the business strategy 7 2 Respond to business requirements in line with board direction 6 3 Ensure satisfaction of end users with service offerings and service levels 10 4 Optimise use of information 8 5 Create IT agility 6 Define how business functional and control requirements are translated in effective and efficient automated 6 8 solutions 7 Acquire and maintain integrated and standardised application systems 7 8 Acquire and maintain an integrated and standardised IT infrastructure 5 9 Acquire and maintain IT skills that respond to the IT strategy 7 10 Ensure mutual satisfaction of third-party relationships 6 11 Seamlessly integrate applications and technology solutions into business processes 6 12 Ensure transparency and understanding of IT cost, benefits, strategy, policies and service levels 8 13 Ensure proper use and performance of the applications and technology solutions 5 14 Account for and protect all IT assets 1 15 Optimise the IT infrastructure, resources and capabilities 5 16 Reduce solution and service delivery defects and rework 2 17 Protect the achievement of IT objectives 1 18 Establish clarity of business impact of risk to IT objectives and resources 5 19 Ensure critical and confidential information is withheld from those who should not have access to it 3 20 Ensure automated business transactions and information exchanges can be trusted 4 Ensure IT services and the IT infrastructure can properly resist and recover from failures due to error, 21 3 deliberate attack or disaster 22 Ensure minimum business impact in the event of an IT service disruption or change 2 23 Make sure that IT services are available as required 6 24 Improve IT's cost-efficiency and its contribution to business profitability 8 25 Deliver projects on time and on budget, meeting quality standards 6 26 Maintain the integrity of information and processing infrastructure 6 27 Ensure IT compliance with laws, regulations and contracts 4 Ensure that IT demonstrates cost-efficient service quality, continuous improvement and readiness for future 28 5 change © 2011 ISACA. All rights reserved. 5.2 Avg 3
4.
Example of Spider
Charts PO1 Maturity 3.50 ME1 PO3 3.00 DS11 PO5 Benchmark 2.50 2.00 DS10 PO9 Results by 1.50 1.00 large medium Enterprise DS5 PO10 small Size DS4 AI1 DS1 AI2 AI6 AI5 PO1 PO1 3.50 PO1 3.50 ME1 PO3 3.50 ME1 PO3 3.00 ME1 PO3 3.00 DS11 PO5 3.00 DS11 PO5 2.50 DS11 2.50 PO5 2.50 2.00 2.00 DS10 PO9 2.00 DS10 PO9 1.50 DS10 PO9 1.50 1.50 1.00 1.00 DS5 PO10 1.00 DS5 PO10 DS5 PO10 DS4 AI1 DS4 AI1 DS4 AI1 DS1 AI2 DS1 AI2 DS1 AI2 AI6 AI5 AI6 AI5 AI6 AI5 Large Medium Small © 2011 ISACA. All rights reserved 4
5.
Examples of a
Spider Chart PO Plan and Organise PO1 Define a Target Strategic IT Plan 5.0 Current PO10 Manage PO2 Define the Projects 4.0 Information… 3.0 PO9 Assess and 2.0 PO3 Determine Manage IT Risks 1.0 Technological… 0.0 PO8 Manage PO4 Determine the Quality IT… PO7 Manage IT PO5 Manage the IT DS Deliver and Support Human Resources Investment PO6 Communicate Management… DS1 Define and Manage Service… DS13 Manage 5.0 DS2 Manage Operations Third Party… 4.0 DS12 Manage the DS3 Manage 3.0 Physical… Performance… 2.0 DS11 Manage 1.0 DS4 Ensure Target Data Continuous… 0.0 Current DS10 Manage DS5 Ensure Problems Systems Security DS9 Manage the DS6 Identify and Configuration Allocate Costs DS8 Manage DS7 Educate and Service Desk… Train Users © 2011 ISACA. All rights reserved. 5
6.
Example Current vs.
