...Controls for Information Technology (IT) and Reporting and Evaluation Jami L. Valek ACC-544 January 28, 2013 Christine Errico Controls for Information Technology (IT) and Reporting and Evaluation Information Technology (IT) controls are activities that are specifically performed to ensure that business objectives are met through the use of people and systems. IT control objectives are related to the business enterprise’s confidentiality, integrity, availability of data, and the overall management of the IT functions. There are two types of IT controls: IT general controls, which are controls over the IT environment, computer operations, access to programs and data, program development and program changes; and IT application controls, which refer to transaction processing controls (“Information Technology Controls”, 2013). IT General Controls are the foundation of a company’s IT control structure. With IT General Controls, data that is generated can be deemed more reliable and assertion that systems are operating as intended is supported. IT General Controls usually include controls that are designed to: * Shape the corporate environment through control environment; * Ensure that changes are authorized and meet business requirements through changes in management procedures; * Protect the integrity of program controls through source code/document version controls procedures; * Ensure effective management of IT projects through software development life...
Words: 507 - Pages: 3
...transparency in the context of IT governance, and why is it important? How does the COBIT framework provide for internal audit and corrective action? The transparency of IT Governance is to cover the culture, organization, policies and practices. This type of transparency in the government financial management is very important in a way to produce a proper, complete performance measurement system and to provide insufficient disclosure of these performances information to the broader public. This is why the point of transparency becomes a measurement for health and security in governments, leadership and business in almost all the countries in the world especially in the well developed once, because the public certainly wants the government to be transparent. Information Technology settles how well services are provided and how good the company is satisfying its customers. By providing services the companies can also expose their businesses to risk that can affect with their daily operations and transactions. In this case management must be able to make precise decisions in a way to minimize any risks that could affect the company really badly. It's virtually impossible to have too much transparency or education about IT governance, in fact both of them can go well together and so the more transparency of the governance practices, the more confidence in the governance there will be. Companies with more effective Information Technology governance had more senior management involvement...
Words: 627 - Pages: 3
...Data governance (DG) refers to the overall management of the availability, usability, integrity, and security of the data employed in an enterprise. Data Governance practices provide the framework for maintaining company’s investment in their data management activities (MDM, Data Profiling and Data Quality, and Metadata Management). Data Governance provides a mechanism to rationalize and control organization’s collection, storage, analyses and dissemination of its data. Most companies accomplish Data Governance by: * Defining data standards * Creating programs consisting of a governing council, personnel, procedures, and plans to execute data governance policies * Establishing auditing practices to monitor and report on the integrity of data governance activities For many companies, their intellectual property can often be more valuable than their physical assets. Having an effective IT governance strategy in place can protect this intellectual property, reducing the risk of theft and infringement. Data protection, privacy and breach regulations, computer misuse around investigatory powers are part of a complex and often competing range of requirements to which directors must respond. There is increasingly the need for an overarching information security framework that can provide context and coherence to compliance activity worldwide. IT Governance is a key resource for forward-thinking managers and executives at all levels, enabling them to understand how decisions...
Words: 486 - Pages: 2
...RUNNING HEAD: IM/IT Analysis IM/IT Analysis Barbara C. Hagerman Dr. Chad Moretz Health Information Systems July 29, 2012 1. Discuss the five (5) major components of information management/information technology (IM/IT) governance with a focus on how they will collectively improve the quality of health care. IM/IT governance helps the organization make business decisions more accurately and in a timelier manner (Glandon, Smaltz, Slovensky, 2008). In order to complete this, five general guidelines were created. They are as follows: Develop a consistent IT strategy, Align IT Planning with Organizational Planning, Develop IT Infrastructure, Architecture and Policies, Set IT Project Priorities and Oversee Investments and Be able to assess IT’s contribution. In order to develop a consistent IT strategy, the plan created must apply across all operating units within the organization. Next, the plan must align with IT planning and organizational planning. Alignment would involve three essential elements for success. First, an alignment of purpose must be in place. IM/IT leadership and organizational leadership must agree that they are trying to achieve the same ends. Second, they must agree to work to develop goals and tactics jointly to meet those ends. Third, these two groups must share the responsibility and accountability to achieve the ends (Stacey, Skinner, 2005). Because plans may change over a period of time, the...
Words: 1429 - Pages: 6
...Griffin HAS 520- Health Information Systems February 17, 2013 Over the years, the advantage of successful information management / information technology (IM/IT) governance has become a hot topic of discussion and debate. It has been shown that “an effective IM/IT governance framework benefits organizations in many ways, including the ever-important cost savings” (Shane, Lafferty, & Beasley, 1999). In the past, information systems were put together in piecemeal fashion as different programming software became available. This resulted in a repetitive collection of patient data, a duplication of patient files, and an inability to retrieve patient information when needed. This shed light on the need for an IM/IT planning process in order to have successful IM/IT governance. Once the governance strategic planning process was established, the focus then shifted to an incorporation of systems across healthcare facilities. As successful IM/IT governances’ became utilized by different corporations, it became clear that these governance facilitated organizations were able to formulate precise business decisions in a short amount of time. Research, experience, and debate conclude that there are five components involved in successful IM/IT governance. The first factor of successful IM/IT governance is developing a consistent IM/IT strategy. It is important that information systems who are incorporated into a healthcare organization support the organization’s strategy goals...
