SlideShare a Scribd company logo

It Governance in time of Covid-19

Download as PPTX, PDF
R
Rudy Shoushany

It Governance in time of Covid-19 by Rudy Shoushany Presentation done for IIA ACFE (Jordan Egypt Lebanon), Isaca chapter Jordan

Technology
1 of 27
ICT Governance in time of covid-19 July 1 2020
Rudy Shoushany ICT Governance , Strategies, CyberSecurity, Digital Transformation
• Technology plays key role in current/rebuilding economies and cooperation* in/after COVID-19 pandemic • Companies, Governments & Society* needs to make full use of digital technologies to confront the COVID-19 pandemic • Risks & Challenges arise on Resilience, Recovery, the New Reality of WFH & safety of staff ( Auditing, IT operations, Security, Privacy, Capacity, Continuity…)
WHAT DO WE NEED?
• IT Governance Framework have already been implemented at the organisational level in many countries • Central bank of Lebanon (Circulars, BCC 222/2000 General guide for IT Security, 272, 1s44/2017 Cybercrime, 123/2008 Business Continuity Plan. 272/2011 Security of information technology systems ,146/2018 GDPR, Law 81/2018 electronic signature and privacy) but missing updated of old BCC 222/2000 and organization structures. • Central Bank of Jordan regulations number No.:(65/2016) its adjustments number )984-6-10( • Egypt, I have not seen anything related to ICT governance the Egypt 2030 plan only mentions it but no details • Implementing IT governance at the national level will deliver better benefits to the Organizations.
• Information & Communication Technology Governance framework (or I&T governance framework) is a type of framework that defines the ways, structures and methods through which an organisation can implement, manage, direct and monitor IT governance.
COBIT defines the components to build and sustain a governance system
IT Governance is concerned with value delivery from digital transformation and the mitigation of business risk that results from digital transformation. More specifically, three main outcomes can be expected after successful adoption of IT Governance: Benefits realization—This consists of creating value for the enterprise through I&T, maintaining and increasing value derived from existing I&T investments, and eliminating IT initiatives and assets that are not creating sufficient value.
Risk optimization—This entails addressing the business risk associated with the use, ownership, operation, involvement, influence and adoption of I&T within an enterprise. I&T-related business risk consists of I&T-related events that could potentially impact the business. Resource optimization—This ensures that the appropriate capabilities are in place to execute the strategic plan and sufficient, appropriate and effective resources are provided.
In the light of digital transformation and now Covid-19, information and technology (I&T) have become crucial in the support, sustainability, growth of enterprises and maybe survival. Previously, governing boards (boards of directors) and senior management could delegate, ignore or avoid I&T-related decisions. In most sectors and industries, such attitudes are now ill advised.
Challenges So what were the challenges of the Board and executives in this uncertain time : Travel restrictions, social distancing quarantines, and other measures will often hinder a physical meeting of the board or shareholders. Not to speak of the fact that some directors or shareholders might become infected by COVID-19.
Questions and lessons • Was there a I&T Governance part of BOD? ▫ If yes was it effectively managed • Was communication secured timely due to disruption of traditional channels or needed new technologies to support it • Did Board meetings occur? • Legalities of remote boards, and document signing, was eSignature introduced
COVID-19 is testing boards in all areas of responsibility
Risk oversight is key as new and unforeseen issues emerge • One of the primary responsibilities of the board of directors is risk oversight. Boards must understand the risks facing the companies they oversee, and they must ensure that management has implemented appropriate measures to identify, monitor, and manage those risks. For example, as a result of COVID-19, companies have had to implement their pre-pandemic business continuity plans, as physical distancing and work-from- home policies have become the norm. Companies that had invested in more comprehensive business continuity planning and technology before the pandemic may have had an advantage in managing the crisis so far.
• In particular, boards may find companies exposed to new risks related to Services disruptions, capital allocation, Assets, liquidity, cybersecurity, and key person risk. Not to mention risks to firms’ reputations if they fail to meet emerging best practices on communication and treatment of employees. Over the long term, we expect boards to take a critical look at the effectiveness of their companies’ risk policies to ensure they are prepared for a wide variety of potential risk events
What are the main COBIT objective/Process needed? Managed Assets Managed Security Managed Continuity Managed Security
ICT Governance RedFlags & Controls • ICT governance is nothing but the way in which a IT functions. It includes a system of rules and processes that direct and controls a I&T. The aim of enforcing ICT governance is to balance the interests of a company’s shareholders • ICT Governance integrates best practices to ensure that the organization’s IT is aligned with, and supports, the business objectives; delivers value; manages risk associated with IT; manages its IT resources effectively and efficiently; and measures its own performance.
ICT Governance RedFlags
ICT Governance RedFlags & Controls • Monitoring by board. • Internal audits of ICT Governance system and robust policies. • Proper balance of power. • Performance based remuneration. • Monitoring by large shareholders and other stakeholders.
The board should also monitor and review: • ICT strategy • ICT major plans of action • ICT annual budgets and business plans • ICT performance • ICT major capital expenditures, acquisitions and divestitures • ICT governance practices and changes • ICT compensation and succession planning • ICT risk policy • Immature ICT risk management, non-investment in information technology, and defective or non-existent controls, particularly “non financial”
RUDY@SHOUSHANY.COM
It Governance in time of Covid-19

