Find Resources & Connect with members on topics that interest you.

Applications

Audit

Business Processes

Career Management

Cloud Computing/Virtualization

COBIT

Controls and Monitoring

Databases

Fraud and Computer Crime

Governance and Management

Industry

Information Security

IT Service Management

Mobile/Wireless

Operating Systems

Privacy/Data Protection

Regulations

Risk

Standards

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

ME - Monitor and Evaluate

Application Controls

Process Controls

Please sign in to see your topics.

You must be logged in to join this group.

PO2.1 - Enterprise Information Architecture Model

This topic is intended to enable collaboration and sharing of information to facilitate a better understanding and approach to implementing this COBIT control objective based on the risk, value and guidance provided by its corresponding control practices.

COBIT Control Objective PO2.1 - Enterprise Information Architecture Model is contained within Process Popup Define the Information Architecture

Click “Join This Community” to be able to actively participate in discussions and contribute content. You must be an ISACA member to join this topic. Join ISACA now.

 
This Topic Has:
3 Members
0 Online
743 Visits

 Recent Discussions

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Points: 3

Enterprise Information Architecture Model

Establish and maintain an enterprise information model to enable applications development and decision-supporting activities, consistent with IT plans as described in PO1. The model should facilitate the optimal creation, use and sharing of information by the business in a way that maintains integrity and is flexible, functional, cost-effective, timely, secure and resilient to failure.

View value and Risk Drivers  help

Hide value and Risk Drivers help


Value Drivers

  • Improved decision making based on relevant, reliable and usable information
  • Improved IT agility and responsiveness to business requirements
  • Support for business functions through accurate, complete and valid data
  • Efficient data management and reduced redundancy and duplication
  • Improved data integrity
  • Meeting fiduciary requirements regarding compliance reporting, security and privacy of data
   Risk Drivers
  • Inadequate information for business functions
  • Inconsistency between information requirements and application developments
  • Data inconsistency between the organisation and systems
  • High effort required or inability to comply with fiduciary obligations (e.g., compliance reporting, security, privacy)
  • Inefficient planning of IT-enabled investment programmes due to lack of information
  • Accumulation of data that are not relevant, consistent or usable in an economical manner

View Control Practices  help

Hide Control Practices  help

  1. Establish and maintain the information architecture model in the context of the entire organisation, documented in an understandable manner for business and IT management.
  2. Develop the information architecture model consistent with the organisation’s strategy and the strategic and tactical IT plans.
  3. Check the information architecture model regularly for adequacy regarding flexibility, functionality, cost-effectiveness, security, failure resiliency, compliance and user satisfaction, and update the model accordingly.

 

Discussions: 0 total

Must be a Topic member to contribute

No Results Found

Documents & Publications: 42 total

Must be a Topic member to contribute
View All »
Downloads
ITAF: A Professional Practices Framework for IT Assurance
Posted by ISACA 341 days ago
Downloads
Val IT Framework 2.0
Posted by ISACA 344 days ago
Downloads
Introduction to the Business Model for Information Security (BMIS)
Posted by ISACA 397 days ago
Downloads
The Risk IT Framework
Posted by ISACA 397 days ago
Downloads
VAL IT Business Case
Posted by ISACA 397 days ago
Books
Cybersecurity: The Essential Body of Knowledge
Posted by ISACA 13 days ago
View All »

