![Cover image for Executive's Guide to IT Governance : Improving Systems Processes with Service Management, COBIT, and ITIL].](/client/assets/5.1294/ctx//client/images/no_image.png "Cover image for Executive's Guide to IT Governance : Improving Systems Processes with Service Management, COBIT, and ITIL].")
Executive's Guide to IT Governance : Improving Systems Processes with Service Management, COBIT, and ITIL].
Title:
Executive's Guide to IT Governance : Improving Systems Processes with Service Management, COBIT, and ITIL].
Author:
Moeller, Robert R.
ISBN:
9781118238936
Personal Author:
Edition:
1st ed.
Physical Description:
1 online resource (434 pages)
Series:
Wiley Corporate F&a Ser.
Contents:
Executive's Guide to IT Governance -- Contents -- Preface -- PART ONE IT Governance Concepts -- CHAPTER ONE Importance of IT Governance for All Enterprises -- CHAPTER TWO Fundamental Governance Concepts and Sarbanes-Oxley Rules -- SARBANES-OXLEY ACT -- Sarbanes-Oxley Act Key IT Governance Elements -- SOx Title I: Public Company Accounting Oversight Board -- Title IV: Enhanced Financial Disclosures and Section 404 -- OTHER SOx RULES-TITLE II: AUDITOR INDEPENDENCE -- Limitations on External Auditor Services -- Audit Committee Preapproval of Services -- External Audit Partner Rotation -- Conflicts of Interest and Mandatory Rotations of External Audit Firms -- SOx TITLE III: CORPORATE RESPONSIBILITY -- TITLE IV: ENHANCED FINANCIAL DISCLOSURES -- Expanded Conflict-of-Interest Provisions, Disclosures, and Codes of Ethics -- Other SOx Rules and Requirements -- WHAT IS IT GOVERNANCE? -- IT Governance Enterprise Risk Issues -- IT Governance Enterprise Organization Issues -- IT Governance Legislative and Regulatory Issues -- IT Governance Security Issues -- IT Governance Internal, External Threats -- NOTES -- CHAPTER THREE Enterprise Governance and GRC Tools -- THE ROAD TO EFFECTIVE GRC PRINCIPLES -- IMPORTANCE OF GRC GOVERNANCE -- RISK MANAGEMENT COMPONENT OF GRC -- GRC AND ENTERPRISE COMPLIANCE -- IMPORTANCE OF EFFECTIVE GRC PRACTICES AND PRINCIPLES -- PART TWO Frameworks to Support Effective IT Governance -- CHAPTER FOUR IT Governance and COSO Internal Controls -- IMPORTANCE OF EFFECTIVE INTERNAL CONTROLS AND COSO -- Internal Control Standards Background -- COSO Internal Control Framework -- Other Dimensions of the COSO Internal Control Framework -- COSO INTERNAL CONTROL SYSTEMS MONITORING GUIDANCE -- WRAPPING IT UP: IMPORTANCE OF COSO INTERNAL CONTROLS -- NOTES -- CHAPTER FIVE COBIT and the IT Governance Institute.
AN EXECUTIVE'S INTRODUCTION TO COBIT -- THE COBIT FRAMEWORK AND ITS DRIVERS -- COBIT PRINCIPLE 1: ESTABLISH AN INTEGRATED IT ARCHITECTURE FRAMEWORK -- COBIT PRINCIPLE 2: STAKEHOLDER VALUE DRIVERS -- COBIT PRINCIPLE 3: FOCUS ON BUSINESS CONTEXT -- COBIT PRINCIPLE 4: GOVERNANCE AND RISK MANAGEMENT ENABLERS -- COBIT PRINCIPLE 5: GOVERNANCE AND MANAGEMENT PERFORMANCE MEASUREMENT STRUCTURES -- PUTTING IT TOGETHER: MATCHING COBIT PROCESSES AND IT GOALS -- USING COBIT IN A SOX ENVIRONMENT -- COBIT IN PERSPECTIVE -- NOTES -- CHAPTER SIX ITIL and IT Service Management Guidance -- ITIL FUNDAMENTALS -- ITIL SERVICE STRATEGY COMPONENTS -- ITIL SERVICE DESIGN -- Service Delivery Capacity Management -- Service Delivery Availability Management -- Service Delivery Information Systems Security and Continuity Management -- ITIL SERVICE TRANSITION MANAGEMENT PROCESSES -- Service Transition Change Management -- Service Transition Configuration Management -- ITIL SERVICE OPERATION PROCESSES -- Service Operation Event and Incident Management -- Service Operation Problem Management -- IT GOVERNANCE AND ITIL SERVICE DELIVERY BEST PRACTICES -- NOTE -- CHAPTER SEVEN IT Governance Standards: ISO 9001, 27002, and 38500 -- ISO STANDARDS BACKGROUND -- ISO 9000 QUALITY MANAGEMENT STANDARDS -- ISO IT SECURITY STANDARDS: ISO 27002 AND 27001 -- ISO 38500 IT GOVERNANCE STANDARD -- ISO 38500 Objectives -- The ISO 38500 Framework for IT Governance -- Guidance for Implementing the ISO 38500 Standard -- NOTES -- CHAPTER EIGHT IT Governance Issues: Risk Management, COSO ERM, and OCEG Guidance -- RISK MANAGEMENT FUNDAMENTALS -- Risk Identification -- Quantitative or Qualitative Risk Assessments -- Risk Response Planning -- Risk Monitoring -- COSO ERM DEFINITIONS AND OBJECTIVES: A PORTFOLIO VIEW OF RISK -- COSO ERM FRAMEWORK -- COSO ERM Components: Internal Environment.