Recommended

MAKING SENSE OF IT GOVERNANCE
MAKING SENSE OF IT GOVERNANCEMAKING SENSE OF IT GOVERNANCE
MAKING SENSE OF IT GOVERNANCERudy Shoushany
 
Global and Regional Trends Impacting SMPs
Global and Regional Trends Impacting SMPsGlobal and Regional Trends Impacting SMPs
Global and Regional Trends Impacting SMPsInternational Federation of Accountants
 
Future Ready SMPs
Future Ready SMPsFuture Ready SMPs
Future Ready SMPsInternational Federation of Accountants
 
Enhanced Practice Management & New Services
Enhanced Practice Management & New ServicesEnhanced Practice Management & New Services
Enhanced Practice Management & New ServicesInternational Federation of Accountants
 
Christina Foo and Mark Koziel - Assisting SMPs Develop Business Advisory
Christina Foo and Mark Koziel - Assisting SMPs Develop Business AdvisoryChristina Foo and Mark Koziel - Assisting SMPs Develop Business Advisory
Christina Foo and Mark Koziel - Assisting SMPs Develop Business AdvisoryInternational Federation of Accountants
 
Inge Saeys - Helping SMPs Promote and Implement IAASB Standards
Inge Saeys - Helping SMPs Promote and Implement IAASB StandardsInge Saeys - Helping SMPs Promote and Implement IAASB Standards
Inge Saeys - Helping SMPs Promote and Implement IAASB StandardsInternational Federation of Accountants
 
Ricardo Rodil and Andreas Noodt - Influencing the Regulatory Agenda
Ricardo Rodil and Andreas Noodt - Influencing the Regulatory AgendaRicardo Rodil and Andreas Noodt - Influencing the Regulatory Agenda
Ricardo Rodil and Andreas Noodt - Influencing the Regulatory AgendaInternational Federation of Accountants
 
Opportunities and Challenges for SMPs
Opportunities and Challenges for SMPsOpportunities and Challenges for SMPs
Opportunities and Challenges for SMPsInternational Federation of Accountants
 

Recommended

MAKING SENSE OF IT GOVERNANCE
MAKING SENSE OF IT GOVERNANCEMAKING SENSE OF IT GOVERNANCE
MAKING SENSE OF IT GOVERNANCERudy Shoushany
 
Global and Regional Trends Impacting SMPs
Global and Regional Trends Impacting SMPsGlobal and Regional Trends Impacting SMPs
Global and Regional Trends Impacting SMPsInternational Federation of Accountants
 
Future Ready SMPs
Future Ready SMPsFuture Ready SMPs
Future Ready SMPsInternational Federation of Accountants
 
Enhanced Practice Management & New Services
Enhanced Practice Management & New ServicesEnhanced Practice Management & New Services
Enhanced Practice Management & New ServicesInternational Federation of Accountants
 