Words: 1826 - Pages: 8
...WestJet Airlines – IT Governance & Corporate Strategy 1. Assessment of the IT situation at WestJet - Cheryl Smith focused on performance measures to carry out a study to compare companies within the transportation industry. The objective of the study was to compare WestJet’s IT cost, its resources and its budget to the overall industry standards. With the results, Cheryl was able to conclude that the IT department of the company was competent and worked according to the “WestJet IT Way”. She acknowledged that the IT organization at WestJet was structured according to the IT group’s conventional internal functions of planning, building, organizing, maintaining and governing. To top it off Cheryl found that IT department at WestJet had relatively different skill set compared to the IT sector at other companies1. Further she stated that more than half the systems, procedures and systems were industry-standard. WestJet’s IT department had invented its own operations structured around the company’s needs which were not compliant with other related industries. The study concluded that there was a mismatch in the number of employers as compared to the industry benchmark numbers. 2. WestJet’s assessment and Issues faced - Cheryl Smith was informed that WestJet had undergone an analysis with IBM and they had recommended a solution to its IT concerns. However, Cheryl requested to stop and place a hold on the PMO deal that was suggested by IBM. Instead, the first task...
Words: 1624 - Pages: 7
...project provides VBZ the blueprint to virutalize all or parts of its IT environment. This framework provides a holistic view of the IT activities as the virtualization occur and the impacts of those efforts on the current environment. . The ITV framework is the mechanism to facilitate structured communication amongst stakeholders to enable clearly defined measurable success. It allows the stakeholders to assess and implement the virtualization plan that will best meet their immediate business needs, with the end goal of a fully virtualized environment. VBZ’s ITV framework consists of five components: (Note: All components are tied back to the fifth component - Governance ) Figure 1. 1) Business Architecture -- aligns VBZ’s operations, strategic goal and objectives with IT requirements; provides the pertinent data for the creation of a business case the virtualization transformation and provides the business...
Words: 1435 - Pages: 6
...products remains at the sole discretion of Oracle. 2 To start with, let’s take a look at what data governance entails. There are numerous definitions of data governance. Here are a few: So to summarize, data governance is the specification of decision rights and an accountability framework to encourage desirable behavior in the valuation, creation, storage, use, archival and deletion of data and information. It includes the processes, roles, standards and metrics that ensure the effective and efficient use of data and information in enabling an organization to achieve its goals. Understanding what data governance is not can help focus on what it is. The list below illustrates the types of projects where data governance is essential to be ultimately successful. However, these types of technology projects often ignore serious considerations for the principles and processes of data governance. 3 In particular, data governance is not: Change management Data cleansing or extract, transform and load data (ETL) Master Data Management (MDM) Data warehousing Database design Database management and administration Data governance is not meant to solve all business or IT problems in an organization. The main goals and objectives of data governance include the following. To define, approve, and communicate data strategies, policies, standards, architecture, procedures, and metrics. To track and...
Words: 3763 - Pages: 16
...Global Technology Audit Guide Auditing IT Governance Global Technology Audit Guide (GTAG®) 17 Auditing IT Governance July 2012 GTAG — Table of Contents Executive Summary......................................................................................................................................... 1 1. Introduction................................................................................................................................................ 2 2. IT Governance Risks................................................................................................................................... 7 3. Aligning the Organization and IT — Key Considerations................................................................ 12 4. The Role of Internal Audit in IT Governance............................................................................ 15 Conclusion....................................................................................................................................................... 18 Authors and Reviewers.............................................................................................................................. 18 Appendix — IT Governance Risk Assessment/Engagement Planning Considerations............................................. 19 iv GTAG — Executive Summary Executive Summary To support the heightened importance of IT governance and the mandatory nature of the International Standards for the Professional...
Words: 10762 - Pages: 44
...Global Technology Audit Guide Auditing IT Governance Global Technology Audit Guide (GTAG®) 17 Auditing IT Governance July 2012 GTAG — Table of Contents Executive Summary......................................................................................................................................... 1 1. Introduction................................................................................................................................................ 2 2. IT Governance Risks................................................................................................................................... 7 3. Aligning the Organization and IT — Key Considerations................................................................ 12 4. The Role of Internal Audit in IT Governance............................................................................ 15 Conclusion....................................................................................................................................................... 18 Authors and Reviewers.............................................................................................................................. 18 Appendix — IT Governance Risk Assessment/Engagement Planning Considerations............................................. 19 iv GTAG — Executive Summary Executive Summary To support the heightened importance of IT governance and the mandatory nature of the International Standards...
