Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

PO4.13 - Key IT Personnel

This topic is intended to enable collaboration and sharing of information to facilitate a better understanding and approach to implementing this COBIT control objective based on the risk, value and guidance provided by its corresponding control practices.

COBIT Control Objective PO4.13 - Key IT Personnel is contained within Process Popup Define the IT Processes, Organisation and Relationships

Learn more about COBIT and related publications.

Click “Join This Community” to be able to actively participate in discussions and contribute content. You must be an ISACA member to join this topic. Join ISACA now.

 
This Topic Has:
5 Members
0 Online
4343 Visits

 Recent Discussions

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Badge: Energizer


Key IT Personnel

Define and identify key IT personnel (e.g., replacements/backup personnel), and minimise reliance on a single individual performing a critical job function.

View value and Risk Drivers  help

Hide value and Risk Drivers help


Value Drivers

  • Properly trained key IT personnel
  • Reduced dependency on individual key IT personnel
  • Knowledge sharing
  • Continuity of IT services
  • Critical IT roles reliably supported
  • Succession planning
  Risk Drivers
  • Insufficient skills of key IT personnel
  • Reliance on single knowledge experts
  • Inadequate knowledge sharing or succession planning
  • Critical tasks and roles not performed

View Control Practices  help

Hide Control Practices  help

  1. Identify key processes, the individual(s) supporting the processes and critical areas that lack job redundancy. Ensure that management periodically reviews key processes to identify which are critical to the organisation and considers the availability of individuals with the relevant skills, experience and knowledge to fulfill the critical roles.
  2. Identify the availability of qualified resources with the appropriate skills, experience and knowledge, who could provide job redundancy for key processes.
  3. Ensure that outsourcing or other arrangements have been made to provide job redundancy for key processes when required.
  4. Ensure appropriate availability and coverage of staff to support key programmes, projects and processes, such as considering coverage during time-off requests, vacations and leaves of absence.
  5. Ensure the periodic update of contact lists that include the primary personnel and alternative contacts (e.g., backup personnel, third parties) for key processes.
  6. Ensure the creation and maintenance of documentation such as job procedures for key processes. Backup personnel are cross-trained on their job responsibilities to support other key processes when required.

Discussions: 0 total

Must be a Topic member to contribute

No Results Found

Documents & Publications: 29 total

Must be a Topic member to contribute
View All »
Books
Posted by ISACA 499 days ago
Books
Posted by ISACA 828 days ago
Books
Posted by ISACA 1111 days ago
ICQs and Audit Programs
Posted by ISACA 1278 days ago
E-book
Posted by ISACA 1409 days ago

Events & Online Learning: 4 total

13 Aug 2018
ISACA International Event
Nashville, Tennessee, US
2018 GRC Conference - 13-15 August , Nashville, TN. Explore the future of Governance Risk and Control through expert-led workshops and sessions developed by the IIA and ISACA. Register early for our GRC learning tracks.

Journal Articles: 70 total

Volume 6, 2017
by Thomas Johnson, CISA, CRISC, CISM, CISSP
A certification is a credential for an accomplishment that has been validated by a testing process and typically cannot be earned without verification of the appropriate level of experience or education.
Volume 6, 2017
by Sarah Orton, CISA
Get to know your network.
Volume 6, 2017
by Ability Takuva, CISA
In enterprise risk management, three lines of defense have been defined with separate responsibilities that enable effective risk management against any threat.
Volume 5, 2017
by Justine Bone
Get to know your network.
Volume 4, 2017
by Mathew Nicho, Ph.D., CEH, CIS, ITIL Foundation, RWSP, SAP, Shafaq Khan, Ph.D., CIS, PMBOK, PMP, SAP, and Ram Mohan, CRISC, CISM, CGEIT, ISO 27001, ITIL Foundation
A key issue often cited by information systems (IS) executives in the last three decades is aligning IT with business, which assists in realizing value from IT investments.
Volume 3, 2017
by Vasant Raval, DBA, CISA, ACMA, and Rajesh Sharma, Ph.D., ITIL-F, Six Sigma Black Belt
Success does not teach much, if anything; it is the failure that provides lessons to do better in the future.

Wikis: 2 total

Blog Posts: 19 total

Information Security and Privacy is hot issue at present time. Number of security breaches is rapidly increasing.  In case of late detection, costs of breaches are skyrocketing. In the same time Artificial Intelligence (AI), Machine Learning (ML) are fast...
Posted By : Dragan Pleskonjic | 0 comments
28 Sep 2017
Recently, I witnessed an interesting webcast by Scopism, an UK-based consulting and training company. They announced the publication of the SIAM(c) Foundation Body of Knowledge, available for free through their website www.scopism.com. Service Integration...
Posted By : Peter873 | 0 comments
Senior Manager           ultimate responsibility Information security Officer          functional responsibility Security Analyst           Strategic, develops policies and guidelines Owner         - Responsible for asset         - Determine level of clas...
Posted By : Muhammad554 | 0 comments
“Enterprise architecture is now a strategic componentof every forward-thinking organization around the world.”Source: http://feapo.org/press-release-ea-perspectives-white-paper/ Related Article: Common Perspective on Enterprise Architecture: http://feapo....
Posted By : SA | 1 comments
Hi there, About some 6 years ago, I was sitting in a dead end job and always I felt I could do better. I had done everything I knew and I did my job well enough but I found myself to have hit the ceiling as far as my career was concerned in that particula...
Posted By : Edward491 | 3 comments
Let us have positive inspirational slogans for every situation. Last week I started the project meeting like this: I don't know you are all so good at tuning the website. The performance is now is wonderful. I could witness reduction of stress, anxiety an...
Posted By : Jayakumar Sundaram | 1 comments