16. Level 0 ITIL Maturity Model (information from Pink Elephant) Awareness Process driven by tools Roles and responsibilities poorly defined Initiation Some policies statements Words no Docs No dedicated resources Absence No evidence of activities supporting the process Control Measurable Targets Mgmt Reports produced Formal Planning Tasks, responsibilities, well defined Integration Significant quality improvements Interdepartmental communications Quality & Per. Metrics transferred between processes Absence Level 1 Level 2 Level 3 Level 4 Level 5 Initiation Awareness Control Integration Optimization Optimization Links between IT & Corporate Policy Innovation QA & Continuous improvement World Class Perf. Measurements
23. ISO27001 Communications and Operations Management Organizational Security Security Policy Asset Classification and Control Business Continuity Management Access Control Physical and Environmental Security Personnel Security Systems Development and Maintenance Compliance COBiT Monitor and Support Acquire and Implement Plan and Organize Define and Support COSO Monitoring Internal Environment Risk Assessment Control Activities Information and Communications ITIL ICT Infrastructure Management Service Delivery / Support Business Perspective Planning to Implement Service Management Application Management Security Management Objective Setting Risk Response Event Identification
24. Modelo de Gobierno IT IT OPERATIONS IT Governance Quality Systems & Frameworks COBIT Service Mgmt. App. Dev. Project Mgmt. IT Planning IT Security Quality System COSO ITIL BS 7799 PMI ISO Six Sigma TSO IS Strategy ASL CMM Sarbanes Oxley US Securities & Exchange Commission