Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

PO7.1 - Personnel Recruitment and Retention

This topic is intended to enable collaboration and sharing of information to facilitate a better understanding and approach to implementing this COBIT control objective based on the risk, value and guidance provided by its corresponding control practices.

COBIT Control Objective PO7.1 - Personnel Recruitment and Retention is contained within Process Popup Manage IT Human Resources

Learn more about COBIT and related publications.

Click “Join This Community” to be able to actively participate in discussions and contribute content. You must be an ISACA member to join this topic. Join ISACA now.

 
This Topic Has:
6 Members
0 Online
4109 Visits

 Recent Discussions

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Badge: Energizer


Personnel Recruitment and Retention

Maintain IT personnel recruitment processes in line with the overall organisation’s personnel policies and procedures (e.g., hiring, positive work environment, orienting). Implement processes to ensure that the organisation has an appropriately deployed IT workforce with the skills necessary to achieve organisational goals.

View value and Risk Drivers  help

Hide value and Risk Drivers help


Value Drivers

  • IT skills optimised and aligned with organisational goals
  • Improved recruitment and retention of the right IT skills to support future business requirements
  Risk Drivers
  • IT services for business-critical processes not supported adequately
  • Ineffective IT solutions
  • Lack of appropriate IT skills due to IT human resources management not being in line with market conditions

View Control Practices  help

Hide Control Practices  help

  1. Develop and maintain an IT human resources management plan that includes a definition of the skill requirements and preferred professional qualifications to meet the tactical and strategic IT needs of the organisation. Regularly review the currently available skills against the requirement for skilled resources.
  2. Implement a formal and documented process for the recruitment and retention of IT personnel that meets regulatory requirements and is compatible with the organisation’s human resources policies.
  3. Develop and maintain IT human resource retention practices focusing on critical and scarce skills, considering personal evaluations, compensation and incentives, personal development plans, and individual training needs.

Discussions: 0 total

Must be a Topic member to contribute

No Results Found

Documents & Publications: 34 total

Must be a Topic member to contribute
View All »
Books
Posted by ISACA 596 days ago
Books
Posted by ISACA 925 days ago
Books
Posted by ISACA 1208 days ago
ICQs and Audit Programs
Posted by ISACA 1375 days ago
E-book
Posted by ISACA 1507 days ago

Events & Online Learning: 1 total

13 Aug 2018
ISACA International Event
Nashville, Tennessee, US
2018 GRC Conference - 13-15 August , Nashville, TN. Explore the future of Governance Risk and Control through expert-led workshops and sessions developed by the IIA and ISACA. Register early for our GRC learning tracks.

Journal Articles: 59 total

Volume 3, 2018
by Ofir Eitan, CISM, CCSK, CTI
One of the major challenges chief information security officers (CISOs) face in almost any organization is prioritizing information security interests with regard to IT interests.
Volume 2, 2018
by Jennifer Bayuk, CISA, CISM, CGEIT
The ERM framework is designed to provide reasonable expectation that an entity that adopts it understands and manages all kinds of risk associated with business strategy and performance objectives.
Volume 2, 2018
by Robert E. Davis, DBA, CISA, CICA
Innovation is the process of transforming an idea or concept into a functional and marketable value proposition reflecting creative opportunity.
Volume 2, 2018
by Sunil Bakshi, CISA, CRISC, CISM, CGEIT, ABCI, AMIIB, BS 25999 LI, CEH, CISSP, ISO 27001 LA, MCA, PMP
Until a few years ago, many organizations did not adopt new technologies unless they were proven, stabilized and in use.
Volume 6, 2017
by Ability Takuva, CISA
In enterprise risk management, three lines of defense have been defined with separate responsibilities that enable effective risk management against any threat.
Volume 4, 2017
by Mathew Nicho, Ph.D., CEH, CIS, ITIL Foundation, RWSP, SAP, Shafaq Khan, Ph.D., CIS, PMBOK, PMP, SAP, and Ram Mohan, CRISC, CISM, CGEIT, ISO 27001, ITIL Foundation
A key issue often cited by information systems (IS) executives in the last three decades is aligning IT with business, which assists in realizing value from IT investments.

Wikis: 2 total

Blog Posts: 14 total

14 May 2018
Recently, I witnessed an interesting webcast by Scopism, an UK-based consulting and training company. They announced the publication of the SIAM(c) Foundation Body of Knowledge, available for free through their website www.scopism.com. Service Integration...
Posted By : Peter873 | 1 comments
Information Security and Privacy is hot issue at present time. Number of security breaches is rapidly increasing.  In case of late detection, costs of breaches are skyrocketing. In the same time Artificial Intelligence (AI), Machine Learning (ML) are fast...
Posted By : Dragan Pleskonjic | 0 comments
Senior Manager           ultimate responsibility Information security Officer          functional responsibility Security Analyst           Strategic, develops policies and guidelines Owner         - Responsible for asset         - Determine level of clas...
Posted By : Muhammad554 | 0 comments
“Enterprise architecture is now a strategic componentof every forward-thinking organization around the world.”Source: http://feapo.org/press-release-ea-perspectives-white-paper/ Related Article: Common Perspective on Enterprise Architecture: http://feapo....
Posted By : SA | 1 comments
Let us have positive inspirational slogans for every situation. Last week I started the project meeting like this: I don't know you are all so good at tuning the website. The performance is now is wonderful. I could witness reduction of stress, anxiety an...
Posted By : Jayakumar Sundaram | 1 comments
Yesterday’s security technology will not keep your network safe today, nor will today’s solutions protect you tomorrow. Network security must evolve. And at a rate that keeps it always one step ahead of the threats. These could include factors such as you...
Posted By : rasoolirfan | 1 comments