Find Resources & Connect with members on topics that interest you.

Applications

Audit

Business Processes

Career Management

Cloud Computing/Virtualization

COBIT

Controls and Monitoring

Country

Databases

Fraud and Computer Crime

Governance and Management

Industry

Information Security

IT Service Management

Mobile/Wireless

Operating Systems

Privacy/Data Protection

Regulations

Risk

Standards

Access Control

Application Controls

Application Security

Audit Guidelines

Audit Standards

Audit Tools and Techniques

Basel

Big Data

Business Analytics/Intelligence

Business Continuity-Disaster Recovery Planning

Business Process Management

Career Management

Casinos and Gambling

Certification

CGEIT Exam Study Community 2013

Change Management

CISA Exam Study Community 2013

CISM Exam Study Community 2013

Cloud Computing

COBIT (4.1 and earlier) - Use it Effectively

COBIT (4.1 and earlier) Implementation

COBIT 5 - Implementation

COBIT 5 - Use It Effectively

Compliance

Computer Crime

Continuous Monitoring/Auditing

Controls Monitoring

CRISC Exam Study Community 2013

CyberSecurity

Enterprise Architecture

Enterprise Data Management

Financial Reporting Compliance

Forensics

Frameworks

Fraud

Governance of Enterprise IT

Green IT

Healthcare

HIPAA

HP Non-Stop (Tandem)

Identity Management

IFRS

Incident Management

India

Information Security Management

Information Security Policies/Procedures

Intrusion Prevention/Detection

ISAE 3402

ISO/IEC 20000

ISO/IEC 27000 Series

ISO/IEC 38500

ITIL

J-SOX

Mobile Computing

Network Security

Oracle

Oracle Database

Oracle E-Business Suite

OS/400

PCI DSS

PeopleSoft

Performance Measurement

Physical Security

Privacy/Data Protection

Project/Program/Portfolio Management (P3M)

Quality Standards

Risk Assessment

Risk Management

SAP

Sarbanes-Oxley (SOX)

Security Tools

Security Trends

Service Management

SharePoint

Solvency II

SQL Server

Strategic Planning/Alignment

Students

Unix-like

Value Delivery

Virtualization

Windows

Wireless

XBRL

Young Professionals

z/OS-OS/390

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

ME - Monitor and Evaluate

Application Controls

Process Controls

Please sign in to see your topics.

You must be logged in to join this group.

PO2.1 - Enterprise Information Architecture Model

This topic is intended to enable collaboration and sharing of information to facilitate a better understanding and approach to implementing this COBIT control objective based on the risk, value and guidance provided by its corresponding control practices.

COBIT Control Objective PO2.1 - Enterprise Information Architecture Model is contained within Process Popup Define the Information Architecture

Click “Join This Community” to be able to actively participate in discussions and contribute content. You must be an ISACA member to join this topic. Join ISACA now.

 
This Topic Has:
11 Members
0 Online
2643 Visits

 Recent Discussions
Development of Information Governance Framework. Posted by Janice333.
RE: Development of Information Governance Framework. Posted by BryanH-DC.

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Enterprise Information Architecture Model

Establish and maintain an enterprise information model to enable applications development and decision-supporting activities, consistent with IT plans as described in PO1. The model should facilitate the optimal creation, use and sharing of information by the business in a way that maintains integrity and is flexible, functional, cost-effective, timely, secure and resilient to failure.

View value and Risk Drivers  help

Hide value and Risk Drivers help


Value Drivers

  • Improved decision making based on relevant, reliable and usable information
  • Improved IT agility and responsiveness to business requirements
  • Support for business functions through accurate, complete and valid data
  • Efficient data management and reduced redundancy and duplication
  • Improved data integrity
  • Meeting fiduciary requirements regarding compliance reporting, security and privacy of data
   Risk Drivers
  • Inadequate information for business functions
  • Inconsistency between information requirements and application developments
  • Data inconsistency between the organisation and systems
  • High effort required or inability to comply with fiduciary obligations (e.g., compliance reporting, security, privacy)
  • Inefficient planning of IT-enabled investment programmes due to lack of information
  • Accumulation of data that are not relevant, consistent or usable in an economical manner

View Control Practices  help

Hide Control Practices  help

  1. Establish and maintain the information architecture model in the context of the entire organisation, documented in an understandable manner for business and IT management.
  2. Develop the information architecture model consistent with the organisation’s strategy and the strategic and tactical IT plans.
  3. Check the information architecture model regularly for adequacy regarding flexibility, functionality, cost-effectiveness, security, failure resiliency, compliance and user satisfaction, and update the model accordingly.

