La descarga está en progreso. Por favor, espere

La descarga está en progreso. Por favor, espere

IT Governance. What is IT Governance? 2 Information Technology Governance (Gobierno de TI) es una disciplina subconjunto de Gobierno Corporativo centrada.

Presentaciones similares


Presentación del tema: "IT Governance. What is IT Governance? 2 Information Technology Governance (Gobierno de TI) es una disciplina subconjunto de Gobierno Corporativo centrada."— Transcripción de la presentación:

1 IT Governance

2 What is IT Governance? 2 Information Technology Governance (Gobierno de TI) es una disciplina subconjunto de Gobierno Corporativo centrada en el rendimiento de las tecnología de la información (TI) y su y la gestión del riesgo. El creciente interés en IT Governance se debe en parte a las iniciativas de cumplimiento de reglamentos (por ejemplo, la ley Sarbanes-Oxley (EE.UU.) y Basilea II (Europa)), así como el reconocimiento de que los proyectos de TI puede salir fácilmente fuera de control y afectar profundamente el desempeño de una organización. 2

3 IT governance IT governance es responsabilidad del consejo de administración y la gestión ejecutiva. Es una parte integrante de la gobernanza empresarial y consiste en el liderazgo y las estructuras organizativas y procesos que garanticen que la organización de TI sea capaz de sostener y extender las estrategias de la organización y sus objetivos What is IT Governance? ITGI, Board Briefing on IT Governance

4 IT Governance se ocupa de… Quien toma las decisiones (poder) Porque ellos las toman (alineamiento) Como se las toman (proceso de toma de decisiones) Idealmente las decisiones son tomadas conjuntamente entre la administracion del negocio y la administracion de TI. Comunicacion efectiva y eficiente entre TI y el negocio. Aspectos criticos para la apropiada toma de deciciones respecto a TIs.

5 A 2002 Gartner survey found that 20 percent of all expenditures on IT is wasteda finding that represents, on a global basis, an annual destruction of value totaling about US $600 billion. A 2004 IBM survey of Fortune 1000 CIOs found that, on average, CIOs believe that 40 percent of all IT spending brought no return to their organizations. A 2006 study conducted by The Standish Group found that only 35 percent of all IT projects succeeded while the remainder (65 percent ) were either challenged or failed. En los últimos años, las encuestas han revelado de manera consistente que del 20 al 70 por ciento de las inversiones a gran escala de cambios basados en TI presentan perdidas o no resultan en las ganancias calculadas para la empres. o no para un retorno a la empresa (De hecho, una encuesta sobre la medición de los costos y valor, encontro que en muchas empresas, menos del 8 por ciento del presupuesto en TI se gasta en las iniciativas que realmente crean algun valor para la empresa. Reference: Val IT Framework 2.0 Motivos de su Importancia

6 Nike reportedly lost more than US $200 million through difficulties experienced in implementing its supply chain software. Failures in IT-enabled logistics systems at MFI and Sainsbury in the UK led to multimillion-pound write-offs, profit warnings and share price erosion. Tokyo Gas reported a US $46.6 million special loss due to cancellation of a large customer relationship management (CRM) project. In the public sector, the UK Department for Work and Pensions apparently squandered more than £2 billion by abandoning three major projects. Headlines around the world corroborate these findings: Reference: Val IT Framework 2.0

7 What Makes IT Governance so important? Strategic importance of IT Extended Enterprise Regulatory requirements Cost optimisation Return on investment Drivers Low return from high-cost IT investments, and transparency of ITs performance are two top issues More than 30% claim negative return from IT investments targeting efficiency gains 40% do not have good alignment between IT plans and business strategy Interest in and use of active management of the return on IT investments has doubled in 2 years (28% to 58%) Gartner – more than 600 billion $ thrown away annually on ill conceived or ill executed IT projects Standish Group – about 20% of projects fail outright, 50% are challenged and only 30% are successful ITGI 2005 Survey early findings confirm concerns

8 Forces Driving IT Governance Compliance Security Business/IT Alignment ROI Project Execution

9 What makes IT Governance so important? Shareholders want protection for the Enterprises Share Price …if not filed, auditor must include a paragraph in its annual report that it cannot vouch for the enterprises ability as a going concern… "... Si no es parte del informe, el auditor debe incluir un párrafo en su informe anual que no puede dar fe de la capacidad de la empresa de seguir como negocio en marcha..." …financial reporting system is not up to speed… …the company has lost a third more of its market value yesterday as it revealed a virtual collapse of its financial reporting system… …data entry problems…

10 Mayores Preocupaciones de los lideres en TI para el 2008 (segun una encuesta de la revista ComputerWorld) # 1 on this list is IT Governance, including business alignment From the Dec 10, 2007 issue of Computerworld Magazine (pg 74) Computerworld Magazine is a publication of International Data Group Inc.

