Implementing effective IT Governance and IT Management
Dit is een samenvatting van het vak IT in Control (Master Accountancy & Controlling). Deze samenvatting bestaat uit de boeken Accounting information systems (Romney & Steinbart), Implementing effective IT governance and IT (Selig) en 8 verplichte artikelen (zie de inhoudsopgave).
-Als jij net zo...
Selig - Implementing Effective IT Governance and IT Management
Summary Implementing Effective IT Governance and IT Management
Unit 3 Information Systems Assignment 3 Report; Pass, Merit, Distinction Achieved
All for this textbook (5)
Written for
Rijksuniversiteit Groningen (RuG)
Master Accountancy & Controlling
IT in Control (EBM191A05)
All documents for this subject (1)
1
review
By: louisevanderlaan • 3 year ago
Seller
Follow
bajelsma
Reviews received
Content preview
IT in Control Samenvatting
Inhoudsopgave
Week 1 - Strategy ....................................................................................................................... 2
Selig Chapter 1 – Introduction business/IT alignment ........................................................... 2
Selig Chapter 3 – Business/IT strategy alignment ................................................................. 8
Paper 1 – Henderson – Strategic Alignment Model ............................................................. 10
Paper 2 – Sabherwal – Dynamics of alignment ................................................................... 15
Week 1 - Governance ............................................................................................................... 16
Selig Chapter 2 – IT governance, best practice frameworks ................................................ 16
Selig Chapter 6 – IT Service Management, Execution management ................................... 25
Paper 3 – Hardy – COBIT .................................................................................................... 28
Paper 4 – Kerr – COBIT framework .................................................................................... 31
Paper 5 – Haes – IT in a major airline .................................................................................. 32
Week 2 – Outsourcing .............................................................................................................. 35
Selig Chapter 7 – Strategic sourcing & outsourcing ............................................................ 37
Selig Chapter 9 – Cloud computing ..................................................................................... 42
Paper 6 – Julisch – Security and control in the cloud .......................................................... 46
Week 3 – Cybercrime ............................................................................................................... 51
Romney Chapter 8 – Fraud and errors ................................................................................. 51
Romney Chapter 9 – Computer fraud and abuse techniques ............................................... 54
Week 4 – Security .................................................................................................................... 58
Romney Chapter 10 – Control and accounting information systems................................... 59
Romney Chapter 11 – Controls for information security ..................................................... 61
Week 5 – Privacy ..................................................................................................................... 63
Romney Chapter 12 – Confidentiality and privacy controls ................................................ 65
Romney Chapter 13 – Processing integrity and availability controls .................................. 72
Week 6 – Analytics .................................................................................................................. 75
Romney Chapter 4 – Relational databases ........................................................................... 76
Romney Chapter 11 – Auditing computer based information systems ................................ 78
Paper 7 – Chan – Innovation and practice of continuous auditing ....................................... 82
Paper 8 – Debrecenya – XML and XBRL ........................................................................... 85
,Week 1 - Strategy
- Selig - Chapter 1: Introduction to IT/Business Alignment, Planning, Execution and
Governance
- Selig - Chapter 3: Business/IT Alignment, Strategic Planning and Portfolio
Investment Management Excellence (Demand Management)
- Henderson, J.C.; Venkatraman, N. (1993). Strategic Alignment, Leveraging
Information technology for transforming organizations
- Sabherwal, R.; Hirschheim, R.; Goles, T. (2001). The Dynamics of Alignment,
Insights from a Punctuated Equilibrium Model
Selig Chapter 1 – Introduction business/IT alignment
Strategy is about the what question, whereas governance is about the how question. IT
strategy + IT governance = Business strategy. The following key business drivers are
currently very important: rapid changing technology, privacy, security and ethics (AVG),
continuous innovation.
There are three kinds of governance: enterprise, business and IT governance. Enterprise
governance represents the highest level of governance (board level). Business governance
represents the CEO, and other C-level staff. IT governance is represented by the CIO (Chief
Information Officer). Enterprise governance deals with the separation of ownership and
,control of the organization, whereas business governance focuses on the direction, control
and execution of the business plan and strategies. IT governance focuses on the direction,
control and execution of IT plans and strategies. Most organizations have the CIO function
integrated into the CFO function. This is bad because the CFO is mostly cost driven.
Major challenges for IT planning and governance:
More challenges on page 7 to 9.
Most important challenges:
Compliance (AVG), architecture
(cloud landscape), on demand
management (outsourcing),
security (cybercrime).
Definition, purpose and scope
Governance:
Governance formalizes and
clarifies oversight, accountability
and decision rights for a wide
array of IT strategy, resource and
control activities. It is a
collection of management,
planning and performance
review policies, practices and
processes with associated
decision rights, which establish authority, sponsorship, controls, a baseline and performance
metrics for investments, plans, major changes, security and etc.
The purpose of IT governance can be found on page 10, whereas the scope of IT governance
can be found on page 11. Page 12 shows who benefits from a good IT governance. Page 12
also shows the value propositions of IT governance.
, Successful IT governance is built upon three critical pillars. The pillars are:
If one of the above pillars is missing or ineffective, the IT governance will not be effective or
sustainable. In addition, over-dependence on one dimension over the others will result in sub-
optimal performance. Poor IT governance can lead to business losses and disruptions,
schedules not met, higher costs, poorer quality, unsatisfied customers, core business are
negatively affected and failure of IT to demonstrate its investment benefits or value
propositions.
Page 14, 15 and 16 talk about the implications of Sarbanes Oxley Act (SOX) and other
regulations on IT governance. This has not been covered during the lecture & screencasts.
Page 16 and 17 talks about the CEO role, and the two ways a CEO can go. The two ways are
Growth (maximize value proposition) and Optimize effectiveness & efficiency.
Page 17 and 18: How much governance is required and when is enough, enough?
To plan, develop, deploy and sustain a cost effective approach to IT governance, the blended
and integrated governance network consists of five critical IT governance must do’s. The
five work areas are:
1. Business strategy, plan and objectives (demand management): This involves the
development of the business strategy and plan which should drive the IT strategy and
plan.
2. IT strategy, plan and objectives (demand management): This should be based on
the business plan and objectives and will provide the direction and priorities of the IT
functions and resources. Including portfolio management investments, prioritization
scheme and identify decision rights on a wide variety of IT areas. The CIO is
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller bajelsma. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for £5.62. You're not tied to anything after your purchase.