IT Governance: Implementing Frameworks and Standards for the Corporate Governance of IT

Find out how you can reduce risk with a sound IT governance strategy!

Corporate governance increasingly provides the context within which twenty-first century organisations have to assess and deal with investments in, and risks to, their corporate information assets and the Information and Communications Technology (ICT/IT) infrastructure, within which those information assets are collected, manipulated, stored and deployed. But what is corporate governance, and why is it important to the IT professional? Why is IT governance important to the company director, and what do directors of companies, both quoted and unquoted, need to know?

This book will answer these vital questions and set out, for managers, executives and IT professionals, the practical steps necessary to meet today's corporate and IT governance requirements.

The Calder-Moir Framework:

The book also explains how to integrate each standard and framework using The Calder-Moir Framework, which was developed specifically to help organisations manage and govern their IT operations more effectively, and to coordinate the sometimes wide range of overlapping and competing frameworks and standards. It also specifically supports implementation of ISO/IEC 38500, the new international standard for best practice IT governance.

Benefits to business include:

Gain practical guidance on deploying and navigating frameworks and standards

Board executives and IT professionals can learn to maximise their use of the numerous IT management and IT governance frameworks and standards – particularly ISO/IEC 38500, to best corporate and commercial advantage.

Find out how to develop an overarching framework

Within a ‘super framework', or ‘meta -framework', you can integrate each of these standards and frameworks whilst making sure that each can deliver what it was designed to do. Developing an overarching framework will enable your organisation to design IT governance to meet your own needs.

Buy this book to strengthen your business infrastructure and meet effectively today's corporate and IT governance requirements.

IT Governance: Implementing Frameworks and Standards for the Corporate Governance of IT is only available in Adobe ebook format SHOW LESS READ MORE >

Introduction: Corporate Governance Context
- Background
- Governance
- Fiduciary duties
- Governance frameworks
- Emergence of IT governance

Chapter 1: IT Governance Defined

Chapter 2: Intellectual Capital and the Information Economy

Chapter 3: Strategy: The Search for Competitive Advantage
- Development of IT strategy
- IT strategy
- The six-step IT strategy process
- Measurement and quality

Chapter 4: Governance and Risk Management
- Enterprise risk management
- Operational risk management
- IT risk management

Chapter 5: IT Regulatory Compliance
- Information security law: the emerging standard for corporate compliance

Chapter 6: Information and Continuity Risk
- Information risks and ISO27001
- Continuity risks and BS25999, ISO/IEC 24762
- Civil contingencies and business continuity planning

Chapter 7: Internal Control Frameworks
- UK Combined Code and Turnbull Guidance
- Sarbanes-Oxley
- COSO and internal control
- COBIT
- Val IT

Chapter 8: Project Governance
- Project failure
- Project governance objectives
- Execution risk
- Executive-level project governance
- Board-level project governance
- Project management frameworks
- Agile project management
- OPM3®
- Conclusions

Chapter 9: Components of IT Governance
- Key decision areas

Chapter 10: ISO/IEC 38500
- Scope
- Application
- Objectives
- Benefits
- Definitions
- The six principles of IT governance
- The IT governance model in ISO/IEC38500
- Accountability
- Applying the six principles
- Alignment between ISO/IEC 38500 and the Calder-Moir Framework

Chapter 11: IT Governance Frameworks and Standards
- Frameworks
- Conformance
- Convergence
- IT governance starting point
- End-to-end IT governance process

Chapter 12: The Calder-Moir Framework
- Navigating the framework
- Evaluate, direct, monitor
- Plan, Do, Check, Act
- Some subtleties

Chapter 13: Implementing IT Governance
- Maturity models
- The IT governance implementation process
- Issues that must be resolved
- Obtaining the board?s buy-in
- Conclusions

Chapter 14: Decision Making and the IT Organisation
- The CEO
- The CIO
- IT management structure
- IT organisational structure
- Outsourcing

Chapter 15: IT Steering Committee and Executive Committee
- IT steering committee
- Executive IT committee

Chapter 16: Enterprise IT Architecture Committee
- Centralised or decentralised IT?
- Enterprise IT architecture committee
- The Zachman Framework
- The Open Group Architecture Framework
- Service-oriented architecture
- Conclusion

Chapter 17: IT Audit

Chapter 18: The ITIL/COBIT/ISO27002 Joint Framework
- New Joint Framework
- Benefits of using the Joint Framework

Chapter 19: The IT Management System of Tomorrow
- PAS 99
- The integrated management system
- A single PDCA model
- What are the differences between the two PDCA models?
- Aspects of integrating ISO/IEC 27001 and ISO/IEC 20000

Chapter 20: Calder-Moir Implementation – a 15-Step Process
1. Initial IT governance assessment
2. IT governance road map
3. Principles – drawing on ISO38500
4. Develop organisational momentum (commitment, governance mandate)
5. Initial risk assessment
6. Plan changes
7. Build on existing capabilities
8. Business strategy
9. Risk, governance and compliance framework
10. IT architecture and strategy
11. Change
12. Information and technology lifecycles
13. IT operations
14. Reporting
15. Evolution and management of IT governance
The Calder-Moir IT Governance Framework Toolkit

Chapter 21: Making the Business Case for IT Governance
- ITG Resources