Governance System Principles Flashcards
S1 M5
List the 6 principles for a governance system (“very healthy dietors do tyry everything”)
value
holistic
dynamic
distinct
tailored
end-to-end
create value for the company’s stakeholders by balancing benefits, risks, & resources
value
comprises diverse components where governance & management are not treated as isolated elements
holistic
when a change in one governance system occurs, the impact on all others should be considered so that the system continues to meet the demands of the organization
dynamic
management activities & governance systems should be clearly distinguished from each other
distinct
governance systems should be customized to each company, using design factors to prioritize & tailor the system
tailored
3 principles used to develop the COBIT 2019 core model
based on conceptual model
open & flexible
aligned to major standards
1 domain of governance objectives
evaluate, direct, & monitor (EDM)
those charged with governance evaluate strategic objectives, direct management to achieve those objectives, & monitor whether objectives are being met
evaluate, direct, & monitor (EDM)
ensuring benefits delivery
governance framework setting
risk optimization
resource optimization
stakeholder engagement
evaluate, direct, & monitor (EDM)
4 domains of management objectives
align, plan, & organize (APO)
build, acquire, & implement (BAI)
deliver, service, support (DSS)
monitor, evaluate, & assess (MEA)
(domain) focuses on IT’s overall strategy, organization, & supporting activities
align, plan, & organize (APO)
(domain) managed data
IT infrastructure & architecture
innovation
budgeting
human resources
vendors
quality
security
managing risk
align, plan, organize (APO)
(domain) addresses the security, delivery, & support of IT services
deliver, service, & support (DSS)
(domain) managed operations
service requests
managed problems
continuity
security services
business process controls
deliver, services, & support (DSS)
(domain) addresses IT’s conformance to the company’s performance targets & control objectives along with external requirements
monitor, evaluate, & assess (MEA)
(domain) managed performance & conformance monitoring
managed system of interla control
compliance with external requirements
managed assurance
monitor, evaluate, & assess (MEA)
7 components of the governance system
process
organizational strucutures
principles, policies, & frameworks
information
Culture, ethics & competencies
services, infrastructure, & applications
(component) set of activities or practices that produce outputs that help achieve overall IT goals
processes
(component) the decision-making entities within an organization
organizational strucutures
(component) info needed for the governance system to function properly
information
(component) influence the success of all management & governance activities
culture, ethics, & behavior
