Please enable JavaScript.
Coggle requires JavaScript to display documents.
Module 03_Governance of Enterprise IT (5_Performance Management System…
Module 03_Governance
of Enterprise IT
2_GRC Framework - (B)
Risk Management
Key mgt. practices
of RM
collect data
analyse risk
Maintain a risk profile
articulate risk
define risk mgt. action portfolio
Risk categories
Business risks
Market risks
FInancial risks
Operational risks
Strategic risks
IT risks
Compliance risks
Risk mgt. Strategies
Accept
Eliminate
transfer/share
Treat/mitigate
Ignore
Risk Mgt. Process
Risk identification
Risk evaluation
Risk prioritisation
Risk response
Risk mitigation
Risk monitoring
4_Key Enablers of GEIT
7 Enablers of COBIT5
Principles, policies & framework
Processes
Operational structures
Culture, ethics & behaviour
Information
Services, infrastructure & applications
People, skills & competence
5_Performance Management System
Goal setting
Balanced Scorecard (BSC)
IT BSC
User orientation perspective
Operational excellence perspective
Future orientation perspective
Business contribution perspective
CIMA
Strategic Scorecard
Strategic position
Strategic options
Strategic implementation
Strategic risk
1_Concepts
A
Enterprise Governance
Corporate Governance
Governance
Conformance / Corporate
Performance / Business
GEIT Objectives
Benefit realisation
RIsk Optimization
Resource Optimisation
2_GRC Framework - (A)
COSO
Categories of
Objectives of COSO
Operations objective
Reporting objective
Compliance objective
Components
of COSO
Control environment
RIsk assessment
Control activity
Information & communication
Monitoring activities
COBIT 5
5 Principles of COBIT 5
Meeting stakeholder
needs
End to end coverage of Enterprise
Applying a single integrated framework
Enabling a holistic approach
Separating Governance from management
3_GEIT & GRC
GRC as per Clause 49
Risk management
CEO/CFO Certification
Internal Control
Audit certification
6_Implementing Governance & management practices
Systematic approach for implementing GEIT
Implementing GEIT in specific areas
Stakeholders in implementing GEIT