Christina Foo and Mark Koziel - Assisting SMPs Develop Business Advisory
Christina Foo and Mark Koziel - Assisting SMPs Develop Business AdvisoryChristina Foo and Mark Koziel - Assisting SMPs Develop Business Advisory
Christina Foo and Mark Koziel - Assisting SMPs Develop Business AdvisoryInternational Federation of Accountants
 
Inge Saeys - Helping SMPs Promote and Implement IAASB Standards
Inge Saeys - Helping SMPs Promote and Implement IAASB StandardsInge Saeys - Helping SMPs Promote and Implement IAASB Standards
Inge Saeys - Helping SMPs Promote and Implement IAASB StandardsInternational Federation of Accountants
 
Ricardo Rodil and Andreas Noodt - Influencing the Regulatory Agenda
Ricardo Rodil and Andreas Noodt - Influencing the Regulatory AgendaRicardo Rodil and Andreas Noodt - Influencing the Regulatory Agenda
Ricardo Rodil and Andreas Noodt - Influencing the Regulatory AgendaInternational Federation of Accountants
 
Opportunities and Challenges for SMPs
Opportunities and Challenges for SMPsOpportunities and Challenges for SMPs
Opportunities and Challenges for SMPsInternational Federation of Accountants
 
Audit Quality Framework & Proportionate Application of ISAs
Audit Quality Framework & Proportionate Application of ISAsAudit Quality Framework & Proportionate Application of ISAs
Audit Quality Framework & Proportionate Application of ISAsInternational Federation of Accountants
 
Integrated reporting a south african story
Integrated reporting a south african storyIntegrated reporting a south african story
Integrated reporting a south african storyNext Generation Consultants: Reana Rossouw
 
Opportunities & Challenges for SMPs Session 1
Opportunities & Challenges for SMPs Session 1Opportunities & Challenges for SMPs Session 1
Opportunities & Challenges for SMPs Session 1International Federation of Accountants
 
BCM Regulations and Learnings from across the globe..
BCM Regulations and Learnings from across the globe..BCM Regulations and Learnings from across the globe..
BCM Regulations and Learnings from across the globe..Continuity and Resilience
 
A Relevant Accountancy Profession
A Relevant Accountancy ProfessionA Relevant Accountancy Profession
A Relevant Accountancy ProfessionInternational Federation of Accountants
 
Cobit5
Cobit5Cobit5
Cobit5Iyad Mourtada, CMA, CIA, CFE, CCSA, CRMA, CPLP
 
Growing Your Practice
Growing Your PracticeGrowing Your Practice
Growing Your PracticeInternational Federation of Accountants
 
Governance, Risk Management, and Internal Control
Governance, Risk Management, and Internal ControlGovernance, Risk Management, and Internal Control
Governance, Risk Management, and Internal ControlInternational Federation of Accountants
 
Integrated reporting 101; Getting started with Integrated Reporting in India
Integrated reporting 101; Getting started with Integrated Reporting in IndiaIntegrated reporting 101; Getting started with Integrated Reporting in India
Integrated reporting 101; Getting started with Integrated Reporting in IndiaVrushali Gaud-Shinde
 
Integrated reporting framework
Integrated reporting frameworkIntegrated reporting framework
Integrated reporting frameworkMas Business
 
Integrated Reporting: The South African Experience
Integrated Reporting: The South African ExperienceIntegrated Reporting: The South African Experience
Integrated Reporting: The South African ExperienceInternational Federation of Accountants
 
Deloitte stay ahed of the game
Deloitte stay ahed of the gameDeloitte stay ahed of the game
Deloitte stay ahed of the gameFranco Ferrario
 
Integrated Reporting, Corporate Governance & Responsible Boards
Integrated Reporting, Corporate Governance & Responsible BoardsIntegrated Reporting, Corporate Governance & Responsible Boards
Integrated Reporting, Corporate Governance & Responsible BoardsDr. Basel Omar Abu-Ali
 
