The document discusses the four domains of IT management control framework:
1. Planning and Organization which covers strategies to identify how IT can best contribute to business goals and develop proper technology infrastructure.
2. Acquisition and Implementation which involves identifying, acquiring, implementing, and integrating IT solutions to realize business strategies.
3. Delivery and Support which relates to providing desired services including operations, security, business continuity, and training.
4. Monitoring which requires regularly evaluating IT processes to assess control quality and alignment with needs.
The document discusses the four domains of IT management control framework:
1. Planning and Organization which covers strategies to identify how IT can best contribute to business goals and develop proper technology infrastructure.
2. Acquisition and Implementation which involves identifying, acquiring, implementing, and integrating IT solutions to realize business strategies.
3. Delivery and Support which relates to providing desired services including operations, security, business continuity, and training.
4. Monitoring which requires regularly evaluating IT processes to assess control quality and alignment with needs.
The document discusses the four domains of IT management control framework:
1. Planning and Organization which covers strategies to identify how IT can best contribute to business goals and develop proper technology infrastructure.
2. Acquisition and Implementation which involves identifying, acquiring, implementing, and integrating IT solutions to realize business strategies.
3. Delivery and Support which relates to providing desired services including operations, security, business continuity, and training.
4. Monitoring which requires regularly evaluating IT processes to assess control quality and alignment with needs.
Framework • Domain 1 : Planning and Organisation Domain ini mencakup strategi dan taktik yang menyangkut identifikasi tentang bagaimana TI dapat memberikan kontribusi terbaik dalam pencapaian tujuan bisnis organisasi sehingga terbentuk sebuah organisasi yang baik dengan infrastruktur teknologi yang baik pula. • Langkah-langkah: • Menetapkan rencana stratejik TI • Menetapkan hubungan dan organisasi TI • Mengkomunikasikan arah dan tujuan manajemen • Mengelola sumberdaya manusia • Memastikan pemenuhan keperluan pihak eksternal • Menaksir risiko • Domain 2 : Acquisition and Implementation Untuk mewujudkan strategi TI, solusi TI perlu diidentifikasi, dibangun atau diperoleh dan kemudian diimplementasikan dan diintegrasikan dalam proses bisnis. • Langkah-langkah : • Mengidentifikasi solusi terotomatisasi • Mendapatkan dan memelihara infrastruktur teknologi • Mengembangkan dan memelihara prosedur • Memasang dan mengakui sistem • Mengelola perubahan • Domain 3 : Delivery and Support Domain ini berhubungan dengan penyampaian layanan yang diinginkan, yang terdiri dari operasi pada security dan aspek kesinambungan bisnis sampai dengan pengadaan training. • Langkah-langkah : • Menetapkan dan mengelola tingkat pelayanan • Mengelola pelayanan kepada pihak lain • Memastikan pelayanan yang kontinyu • Memastikan keamanan sistem • Mengelola konfigurasi/susunan • Mengelola data • Mengelola fasilitas • Domain 4 : Monitoring Semua proses TI perlu dinilai secara teratur dan berkala bagaimana kualitas dan kesesuaiannya dengan kebutuhan kontrol. • Langkah-langkah: • Memonitor proses – menaksir kecukupan pengendalian internal • Mendapatkan kepastian yang independen