11 Why is IT Governance important? 11 IT are in competition for budget – Business is beating IT to and for budget IT needs to become a business focused discipline IT is viewed by senior management as Fire Fighters and not Planners or implementers IT is viewed as a monetary drain on business IT needs to compete effectively at the C level Business does not perceive IT as value for money

12 Governance Issues Human interface Records Management Education Laws of the Land & beyond

13 Risk Issues

14 14 Legislative Issues

15 Security Issues

16 Internal Threats

17 External Threats

18 Physical Security

19 19 What should Information Technology Governance Deliver? Executives should focus on Information Technology Governance, which when properly implemented should provide the following:

20 20 Un tema general de IT Governance se refiere a que las capacidades de TI ya no puede ser algo que los que administran el negocio no entiendan y que también TI debe entender el negocio y sus necesidades. El manejo de TI ha sido siempre un problema para los ejecutivos de alto nivel de una empresa debido a la naturaleza técnica de las TI; por lo tanto, las decisiones clave fueron dejadas a los profesionales de TI. IT Governance implica un sistema en el que todas las partes interesadas, incluida la Junta, los clientes internos y áreas afines tales como las finanzas, tienen la información necesaria para la toma de decisiones. Esto evitará que un solo actor, por lo general de TI, sean culpados por malas decisiones. También evita que los usuarios más tarde se quejen de que el sistema no se comporta como se esperaba. 20 Caracteristicas

21 What are the IT Governance Characteristics (2)? 21 Most importantly - The board needs to understand the overall architecture of its company's IT applications portfolio … The board must ensure that management knows what information resources are out there, what condition they are in, and what role they play in generating revenue… 21

22 IT Governance Goals 22 The primary goals for Information Technology Governance are: (1)assure that the investments in IT generate business value (2) mitigate the risks that are associated with IT. This can be done by implementing an organizational structure with well-defined roles for the responsibility for information, business processes, applications, infrastructure thats is well communicated across the organization.

23 C2Cs GRC Model view – supporting IT Governance

24 Who is this aimed at? Senior Management CIOs CISOs IT Managers IT staff and IT centric organizations

25 IT Governance Institute IT Governance Institute is a non-profit research think-tank associated with ISACA ®

26 An Overview of IT Governance

27 IT Governance Needs a Management Framework Driving Forces Map Onto the IT Governance Focus Areas IT GOVERNANCE VALUE DELIVERY STRATEGIC ALIGNMENT RESOURCE MANAGEMENT RISK MANAGEMENT PERFORMANCE MEASUREMENT

28 Areas de Gobierno de TI

29 Interrelaciones de los Componentes de COBIT

30 Beneficios de Implementar COBIT como marco de referencia de Gobierno sobre TI

31 IT Governance Life Cycle

32 IT Governance Control Cycle

33 Assess Environment Based on C OBI T ®, develop an approach for improved internal control to meet regulatory requirements that incorporates business and IT mission, vision, and strategy Establish risk management strategy Formally document existing processes

34 IT Governance Control Cycle Maintain IT Controls Framework Develop controls framework to supports sound business decisions Document integration points in the current environment Create an organizational mechanism to support the governance of IT Mitigate identified risks through the IT controls framework

35 IT Governance Control Cycle Develop & Refine Governing Documents Utilize a central repository for governing documents Develop a consistent approach for creating governing documents Consistently apply processes and procedures Gain executive commitment for IT governance frameworks and structure

36 IT Governance Control Cycle Communicate and Train Provide Tone at the Top Develop a strategic communication plan for mission objectives and overall management direction Execute strategic communication plan Implement a standard training program to avoid unnecessary and redundant training

37 IT Governance Control Cycle Implement and Operate Align staff responsibilities with IT control objectives Achieve sustainability of IT controls in the operational environment Support continuous improvement of operational effectiveness and accountability

38 IT Governance Control Cycle Measure and Validate Revise current metrics program to include newly defined controls Verify the sustainability of defined controls Develop cost effective automated measurements Measure all processes to include Applications, Databases, Platforms and Networks

39 IT Governance Control Cycle Monitor and Report Report on continued effectiveness of controls Increase transparency to auditors of issues and actions taken Accurately attest to ITs compliance with policy, laws, and regulations Improve existing processes using metrics trending

40 IT Governance Control Cycle Enforce Reinforce required policy compliance and standards conformance Define a consistent approach for enforcement across all processes


Descargar ppt "IT Governance. What is IT Governance? 2 Information Technology Governance (Gobierno de TI) es una disciplina subconjunto de Gobierno Corporativo centrada."

Presentaciones similares


Anuncios Google