...A Framework for IT Governance in Small Businesses by Herman Koornhof A FRAMEWORK FOR IT G O V E R N A N C E by IN SMALL BUSINESSES Herman Koornhof TREATISE Submitted for the partial fulfilment of the requirements for the degree MAGISTER TECHNOLOGIAE in Business Information Systems in the FACULTY ENGINEERING, BUILT ENVIRONMENT OF THE AND INFORMATION TECHNOLOGY of the N E L S O N M A N D E L A M E T R O P O L I T A N U N I V E R SI T Y Supervisor: Prof. Rossouw von Solms January 2009 ii Declaration I, Herman Koornhof, hereby declare that: • • • The work in this treatise is my own work. All sources used or referred to have been documented and recognised. This treatise has not previously been submitted in full of partial fulfilment of the requirements for an equivalent or qualification at any other recognised educational institution. higher Herman Koornhof iii Acknowledgements I would like to express my gratitude to the following people: • My love, Jenny, for your love and understanding during the past year. Without your encouragement and inspiration this work would not have been possible. • • My family and friends for your interest and support. My supervisor, Prof. Rossouw von Solms, for your guidance and advice, and your detailed and constructive comments. • To Him who is able to do immeasurably more than all we ask or imagine, according to his power that is at work within us. iv Table...
Words: 36563 - Pages: 147
...An Event-Based Digital Forensic Investigation Framework∗ Brian D. Carrier carrier@cerias.purdue.edu Eugene H. Spafford spaf@cerias.purdue.edu Center for Education and Research in Information Assurance and Security - CERIAS Purdue University West Lafayette, IN 47907 USA Abstract In this paper, we present a framework for digital forensics that includes an investigation process model based on physical crime scene procedures. In this model, each digital device is considered a digital crime scene, which is included in the physical crime scene where it is located. The investigation includes the preservation of the system, the search for digital evidence, and the reconstruction of digital events. The focus of the investigation is on the reconstruction of events using evidence so that hypotheses can be developed and tested. This paper also includes definitions and descriptions of the basic and core concepts that the framework uses. 1 Introduction Since the first Digital Forensic Research Workshop (DFRWS) in 2001 [Pal01], the need for a standard framework has been understood, yet there has been little progress on one that is generally accepted. A framework for digital forensics needs to be flexible enough so that it can support future technologies and different types of incidents. Therefore, it needs to be simple and abstract. On the other hand, if it is too simple and abstract then it is difficult to create tool requirements and test procedures for each phase. For this paper...
Words: 6869 - Pages: 28
..................3 I. Introduction ............................................................................................................................5 II. The Financial Crisis: Implications for Debt Managers .........................................................6 III. Work Program Linkages ......................................................................................................7 IV. Medium-Term Debt Management Strategy.........................................................................8 A. Developing the Framework.......................................................................................8 B. The Guidance Note..................................................................................................10 C. The Cost-Risk Analytic Tool ..................................................................................11 D. Preliminary Results from Early Application of the Framework .............................13 V. Debt Management Performance Assessment (DeMPA).....................................................15 A. The DeMPA Framework.........................................................................................15 B. Preliminary Results from Early Application...........................................................18 VI. Overall Lessons .................................................................................................................20 VII. Further Steps Towards Improving PDM Frameworks...
Words: 15042 - Pages: 61
...improving internal weaknesses by taking advantage of external opportunities? a. b. c. d. e. SO WO SW ST WT 4. How many cells are in a SWOT Matrix? a. b. c. d. e. Two Four Six Eight Nine 5. What are two external dimensions of the SPACE Matrix? a. b. c. d. e. Environmental stability and industry strength Environmental stability and competitive advantage Industry strength and competitive advantage Competitive advantage and financial strength Financial strength and industry strength 6. In the SPACE analysis, what does a (+6, +3) strategy profile portray? a. b. c. d. e. A strong industry An unstable environment A stable environment A weak industry A weak financial position 7. Selling all of a company’s assets in parts for their tangible worth is called a. Joint venture. b. Divestiture. c. Concentric diversification. d. Liquidation. e. Unrelated integration 8. Which stage of the strategy-formulation framework involves the Quantitative Strategic Planning Matrix? a. b. Stage 1 Stage 2 c. d. e. Stage 3 Stage 4 Stage 5 9. 10. Which strategy should be implemented when a division is responsible for an organization’s overall poor performance? a. Backward integration b. c. b. c. Divestiture Forward integration Cost leadership Related diversification 11. What analytical tool has four quadrants based on two dimensions: competitive position and market growth? a. b. c. d. e. Competitive Profile Matrix Internal-External Matrix SPACE Matrix Grand Strategy Matrix...
