Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

PO4.3 - IT Steering Committee

This topic is intended to enable collaboration and sharing of information to facilitate a better understanding and approach to implementing this COBIT control objective based on the risk, value and guidance provided by its corresponding control practices.

COBIT Control Objective PO4.3 - IT Steering Committee is contained within Process Popup Define the IT Processes, Organisation and Relationships

Learn more about COBIT and related publications.

Click “Join This Community” to be able to actively participate in discussions and contribute content. You must be an ISACA member to join this topic. Join ISACA now.

 
This Topic Has:
91 Members
0 Online
4509 Visits

 Recent Discussions

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Badge: Energizer


IT Steering Committee

Establish an IT steering committee (or equivalent) composed of executive, business and IT management to:
  • Determine prioritisation of IT-enabled investment programmes in line with the enterprise’s business strategy and priorities
  • Track status of projects and resolve resource conflict
  • Monitor service levels and service improvements

View value and Risk Drivers  help

Hide value and Risk Drivers help


Value Drivers

  • IT strategy in line with the organisation’s strategy
  • IT-enabled investment programmes in line with the organisation’s strategy
  • Business and IT involvement in the prioritisation process
  • Business and IT involvement in conflict resolution
  • Business and IT involvement in monitoring performance
  Risk Drivers
  • IT strategy not in line with the organisation’s strategy
  • IT-enabled investment programmes not in support of the organisational goals and objectives
  • Insufficient support and involvement of IT and senior organisational management in key decision-making processes

View Control Practices  help

Hide Control Practices  help

  1. Ensure that an IT steering committee exists that reports to an appropriate level of senior management and includes representation from the executive level, key business operations areas, IT and key business support areas such as finance, risk management, compliance, human resources, legal and internal audit.
  2. Ensure that the IT steering committee includes a key sponsor at the executive level.
  3. Ensure that the role and authority of the IT steering committee are agreed upon and formally documented.
  4. Ensure that the IT steering committee meets regularly, with an appropriate and monitored frequency.
  5. Determine that the responsibilities for the committee include at least:
    • Determination of prioritisation of IT-enabled investment programmes in line with the enterprise’s business strategy and priorities
    • Tracking of status of projects and resolution of resource conflict
    • Monitoring of service levels and service improvements
  6. Ensure that the IT steering committee approves the high-level control requirements, such as consideration of key performance indicators and balanced scorecards in relation to IT, and monitors controls compliance.

Discussions: 0 total

Must be a Topic member to contribute

No Results Found

Documents & Publications: 57 total

Must be a Topic member to contribute
View All »
Downloads
Posted by FarmService 1229 days ago
Downloads
Posted by FarmService 2314 days ago
Books
Posted by ISACA 318 days ago
Books
Posted by ISACA 647 days ago

Events & Online Learning: 3 total

21 Sep 2015
ISACA International Event
06010 Mexico City, Panama
La Conferencia Latinoamericana CACS/ISRM
9 Nov 2015
ISACA International Event
Copenhagen, Denmark
Stay on top of the trends and opportunities of the dynamic technology industry at EuroCACS/ISRM —the leading European conference for IT audit, assurance, security and risk professionals.

Journal Articles: 77 total

Volume 4, 2017
by Mathew Nicho, Ph.D., CEH, CIS, ITIL Foundation, RWSP, SAP, Shafaq Khan, Ph.D., CIS, PMBOK, PMP, SAP, and Ram Mohan, CRISC, CISM, CGEIT, ISO 27001, ITIL Foundation
A key issue often cited by information systems (IS) executives in the last three decades is aligning IT with business, which assists in realizing value from IT investments.
Volume 4, 2017
by Steven De Haes, Ph.D., Anant Joshi, Ph.D., Tim Huygh and Salvi Jansen
IT governance, also referred to as governance of enterprise IT (GEIT) or corporate governance of IT, is a subset of corporate governance that is concerned with enterprise IT assets.
Volume 4, 2017
by Mathew Nicho, Ph.D., CEH, CIS, ITIL Foundation, RWSP, SAP, Shafaq Khan, Ph.D., CIS, PMBOK, PMP, SAP and Ram Mohan, CRISC, CISM, CGEIT, ISO 27001
The Emirates National Oil Company embarked on an initiative to realize value out of IT assets through Information Technology Infrastructure Library (ITIL) process implementation.
Volume 3, 2017
by Vasant Raval, DBA, CISA, ACMA, and Rajesh Sharma, Ph.D., ITIL-F, Six Sigma Black Belt
Success does not teach much, if anything; it is the failure that provides lessons to do better in the future.
Volume 1, 2017
by Cheryl Ritts, MSIS
Many enterprises are quick to leap into cloud relationships. Very often, they do so without any analysis—formal or informal—of the value they expect to get in return.
Volume 1, 2017
by Graciela Braga, CGEIT, COBIT Foundation, CPA
When discussing the impact of IT on cities, some questions arise: How have cities been transformed by IT? Can this transformation be measured? What are the benefits and risk factors of the transformation?

Wikis: 2 total

Blog Posts: 54 total

9 Aug 2017
How, where, and when can IT innovate even in anapparent non-innovation culture?Innovationcan be a broad concept whose definition for a specific company, department orpractitioner is based very much upon context. Organization mission, culture,size, revenue...
Posted By : Richard521 | 0 comments
Senior Manager           ultimate responsibility Information security Officer          functional responsibility Security Analyst           Strategic, develops policies and guidelines Owner         - Responsible for asset         - Determine level of clas...
Posted By : Muhammad554 | 0 comments
Cyber Security Program the way I have often observed in various organization over the years, is lead with piecemeal approach. There is no holistic view or review of the same and the Cyber Security team, often to be counted on fingers, is left to fend the...
Posted By : Mayank | 0 comments
31 Dec 2016
The Mobile Maritime Hub 2009-2050 is an strategic plan that started in 2009, in Vilanova i La Geltrú, a coastal town, to promote maritime, nautical, fishing and scientific activities in a seaside region, by a properly use of the technological tools existi...
Posted By : ramoncod | 0 comments
A customer walks into a grocery store to buy a cold yogurt, then walks toward the checkout stand to buy it. While waiting in line to buy the yogurt, there is a chance it will warm up. If the line is long, not only will the customer refuse to buy the yogu...
Posted By : Don Turnblade | 0 comments
After 30 years working in the IT, Audit, Risk Management and Compliance worlds, I’ve seen a lot of good examples of managing an organizations IT risks and controls. But on the flip side, I’ve also seen too many instances of poor management of an organizat...
Posted By : Joe999 | 0 comments