Slide 1 - ISACA Sri Lanka ChapterPresentation Transcript
IT Governance Frameworks Kamal Wickramanayake IT Architect – Software View email@example.com - http://www.swview.org/ ISACA CXO Forum: Business Governance of Information Technology – The CXOs' Perspective 29 th of April, 2009, Hotel Galadari, Colombo, Sri Lanka
Special Note Most of the images that were in the original slides were removed before the slides were made public. This was done due to restrictions imposed by copyright and intellectual property laws. Links have been provided at appropriate places so that you can download and view those images from the sources.
International Standard for “Corporate governance of Information Technology”
ISO/IEC 38500:2008 – Model Figure removed before the slides were made available to the public. Interested in looking at it? Follow the steps below: 1. Download the pdf “ITGI Enables IS0-IEC 38500-2008 Adoption” from ISACA web site: http://www.isaca.org/ContentManagement/ContentDisplay.cfm?ContentID=47865 2. Look at Figure 01.
ISO/IEC 38500:2008 - Guidance
Evaluate Direct Monitor
Identify controls used in process design to mitigate risks
Don't give the details around how to design the controls
COBIT ® Characteristics Process Oriented Business Focused Controls Based Measurement Driven
COBIT ® – Business Focus Figure removed before the slides were made available to the public. Interested in looking at it? Follow the steps below: 1. Visit http://www.isaca.org/cobit and download the pdf “COBIT 4.1 Executive Summary and Framework”. 2. Look at Figure 06.
TOGAF TM – As an EA Framework Figure removed before the slides were made available to the public. Interested in looking at it? Follow the steps below: 1. Visit http://www.opengroup.org/architecture/togaf8-doc/arch/ and click on “Introduction to the ADM” (Link appears under left hand side “Chapter Listing”). 2. Look at the first figure with yellow color circles.
COBIT ® Overall Framework
Please turn to page no 26 of the booklet “COBIT 4.1 Excerpt”
PDF version is available on-line for free
To optimize the realization of value from IT investments
Complements COBIT from a business and financial perspective
Val IT – Process Breakdown Figure removed before the slides were made available to the public. Interested in looking at it? Follow the steps below: 1. Download the pdf “The Val IT Framework 2.0 - (Extract)” from ISACA web site: http://www.isaca.org/Template.cfm?Section=COBIT6&Template=/ContentManagement/ContentDisplay.cfm&ContentID=43843 2. Look at Figure 10.
Codifies IT Service Management (ITSM) with service lifecycles, best practices
Very much focused on improving the quality of services
ITIL - Guidance Service Strategy Service Transition Service Operation Continuous Service Improvement Service Design
International standard for ITSM
20000-1: Identifies standard itself, how to accredit?
20000-2: Code of practice (opportunities for improvement)
Based on ITIL (v2)
International standard for information security
27001: Requirements for the standard
27002: Code of practice
ISO 9000, Lean Six Sigma
ISO 9000: Help define a quality management system
Lean Six Sigma: Combined quality management approach (move faster, create value, reduce defects and rework)