Words: 4249 - Pages: 17
...delineating responsibility and measuring the performance contribution of those activities that compose the investment management process---investment policy, market timing and security selection. 2 The relative importance of policy, timing and selection can be determined only if we have a clear and relevant method of attributing returns to these factors. This article examines empirically the effects of investment policy, market timing and security (or manager) selection on total portfolio return. Our goal is to determine, from historical investment data on U.S. corporate pension plans, which investment decisions had the greatest impacts on the magnitude of total return and on the variability of that return. A Table I illustrates the framework for analyzing portfolio returns. Quadrant I represents policy. Here we would place the fund's benchmark return for the period, as determined by its long-term investment policy. A plan's benchmark return is a consequence of the investment policy adopted by the plan sponsor. Investment policy identifies the long-term asset allocation plan (included asset classes and normal weights) selected to control the overall risk and meet fund objectives. In short, policy identifies the entire plan's normal portfolio. 4 To calculate the policy benchmark return, we need (1) the weights of all...
Words: 4486 - Pages: 18
...Internal audit’s role in modern corporate governance Thought leadership series Risk and Advisory Services Internal audit’s role in modern corporate governance Recent events have highlighted the critical role of boards of directors in promoting good corporate governance. In particular, boards are being charged with ultimate responsibility for the effectiveness of their organisations’ internal control systems. An effective internal audit function plays a key role in assisting the board to discharge its governance responsibilities. Yet how does the board – and its audit committee – satisfy itself that internal audit is functioning effectively and efficiently? The board’s responsibility for internal controls Through working with a broad range of organisations in Hong Kong and internationally, KPMG has identified a number of best practices in relation to the role played by the board audit and/or risk management committees. s Recent events have highlighted the critical role of boards of directors in s s s s s s s Assessing the scope and effectiveness of the systems established by management to identify, assess, manage and monitor the various risks arising from the organisation’s activities. Ensuring senior management establishes and maintains adequate and effective internal controls. Satisfying itself that appropriate controls are in place for monitoring compliance with laws, regulations, supervisory requirements and relevant internal policies....
Words: 2896 - Pages: 12
...it to analyze the Forest Rights Act through the IAD Framework. Contents Introduction ................................................................................................................................................ 3 How are the Commons & CPRs defined? .................................................................................................. 3 The three dominant models ..................................................................................................................... 4 The theory of the firm............................................................................................................................... 4 The theory of the state ............................................................................................................................. 4 The problem of supply .............................................................................................................................. 4 The problem of credible commitment ...................................................................................................... 4 The problem of mutual monitoring .......................................................................................................... 5 Appropriation and provision problems..................................................................................................... 5 The Institutional Analysis and Development Framework...
Words: 5562 - Pages: 23
...07/08/2007 Abstract The core of a model theory for generic schema management is developed. This theory has two distinctive features: it applies to a variety of categories of schemas, and it applies to transformations of both the schema structure and its integrity constraints. A subtle problem of schema integration is considered in its general form, not bound to any particular category of schemas. The proposed solution, as well as the overall theory, is based entirely on schema morphisms that carry both structural and semantic properties. Duality results that apply to the two levels (i.e., the schema and the data levels) are established. These results lead to the main contribution of this paper: a formal schema and data management framework for generic schema management. Implications of this theory are established that apply to integrity problems in schema integration. The theory is illustrated by a particular category of schemas with object-oriented features along with typical database integrity constraints. 1 Introduction This paper presents the core results of a model theory for generic schema management, by which we mean schema and database transformation capabilities that are independent of a particular data model. Such transformations require major database programming tasks, such as integrating source schemas when building a data warehouse or integrating different user views into an overall database schema. In spite of nontrivial typing issues created by such...
