Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

PC5 - Policy, Plans and Procedures

This topic is intended to enable collaboration and sharing of information to facilitate a better understanding and approach to implementing this COBIT control objective based on the risk, value and guidance provided by its corresponding control practices.

Learn more about COBIT and related publications.

Click “Join This Community” to be able to actively participate in discussions and contribute content. You must be an ISACA member to join this topic. Join ISACA now.

 
This Topic Has:
26 Members
0 Online
4168 Visits

 Recent Discussions

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Badge: Energizer


Policy, Plans and Procedures

Define and communicate how all policies, plans and procedures that drive an IT process are documented, reviewed, maintained, approved, stored, communicated and used for training. Assign responsibilities for each of these activities and, at appropriate times, review whether they are executed correctly. Ensure that the policies, plans and procedures are accessible, correct, understood and up to date.

View value and Risk Drivers  help

Hide value and Risk Drivers help


Value Drivers

  • Increased staff awareness of what to do and why
  • Decreasing number of incidents from policy violations
  • Policies and associated procedures remaining current and effective
  Risk Drivers
  • Processes not aligned with business objectives
  • Staff members not knowing how to perform critical tasks
  • Policy violations

View Control Practices  help

Hide Control Practices  help

  1. Define and communicate rules on how all IT process-related documentation (e.g., policies, plans, procedures, guidelines, instructions, methodologies) that drives an IT process is developed, documented, reviewed, maintained, approved, stored, used for training and communicated.
  2. Assign responsibilities for developing, maintaining, storing and communicating process-related documentation. Review and sign off on process policies, plans and procedures, where needed.
  3. Ensure that the IT process-related documentation is accessible, correct, understood and up to date.
  4. Create IT process-related documentation so it can be put into practice and support the repeatability of the process.

Discussions: 0 total

Must be a Topic member to contribute

No Results Found

Documents & Publications: 476 total

Must be a Topic member to contribute
View All »
Downloads
Posted by FarmService 1379 days ago
Downloads
Posted by ISACA 1389 days ago
This document provides a preview of the information contained in COBIT 5.
Posted by ISACA 1792 days ago
This presentation by Robert Stroud, CGEIT, CRISC, ISACA Strategic Advisory Board, addresses the COBIT 5 framework, the critical aspects of COBIT 5, and what is available.
Posted by ISACA 1792 days ago
Posted by ISACA 1900 days ago
Posted by ISACA 1900 days ago

Events & Online Learning: 20 total

16 Mar 2015
ISACA International Event
Orlando, FL, USA
15 Jun 2015
ISACA International Event
Ciudad de México, Mexico
14 Mar 2016
ISACA International Event
Miami, FL, USA
1 Aug 2016
ISACA International Event
Chicago, IL, USA

Journal Articles: 500 total

Volume 6, 2015
by Ed Gelbstein, Ph.D.
An auditor will sooner or later be faced with two kinds of conflicts: conflict of interest and interpersonal conflict.
Volume 5, 2107
by Marianne Bradford, Ph.D., and Dave Henderson, Ph.D.
Although generalized audit software (GAS) has been shown to significantly improve the efficiency and effectiveness of audits, many auditors do not use this technology.
Volume 3, 2107
by Jayakumar Sundaram, CISA, ISO 27001 LA
The SoA is a continuously updated and controlled document that provides an overview of information security implementation.
Volume 1, 2018
by Mike Van Stone, CISA, CISSP, CPA, and Ben Halpert
Ever-changing laws continue to increase the risk and cost of noncompliance when unintentional data losses occur.
Volume 1, 2018
by Steven J. Ross, CISA, CISSP, MBCP
Managing availability in a multi-modal environment requires a great deal of attention to details, which are being defined by the multi-modal pioneers of our day.
Volume 1, 2018
by Ian Cooke, CISA, CGEIT, CRISC, COBIT Assessor and Implementer, CFE, CPTE, DipFM, ITIL Foundation, Six Sigma Green Belt
Innovative technologies such as VMs and the cloud help the efficiency and effectiveness of backup and recovery plans, but they do not replace the need to plan, document, or test and test again.

Wikis: 2 total

Blog Posts: 214 total

Have you experienced ransomware attack so far and, if yes, what did you do to resolve? I set up Twitter poll here: https://twitter.com/DPleskonjic/status/953608717399941120 It lasts for seven days. Thank you for taking part in the poll.
Posted By : Dragan Pleskonjic | 0 comments
What do you think: when artificial intelligence (AI) will be smarter than humans? Can you predict it and if yes, when it will approximately happen in your opinion? Vote in poll at link below, please: http://securitypredictions.xyz/when-artificial-intellig...
Posted By : Dragan Pleskonjic | 1 comments
Globally, many organizations are spending millions of dollars protecting their businesses and its enabling infrastructure, but are they really secure? We shall discuss answer to this question in a little while. We need to understand core basics before we ...
Posted By : SudireddyRamreddy | 2 comments
Buzzword - “Blockchain Technology”Introduction:The Internet has transformed the world. Of the several boons that Internet gave us, two of them deserve to be accentuated, namely “World Wide Web” and “Email”, which today are perhaps the most valued things o...
Posted By : rajeevj12 | 0 comments
Mi primer acercamiento real al Framework (o Marco de Referencia) de ISACA COBIT 5, fue a mediados del año pasado (2016) cuando decidí tomar un curso de examinación para la certificación de COBIT® 5 Foundation (Fundamentos de COBIT 5). La jerga técnica me ...
Posted By : MNUNEZA | 0 comments
There is need to for ISACA through our local; chapter to allow fees to be paid in installments or split invoices given the fact that in our country - one has to find currency first and then deposit into a VISA card account. Thus i can raise my exam and ma...
Posted By : Hamadzashe | 0 comments