Discussions: 1 total

Must be a Topic member to contribute
Development of Information Governance Framework
Hi I'm in the process of developing and "selling" an information governance framework. With a committee, we've developed the framework and now are working on developing the business case. The framework requires the addition of a person. I'm at a Uni...
Janice333 | 2/26/2013 5:29:03 PM | COMMENTS(1)

Documents & Publications: 50 total

Must be a Topic member to contribute
View All »
Downloads
Risk IT Framework
Posted by ISACA 246 days ago
Downloads
ITAF: A Professional Practices Framework for IT Assurance
Posted by ISACA 733 days ago
Downloads
Val IT Framework 2.0
Posted by ISACA 735 days ago
Downloads
VAL IT Business Case
Posted by ISACA 789 days ago
Books
English: CGEIT Review Questions, Answers & Explanations Manual 2013 Supplement
Posted by ISACA 14 days ago
Books
English: CGEIT Review Questions, Answers & Explanations Manual 2013
Posted by ISACA 14 days ago
View All »

Events & Online Learning: 0 total

No Results Found

Journal Articles: 31 total

View All »
Volume 3, 2013
Information Controls and Monitoring Framework for Health Care Organizations
by Santhosh Patil
Health care spending is a key component of any industrialized nation’s economy.
Volume 2, 2013
How to Properly Audit a Client
by Tommie W. Singleton, Ph.D., CISA, CGEIT, CITP, CPA
This article attempts to provide the basics of where to find authoritative, reliable standards and frameworks from which an IT audit can be developed and conducted.
Volume 2, 2013
Why Should Organizations Care About Professional Certifications?
by Bob Smart, CISA, CISM, CRISC, MACS Snr, MBIS
Professional certifications can be defined as a promise made by the certifying body that the recipient has demonstrated a minimum level of capabilities.
Volume 2, 2013
Using Standards to Create Effect in the Boardroom
by Evert Koning and Hans Bikker
Ensuring board members are attentive and committed to continuous improvements is essential to improve the effectiveness of both corporate governance and the internal control environment.
Volume 2, 2013
Just Okay Practice
by Steven J. Ross, CISA, CISSP, MBCP
Organizations should never aspire to being standard in any endeavor.
Volume 1, 2013
Governance Implementation—COBIT 5 and ISO
by Larry Marks, CISA, CGEIT, CRISC, CFE, CISSP, CSTE, ITIL, PMP
This article provides a checklist or mechanism that spans the ISACA and ISO approaches and identifies common questions that need to be considered during the GEIT implementation process.
View All »

User Contributed External Links: 0 total

Wikis: 2 total

Blog Posts: 9 total

View All »
22 Apr 2013
Payments to invalid recepients resulting in fraud
A recent publication in a local newspaper, indicated that an employee was charged with fraud with regards to claims of insurance payments that were lodged with the company were paid out to people who were not entitled to receive such payments. What po...
Posted By : Paulina.PNI | 1 comments
18 Mar 2013
VENEZUELA, Cursos de Preparación Examenes CISA, CISM, CRISC, COBIT
Grupos de Estudio para Acreditaciones de JUNIO, SEPTIEMBRE Y DICIEMBRE 2013. Para los que esten interesados en la presentación del exámen de certificación CISA y CISM  o para cualquiera que desee comenzar a prepararse para estas o las próximas pruebas, pu...
Posted By : Alexander Osorio | 0 comments
20 Jun 2012
Los riesgos que no pueden ignorarse en mobile banking
Es importantísimo reconocer que la banca móvil y pagos móviles han llegado para quedarse y que aquellos bancos que no se ocupen ahora en prepararse tendrán grandes problemas en el largo plazo y esta es una opinión compartida con el equipo de BITS (Financi...
Posted By : Diego San Esteban | 0 comments
20 Jun 2012
EAI Challenges
The increased complexity and diversity in the information systems and the inability to rebuild the information systems from scratch is forcing enterprises to look at EAI as an alternative solution that will help extend the life of the existing application...
Posted By : Kannan | 0 comments
7 Mar 2012
Cloud Computing
To share various espects in cloud computing viz; history, availability, deployment, integrity, availability, confidentiality, security, cloud sharing etc.
Posted By : MoizB583519 | 2 comments
5 Jul 2011
APT Defense Strategy
APT Defense Strategy   By Kevin J. Murphy, CISSP, CISM, CGEIT September 30, 2010 WHAT IS APT? APT is an acronym for Advance Persistent Threat.  Isn’t that descriptive?  In reality there is a lot behind the APT which might not be that obvious from u...
Posted By : Kevin J. Murphy | 1 comments
View All »
Report An Issue