Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

PO4.1 - IT Process Framework

This topic is intended to enable collaboration and sharing of information to facilitate a better understanding and approach to implementing this COBIT control objective based on the risk, value and guidance provided by its corresponding control practices.

COBIT Control Objective PO4.1 - IT Process Framework is contained within Process Popup Define the IT Processes, Organisation and Relationships

Learn more about COBIT and related publications.

Click “Join This Community” to be able to actively participate in discussions and contribute content. You must be an ISACA member to join this topic. Join ISACA now.

 
This Topic Has:
4 Members
0 Online
3132 Visits

 Recent Discussions

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!


IT Process Framework

Define an IT process framework to execute the IT strategic plan. This framework should include an IT process structure and relationships (e.g., to manage process gaps and overlaps), ownership, maturity, performance measurement, improvement, compliance, quality targets and plans to achieve them. It should provide integration amongst the processes that are specific to IT, enterprise portfolio management, business processes and business change processes. The IT process framework should be integrated into a quality management system (QMS) and the internal control framework.

View value and Risk Drivers  help

Hide value and Risk Drivers help


Value Drivers

  • Consistent approach for the definition of IT processes
  • Organisation of key activities into logical, interdependent processes
  • Clear definition of ownership of and responsibility for processes and key activities
  • Reliable and repeatable execution of key activities
  • Flexible and responsive IT processes
  Risk Drivers
  • Framework not being accepted by the business and IT processes not being related to business requirements
  • Incomplete framework of IT processes
  • Conflicts and unclear interdependencies amongst processes
  • Overlaps between activities
  • Inflexible IT organisation
  • Gaps between processes
  • Duplication of processes

View Control Practices  help

Hide Control Practices  help

  1. Identify IT processes required to realise the IT strategic plan.
  2. Define and implement a framework to enable the definition and follow-up of process goals, measures, controls and maturity.
  3. Define relationships and touchpoints (e.g., inputs/outputs) amongst the IT processes, enterprise portfolio management and business processes.

Discussions: 0 total

Must be a Topic member to contribute

No Results Found

Documents & Publications: 159 total

Must be a Topic member to contribute
View All »
Downloads
Posted by ISACA 108 days ago
Downloads
Posted by ISACA 118 days ago
Downloads
Posted by ISACA 1193 days ago
Research
Posted by ISACA 2 days ago
Books
Posted by ISACA 4 days ago

Events & Online Learning: 7 total

6 Nov 2013
ISACA International Event
Las Vegas, NV, USA
North America ISRM features relevant security and risk management topics presented by leading industry experts and practitioners.
21 Apr 2014
ISACA International Event
New York, NY, USA
23 Jun 2014
ISACA International Event
Ciudad de México, Mexico
29 Sep 2014
ISACA International Event
Barcelona, Spain
Stay on top of the trends and opportunities of the dynamic technology industry at EuroCACS/ISRM 2014—the leading European conference for IT audit, assurance, security and risk professionals.

Journal Articles: 324 total

Volume 4, 2014
by Kim Maes, Steven De Haes, Ph.D., and Wim Van Grembergen, Ph.D.
Looking from a process perspective, a conceptual model of a business case process can facilitate continuous business case use throughout the investment life cycle.
Volume 4, 2014
by Bostjan Delak, Ph.D., CISA, CIS, and Marko Bajec, Ph.D.
Compared to other approaches, the FISDD represents a complete framework that can be used in due diligence activities in a short period of time.
Volume 4, 2014
by Ikumi Miyagi, CGEIT, CRISC, Hiroshi Monden, CISA, CIA, CRMA, Mitsuko Azuma, CISA, Reiso Kimura, CISA, CIA, Masatoshi Aramaki, CISA, CRISC, CIA, Kan Hara, CISA, CPA, and Takashi Ishijima, Ph.D., CPA
A methodology is needed to establish effective IT governance based on the business process and to disseminate integrated IT governance throughout the organization effectively.
Volume 3, 2014
by Tommie Singleton, CISA, CGEIT, CPA
The need for consideration of IT in internal and external audits seems intuitively obvious.
Volume 3, 2014
by Martin Schultz, CISA, CIA, Alexander Ruehle, CISA, CIA, and Nick Gehrke, Ph.D., CISA
Most approaches to process audits are antiquated and far from best utilizing the auditor’s capabilities or the potential of existing enterprise resource planning (ERP) data.
Volume 2, 2014
by Key Mak, CISM, CAP, CISSP, ITIL, PMP, Security Plus, ECMp
Whether launching an information security project or developing a road map for an enterprise, determining where to start can be overwhelming.

Wikis: 2 total

Blog Posts: 50 total

19 Jun 2014
Posted By : masarker | 2 comments
"Combatirse a sí mismo es la guerra más difícil; vencerse a sí mismo es la victoria más bella"Friedrich von Logau (1605-1655) Poeta alemán.En estos momentos en que la contratación de un profesional para una empresa debe de ser un tema muy bien planteado, ...
Posted By : Javier | 0 comments
13 Mar 2014
Complying with a multitude of complex regulations, assessing risks of non-compliance with each statute and guideline, implementing controls for every process across multiple lines of business and at every level of an organization can be overwhelming. So m...
Posted By : CraigerGRC | 0 comments
Fundamental to any organization’s ongoing success is leadership. But success of one leader does not guarantee the success of the other.  Ongoing success of an organization after a leader departs is measured by how deeply the seeds of the organization’s ...
Posted By : Debi | 0 comments
11 Mar 2014
The concept of three “Value Disciplines” of “Operational Excellence,” “Product Leadership” and “Customer Intimacy” was introduced by Michael Treacy and Fred Wiersema in 1993. It defines the value creation strategy of the organization. It provides a focus ...
Posted By : SA | 0 comments
Enterprise Architecture Practice provides several benefits to organization. Some of the benefits are listed below:  an improved road map for strategy execution; focused and measured strategy implementation; creating synergies; cost reduction (value for m...
Posted By : SA | 0 comments