Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

PO4.1 - IT Process Framework

This topic is intended to enable collaboration and sharing of information to facilitate a better understanding and approach to implementing this COBIT control objective based on the risk, value and guidance provided by its corresponding control practices.

COBIT Control Objective PO4.1 - IT Process Framework is contained within Process Popup Define the IT Processes, Organisation and Relationships

Learn more about COBIT and related publications.

Click “Join This Community” to be able to actively participate in discussions and contribute content. You must be an ISACA member to join this topic. Join ISACA now.

 
This Topic Has:
10 Members
0 Online
3924 Visits

 Recent Discussions

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Badge: Energizer


IT Process Framework

Define an IT process framework to execute the IT strategic plan. This framework should include an IT process structure and relationships (e.g., to manage process gaps and overlaps), ownership, maturity, performance measurement, improvement, compliance, quality targets and plans to achieve them. It should provide integration amongst the processes that are specific to IT, enterprise portfolio management, business processes and business change processes. The IT process framework should be integrated into a quality management system (QMS) and the internal control framework.

View value and Risk Drivers  help

Hide value and Risk Drivers help


Value Drivers

  • Consistent approach for the definition of IT processes
  • Organisation of key activities into logical, interdependent processes
  • Clear definition of ownership of and responsibility for processes and key activities
  • Reliable and repeatable execution of key activities
  • Flexible and responsive IT processes
  Risk Drivers
  • Framework not being accepted by the business and IT processes not being related to business requirements
  • Incomplete framework of IT processes
  • Conflicts and unclear interdependencies amongst processes
  • Overlaps between activities
  • Inflexible IT organisation
  • Gaps between processes
  • Duplication of processes

View Control Practices  help

Hide Control Practices  help

  1. Identify IT processes required to realise the IT strategic plan.
  2. Define and implement a framework to enable the definition and follow-up of process goals, measures, controls and maturity.
  3. Define relationships and touchpoints (e.g., inputs/outputs) amongst the IT processes, enterprise portfolio management and business processes.

Discussions: 0 total

Must be a Topic member to contribute

No Results Found

Documents & Publications: 159 total

Must be a Topic member to contribute
View All »
Downloads
Posted by ISACA 840 days ago
Downloads
Posted by ISACA 850 days ago
Downloads
Posted by ISACA 1925 days ago
Books
Posted by ISACA 73 days ago
Books
Posted by ISACA 143 days ago
Books
Posted by ISACA 189 days ago

Events & Online Learning: 8 total

16 Jun 2014
ISACA International Event
Seattle, WA, USA
15 Jun 2015
ISACA International Event
Ciudad de México, Mexico
21 Sep 2015
ISACA International Event
06010 Mexico City, Panama
La Conferencia Latinoamericana CACS/ISRM
9 Nov 2015
ISACA International Event
Copenhagen, Denmark
Stay on top of the trends and opportunities of the dynamic technology industry at EuroCACS/ISRM —the leading European conference for IT audit, assurance, security and risk professionals.

Journal Articles: 141 total

Volume 4, 2016
by Steven J. Ross, CISA, CISSP, MBCP
I can hear the rejoinder now: There is no need for a chief cyber officer because the chief information security officer (CISO) performs that function.
Volume 4, 2016
by Phil Zongo
This article provides some practical recommendations to address three key areas of risk associated with cloud adoption.
Volume 3, 2016
by Joseph Zipper, CISA, IPRC, PMP
Efficient and effective auditing of major projects requires a flexible approach, where audit is actively engaged throughout the project life cycle.
Volume 3, 2016
by Ed Gelbstein, Ph.D.
Every topic can be subdivided into many more sections, but the intention of this column is not to provide a detailed manual (it would be a large book), just an overview.
Volume 3, 2016
by Simon Grima, Ph.D., Robert W. Klein, Ph.D., Ronald Zhao, Ph.D., Frank Bezzina, Ph.D. and Pascal Lélé, Ph.D.
What are the specific risk and opportunities that affect the ability of the organization to create value in the short, medium and long term? How will the organization capitalize on these to obtain a competitive advantage?

Wikis: 2 total

Blog Posts: 51 total

Posted By : Dr. Stephanie Carter | 0 comments
27 Jul 2016
Hi everyone - I hope you can help me with my questions: I have passed my CISA exam last October, with my work experience combine with my educational background, I am able to save 3 years from the requirement to get my CISA designation, but I am lac...
Posted By : Lan234 | 0 comments
question: After Microsoft acquired Skype, we gradually saw the merging of Lyncwith Skype, now business Lync became Skype for Business.Is this same target to see Yammer with LinkenIn?May I know any hints on the strategy?We're just started Yammer journey, d...
Posted By : XIAOQI | 0 comments
Let us have positive inspirational slogans for every situation. Last week I started the project meeting like this: I don't know you are all so good at tuning the website. The performance is now is wonderful. I could witness reduction of stress, anxiety an...
Posted By : Jayakumar Sundaram | 1 comments
Yesterday’s security technology will not keep your network safe today, nor will today’s solutions protect you tomorrow. Network security must evolve. And at a rate that keeps it always one step ahead of the threats. These could include factors such as you...
Posted By : rasoolirfan | 1 comments
Big Data, Internet of Things, Ciberseguridad, Transformación Digital, son sin duda las tendencias más mencionadas en todos los medios especializados y no tan especializados. Todas ellas relacionadas, todas ellas fruto de la evolución de conceptos no tan ...
Posted By : AlejandroAV | 0 comments