Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

PO4.1 - IT Process Framework

This topic is intended to enable collaboration and sharing of information to facilitate a better understanding and approach to implementing this COBIT control objective based on the risk, value and guidance provided by its corresponding control practices.

COBIT Control Objective PO4.1 - IT Process Framework is contained within Process Popup Define the IT Processes, Organisation and Relationships

Learn more about COBIT and related publications.

Click “Join This Community” to be able to actively participate in discussions and contribute content. You must be an ISACA member to join this topic. Join ISACA now.

 
This Topic Has:
5 Members
0 Online
3356 Visits

 Recent Discussions

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Badge: Energizer


IT Process Framework

Define an IT process framework to execute the IT strategic plan. This framework should include an IT process structure and relationships (e.g., to manage process gaps and overlaps), ownership, maturity, performance measurement, improvement, compliance, quality targets and plans to achieve them. It should provide integration amongst the processes that are specific to IT, enterprise portfolio management, business processes and business change processes. The IT process framework should be integrated into a quality management system (QMS) and the internal control framework.

View value and Risk Drivers  help

Hide value and Risk Drivers help


Value Drivers

  • Consistent approach for the definition of IT processes
  • Organisation of key activities into logical, interdependent processes
  • Clear definition of ownership of and responsibility for processes and key activities
  • Reliable and repeatable execution of key activities
  • Flexible and responsive IT processes
  Risk Drivers
  • Framework not being accepted by the business and IT processes not being related to business requirements
  • Incomplete framework of IT processes
  • Conflicts and unclear interdependencies amongst processes
  • Overlaps between activities
  • Inflexible IT organisation
  • Gaps between processes
  • Duplication of processes

View Control Practices  help

Hide Control Practices  help

  1. Identify IT processes required to realise the IT strategic plan.
  2. Define and implement a framework to enable the definition and follow-up of process goals, measures, controls and maturity.
  3. Define relationships and touchpoints (e.g., inputs/outputs) amongst the IT processes, enterprise portfolio management and business processes.

Discussions: 0 total

Must be a Topic member to contribute

No Results Found

Documents & Publications: 146 total

Must be a Topic member to contribute
View All »
Downloads
Posted by ISACA 323 days ago
Downloads
Posted by ISACA 333 days ago
Downloads
Posted by ISACA 1408 days ago
Books
Posted by ISACA 24 days ago
Research
Posted by ISACA 44 days ago

Events & Online Learning: 6 total

6 Nov 2013
ISACA International Event
Las Vegas, NV, USA
North America ISRM features relevant security and risk management topics presented by leading industry experts and practitioners.
16 Jun 2014
ISACA International Event
Seattle, WA, USA
29 Sep 2014
ISACA International Event
Barcelona, Spain
Stay on top of the trends and opportunities of the dynamic technology industry at EuroCACS/ISRM 2014—the leading European conference for IT audit, assurance, security and risk professionals.
6 Oct 2014
ISACA International Event
Panama City, Panama
La Conferencia Latinoamericana CACS/ISRM 2014
15 Jun 2015
ISACA International Event
Ciudad de México, Mexico

Journal Articles: 343 total

Volume 2, 2015
by Larry G. Wlosinski, CISA, CISM, CRISC, CAP, CBCP, CDP, CISSP, ITIL V3
Information security events that affect cloud systems are occurring with no end in sight, so it should be no surprise that the cloud should be treated as a nonsecure environment with numerous threats and concerns.
Volume 2, 2015
by Elena Beratarbide, Ph.D., CISA, Thomas W. Kelsey, Ph.D., and Hermenegildo Gil, Ph.D.
From the health care service perspective, e-health plays an essential role. It is perceived as crucial for high-quality and cost-effective health care.
Volume 2, 2015
by Vasant Raval, DBA, CISA, ACMA
While entrepreneurship has always been a key segment of the economy, there has been a huge surge in this sector since the 1990s.
Volume 2, 2015
by David Vohradsky, CGEIT, CRISC
With increases in the regulatory regime, increasing technology complexity and pressures on cost, organisations are seeking productivity improvements in the evaluation of the performance of internal controls.
Volume 2, 2015
by Kerry A. Anderson, CISA, CISM, CGEIT, CRISC, CCSK, CFE, CISSP, CSSLP, ISSAP, ISSMP
One of biggest budget busters for an information security program is technology solutions that are not a good match for the organization.
Volume 2, 2015
by Fredric Greene, CISSP
Selected processes from the COBIT 5 framework can improve the effectiveness of enterprise security in an organization.

Wikis: 2 total

Blog Posts: 29 total

A rose by any other name would smell as sweet".  The famous quote from Shakespeare is not quite true when it comes to naming IT projects (even more challenging for cloud initiatives).  So what are the challenges? Why the project name matters?Why and how c...
Posted By : sandeep dubey | 0 comments
If you are still using excel for your governance, risk and compliance Maclear eGRC SuiteTM have put together a whitepaper to help you understand the benefits of automation and what to look for when selecting your solution. IT GRC Whitepaper includes: 1...
Posted By : Shanthamurthy926 | 0 comments
“Enterprise architecture is now a strategic componentof every forward-thinking organization around the world.”Source: http://feapo.org/press-release-ea-perspectives-white-paper/ Related Article: Common Perspective on Enterprise Architecture: http://feapo....
Posted By : SA | 0 comments
Ina fast changing world of business and relentless competition, strategicplanning is not only critical, but also the differentiating factor for anorganization. Since IT has moved from a supportive role to a more strategicrole, the IT Strategic Planning an...
Posted By : SA | 0 comments
Agile technique in software development has been around for quite some time. There have been efforts to adopt the agile techniques for strategic planning, alignment and execution. Following are some of the relevant articles/blog posts in this area. The to...
Posted By : SA | 0 comments
Enterprise Architecture Practice provides several benefits to organization. Some of the benefits are listed below:  an improved road map for strategy execution; focused and measured strategy implementation; creating synergies; cost reduction (value for m...
Posted By : SA | 0 comments