Words: 5618 - Pages: 23
...An analytical framework for evaluating e-commerce business models and strategies Chung-Shing Lee The author Chung-Shing Lee is Director of Electronic Commerce Resource Center and an Assistant Professor of Information Systems and Technology Management in the School of Business at Pacific Lutheran University, Tacoma, Washington, USA. Keywords Internet, Economy, Innovation, Strategy Abstract Electronic commerce or business is more than just another way to sustain or enhance existing business practices. Rather, e-commerce is a paradigm shift. It is a ``disruptive’’ innovation that is radically changing the traditional way of doing business. The industry is moving so fast because it operates under totally different principles and work rules in the digital economy. A general rule in e-commerce is that there is no simple prescription and almost no such thing as an established business or revenue model for companies even within the same industry. Under such conditions, an analytical framework is needed to assist e-commerce planners and strategic managers in assessing the critical success factors when formulating e-commerce business models and strategies. This research develops an analytical framework based on the theories of transaction costs and switching costs. Both demand-side and supply-side economies of scale and scope are also applied to the development of this framework. In addition, e-commerce revenue models and strategies are also discussed. Based...
Words: 6443 - Pages: 26
...analytical framework for evaluating e-commerce business models and strategies Chung-Shing Lee The author Chung-Shing Lee is Director of Electronic Commerce Resource Center and an Assistant Professor of Information Systems and Technology Management in the School of Business at Pacific Lutheran University, Tacoma, Washington, USA. Keywords Internet, Economy, Innovation, Strategy Abstract Electronic commerce or business is more than just another way to sustain or enhance existing business practices. Rather, e-commerce is a paradigm shift. It is a ``disruptive’’ innovation that is radically changing the traditional way of doing business. The industry is moving so fast because it operates under totally different principles and work rules in the digital economy. A general rule in e-commerce is that there is no simple prescription and almost no such thing as an established business or revenue model for companies even within the same industry. Under such conditions, an analytical framework is needed to assist e-commerce planners and strategic managers in assessing the critical success factors when formulating e-commerce business models and strategies. This research develops an analytical framework based on the theories of transaction costs and switching costs. Both demand-side and supply-side economies of scale and scope are also applied to the development of this framework. In addition, e-commerce revenue models and strategies are also discussed. Based on the analytical framework developed...
Words: 6444 - Pages: 26
...4.1 Framework Control Objectives Management Guidelines Maturity Models COBIT 4.1 The IT Governance Institute® The IT Governance Institute (ITGITM) (www.itgi.org) was established in 1998 to advance international thinking and standards in directing and controlling an enterprise’s information technology. Effective IT governance helps ensure that IT supports business goals, optimises business investment in IT, and appropriately manages IT-related risks and opportunities. ITGI offers original research, electronic resources and case studies to assist enterprise leaders and boards of directors in their IT governance responsibilities. Disclaimer ITGI (the “Owner”) has designed and created this publication, titled COBIT® 4.1 (the “Work”), primarily as an educational resource for chief information officers (CIOs), senior management, IT management and control professionals. The Owner makes no claim that use of any of the Work will assure a successful outcome. The Work should not be considered inclusive of any proper information, procedures and tests or exclusive of other information, procedures and tests that are reasonably directed to obtaining the same results. In determining the propriety of any specific information, procedure or test, CIOs, senior management, IT management and control professionals should apply their own professional judgement to the specific circumstances presented by the particular systems or IT environment. Disclosure Copyright © 2007 by...
Words: 84132 - Pages: 337
...4.1 Framework Control Objectives Management Guidelines Maturity Models COBIT 4.1 The IT Governance Institute® The IT Governance Institute (ITGITM) (www.itgi.org) was established in 1998 to advance international thinking and standards in directing and controlling an enterprise’s information technology. Effective IT governance helps ensure that IT supports business goals, optimises business investment in IT, and appropriately manages IT-related risks and opportunities. ITGI offers original research, electronic resources and case studies to assist enterprise leaders and boards of directors in their IT governance responsibilities. Disclaimer ITGI (the “Owner”) has designed and created this publication, titled COBIT® 4.1 (the “Work”), primarily as an educational resource for chief information officers (CIOs), senior management, IT management and control professionals. The Owner makes no claim that use of any of the Work will assure a successful outcome. The Work should not be considered inclusive of any proper information, procedures and tests or exclusive of other information, procedures and tests that are reasonably directed to obtaining the same results. In determining the propriety of any specific information, procedure or test, CIOs, senior management, IT management and control professionals should apply their own professional judgement to the specific circumstances presented by the particular systems or IT environment. Disclosure Copyright © 2007 by the IT Governance...