Events & Online Learning: 7 total

View All »
7 May 2012
ISACA International Event
North America CACS 2012
Orlando, Florida, USA
Get the knowledge you need to stay one step ahead of the competition and keep up with changing professional trends at ISACA’s North America CACS Conference.
More »
Add to my Outlook
12 Jun 2012
ISACA International Event
Training Dallas Texas USA
Dallas, Texas, USA
ISACA Training is a unique educational event designed to provide the tools you need to maintain, update and upgrade your skills, and to continue your professional development.
More »
Add to my Outlook
Register Now
7 Aug 2012
ISACA International Event
Training Chicago Illinois USA 2012
Chicago, Illinois, USA
ISACA Training is a unique educational event designed to provide the tools you need to maintain, update and upgrade your skills, and to continue your professional development.
More »
Add to my Outlook
Register Now
11 Sep 2012
ISACA International Event
Training San Francisco California USA
San Francisco, California, USA
ISACA Training is a unique educational event designed to provide the tools you need to maintain, update and upgrade your skills, and to continue your professional development.
More »
Add to my Outlook
Register Now
2 Oct 2012
ISACA International Event
Training Orlando Florida USA
Orlando, Florida, USA
ISACA Training is a unique educational event designed to provide the tools you need to maintain, update and upgrade your skills, and to continue your professional development.
More »
Add to my Outlook
Register Now
6 Nov 2012
ISACA International Event
Training New York NY USA
New York, New York, USA
ISACA Training is a unique educational event designed to provide the tools you need to maintain, update and upgrade your skills, and to continue your professional development.
More »
Add to my Outlook
Register Now
View All »

Journal Articles: 22 total

View All »
Volume 3, 2012
Auditing Applications, Part 1
by Tommie W. Singleton, Ph.D., CISA, CGEIT, CITP, CPA
This two-part article describes one framework for performing effective audits of applications.
Volume 6, 2011
HelpSource Q&A
by Gan Subramaniam, CISA, CISM, CCNA, CCSA, CIA, CISSP, ISO 27001 LA, SSCP
What are the true benefits of certifications?
Volume 6, 2010
Data Governance for Privacy, Confidentiality and Compliance: A Holistic Approach
by Javier Salido, CIPP
This article presents an overview of the Data Governance for Privacy, Confidentiality and Compliance (DGPC) framework developed by Microsoft.
Volume 6, 2010
JOnline: Information Security Automation: The Second Wave
by David Ramirez, CISA, CISM, BS 7799 LA, CISSP, MCSE, QSA
This article presents a simplified approach to IT security management that allows IT auditors and information security professionals to discharge their responsibilities more efficiently.
Volume 5, 2010
Mitigating IT Risks for Logical Access
by Tommie W. Singleton, Ph.D., CISA, CGEIT, CITP, CMA, CPA
To mitigate the risks associated with access control, it is necessary to identify the risks associated with access controls and to assess the level of those risks.
Volume 4, 2010
Adopting an Integrated Framework in Managing Fraud Risks
by Chong Ee, CISA, CGEIT
The framework can be a useful tool in identifying opportunities for fraud, incentives for fraud and rationalization of fraud.
View All »

User Contributed External Links: 0 total

Wikis: 2 total

Blog Posts: 5 total

Must be a Topic member to view blog posts
7 Mar 2012
Cloud Computing
To share various espects in cloud computing viz; history, availability, deployment, integrity, availability, confidentiality, security, cloud sharing etc.
Posted By : MoizB583519 | 2 comments
5 Jul 2011
APT Defense Strategy
APT Defense Strategy   By Kevin J. Murphy, CISSP, CISM, CGEIT September 30, 2010 WHAT IS APT? APT is an acronym for Advance Persistent Threat.  Isn’t that descriptive?  In reality there is a lot behind the APT which might not be that obvious from underst...
Posted By : Kevin J. Murphy | 1 comments
12 May 2011
Welcome to ITGA Blog
ITGA Blog focused IT Governance & IT Architecture Experiences.Here, you will can to learn more about theses topics. Regards,Roberto ArteiroITGA Editor.
Posted By : Roberto Arteiro | 1 comments
17 Feb 2011
Data Protection in the Cloud
There is no shortage of cloud storage providers but the data security story varies widely among them.  How can enterprise customers be assured that their data will remain confidential?  Many cloud storage providers rely on outsourced system administrators...
Posted By : Kevin J. Murphy | 1 comments
27 Aug 2010
Cloud Computing Risk Assessment
Sometime back I came across this paper from ENISA and found really informative. While could computing is still an emerging market, I feel there is worth to review this risk assessment & it should be reviewed if you are a Cloud Provider, Cloud Customer, ve...
Posted By : Varun | 0 comments
Report An Issue