Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

PO4.6 - Establishment of Roles and Responsibilities

This topic is intended to enable collaboration and sharing of information to facilitate a better understanding and approach to implementing this COBIT control objective based on the risk, value and guidance provided by its corresponding control practices.

COBIT Control Objective PO4.6 - Establishment of Roles and Responsibilities is contained within Process Popup Define the IT Processes, Organisation and Relationships

Learn more about COBIT and related publications.

Click “Join This Community” to be able to actively participate in discussions and contribute content. You must be an ISACA member to join this topic. Join ISACA now.

 
This Topic Has:
8 Members
0 Online
0 Visits

 Recent Discussions

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!


Establishment of Roles and Responsibilities

Establish and communicate roles and responsibilities for IT personnel and end users that delineate between IT personnel and end-user authority, responsibilities and accountability for meeting the organisation’s needs.

View value and Risk Drivers  help

Hide value and Risk Drivers help


Value Drivers

  • Effective individual performance
  • Activities allocated to specific positions
  • Efficient recruitment of appropriately skilled and experienced IT staff
  • Effective staff performance
  Risk Drivers
  • Non-compliance with regulations
  • Compromised information
  • Recruitment of staff not working as intended
  • Fraudulent system usage
  • Non-responsive IT organisation

View Control Practices  help

Hide Control Practices  help

  1. Formalise the skills, experience, authority, responsibility and accountability for each IT task. Update the IT task descriptions when IT tasks change.
  2. Assign all IT tasks to one or more roles, and assign roles to IT personnel.
  3. Allocate accountabilities and responsibilities to roles rather than to organisational positions to support the execution of the role. Allocate roles to organisational positions and allocate organisational positions to individuals.
  4. Inform IT personnel about their roles and any changes to their roles.
  5. Ensure that line managers periodically confirm the accuracy of the role descriptions for their team members.
  6. Develop the role description to outline key goals and objectives, which include SMARRT measures, for use in the staff performance evaluation process.
  7. Ensure that role descriptions for staff members across the organisation specifically identify responsibilities regarding information systems, internal control and security.
  8. Ensure that management initiates regular training and awareness campaigns to reinforce staff knowledge of roles. This may be supplemented with occasional assessments of understanding and compliance.
  9. Require all employees to comply with enterprisewide (e.g., corporate) and applicable department policies related to internal control, security and confidentiality.

Discussions: 0 total

Must be a Topic member to contribute

No Results Found

Documents & Publications: 44 total

Must be a Topic member to contribute
View All »
Downloads
Posted by FarmService 1534 days ago
Downloads
Posted by FarmService 2619 days ago
Books
Posted by ISACA 952 days ago
Books
Posted by ISACA 1012 days ago
Books
Posted by ISACA 1235 days ago

Events & Online Learning: 0 total

No Results Found

Journal Articles: 60 total

Volume 3, 2018
by Ofir Eitan, CISM, CCSK, CTI
One of the major challenges chief information security officers (CISOs) face in almost any organization is prioritizing information security interests with regard to IT interests.
Volume 2, 2018
by Robert E. Davis, DBA, CISA, CICA
Innovation is the process of transforming an idea or concept into a functional and marketable value proposition reflecting creative opportunity.
Volume 2, 2018
by Sunil Bakshi, CISA, CRISC, CISM, CGEIT, ABCI, AMIIB, BS 25999 LI, CEH, CISSP, ISO 27001 LA, MCA, PMP
Until a few years ago, many organizations did not adopt new technologies unless they were proven, stabilized and in use.
Volume 4, 2017
by Mathew Nicho, Ph.D., CEH, CIS, ITIL Foundation, RWSP, SAP, Shafaq Khan, Ph.D., CIS, PMBOK, PMP, SAP, and Ram Mohan, CRISC, CISM, CGEIT, ISO 27001, ITIL Foundation
A key issue often cited by information systems (IS) executives in the last three decades is aligning IT with business, which assists in realizing value from IT investments.
Volume 4, 2017
by Steven De Haes, Ph.D., Anant Joshi, Ph.D., Tim Huygh and Salvi Jansen
IT governance, also referred to as governance of enterprise IT (GEIT) or corporate governance of IT, is a subset of corporate governance that is concerned with enterprise IT assets.
Volume 4, 2017
by Mathew Nicho, Ph.D., CEH, CIS, ITIL Foundation, RWSP, SAP, Shafaq Khan, Ph.D., CIS, PMBOK, PMP, SAP and Ram Mohan, CRISC, CISM, CGEIT, ISO 27001
The Emirates National Oil Company embarked on an initiative to realize value out of IT assets through Information Technology Infrastructure Library (ITIL) process implementation.

Wikis: 2 total

Blog Posts: 68 total

17 Jun 2018
We are happy to announce that  on Feb//2018  the ISACA awareness session  was held in Baghdad.This the first time to speak about ISACA Value in Iraq.Professional from government and private sector were excited to hear about ISACA value and they started to...
Posted By : Ali099 | 2 comments
5 Jun 2018
Recently, I witnessed an interesting webcast by Scopism, an UK-based consulting and training company. They announced the publication of the SIAM(c) Foundation Body of Knowledge, available for free through their website www.scopism.com. Service Integration...
Posted By : Peter873 | 2 comments
Security in IoT environment
Posted By : Hyun239 | 0 comments
20 Apr 2018
Good day. I have an interesting situation that came about just this week.  New career opportunities are not all that they seem to be.  What I thought was going to be a great career change ended up in disaster.  With only one week and two day's, I was dism...
Posted By : Brian824 | 0 comments
Have you experienced ransomware attack so far and, if yes, what did you do to resolve? I set up Twitter poll here: https://twitter.com/DPleskonjic/status/953608717399941120 It lasts for seven days. Thank you for taking part in the poll.
Posted By : Dragan Pleskonjic | 5 comments
Bitcoin Trade a Bubble! Block Chain Technology Useful .ISACA Members whats your Take on Bitcoin Trade, Is its a bubble that wont last long.Block chain Technology is useful and its continuously growing to as form of secure record  management and secured us...
Posted By : MUGAMBI865 | 1 comments