Professional Documents
Culture Documents
S T U D Y N O T E S 3
Dominique P. Alistado
AA 3201 MW 7:30-9:00 PM
Role of IT Governance
IT Governance Evaluating and directing the use of IT to support the organization
Implementing IT and new technologies facilitate the
Information technology (IT) governance is a a set of policies and
organization to do new things that were not previously possible.
procedures of corporate governance that focuses on the
Value Strategy Risk Performance Aligning the IT strategy with the organization's goals
Based on the improved efficiencies, IT provides increased
Deliver Value to Stakeholders. Providing value to stakeholders customer satisfaction, partner satisfaction and loyalty.
company buys or leases a building that will serve critical applications such as purchasing backup copies
the strategic plan. This task is a business decision
as a data center and the shell is then available of the latest software upgrades.
and should be made by those best equipped to
and ready to receive whatever hardware the
understand the business problem.
temporary user needs to run essential systems.
Backup Data Files. Databases should be copied daily
to high-capacity, high-speed media, such as tape or
CDs/DVDs and secured off-site. Likewise, master files
Recovery Operations Center. A fully equipped
and transaction files should be protected.
2. Create a disaster recovery team backup data center that many companies share.
In the event of a major disaster, a subscriber can Backup Documentation. The system documentation
occupy the premises and, within a few hours, for critical applications should be backed up and
To avoid serious omissions or duplication of effort resume processing critical applications. stored off-site along with the applications. It may be
during implementation of the contingency plan, task
simplified and made more efficient through the use of
responsibility must be clearly defined and Internally Provided Backup. Permits firms to Computer Aided Software Engineering (CASE)
communicated to the personnel involved. The team develop standardized hardware and software documentation tools.
members should be experts in their areas and have configurations, which ensure functional
assigned tasks. Following a disaster, team members compatibility among their data processing Backup Supplies and Source Documents. The DRP
will delegate subtasks to their subordinates. The centers and minimize cutover problems. should specify the types and quantities needed of
environment created by the disaster may make it critical special items because these are such routine
necessary to violate control principles such as elements of the daily operations which are often
segregation of duties, access controls, and overlooked by disaster contingency planners.
supervision.
Testing the DRP. DRP tests are important and should
be performed periodically because it can measure the
preparedness of personnel and identify omissions or
bottlenecks in the plan.
e d Data Pr
l iz o
c
a
e
r
gn i s s
t n
Take away from Synchronous Class
eC
In our synchronous sessions, the topic that struck me the Aside from the structure of IT functions two data
e d Data Pr
most is how important it is to segregate IT functions, processing models which are Centralized Data u t o
c
bi
e
especially when they are Incompatible with each other. Processing and Distributed Data Processing. Under the
s
r
gn i s
t s
former, all data processing is performed by one or more
D i
In our previous Accounting Information System class, we large computers housed at a central site that serves
were taught the importance of Internal Control and one users throughout thein which IT services activities are
of which is Segregation of Duties. This internal control consolidated and managed as a shared organization
ensures that there is oversight and review to catch resource, while the latter involves reorganizing the
errors and it helps to prevent fraud or theft. It may be central IT function into small IT units that are placed
the same if applied to IT systems but to me, it appears under the control of end users.
more complicated as new duties are introduced.
Furthermore, I have learned about the importance of
I have learned that separating systems development the physical environment of computer centers as to
from computer operations is vital to avoid unauthorized mitigate risk and create a secure environment.
changes to the application during execution and to
prevent hacking. Similarly, it is important to separate In conclusion, our synchronous class talked about the
Database administration from other functions because risk and controls related to IT governance. IT
if not, the integrity of the database will be threatened. Governance plays an important role in achieving an
It is also important to segregate systems development organization's goals by ensuring that policies and
& maintenance duties because if the developer will do strategy are actually implemented, and that required
the maintenance, he might hide the errors detected. processes correctly followed
References
Hall, J.A. (2011). Information Technology Auditing and Assurance. South-Western Cengage Learning
Spremic, M& Žmirak, Z& Kraljevic, K. (2008). IT governance and performance measurement: research study on Croatian companies. 187-192.
What Is IT Governance? Understanding From First Principles. (2020. November 12). Plutora. Retrieved from https://www.plutora.com/blog/it-governance
Young, M. (2008, Spetember, 9). Leadership - The Role of IT Governance. Retrieved from https://www.computerworld.com/article/2779316/leadership---the-role-of-it-governance.html