CISA Review Course Slides - Part1

LOGO

CISA Review Course

Iyad Mourtada, CIA, CMA, CFE, CPLP

Introduction to IT Governance

Information is Key element not the Technology

wps.cn/moban

Governance Definition

IT Governance Definition

CORPORATE GOVERNANCE

Corporate Governance is defined by ISACA as “ethical behavior of corporate executives toward shareholders and stakeholder to maximize the return of a financial investment”

Company Logo

Governance

Company Logo

- Code of Ethics- Code of Conduct - Policy Standards Procedures Guidelines

CORPORATE GOVERNANCE - Strategic alignment between IT and enterprise objectives. - Technology Plans have to fulfill a business objectives. - IT Steering Committee communicate the business requirements from business executives to the IT executives. - The charter of the IT Steering Committee will define their responsibilities and authorities.

Company Logo

Balanced Scorecard

Company Logo

3 Layers of IT Scoring

Company Logo

- Mission - Strategy- Metrics (Based on the Critical Success Factors)

- Defining the IT Strategy - Project Life Cycle Initiating Planning Executing Closing

Monitoring and controlling

Implementing Planning of the IT Strategy

Company Logo

- Data Plan (Use of data)

- Application management Plan (App used)

- Technology Plan (Type of Hardware & Software)

- Organizational Plan (IT Organizational Structure)

- Facilities Plan (IT Facilities)

COBIT 5

Company Logo

Control Objectives for Information and Related Technology (COBIT 5) provides a comprehensive framework that assists enterprises to achieve their goals and deliver value through effective governance and management of enterprise IT.

wps.cn/moban

Company Logo

COBIT 5 Principles

Source:  COBIT® 5, figure 2. © 2012 ISACA® All rights reserved.

COBIT 5 Enablers

wps.cn/moban

Company Logo

Source:  COBIT® 5, figure 12. © 2012 ISACA® All rights reserved.

Performance Review: Capability Maturity Model

Company Logo