The textbook [1 pages 11-13] discusses the CobiT ®® framework and describes IT a

Question

The textbook [1 pages 11-13] discusses the CobiT ®® framework and describes IT activities as falling within four generic domains:

  Plan and Organize (PO)

  Acquire and Implement (AI)

  Deliver and Support (DS)

  Monitor and Evaluate (ME)

Imagine that you have just been promoted to IT manager within a 500 seat call center [3], which falls in the DS category above. You got the promotion because the manager before you was fired because of overly restrictive password policies that led to many passwords being written on easily findable notes. The cleaning staff sold the passwords on the web and the consequent clean-up  is at $250,000 and mounting. The manager, cleaning staff, and 37 call center reps were fired. The best rep for the past 5 years was one of the fired and had written on a note underneath the keyboard the unique system-generated passwords to the five most important systems in order to provide the best and quickest service possible. The CIO was most unhappy that rep had to be let go and blamed the former manager for causing it.

You have just met with the CIO. She has asked you to spend the next week investigating the situation and make some recommendations for passwords and password policies in the call center. She insists that you incorporate good human factors  in them. She also asks you to specifically address the four questions for DS listed in our textbook [1 page 12]:

Explanation / Answer

Associations ought to fulfill the quality, guardian and security necessities for their data, concerning all advantages. Administration ought to additionally advance the utilization of accessible IT assets, including applications, data, base and individuals. To release these

obligations, and additionally to accomplish its goals, administration ought to comprehend the status of its endeavor design for IT and choose what administration and control it ought to give.

BUSINESS GOALS AND IT GOALS:

Whilst data criteria give a bland strategy to characterizing the business prerequisites, characterizing an arrangement of nonexclusive business and IT objectives gives a business-related and more refined premise for building up business necessities and adding to the measurements that permit estimation against these objectives. Each endeavor utilizes IT to empower business activities, and these can be spoken to as business objectives for IT.

In the event that IT is to effectively convey administrations to bolster the endeavor's methodology, there ought to be a reasonable possession and course of the prerequisites by the business the client and an unmistakable comprehension of what should be conveyed, and how, by IT the supplier .

1.PLAN AND Organize (PO)

This area covers system and strategies, and concerns the recognizable proof of the way IT can best add to the accomplishment of the

business targets. The acknowledgment of the vital vision should be arranged, imparted and oversaw for alternate points of view. An appropriate association and additionally innovative foundation ought to be placed set up.

This area ordinarily addresses the accompanying administration questions:

Are IT and the business system adjusted

Is the venture accomplishing ideal utilization of its assets

Does everybody in the association comprehend the IT targets

Are IT dangers comprehended and being overseen

Is the nature of IT frameworks fitting for business needs

2.ACQUIRE AND IMPLEMENT (AI)

To understand the IT methodology, IT arrangements should be distinguished, created or procured, and also actualized and coordinated into the business process. What's more, changes in and upkeep of existing frameworks are secured by this area to ensure the arrangements

keep on meeting business goals.

This area normally addresses the accompanying administration questions:

Are new ventures prone to convey arrangements that address business issues

Are new ventures prone to be conveyed on time and inside of spending plan

Will the new frameworks work appropriately when executed

Will changes be made without irritating current business operations

3.DELIVER AND SUPPORT (DS):

This space is worried with the genuine conveyance of required administrations, which incorporates administration conveyance, administration of security and congruity, administration support for clients, and administration of information and operational offices.

It commonly addresses the accompanying administration questions:

Are IT administrations being conveyed in accordance with business needs

Are IT costs advanced

Is the workforce ready to utilize the IT frameworks profitably and securely

Are sufficient privacy, respectability and accessibility set up for data security

4.MONITOR AND EVALUATE (ME):

All IT forms should be frequently evaluated after some time for their quality and consistence with control prerequisites. This area addresses execution administration, observing of interior control, administrative consistence and administration.

It commonly addresses the accompanying administration questions:

Does administration guarantee that interior controls are powerful and proficient

Would It be able to execution be connected back to business objectives

Are sufficient secrecy, honesty and accessibility controls set up for data security.

Related Questions

Navigate

• Browse (All)
• Browse T
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.