Integrated Reporting: Leading Practices & International Developments
Integrated Reporting: Leading Practices & International DevelopmentsIntegrated Reporting: Leading Practices & International Developments
Integrated Reporting: Leading Practices & International DevelopmentsInternational Federation of Accountants
 
Governance, risk and compliance framework
Governance, risk and compliance frameworkGovernance, risk and compliance framework
Governance, risk and compliance frameworkCeyeap
 
Sustainability vs Integrated Reporting - What's the difference?
Sustainability vs Integrated Reporting - What's the difference?Sustainability vs Integrated Reporting - What's the difference?
Sustainability vs Integrated Reporting - What's the difference?Next Generation Consultants: Reana Rossouw
 
Protiviti's Tips - Will you be ready for an IPO when the market is?
Protiviti's Tips - Will you be ready for an IPO when the market is?Protiviti's Tips - Will you be ready for an IPO when the market is?
Protiviti's Tips - Will you be ready for an IPO when the market is?Ellie Ahmadi
 
How Integrated Reporting provides insight into business strategy and prospects
How Integrated Reporting provides insight into business strategy and prospectsHow Integrated Reporting provides insight into business strategy and prospects
How Integrated Reporting provides insight into business strategy and prospectsInternational Integrated Reporting Council
 
C-Suite Snacks Webinar Series: Best-In-Class Finance and Accounting: Should Y...
C-Suite Snacks Webinar Series: Best-In-Class Finance and Accounting: Should Y...C-Suite Snacks Webinar Series: Best-In-Class Finance and Accounting: Should Y...
C-Suite Snacks Webinar Series: Best-In-Class Finance and Accounting: Should Y...Citrin Cooperman
 
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise ITCOBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise ITMark Constable
 
01-Build-an-IT-Risk-Management-Program--Phases-1-3.pptx
01-Build-an-IT-Risk-Management-Program--Phases-1-3.pptx01-Build-an-IT-Risk-Management-Program--Phases-1-3.pptx
01-Build-an-IT-Risk-Management-Program--Phases-1-3.pptxjamiejohngianna
 
TechniClick - GWEA & EA Governance
TechniClick - GWEA & EA GovernanceTechniClick - GWEA & EA Governance
TechniClick - GWEA & EA Governanceguestea68b0
 

More Related Content

What's hot

BCM Regulations and Learnings from across the globe..
BCM Regulations and Learnings from across the globe..BCM Regulations and Learnings from across the globe..
BCM Regulations and Learnings from across the globe..Continuity and Resilience
 
Integrated reporting 101; Getting started with Integrated Reporting in India
Integrated reporting 101; Getting started with Integrated Reporting in IndiaIntegrated reporting 101; Getting started with Integrated Reporting in India
Integrated reporting 101; Getting started with Integrated Reporting in IndiaVrushali Gaud-Shinde
 
Integrated reporting framework
Integrated reporting frameworkIntegrated reporting framework
Integrated reporting frameworkMas Business
 
Deloitte stay ahed of the game
Deloitte stay ahed of the gameDeloitte stay ahed of the game
Deloitte stay ahed of the gameFranco Ferrario
 
Integrated Reporting, Corporate Governance & Responsible Boards
Integrated Reporting, Corporate Governance & Responsible BoardsIntegrated Reporting, Corporate Governance & Responsible Boards
Integrated Reporting, Corporate Governance & Responsible BoardsDr. Basel Omar Abu-Ali
 
Governance, risk and compliance framework
Governance, risk and compliance frameworkGovernance, risk and compliance framework
Governance, risk and compliance frameworkCeyeap
 
Protiviti's Tips - Will you be ready for an IPO when the market is?
Protiviti's Tips - Will you be ready for an IPO when the market is?Protiviti's Tips - Will you be ready for an IPO when the market is?
Protiviti's Tips - Will you be ready for an IPO when the market is?Ellie Ahmadi
 
How Integrated Reporting provides insight into business strategy and prospects
How Integrated Reporting provides insight into business strategy and prospectsHow Integrated Reporting provides insight into business strategy and prospects
How Integrated Reporting provides insight into business strategy and prospectsInternational Integrated Reporting Council
 