Words: 10762 - Pages: 44
...provides scaleable, upgradeable, and comprehensive security for the coming years. The blueprint is used to plan the tasks to be accomplished and the order in which to proceed. What is information security governance? Governance is “the set of responsibilities and practices exercised by the board and executive management with the goal of providing strategic direction, ensuring that objectives are achieved, ascertaining that risks are managed appropriately and verifying that the enterprise’s resources are used responsibly.”1 Governance describes the entire process of governing, or controlling, the processes used by a group to accomplish some objective. Just like governments, corporations and other organizations have guiding documents—corporate charters or partnership agreements—as well as appointed or elected leaders or officers, and planning and operating procedures. These elements in combination provide corporate governance. Each operating unit within an organization also has controlling customs, processes, committees, and practices. The information security group’s leadership monitors and manages all of the organizational structures and processes that safeguard information. Information security governance, then, is the application of the principles of corporate governance—that is,...
Words: 4589 - Pages: 19
...Introduction Health IT has improved patients safety, healthcare quality, efficiency and data collection and has helped restrain rising cost. Health information technology encompasses a broad array of technologies involved in managing and sharing patient information electronically than paper. http://www.allhealth.org/publications/health_information_technology/health_information_technology_toolkit.asp states Many in the U.S. have high hopes for health information technology, or health IT. Hospitals hope to reduce medical errors, such as ordering and administering the wrong dose of a medication. Providers hope to access and share patient information more easily, thereby improving care. Governments and businesses hope to save money by improving efficiency. In this paper, I will determine, within the healthcare setting, the main features, capabilities, and operational benefits to a health care organization using the following: patient care applications, management and enterprise systems, e-Health applications, and strategic decision-support application, I will assume the responsibility of a healthcare administrator for the health information systems within my organization and create an argument to be presented to the leaders with the organization that a strategic plan is essential for the IM/IT, assess the importance of a system development life cycle as it pertains to both the development of a custom application, coupled with the selection of proprietary systems, recommend the...
Words: 1407 - Pages: 6
...utilization of data. From process automation to on-demand agile reporting to robust business intelligence and analytics (BI&A), data remains the future of business. Because of this trend, BI&A has become an industry in its own right. Software companies of all sizes are developing tools that are changing the future of business archetypes. According to Gartner, Inc., “By 2020, information will be used to reinvent, digitalize or eliminate 80% of business processes and products from a decade earlier” (Forbes 2015). As BI&A continues to quickly grow, there are multiple trends, techniques, platforms and expanding technologies that impact how organizations might tackle the development of a universal BI&A platform. The current “hot” trend, increasingly on the rise is self-service analytics, which opens the use of data to more people in a real-time way. Rado Kotorov, a Chief Innovation Officer at Information Builders predicts that for 2016: “…Self-service analytics will evolve beyond just self-service for analysts. There will be self-service information for the masses delivered not through tools but through purpose-built interfaces and apps. Just as the ATM in banking evolved from a cash-dispensing machine to a full transaction and account management terminal, so too will self-service mature and spread to the masses” (PC Mag 2015). Self-service analytics is a trend that takes away much of the technical, bewildering side of BI and replaces it with data analytics, visualization...
Words: 1940 - Pages: 8
...children, to humble themselves and change. It is simplistic in its call, but profound in its meaning. To be like a child means that you are teachable, thirsty for knowledge, non-threatened, free from power or position, quick to forgive, flexible, easy to change, humble and free to explore. The same can said of a board member working out of a “generative mindset.” A child like heart is inquisitive, pure and full of wonder. Give a child a kaleidoscope and they are immediately fascinated, filled with wonder and amazement. Creating a dynamic governing board can and should be filled with this same type of humility, wonder and excitement that is bound in the heart of a child. This paper seeks to define and explore the ways generative governance can instill a greater sense of purpose, a child like wonder, humility and learning into our organizations today. These principles of generative thinking will be applied to the Mission Center of HOPE, a newly formed 501(c)3 organization that is in its infancy, in hopes that a culture of inquiry and generative mindset can be instilled in the very foundation of the organization. The MCOH, being a new organization, has the amazing opportunity to foster a learning organization from the very beginning. This paper will also show how generative thinking can be built organization a mechanism by...
Words: 7844 - Pages: 32
...Guidelines Maturity Models COBIT 4.1 The IT Governance Institute® The IT Governance Institute (ITGITM) (www.itgi.org) was established in 1998 to advance international thinking and standards in directing and controlling an enterprise’s information technology. Effective IT governance helps ensure that IT supports business goals, optimises business investment in IT, and appropriately manages IT-related risks and opportunities. ITGI offers original research, electronic resources and case studies to assist enterprise leaders and boards of directors in their IT governance responsibilities. Disclaimer ITGI (the “Owner”) has designed and created this publication, titled COBIT® 4.1 (the “Work”), primarily as an educational resource for chief information officers (CIOs), senior management, IT management and control professionals. The Owner makes no claim that use of any of the Work will assure a successful outcome. The Work should not be considered inclusive of any proper information, procedures and tests or exclusive of other information, procedures and tests that are reasonably directed to obtaining the same results. In determining the propriety of any specific information, procedure or test, CIOs, senior management, IT management and control professionals should apply their own professional judgement to the specific circumstances presented by the particular systems or IT environment. Disclosure Copyright © 2007 by the IT Governance Institute. All rights reserved. No part of this...
Words: 85189 - Pages: 341