Words: 85189 - Pages: 341
...Vocational Technical Education Framework Hospitality and Tourism Cluster Culinary Arts August 2007 Massachusetts Department of Education Career/Vocational Technical Education Unit address 350 Main Street, Malden, MA 02148 telephone 781-338-3910 internet www.doe.mass.edu/cte/ email careervoctech@doe.mass.edu Massachusetts VTE Frameworks Culinary Arts August 2007 Page 1 Strand 1: Health and Safety 1.A Define health and safety regulations. 1.A.01a Identify and apply OSHA and other health and safety regulations that apply to specific tasks and jobs in the occupational area. 1.A.02a Identify and apply EPA and other environmental protection regulations that apply to specific tasks and jobs in the occupational area. 1.A.03a Identify and apply Right-To-Know (Hazard Communication Policy) and other communicative regulations that apply to specific tasks and jobs in the occupational area. 1.A.04a Explain procedures for documenting and reporting hazards to appropriate authorities. 1.A.05a List penalties for non-compliance with appropriate health and safety regulations. 1.A.06a Identify contact information for appropriate health and safety agencies and resources. 1.A.07c Outline laws and rules of the regulatory agencies governing sanitation and safety. Demonstrate health and safety practices. 1.B.01a Identify, describe and demonstrate the effective use of Material Safety Data Sheets (MSDS). 1.B.02a Read chemical, product, and equipment labels to determine appropriate health and safety...
Words: 5017 - Pages: 21
...MINISTRY OF EDUCATION A NEW FUNDING FRAMEWORK: HOW GOVERNMENT GRANTS ARE ALLOCATED TO PUBLIC HIGHER EDUCATION INSTITUTIONS 1 2 3 4 5 6 7 8 Income sources of public higher education institutions The new funding framework: an overview Division of the government budget for higher education into categories of grants Teaching input grants Teaching output grants Research output grants Institutional factor grants Moving from current to the new funding framework February 2004 1 INCOME SOURCES OF PUBLIC HIGHER EDUCATION INSTITUTIONS The diagram below offers a broad summary of the ways in which funds flow to public universities and technikons in South Africa. Diagram 1: Sources of funds of public higher education institutions Government grants 50% Student tuition & other fees 25% Annual funds for public higher education 100% Other private income 25% The proportions reflected in the diagram are averages for the system as a whole. These proportions can differ widely between institutions. For example, government grants as a proportion of total income can be as low as 35% if an institution is able to raise large amounts of private funds through research contracts, donations and investments and can be as high as 65% in the case of institutions which are not able to generate substantial amounts of private income. The Ministry of Education has direct control over only government grants to public universities and technikons. The Ministry furthermore takes no...
Words: 7577 - Pages: 31
...Namibia’s Monetary Policy Framework © 2008 All rights reserved. No part of this publication may be reproduced, copied or transmitted in any form or by any means, including photocopying, plagiarizing, recording and storing without the written permission of the copyright holder except in accordance with the copyright legislation in force in the Republic of Namibia. The contents of this publication are intended for general information only and are not intended to serve as financial or other advice. While every precaution is taken to ensure the accuracy of information, the Bank of Namibia shall not be liable to any person for inaccurate information or opinions contained in this publication. Published by the Bank of Namibia 71 Robert Mugabe Avenue P.O. Box 2882 WINDHOEK NAMIBIA Tel: +264 61 283 5111 Fax: +264 61 283 5067 http://www.bon.com.na ISBN: 99916-61-50-6 CONTENTS FOREWORD ............................................................................................................................2 I II THE TRANSMISSION MECHANISM OF MONETARY POLICY IN NAMIBIA ...............3 LEGAL AND INSTITUTIONAL FRAMEWORK ..............................................................6 Board of Directors ............................................................................................................6 Monetary policy formulation .............................................................................................6 Institutional framework .........................
Words: 5495 - Pages: 22