C-Suite Snacks Webinar Series: Best-In-Class Finance and Accounting: Should Y...
C-Suite Snacks Webinar Series: Best-In-Class Finance and Accounting: Should Y...C-Suite Snacks Webinar Series: Best-In-Class Finance and Accounting: Should Y...
C-Suite Snacks Webinar Series: Best-In-Class Finance and Accounting: Should Y...Citrin Cooperman
 
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise ITCOBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise ITMark Constable
 

What's hot (20)

Audit Quality Framework & Proportionate Application of ISAs
Audit Quality Framework & Proportionate Application of ISAsAudit Quality Framework & Proportionate Application of ISAs
Audit Quality Framework & Proportionate Application of ISAs
 
Integrated reporting a south african story
Integrated reporting a south african storyIntegrated reporting a south african story
Integrated reporting a south african story
 
Opportunities & Challenges for SMPs Session 1
Opportunities & Challenges for SMPs Session 1Opportunities & Challenges for SMPs Session 1
Opportunities & Challenges for SMPs Session 1
 
BCM Regulations and Learnings from across the globe..
BCM Regulations and Learnings from across the globe..BCM Regulations and Learnings from across the globe..
BCM Regulations and Learnings from across the globe..
 
A Relevant Accountancy Profession
A Relevant Accountancy ProfessionA Relevant Accountancy Profession
A Relevant Accountancy Profession
 
Cobit5
Cobit5Cobit5
Cobit5
 
Growing Your Practice
Growing Your PracticeGrowing Your Practice
Growing Your Practice
 
Governance, Risk Management, and Internal Control
Governance, Risk Management, and Internal ControlGovernance, Risk Management, and Internal Control
Governance, Risk Management, and Internal Control
 
Integrated reporting 101; Getting started with Integrated Reporting in India
Integrated reporting 101; Getting started with Integrated Reporting in IndiaIntegrated reporting 101; Getting started with Integrated Reporting in India
Integrated reporting 101; Getting started with Integrated Reporting in India
 
Integrated reporting framework
Integrated reporting frameworkIntegrated reporting framework
Integrated reporting framework
 
Integrated Reporting: The South African Experience
Integrated Reporting: The South African ExperienceIntegrated Reporting: The South African Experience
Integrated Reporting: The South African Experience
 
Deloitte stay ahed of the game
Deloitte stay ahed of the gameDeloitte stay ahed of the game
Deloitte stay ahed of the game
 
Integrated Reporting, Corporate Governance & Responsible Boards
Integrated Reporting, Corporate Governance & Responsible BoardsIntegrated Reporting, Corporate Governance & Responsible Boards
Integrated Reporting, Corporate Governance & Responsible Boards
 
Integrated Reporting: Leading Practices & International Developments
Integrated Reporting: Leading Practices & International DevelopmentsIntegrated Reporting: Leading Practices & International Developments
Integrated Reporting: Leading Practices & International Developments
 
Governance, risk and compliance framework
Governance, risk and compliance frameworkGovernance, risk and compliance framework
Governance, risk and compliance framework
 
Sustainability vs Integrated Reporting - What's the difference?
Sustainability vs Integrated Reporting - What's the difference?Sustainability vs Integrated Reporting - What's the difference?
Sustainability vs Integrated Reporting - What's the difference?
 
Protiviti's Tips - Will you be ready for an IPO when the market is?
Protiviti's Tips - Will you be ready for an IPO when the market is?Protiviti's Tips - Will you be ready for an IPO when the market is?
Protiviti's Tips - Will you be ready for an IPO when the market is?
 
How Integrated Reporting provides insight into business strategy and prospects
How Integrated Reporting provides insight into business strategy and prospectsHow Integrated Reporting provides insight into business strategy and prospects
How Integrated Reporting provides insight into business strategy and prospects
 
C-Suite Snacks Webinar Series: Best-In-Class Finance and Accounting: Should Y...
C-Suite Snacks Webinar Series: Best-In-Class Finance and Accounting: Should Y...C-Suite Snacks Webinar Series: Best-In-Class Finance and Accounting: Should Y...
C-Suite Snacks Webinar Series: Best-In-Class Finance and Accounting: Should Y...
 
