Governance and Compliance
Research, Cases studies and best practice into GRC (governance, risk and compliance), IT Governance, Data Leakage, regulatory compliance risk assessment and risk analysis.
The current economic slowdown is forcing many companies to take a long hard look at a possible reduction in staffing levels. With this excellent article Mark Toomey (Managing Director of Informics) issues a strong warning about the dangers of ‘short termism’.
Whenever we think of the protection of data we tend to immediately conjure up images of banks of servers holding digital data. The fact is, however, that all companies also generate valuable physical (i.e. paper based) data that are often subject to strict regulatory regimes.
Value management is a governance and management framework that includes principles, processes and practices, with clear roles, responsibilities and accountabilities, and supporting information and organizational structures.
Most Recent Governance and Compliance
Scott Crawford, senior analyst with IT consultancy Enterprise Management Associates talks to three compliance and security leaders: Margie Cashwell at RSA, Craig Scroggie at Symantec and David Williams at IBM
Question 1
What are the most significant issues you see customers facing in implementing compliance and security today?
Question 1
What are the most significant issues you see customers facing in implementing compliance and security today?
Australia's ICT spending as a proportion of GDP is the tenth highest in the world. It is no surprise that spending the budget well keeps many CIOs awake at night. Is IT Portfolio Management the answer, or just another 'silver bullet' that fails to deliver the goods?
In the eternal battle for improved control over the existing ICT assets, as well as new projects, many firms in Australia and New Zealand are turning to Portfolio Management techniques. Sam Higgins, Research Director with the industry analyst firm Longhaus explores the value of IT Portfolio Management with experts Brett Lightfoot, Field Technical Services Director, Compuware ANZ and Primavera's Darren Cook.
IT Governance and Strategy
Practical guidance for managers on how to prepare for successful audits
What Is the IT Audit Checklist Series?
The ITCi IT Audit Checklists are a series of topical papers that provide practical guidance for IT, compliance, and business managers on preparing for successful internal audits of various aspects of their operations. In addition to helping managers understand what auditors look for and why, the IT Audit Checklists can also help managers complete proactive self assessments of their operations, thereby identifying opportunities for system and process improvements that can be performed in advance of an audit.
Practical guidance for managers on how to prepare for successful audits
What Is the IT Audit Checklist Series?
The ITCi IT Audit Checklists are a series of topical papers that provide practical guidance for IT, compliance, and business managers on preparing for successful internal audits of various aspects of their operations. In addition to helping managers understand what auditors look for and why, the IT Audit Checklists can also help managers complete proactive self assessments of their operations, thereby identifying opportunities for system and process improvements that can be performed in advance of an audit.
Total compliance with existing, emerging, and anticipated government regulations is a daunting goal. For firms with multiple lines of business, the legal use of client information from one business to cross-sell other services often poses privacy concerns. For firms with global operations, the challenges include overlapping jurisdictions with conflicting objectives and perspectives. Even the smallest public firms, or those with an interest in going public or being acquired by a public firm, face the challenges of new governance requirements that are as costly as they are confusing.
Mark Toomey analyzes the 'IT attention deficit' found at board level and the resources that organizations are drawing on to help directors and their managers better understand the need for, and nature of, IT Governance.
Most organizations depend on IT for their day-to-day activities, and for many, achievement of their future strategies also depends on IT. However, the track record of IT initiatives is not strong, and many fail – particularly when measured against the outcomes they were intended to produce. And while there is a long history of IT projects going wrong, there is also an increasing trend to disruption of business as a result of failures in installed, operational IT. In many cases, these failures too are predictable and avoidable.
Most organizations depend on IT for their day-to-day activities, and for many, achievement of their future strategies also depends on IT. However, the track record of IT initiatives is not strong, and many fail – particularly when measured against the outcomes they were intended to produce. And while there is a long history of IT projects going wrong, there is also an increasing trend to disruption of business as a result of failures in installed, operational IT. In many cases, these failures too are predictable and avoidable.
Governing IT Enabled Change – The Corporate Program Office
Maintaining competitive advantage requires a constant change and improvement program – which many organizations manage through a Corporate Program Office. Infonomic’s Mark Toomey provides insights into how organizations can ensure this Office’s effectiveness in managing the change agenda.
Maintaining competitive advantage requires a constant change and improvement program – which many organizations manage through a Corporate Program Office. Infonomic’s Mark Toomey provides insights into how organizations can ensure this Office’s effectiveness in managing the change agenda.
Defining IT governance (before someone does it for you)
Hydrasight believes that the phrase 'IT governance', and the myriad of associated themes, is becoming an increasing focus for IT organizations. The rising interest in corporate social responsibility (CSR), and so-called 'green IT' (refer “IT is not easy being green”, are just the latest examples of drivers—in addition to good old-fashioned enterprise IT risk management.
Hydrasight believes that the phrase 'IT governance', and the myriad of associated themes, is becoming an increasing focus for IT organizations. The rising interest in corporate social responsibility (CSR), and so-called 'green IT' (refer “IT is not easy being green”, are just the latest examples of drivers—in addition to good old-fashioned enterprise IT risk management.
Quick Links
Login
Latest Video
Implementing Access And Change Control For Group Policy
Portal Switch
Switch to the Convergence & Collaboration Portal.