COSO ERM Components: Objective Setting -- COSO ERM Components: Event Identification -- COSO ERM Components: Risk Assessment -- COSO ERM Components: Control Activities -- COSO ERM Components: Information and Communication -- COSO ERM Components: Monitoring -- OTHER DIMENSIONS OF THE COSO ERM FRAMEWORK -- THE OCEG GRC "RED BOOK," RISK MANAGEMENT, AND IT GOVERNANCE -- OCEG's Principled Performance® Concept -- Level and Scope of the OCEG Standards-Setting Authority -- NOTES -- PART THREE Tools and Technologies to Manage the IT Governance Infrastructure -- CHAPTER NINE Cloud Computing, Virtualization, and Portable, Mobility Computing -- UNDERSTANDING CLOUD COMPUTING -- Reviewing Cloud Computing Application Controls -- Cloud Computing Security and Privacy Challenges -- IT SYSTEMS AND STORAGE MANAGEMENT VIRTUALIZATION -- IT Governance and Virtualization -- IT Virtualization Governance and Security Issues -- SMARTPHONE AND HANDHELD IT DEVICE GOVERNANCE ISSUES -- NOTE -- CHAPTER TEN Governance, IT Security, and Continuity Management -- IMPORTANCE OF AN EFFECTIVE IT SECURITY ENVIRONMENT -- ENTERPRISE IT SECURITY PRINCIPLES: GENERALLY ACCEPTED SECURITY STANDARDS -- GASSP -- Implementing Security Principles in the IT Organization -- IMPORTANCE OF AN EFFECTIVE, ENTERPRISE-WIDE SECURITY STRATEGY -- IT CONTINUITY PLANNING -- THE BUSINESS CONTINUITY PLAN AND IT GOVERNANCE -- NOTES -- CHAPTER ELEVEN PCI DSS Standards and Other IT Governance Rules -- PCI DSS BACKGROUND AND STANDARDS -- Protecting Cardholder Data and Vulnerability Management Programs -- PCI DSS Requirements -- The PCI DSS Self-Assessment Process -- GRAMM-LEACH-BLILEY ACT IT GOVERNANCE RULES -- GLBA Financial Privacy Rules -- GLBA Safeguards Rule -- GLBA Pretexting Rules -- HIPAA: HEALTH CARE AND MUCH MORE -- HIPAA Patient Record Privacy Rules -- Cryptography and HIPAA Security Requirements.
HIPAA IT Security Administrative Procedures -- Technical Security Services and Mechanisms -- NOTES -- CHAPTER TWELVE IT Service Catalogs: Realizing Greater Value from IT Operations -- IMPORTANCE OF IT SERVICE CATALOGS -- ROLE OF A SERVICE CATALOG IN THE IT SERVICE PROVIDER ORGANIZATION -- AN IT SERVICE CATALOG'S CONTENT AND FEATURES -- IT SERVICE CATALOG MANAGEMENT -- PART FOUR Building and Monitoring Effective IT Governance Systems -- CHAPTER THIRTEEN Importance of IT Serv ice-Oriented Architecture for IT Governance Systems -- SOA APPLICATIONS AND SERVICE-DRIVEN IT APPLICATIONS -- SOA GOVERNANCE, INTERNAL CONTROL ISSUES, AND RISKS -- PLANNING AND BUILDING AN SOA IMPLEMENTATION BLUEPRINT -- Transitioning Current Applications and Processes to SOA -- SOA Policies and Procedures -- SOA Design-Time Policies -- SOA Runtime Policies and Processes -- SOA AND IT GOVERNANCE -- NOTES -- CHAPTER FOURTEEN IT Confi guration and IT Portfolio Management -- IT CONFIGURATION MANAGEMENT CONCEPTS -- ITIL BEST PRACTICES FOR IT CONFIGURATION MANAGEMENT -- Gathering and Analyzing Configuration Management Requirements -- Steps to Implementing IT Configuration Management -- THE CONFIGURATION MANAGEMENT DATABASE: AN OFTEN DIFFICULT CONCEPT -- ESTABLISHING AN ENTERPRISE CMDB -- Relational vs. Dimensional Database Architecture -- Database Federation -- CMDB Reconciliation -- CMDB Data Synchronization -- CMDB Modeling -- IT PORTFOLIO MANAGEMENT -- Implementing IT Portfolio Management -- Portfolio Metrics: Achieving Value through IT Portfolio Management -- CHAPTER FIFTEEN Application Systems Implementations and IT Governance -- THE SYSTEMS DEVELOPMENT LIFE CYCLE: A BASIC APPLICATION DEVELOPMENT TECHNIQUE -- IT RAPID DEVELOPMENT PROCESSES: PROTOTYPING -- ENTERPRISE RESOURCE PLANNING AND IT GOVERNANCE PROCESSES.