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise ITCOBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
 

Similar to It Governance in time of Covid-19

01-Build-an-IT-Risk-Management-Program--Phases-1-3.pptx
01-Build-an-IT-Risk-Management-Program--Phases-1-3.pptx01-Build-an-IT-Risk-Management-Program--Phases-1-3.pptx
01-Build-an-IT-Risk-Management-Program--Phases-1-3.pptxjamiejohngianna
 
TechniClick - GWEA & EA Governance
TechniClick - GWEA & EA GovernanceTechniClick - GWEA & EA Governance
TechniClick - GWEA & EA Governanceguestea68b0
 
An Introduction To ICT Continuity Based On BS 25777
An Introduction To ICT Continuity Based On BS 25777An Introduction To ICT Continuity Based On BS 25777
An Introduction To ICT Continuity Based On BS 25777Yasmine Anino
 
Current enterprise information security measures continue to fail us. Why is ...
Current enterprise information security measures continue to fail us. Why is ...Current enterprise information security measures continue to fail us. Why is ...
Current enterprise information security measures continue to fail us. Why is ...Livingstone Advisory
 
IT Governance Presentation by omaha 2008
IT Governance Presentation by omaha 2008IT Governance Presentation by omaha 2008
IT Governance Presentation by omaha 2008ssusera19f45
 
Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016
Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016
Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016FERMA
 
PwC Transforming Internal Audit to Drive Digital Value
PwC Transforming Internal Audit to Drive Digital ValuePwC Transforming Internal Audit to Drive Digital Value
PwC Transforming Internal Audit to Drive Digital ValueEileen Chan
 
Staff awareness: developing a security culture
Staff awareness: developing a security cultureStaff awareness: developing a security culture
Staff awareness: developing a security cultureIT Governance Ltd
 
IT Risk assessment and Audit Planning
IT Risk assessment and Audit PlanningIT Risk assessment and Audit Planning
IT Risk assessment and Audit Planninggoreankush1
 
A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...Judith Beckhard Cardoso
 
The Business of IT - IT Governance
The Business of IT - IT GovernanceThe Business of IT - IT Governance
The Business of IT - IT GovernancePaul Wohlleben
 
Role of The Board In IT Governance & Cyber Security-Steve Howse
Role of The Board In IT Governance & Cyber Security-Steve HowseRole of The Board In IT Governance & Cyber Security-Steve Howse
Role of The Board In IT Governance & Cyber Security-Steve HowseCGTI
 
Digital Strategy In A Time Of Crisis
Digital Strategy In A Time Of CrisisDigital Strategy In A Time Of Crisis
Digital Strategy In A Time Of CrisisBruno A. Bonechi
 
EMERGENCE OF NEW DIGITALIZATION TECHNIQUES IN ORGANISATIONS IN.pptx
EMERGENCE OF NEW DIGITALIZATION TECHNIQUES IN ORGANISATIONS IN.pptxEMERGENCE OF NEW DIGITALIZATION TECHNIQUES IN ORGANISATIONS IN.pptx
EMERGENCE OF NEW DIGITALIZATION TECHNIQUES IN ORGANISATIONS IN.pptxArunimaHazra2
 

Similar to It Governance in time of Covid-19 (20)

01-Build-an-IT-Risk-Management-Program--Phases-1-3.pptx
01-Build-an-IT-Risk-Management-Program--Phases-1-3.pptx01-Build-an-IT-Risk-Management-Program--Phases-1-3.pptx
01-Build-an-IT-Risk-Management-Program--Phases-1-3.pptx
 
TechniClick - GWEA & EA Governance
TechniClick - GWEA & EA GovernanceTechniClick - GWEA & EA Governance
TechniClick - GWEA & EA Governance
 
COBIT Intor.pptx
COBIT Intor.pptxCOBIT Intor.pptx
COBIT Intor.pptx
 
IT_Governance iia uganda_presentation_ruyooka_2011
IT_Governance iia uganda_presentation_ruyooka_2011IT_Governance iia uganda_presentation_ruyooka_2011
IT_Governance iia uganda_presentation_ruyooka_2011
 