Target State Process Capability Levels for Processes in Scope Current vs. Short- and Long-Term Target Process Process Capability Levels PO3 Short-Term Target 5 ME4 PO4 Longer-Term Target Current Level 4 DS13 PO8 3 2 DS9 PO10 1 0 DS8 AI1 DS7 AI2 DS3 AI3 AI5 AI4 © 2011 ISACA. All 2011 ISACA. All rights reserved. © rights reserved. 6
7.
Example in Report
Template D.3 of Assessor Guide Current and Target Capability 0.0 1.0 2.0 3.0 4.0 5.0 6.0 PO1 Define a Strategic IT Plan 2.0 3.0 1.0 3.0 PO Plan & Organise PO3 Determine Technological Direction 3.0 5.0 2.0 3.0 PO5 Manage the IT Investment 1.0 2.0 2.0 3.0 PO7 Manage IT Human Resources 1.0 3.0 2.0 PO9 Assess and Manage IT Risks 2.0 3.0 1.0 4.0 AI1 Identify Automated Solutions 2.0 3.0 AI Acquire and 2.0 3.0 Implement AI3 Acquire and Maintain Technology 1.0 3.0 2.0 3.0 AI5 Procure IT Resources 2.0 3.0 2.0 3.0 AI7 Install and Accredit Solutions and Changes 2.0 3.0 2.0 3.0 DS2 Manage Third Party Services 2.0 3.0 2.0 3.0 DS Deliver and Support DS4 Ensure Continuous Service 2.0 3.0 2.0 3.0 DS6 Identify and Allocate Costs 2.0 3.0 2.0 3.0 DS8 Manage Service Desk and Incidents 3.0 2.0 3.0 DS10 Manage Problems 2.0 3.0 2.0 3.0 DS12 Manage the Physical Environment 2.0 3.0 2.0 3.0 ME1 Monitor and Evaluate IT Performance 2.0 3.0 Evaluate Monitor 2.0 3.0 and ME ME3 Ensure Compliance with External Requirements 1.0 2.0 2.0 Target Current © 2011 ISACA. All rights reserved. 7
8.
Excel Spreadsheet Template
Summary Results Achieved Capability Level PROCESS Process 1 2 3 4 5 Process Purpose ID Description Performed Managed Established Predictable Optimising Satisfy the business requirement of Identify identifying automated solutions that AI1 Automated translate business functional and F Solutions control requirements into effective and efficient solutions Satisfy the business requirement of Acquire and aligning available applications with Maintain business and security requirements, AI2 and doing so in a timely manner and F L Application Software at a reasonable cost. Satisfy the business requirement of providing satisfactory third-party Manage Third services while being transparent DS2 L Parties about benefits, costs and risk. Satisfy the business requirement of maintaining the confidentiality, Manage integrity and availability of DS5 Information information and the processing F F L Security infrastructure aligned to business needs and minimizing the impact of security vulnerabilities. Satisfy the business requirement of optimizing the use of information DS11 Manage Data and ensuring that information is L available as required. © 2011 ISACA. All rights reserved. 8
9.
Example Assessment of
Improvement Opportunities Ref Improvement Opportunity Process Benefit (L, Cost Ease of M, H) (L, M, H) implementation (L, M, H) 1 Define service level agreements with business, with DS1 H M M assigned responsibilities and accountabilities, as well as a reporting framework 2 Document and formalise the IT continuity plan DS4 H M M 3 Run an awareness campaign on core security policies DS5 M L H 4 Standardise the incident management process across DS8 H H L business units 5 Formalise benchmarking against key competitors and ME1 M M L peers © 2011 ISACA. All rights reserved. 9
10.
Example Analysis of
Selected Improvements Define service level agreements with business, with assigned responsibilities and Opportunity accountabilities, as well as a reporting framework Objectives and scope Approach Resources required Total Activities Duration (elapsed) Full-time equivalent (FTE) • dedicated resources •Business 1.4 Deliverables •IT 2.3 • Estimated cost and duration Summary of benefits Implementation cost (one-off) Recurring costs Quantifiable • • Other benefits • Dependencies and risks Risks and dependencies Mitigating factors • © 2011 ISACA. All rights reserved. 10
Baixar agora