IT Governance hat zum Ziel, dass die Unternehmens-IT die Strategie und Geschäftsziele des Unternehmens möglichst effizient unterstützt. Um dies umzusetzen, existieren mehrere international anerkannte Verfahren und Standards wie z.B. COBIT, ITIL oder ISO 20000. Diese sind jedoch konzeptionell gehalten und machen meist keine Vorgaben zur technischen Umsetzung. Dieser Beitrag untersucht, wie mit H...

This work deals with IT governance integration in an information system (IS), since it’s one of the main worries to maintain alignment between information technologies and business strategy. It uses COBIT as IT Governance framework saw its generic, and flexible appearance to produce a measurable picture of the current state of IS, through structured IT control activities. It appealed to Loose I...

Özet. Proje yönetimine yol göstermek ve yönetişimi sağlamaya yönelik endüstride kullanılmakta olan standartların bir kısmı genel olarak proje yönetimini hedeflerken bazıları da bilgi güvenliği ve hizmet sunumu gibi özel konulara odaklanmaktadır. Çalışma kapsamına etkin bir bilgi teknolojileri proje yönetimi süreci için kullanılan proje yönetimi standardı olan PMBOK ve genel Bilgi Teknolojileri ...

In 2002, the Sarbanes-Oxley Act was passed into law requiring all U.S. based, publicly traded companies to report on the status of their internal controls governing the reporting of financial information. Because of the close relationship between financial reporting and IT, the requirements of the Sarbanes-Oxley (SOX) Act has also greatly impacted IT Governance and the way IT projects are manag...

It is evident that organizations are demanding more efficient information management technologies in order to offer high quality services for both internal and external clients. Firms pursue the implementation of processes aligned to their strategic and operational objectives and, to achieve these goals, they usually introduce various frameworks and approaches to information technology service ...

Reference models such as ITIL and COBIT (Control Objectives for Information and related Technology) represent proven best practices and provide key indicators for the design and control of ITSM processes. The idea behind the development of ITIL is the recognition that organizations are becoming increasingly dependent on IT in order to satisfy their corporate aims and to meet their business need...

Security is a subprocess that affects all processes within an organization structure. The control frameworks of CobiT and ITIL provide a mapping of organizational roles from the capital interest at the highest level, through to the implementation level in an enterprise system. Both control frameworks provide varying capability for control at different levels in an organization and leave the pro...

This paper reports a study of the key factors that affect ICT risk management using Thai businesses as the data sources. Three hundred and two respondents from listed organisations on the Stock Exchange of Thailand (SET) were surveyed and the data analysed to establish the strength of relationships in a model derived from extant literature and the application of the two most commonly used gover...

Few pieces of legislation have affected so much so quickly and profoundly as the SarbaneseOxley (often abbreviated ‘‘SoX’’) Act of 2003. Triggered by accounting scandals such as Enron’s several years ago, SoX has many provisions, some of the most important of which require management of publicly traded companies to establish and maintain ‘‘an adequate internal control structure and procedures f...

Up to now, there is little academic support for the challenges of IT management. As a reaction, various best practice frameworks were developed, which can be subsumed under the topic IT governance. These still have no sound basis or scientific foundation. To undertake a step in this direction we present a metamodel of COBIT, the popular IT governance framework. A major goal of this paper is to ...