Auditing in CIS Environment

Assignment 1: IT Governance

Questions:
1. What is IT governance?
2. What are the objectives of IT governance?
3. What is distributed data processing?
4. What are the advantages and disadvantages of
distributed data processing?
5. What types of tasks become redundant in a distributed data processing system?

Answers:

1. IT Governance (Information Technology Governance) is a process used to

monitor and control key information technology capability decisions in an attempt
to ensure the delivery of value to key stakeholders in an organization. ITG is
defined as the processes that ensure the effective and efficient use of IT in
enabling an organization to achieve its goals. ITG provides a structure for
aligning IT strategy with business strategy.

2. Governance brings all stakeholders’ interests together and tries to harmonize

them so that the organization moves forward. A company’s stakeholders can be
internal, including employees, executives, and board members. Externally, an
organization interacts with customers and suppliers. All these categories of
stakeholders have different interests in an organization, and many times these
interests conflict. It has many objectives but the main one is: Deliver Value to
Stakeholders. Providing value to stakeholders is at the heart of governance in
general and in particular of IT governance. Delivering value drives everything
else in IT governance. Also ITG need to set IT Strategy. Once your company
understands how it can provide value from IT assets, you can form a strategy for
creating that value through making new investments or using current assets
more efficiently. Creating an IT strategy has to do with determining a vision
and direction of current and future investments in IT activities. Whether it’s
buying new software or servicing new IT hardware, all IT investments have to
have a clear direction. The third one is Manage Risks. Where does risk come in
 when IT systems are involved? Yes, there’s the risk of being hacked and the risk
of leaking customer data. However, different stakeholders can create risk
because they have conflicting interests. And the last one is, Measure
Performance, Managers often say, “If you can’t measure it, it doesn’t
exist.” That sounds simplistic. However, for large enterprises, it’s impossible to
have operational visibility in every aspect of the business, including IT. Therefore
board members and executives rely on measuring key performance indicators
(KPI) in order to know how IT assets are performing. If IT performance can’t be
measured, then IT assets can’t be governed. Like any part of an organization, an
IT department has systems and people. We know that IT governance requires
every resource, either human or system, to work together efficiently to provide
more value. So it makes sense that measuring performance should be part of the
entire IT governance framework. Otherwise, how do you know that your IT assets
provide value to your stakeholders?

3. Distributed processing, also known as distributed computing, and is defined as

using a network of computers to perform specific tasks with one main computer
used for more complicated tasks. A system consisting of a network of
microcomputers performing certain functions and linked with a main computer
used for more complex tasks. The first term used to describe the distribution of
multiple computers throughout an organization in contrast to a centralized system.
It started with the first minicomputers. Today, distributed processing is called
"distributed computing." See also client/server.

4. Advantages of Distributed Data Processing

Cost: Distributed, multi-component systems can be less costly than a single,

centralized system. In the SETI example, the cost savings are obvious. Rather
than invest in a large-scale mainframe system or supercomputer costing
hundreds of thousands of dollars, the SETI program was able to make use of
"free labor" provided by many individuals who volunteered their processing
resources. Even in a business setting, though, the use of multiple personal
computers networked together can be less of an investment than a single large
data processing system. Redundancy and Reliability: If your one huge central
computer breaks down, you're out of luck. Information processing comes to a halt
 until the system is back up and running. Even central systems with robust backup
capabilities are still prone to disruptive failures. In a distributed framework,
however, loss of one or a few machines is not necessarily a big deal, as there
are other computers linked into the network that can pick up the slack.
Sustainability: Networking numerous data processors to perform a single task
can result in energy savings over a centralized data processing system. Remote
data centres can be sited in environments that are cool, thereby reducing the
need for artificial cooling, or that have an ample supply of "green electricity" such
as that produced by hydropower or geothermal energy. This is not only a cost-
saving measure, but can lower the overall greenhouse gas footprint of the
system.

Disadvantages of Distributed Data Processing

On the other hand, distributed systems can come with drawbacks as well. Chief
among these is the demand of the system for consistent, reliable, always-on
communication between participating machines. A widespread outage at a phone
company or internet service provider can really throw a monkey wrench into the
operation of a distributed system, perhaps even more so than would be the case
with a centralized data processing set-up.

5. Autonomous systems development initiatives distributed throughout the firm can

result in each user area reinventing the wheel rather than benefiting from the
work of others.