CHAPTER SIXTEEN IT Governance Issues: Project and Program Management -- THE PROJECT MANAGEMENT PROCESS -- PMBOK STANDARDS -- ANOTHER PROJECT MANAGEMENT STANDARD: PRINCE2 -- IT SYSTEMS PORTFOLIO AND PROGRAM MANAGEMENT -- THE PROGRAM MANAGEMENT OFFICE (PMO), A STRONG GOVERNANCE RESOURCE -- PROJECT MANAGEMENT, THE PMO, AND IT GOVERNANCE -- NOTE -- CHAPTER SEVENTEEN Service Level Agreements, itSMF, Val IT, and Maximizing IT Investments -- ITIL SERVICE MANAGEMENT BEST PRACTICES AND THE ITSMF -- OPEN COMPLIANCE AND ETHICS GROUP (OCEG) STANDARDS -- OCEG's Principled Performance Concept -- GRC Capability, Context, and Culture Elements -- GRC Capability, Organize, and Oversee Elements -- Other OCEG Elements -- The OCEG Model and IT Governance -- Level and Scope of the OCEG Standards-Setting Authority -- VAL IT: ENHANCING THE VALUE OF IT INVESTMENTS -- Launching an IT Value Management Initiative -- Getting Started in Value Management -- NOTES -- PART FIVE Monitoring and Measuring Enterprise Management and Board Governance -- CHAPTER EIGHTEEN Enterprise Content Management -- ECM CHARACTERISTICS AND KEY COMPONENTS IN THE ENTERPRISE TODAY -- ECM PROCESSES AND IT GOVERNANCE -- CREATING AN EFFECTIVE ECM ENVIRONMENT IN THE ENTERPRISE -- Enterprise ECM Features: Archiving -- Enterprise ECM Features: Classification Processes -- Enterprise ECM Features: Document Disposal and Governance Management -- CHAPTER NINETEEN Internal Audit's Governance Role -- INTERNAL AUDITING HISTORY AND BACKGROUND -- INTERNAL AUDITING AND THE IT AUDITOR -- INTERNAL AUDIT'S IT GOVERNANCE ACTIVITIES AND RESPONSIBILITIES -- The Internal Audit Process: Planning and Authorizing Internal Audits -- The Internal Audit Process: Launching an Internal Audit -- The Internal Audit Process: Reviewing and Testing Audit Evidence -- The Internal Audit Process: Reporting Internal Audit Results.
INTERNAL AUDIT IT GOVERNANCE STANDARDS.
Abstract:
Create strong IT governance processes In the current business climate where a tremendous amount of importance is being given to governance, risk, and compliance (GRC), the concept of IT governance is becoming an increasingly strong component. Executive's Guide to IT Governance explains IT governance, why it is important to general, financial, and IT managers, along with tips for creating a strong governance, risk, and compliance IT systems process. Written by Robert Moeller, an authority in auditing and IT governance Practical, no-nonsense framework for identifying, planning, delivering, and supporting IT services to your business Helps you identify current strengths and weaknesses of your enterprise IT governance processes Explores how to introduce effective IT governance principles with other enterprise GRC initiatives Other titles by Robert Moeller: IT Audit, Control, and Security and Brink's Modern Internal Auditing: A Common Body of Knowledge There is strong pressure on corporations to have a good understanding of their IT systems and the controls that need to be in place to avoid such things as fraud and security violations. Executive's Guide to IT Governance gives you the tools you need to improve systems processes through IT service management, COBIT, and ITIL.
Local Note:
Electronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2017. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries.
Genre:
Electronic Access:
Click to View