Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

PO4.1 - IT Process Framework

This topic is intended to enable collaboration and sharing of information to facilitate a better understanding and approach to implementing this COBIT control objective based on the risk, value and guidance provided by its corresponding control practices.

COBIT Control Objective PO4.1 - IT Process Framework is contained within Process Popup Define the IT Processes, Organisation and Relationships

Learn more about COBIT and related publications.

Click “Join This Community” to be able to actively participate in discussions and contribute content. You must be an ISACA member to join this topic. Join ISACA now.

 
This Topic Has:
13 Members
0 Online
4312 Visits

 Recent Discussions

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Badge: Energizer


IT Process Framework

Define an IT process framework to execute the IT strategic plan. This framework should include an IT process structure and relationships (e.g., to manage process gaps and overlaps), ownership, maturity, performance measurement, improvement, compliance, quality targets and plans to achieve them. It should provide integration amongst the processes that are specific to IT, enterprise portfolio management, business processes and business change processes. The IT process framework should be integrated into a quality management system (QMS) and the internal control framework.

View value and Risk Drivers  help

Hide value and Risk Drivers help


Value Drivers

  • Consistent approach for the definition of IT processes
  • Organisation of key activities into logical, interdependent processes
  • Clear definition of ownership of and responsibility for processes and key activities
  • Reliable and repeatable execution of key activities
  • Flexible and responsive IT processes
  Risk Drivers
  • Framework not being accepted by the business and IT processes not being related to business requirements
  • Incomplete framework of IT processes
  • Conflicts and unclear interdependencies amongst processes
  • Overlaps between activities
  • Inflexible IT organisation
  • Gaps between processes
  • Duplication of processes

View Control Practices  help

Hide Control Practices  help

  1. Identify IT processes required to realise the IT strategic plan.
  2. Define and implement a framework to enable the definition and follow-up of process goals, measures, controls and maturity.
  3. Define relationships and touchpoints (e.g., inputs/outputs) amongst the IT processes, enterprise portfolio management and business processes.

Discussions: 0 total

Must be a Topic member to contribute

No Results Found

Documents & Publications: 101 total

Must be a Topic member to contribute
View All »
Downloads
Posted by FarmService 1322 days ago
Downloads
Posted by ISACA 1332 days ago
Downloads
Posted by FarmService 2407 days ago
Books
Posted by ISACA 134 days ago
Books
Posted by ISACA 411 days ago
Books
Posted by ISACA 625 days ago

Events & Online Learning: 7 total

15 Jun 2015
ISACA International Event
Ciudad de México, Mexico
16 Aug 2017
ISACA International Event
Grapevine, Texas, US
2018 GRC Conference - 13-15 August , Nashville, TN. Explore the future of Governance Risk and Control through expert-led workshops and sessions developed by the IIA and ISACA. Register early for our GRC learning tracks.

Journal Articles: 180 total

Volume 3, 2107
by Jayakumar Sundaram, CISA, ISO 27001 LA
The SoA is a continuously updated and controlled document that provides an overview of information security implementation.
Volume 5, 2017
by T. Sean Kelly
Certain steps can be taken to build a strong respect for and practice of security into the cultural fabric of any organization, across all departments and areas of the business.
Volume 5, 2017
by Noman Sultan, Ph.D., CISM, CGEIT, CITP
It is extremely important that organizations invest in their leadership capabilities because leaders play an integral role in motivating, inspiring and influencing talent management.
Volume 4, 2017
by Rassoul Ghaznavi-Zadeh, CISM, COBIT Foundation, SABSA, TOGAF
Traditionally, security architecture consists of some preventive, detective and corrective controls that are implemented to protect the enterprise infrastructure and applications.
Volume 4, 2017
by Mathew Nicho, Ph.D., CEH, CIS, ITIL Foundation, RWSP, SAP, Shafaq Khan, Ph.D., CIS, PMBOK, PMP, SAP, and Ram Mohan, CRISC, CISM, CGEIT, ISO 27001, ITIL Foundation
A key issue often cited by information systems (IS) executives in the last three decades is aligning IT with business, which assists in realizing value from IT investments.
Volume 4, 2017
by Steven De Haes, Ph.D., Anant Joshi, Ph.D., Tim Huygh and Salvi Jansen
IT governance, also referred to as governance of enterprise IT (GEIT) or corporate governance of IT, is a subset of corporate governance that is concerned with enterprise IT assets.

Wikis: 2 total

Blog Posts: 74 total

Globally, many organizations are spending millions of dollars protecting their businesses and its enabling infrastructure, but are they really secure? We shall discuss answer to this question in a little while. We need to understand core basics before we ...
Posted By : SudireddyRamreddy | 0 comments
Hello fellow members COBIT 5 is an excellent guide to developing ICT Governance Frameworks. Many organisations have well documented Frameworks but find it challenging when it comes to implementation. The objective of this post is to start a debate o...
Posted By : Thansen Singh | 0 comments
Tools What to do for such an assignment practical auditing of the OS and Database CLOUD Computing challenges Third Party integration and the Audit functions
Posted By : Kemza | 0 comments
What do you think by starting new chapter at Nepal: 1. What benifit will Nepal Get?2. What ICT sectrer will Get?3. What ISACA's current/future member will Get?4. What IS Auditor will get?
Posted By : Dr. Pawan K. Sharma | 0 comments
28 Sep 2017
Recently, I witnessed an interesting webcast by Scopism, an UK-based consulting and training company. They announced the publication of the SIAM(c) Foundation Body of Knowledge, available for free through their website www.scopism.com. Service Integration...
Posted By : Peter873 | 0 comments
The real success story is adoption of technology, and adoption is possible if the team which is implementing the Tech solution have vision and purpose of that solution to be adoptable by larger users / stake holders. We always do not get green field proje...
Posted By : Gopal207 | 0 comments