An Introduction To ICT Continuity Based On BS 25777
An Introduction To ICT Continuity Based On BS 25777An Introduction To ICT Continuity Based On BS 25777
An Introduction To ICT Continuity Based On BS 25777
 
ACFN vISO eBook
ACFN vISO eBookACFN vISO eBook
ACFN vISO eBook
 
Current enterprise information security measures continue to fail us. Why is ...
Current enterprise information security measures continue to fail us. Why is ...Current enterprise information security measures continue to fail us. Why is ...
Current enterprise information security measures continue to fail us. Why is ...
 
IT Governance Presentation by omaha 2008
IT Governance Presentation by omaha 2008IT Governance Presentation by omaha 2008
IT Governance Presentation by omaha 2008
 
Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016
Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016
Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016
 
PwC Transforming Internal Audit to Drive Digital Value
PwC Transforming Internal Audit to Drive Digital ValuePwC Transforming Internal Audit to Drive Digital Value
PwC Transforming Internal Audit to Drive Digital Value
 
Staff awareness: developing a security culture
Staff awareness: developing a security cultureStaff awareness: developing a security culture
Staff awareness: developing a security culture
 
IT Infrastructure - Importance of IT to Business
IT Infrastructure - Importance of IT to BusinessIT Infrastructure - Importance of IT to Business
IT Infrastructure - Importance of IT to Business
 
IT Governances
IT GovernancesIT Governances
IT Governances
 
IT Risk assessment and Audit Planning
IT Risk assessment and Audit PlanningIT Risk assessment and Audit Planning
IT Risk assessment and Audit Planning
 
A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...
 
The Business of IT - IT Governance
The Business of IT - IT GovernanceThe Business of IT - IT Governance
The Business of IT - IT Governance
 
Role of The Board In IT Governance & Cyber Security-Steve Howse
Role of The Board In IT Governance & Cyber Security-Steve HowseRole of The Board In IT Governance & Cyber Security-Steve Howse
Role of The Board In IT Governance & Cyber Security-Steve Howse
 
Digital Strategy In A Time Of Crisis
Digital Strategy In A Time Of CrisisDigital Strategy In A Time Of Crisis
Digital Strategy In A Time Of Crisis
 
EMERGENCE OF NEW DIGITALIZATION TECHNIQUES IN ORGANISATIONS IN.pptx
EMERGENCE OF NEW DIGITALIZATION TECHNIQUES IN ORGANISATIONS IN.pptxEMERGENCE OF NEW DIGITALIZATION TECHNIQUES IN ORGANISATIONS IN.pptx
EMERGENCE OF NEW DIGITALIZATION TECHNIQUES IN ORGANISATIONS IN.pptx
 
S36169184
S36169184S36169184
S36169184
 

Recently uploaded

Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfjimielynbastida
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsAndrey Dotsenko
 

Recently uploaded (20)

Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdf
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 

