Joseph PonnolyMBA, MSc, CGEIT, CISM, CISA, CISSP

Business & IT

IT projects fail

IT talents and skills

Returns on IT investments

Information risks

IT performance

Quality service delivery

Obsolete Technology

Responsibility for IT

Business IT

Governance

Enterprise System Architecture: Strategy, Business, Information, Systems and Technology. System Architect promotes: Increased Organizational Agility Alignment of Business Processes and IT Systems to Business

Objectives Planning, Modeling, and Execution of Business Processes (BPM) Rapid, Effective and Positive Response to Business Change

Architectural Frameworks The Zachman Framework TOGAF

Enterprise Risk Management (ERM)

HAZARD RISK STRATEGIC

RISK OPERATIONAL

RISK

PEOPLE

PROCESS

TECHNOLOGY

INFORMATION RISK

Risk Defined (LOSS –possibility/probability or exposure)

Risk/Management Internal Control Framework

COSO AS/NZ 4360:2004

Information Risk Management Framework/ Standard:

• ISO 27002- Information Risk Management Standard

• NIST SP 800-30 / 800-53

• CRAMM

• OCTAVE

•FAIR

Dealing with Risk

AVOID

TRANSFER

MITIGATE

ACCEPT

People

Application Systems

Technology

Facilities

Data

IT Resources

Portfolio & Project Management PRINCE 2 and PMBOK Balanced Score Card

Performance Management

Resources management

Risk Management

IT investments value governance

IT Strategy-Business IT alignment

leadership effective organizational

structures business processes

Key Areas

• IT Strategy

•Finance, Budgeting & Investments

•Enterprise Architecture

•Business Analysis

•Solutions Development

•Service Delivery

•Supply Management

•Risk Management

•Compliance

•Resources Management

•Talent Management

•Data Governance

•Performance Metrics/ Balanced Score Card

•Portfolio & Project Management

•Auditing & Assurance

CGEIT (Certified in Governance of Enterprise

IT)

business skills

legal skills

technology skills

Risk management

skills

financial skills

Performance management

Resource management

risk management,

Value delivery

Business – IT strategic alignment

leadership effective organizational

structures business processes

•Creation of an IT strategy that aligns with business strategiesIT Strategy

•Optimization of IT investments using the COBIT/VAL-IT framework using financial engineering concepts and analysis.IT Investment management

•Risk Management using ISO 27002 and the COSO frameworkRisk Management

• Knowledge Management , Information Management, DSS/ Business Intelligence, Technology Architecture & Solutions Management, TrainingResource Management

• portfolio and project management , ITSM, ITIL framework for service delivery, CMMI for software acquisition and implementation maturityPerformance Management

•Implementation of the Balanced Score Card for effective monitoring of IT performance, Performance Metrics

Performance Measurement-Balanced Score Card

•Compliance initiatives for Governance, Risk & Control.Compliance (GRC)

Auditor’s role in IT Governance Assessment & Assurance to Board of Directors & Executive

Management

Auditing IT Governance IT Strategies Value Governance & IT Investments & Finance Management Risk Management Resources Management Performance Metrics