Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

PO7.3 - Staffing of Roles

This topic is intended to enable collaboration and sharing of information to facilitate a better understanding and approach to implementing this COBIT control objective based on the risk, value and guidance provided by its corresponding control practices.

COBIT Control Objective PO7.3 - Staffing of Roles is contained within Process Popup Manage IT Human Resources.

Learn more about COBIT and related publications.

Click “Join This Community” to be able to actively participate in discussions and contribute content. You must be an ISACA member to join this topic. Join ISACA now.

 
This Topic Has:
5 Members
0 Online
4248 Visits

 Recent Discussions

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Badge: Energizer


Staffing of Roles

Define, monitor and supervise roles, responsibilities and compensation frameworks for personnel, including the requirement to adhere to management policies and procedures, the code of ethics, and professional practices. The level of supervision should be in line with the sensitivity of the position and extent of responsibilities assigned.

View value and Risk Drivers  help

Hide value and Risk Drivers help


Value Drivers

  • Communication of and adherence to organisation policies, practices and ethics
  • Clear accountability and responsibility for key functions
  • Improved alignment of staff contribution to business goals
  Risk Drivers
  • Incorrect actions and decisions based on unclear direction setting
  • Increased errors and incidents caused by lack of supervision
  • Staff dissatisfaction through poor management and oversight

View Control Practices  help

Hide Control Practices  help

  1. Define and regularly maintain descriptions of IT roles covering responsibilities to highlight any specific risk management, security and compliance requirements.
  2. Ensure that IT personnel acknowledge and document, upon hiring and periodically thereafter, their acceptance of role descriptions and responsibilities.
  3. Ensure that terms and conditions of employment stress the employee’s responsibility for information security, internal control and regulatory compliance, and address the assignment of all intellectual property rights to the organisation and non-disclosure of confidential information.
  4. Ensure that supervision for each role within IT is based on the risks posed by that role and is effected by an appropriate mechanism, including personal supervision, review of work, dual performance of tasks and/or automated monitoring.

Discussions: 0 total

Must be a Topic member to contribute

No Results Found

Documents & Publications: 23 total

Must be a Topic member to contribute
View All »
ICQs and Audit Programs
Posted by ISACA 1278 days ago
ICQs and Audit Programs
Posted by ISACA 1410 days ago
Books
Posted by ISACA 1538 days ago
Books
International Financial Reporting Standards have been mandatory in the EU since 2005 and are rapidly being adopted by countries throughout the world.
Posted by ISACA 2056 days ago
Books
Posted by ISACA 2173 days ago

Events & Online Learning: 0 total

No Results Found

Journal Articles: 32 total

Volume 4, 2017
by Mathew Nicho, Ph.D., CEH, CIS, ITIL Foundation, RWSP, SAP, Shafaq Khan, Ph.D., CIS, PMBOK, PMP, SAP, and Ram Mohan, CRISC, CISM, CGEIT, ISO 27001, ITIL Foundation
A key issue often cited by information systems (IS) executives in the last three decades is aligning IT with business, which assists in realizing value from IT investments.
Volume 3, 2017
by Vasant Raval, DBA, CISA, ACMA, and Rajesh Sharma, Ph.D., ITIL-F, Six Sigma Black Belt
Success does not teach much, if anything; it is the failure that provides lessons to do better in the future.
Volume 1, 2017
by Graciela Braga, CGEIT, COBIT Foundation, CPA
When discussing the impact of IT on cities, some questions arise: How have cities been transformed by IT? Can this transformation be measured? What are the benefits and risk factors of the transformation?
Volume 6, 2016
by Sunil Bakshi, CISA, CGEIT, CISM, CRISC, ABCI, AMIIB, BS 25999 LI, CEH, CISSP, ISO 27001 LA, MCA, PMP
During the past 30 years, enterprises have been embracing new methods to transform their operations to use IT and related technology to provide a higher level of customer service.
Volume 6, 2016
by Shirali Vyas, CA, ICAI
The 2008 financial crisis and its cascading effects have made it necessary to redefine the supplier risk management norms.
Volume 5, 2016
by John W. Lainhart IV, CISA, CISM, CGEIT, CRISC, CIPP/G, CIPP/US, Zhiwei Fu, Ph.D., CISA, CGEIT, CRISC, CFE, CISSP, ITIL, PMP and Christopher M. Ballister, CISM, CGEIT, CRISC
Organizations need to move toward a more holistic and proactive approach to addressing security threats and managing compliance requirements in today’s information-driven economy.

Wikis: 2 total

Blog Posts: 8 total

28 Sep 2017
Recently, I witnessed an interesting webcast by Scopism, an UK-based consulting and training company. They announced the publication of the SIAM(c) Foundation Body of Knowledge, available for free through their website www.scopism.com. Service Integration...
Posted By : Peter873 | 0 comments
“Enterprise architecture is now a strategic componentof every forward-thinking organization around the world.”Source: http://feapo.org/press-release-ea-perspectives-white-paper/ Related Article: Common Perspective on Enterprise Architecture: http://feapo....
Posted By : SA | 1 comments
Let us have positive inspirational slogans for every situation. Last week I started the project meeting like this: I don't know you are all so good at tuning the website. The performance is now is wonderful. I could witness reduction of stress, anxiety an...
Posted By : Jayakumar Sundaram | 1 comments
Yesterday’s security technology will not keep your network safe today, nor will today’s solutions protect you tomorrow. Network security must evolve. And at a rate that keeps it always one step ahead of the threats. These could include factors such as you...
Posted By : rasoolirfan | 1 comments
Ina fast changing world of business and relentless competition, strategicplanning is not only critical, but also the differentiating factor for anorganization. Since IT has moved from a supportive role to a more strategicrole, the IT Strategic Planning an...
Posted By : SA | 0 comments
Enterprise Architecture Practice provides several benefits to organization. Some of the benefits are listed below:  an improved road map for strategy execution; focused and measured strategy implementation; creating synergies; cost reduction (value for m...
Posted By : SA | 0 comments