It Governance in time of Covid-19

  • 1. ICT Governance in time of covid-19 July 1 2020
  • 2. Rudy Shoushany ICT Governance , Strategies, CyberSecurity, Digital Transformation
  • 3.
  • 4. • Technology plays key role in current/rebuilding economies and cooperation* in/after COVID-19 pandemic • Companies, Governments & Society* needs to make full use of digital technologies to confront the COVID-19 pandemic • Risks & Challenges arise on Resilience, Recovery, the New Reality of WFH & safety of staff ( Auditing, IT operations, Security, Privacy, Capacity, Continuity…)
  • 5.
  • 7.
  • 8. • IT Governance Framework have already been implemented at the organisational level in many countries • Central bank of Lebanon (Circulars, BCC 222/2000 General guide for IT Security, 272, 1s44/2017 Cybercrime, 123/2008 Business Continuity Plan. 272/2011 Security of information technology systems ,146/2018 GDPR, Law 81/2018 electronic signature and privacy) but missing updated of old BCC 222/2000 and organization structures. • Central Bank of Jordan regulations number No.:(65/2016) its adjustments number )984-6-10( • Egypt, I have not seen anything related to ICT governance the Egypt 2030 plan only mentions it but no details • Implementing IT governance at the national level will deliver better benefits to the Organizations.
  • 9. • Information & Communication Technology Governance framework (or I&T governance framework) is a type of framework that defines the ways, structures and methods through which an organisation can implement, manage, direct and monitor IT governance.
  • 10. COBIT defines the components to build and sustain a governance system
  • 11. IT Governance is concerned with value delivery from digital transformation and the mitigation of business risk that results from digital transformation. More specifically, three main outcomes can be expected after successful adoption of IT Governance: Benefits realization—This consists of creating value for the enterprise through I&T, maintaining and increasing value derived from existing I&T investments, and eliminating IT initiatives and assets that are not creating sufficient value.
  • 12. Risk optimization—This entails addressing the business risk associated with the use, ownership, operation, involvement, influence and adoption of I&T within an enterprise. I&T-related business risk consists of I&T-related events that could potentially impact the business. Resource optimization—This ensures that the appropriate capabilities are in place to execute the strategic plan and sufficient, appropriate and effective resources are provided.
  • 13. In the light of digital transformation and now Covid-19, information and technology (I&T) have become crucial in the support, sustainability, growth of enterprises and maybe survival. Previously, governing boards (boards of directors) and senior management could delegate, ignore or avoid I&T-related decisions. In most sectors and industries, such attitudes are now ill advised.
  • 14. Challenges So what were the challenges of the Board and executives in this uncertain time : Travel restrictions, social distancing quarantines, and other measures will often hinder a physical meeting of the board or shareholders. Not to speak of the fact that some directors or shareholders might become infected by COVID-19.
  • 15. Questions and lessons • Was there a I&T Governance part of BOD? ▫ If yes was it effectively managed • Was communication secured timely due to disruption of traditional channels or needed new technologies to support it • Did Board meetings occur? • Legalities of remote boards, and document signing, was eSignature introduced
  • 16. COVID-19 is testing boards in all areas of responsibility
  • 17. Risk oversight is key as new and unforeseen issues emerge • One of the primary responsibilities of the board of directors is risk oversight. Boards must understand the risks facing the companies they oversee, and they must ensure that management has implemented appropriate measures to identify, monitor, and manage those risks. For example, as a result of COVID-19, companies have had to implement their pre-pandemic business continuity plans, as physical distancing and work-from- home policies have become the norm. Companies that had invested in more comprehensive business continuity planning and technology before the pandemic may have had an advantage in managing the crisis so far.
  • 18. • In particular, boards may find companies exposed to new risks related to Services disruptions, capital allocation, Assets, liquidity, cybersecurity, and key person risk. Not to mention risks to firms’ reputations if they fail to meet emerging best practices on communication and treatment of employees. Over the long term, we expect boards to take a critical look at the effectiveness of their companies’ risk policies to ensure they are prepared for a wide variety of potential risk events
  • 19.
  • 20.
  • 21. What are the main COBIT objective/Process needed? Managed Assets Managed Security Managed Continuity Managed Security
  • 22. ICT Governance RedFlags & Controls • ICT governance is nothing but the way in which a IT functions. It includes a system of rules and processes that direct and controls a I&T. The aim of enforcing ICT governance is to balance the interests of a company’s shareholders • ICT Governance integrates best practices to ensure that the organization’s IT is aligned with, and supports, the business objectives; delivers value; manages risk associated with IT; manages its IT resources effectively and efficiently; and measures its own performance.
  • 24. ICT Governance RedFlags & Controls • Monitoring by board. • Internal audits of ICT Governance system and robust policies. • Proper balance of power. • Performance based remuneration. • Monitoring by large shareholders and other stakeholders.
  • 25. The board should also monitor and review: • ICT strategy • ICT major plans of action • ICT annual budgets and business plans • ICT performance • ICT major capital expenditures, acquisitions and divestitures • ICT governance practices and changes • ICT compensation and succession planning • ICT risk policy • Immature ICT risk management, non-investment in information technology, and defective or non-existent controls, particularly “non financial”