Find Resources & Connect with members on topics that interest you.

Applications

Audit

Business Processes

Career Management

Cloud Computing/Virtualization

COBIT

Controls and Monitoring

Databases

Fraud and Computer Crime

Governance and Management

Industry

Information Security

IT Service Management

Mobile/Wireless

Operating Systems

Privacy/Data Protection

Regulations

Risk

Standards

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

ME - Monitor and Evaluate

Application Controls

Process Controls

Please sign in to see your topics.

You must be logged in to join this group.

PO4.7 - Responsibility for IT Quality Assurance

This topic is intended to enable collaboration and sharing of information to facilitate a better understanding and approach to implementing this COBIT control objective based on the risk, value and guidance provided by its corresponding control practices.

COBIT Control Objective PO4.7 - Responsibility for IT Quality Assurance is contained within Process Popup Define the IT Processes, Organisation and Relationships

Learn more about COBIT and related publications.

Click “Join This Community” to be able to actively participate in discussions and contribute content. You must be an ISACA member to join this topic. Join ISACA now.

 
This Topic Has:
3 Members
0 Online
828 Visits

 Recent Discussions

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Points: 3

Responsibility for IT Quality Assurance

Assign responsibility for the performance of the quality assurance (QA) function and provide the QA group with appropriate QA systems, controls and communications expertise. Ensure that the organisational placement and the responsibilities and size of the QA group satisfy the requirements of the organisation.

View value and Risk Drivers  help

Hide value and Risk Drivers help


Value Drivers

  • Quality assurance as an integral part of IT’s responsibilities
  • Processes in line with the organisation’s quality expectations
  • Proactive identification of improvements to IT functionality and business processes
  • Proactive identification of quality issues and business risks
   Risk Drivers
  • Reputational damage
  • Undetected quality-related risks that impact the overall business
  • Increased costs and time delays due to poor quality control
  • Quality assurance not applied consistently or effectively
  • Inconsistencies in quality across the organisation
  • Reduced business performance

View Control Practices  help

Hide Control Practices  help

  1. Ensure that the QA function’s reporting line is such that it can operate with adequate independence and report its findings objectively.
  2. Ensure that the role of the QA function includes:
    • Monitoring processes to ensure compliance with the organisation’s QA-related policies, standards and procedures (e.g., compliance with the organisation’s development methodology)
    • Acting as a centre of expertise for the development of QA-related policies (e.g., QA requirements in a system development life cycle), standards and procedures
    • Adopting and aligning with QA best practices and standards
  3. Ensure that the staffing levels and skills for the QA function are commensurate with the size of the organisation and the QA function’s responsibilities. Skills include those related to quality assurance, IT, controls, processes and communication.
  4. Encourage senior management’s sponsorship and active support of the QA function.
  5. Define and document a process for identifying, escalating and resolving issues identified to the QA process.
  6. Ensure that the QA function reports periodically on its findings and recommendations.

 

Discussions: 0 total

Must be a Topic member to contribute

No Results Found

Documents & Publications: 4 total

Must be a Topic member to contribute
Books
IT Governance: Polices & Procedures, 2012 Edition
Posted by ISACA 230 days ago
Books
CIO Best Practices: Enabling Strategic Value with Information Technology, 2nd Edition
Posted by ISACA 502 days ago
Books
Optimising Value Creation From IT Investments
Posted by ISACA 720 days ago
Books
IT Auditing: An Adaptive Process
Posted by ISACA 720 days ago

Events & Online Learning: 0 total

No Results Found

Journal Articles: 0 total

No Results Found

User Contributed External Links: 0 total

Wikis: 2 total

Blog Posts: 0 total

Must be a Topic member to view blog posts

No Results Found
Report An Issue