IT Governance Drivers of Process Maturity Discussant comments Joseph Braithwaite Friday, Oct 21, 2011.

Slides:



Advertisements
Similar presentations
IT Governance & Quality Management
Advertisements

Microsoft Operations Framework (MOF) 4.0
Risk Management and Internal Controls ASSAL 20 November 2014 Annick Teubner Chair, IAIS Governance Working Group.
WRITING RESEARCH PAPERS Puvaneswary Murugaiah. INTRODUCTION TO WRITING PAPERS Conducting research is academic activity Research must be original work.
The Impact of Information Technology Material Weaknesses on Corporate Governance: Evidence from Executive and Director Turnover, and IT Governance Changes.
An Examination of the Factors Influencing Student Participation in Collaborative Approaches to Examination Preparation Paul Greenbank Edge Hill University.
PPA 501 – Analytical Methods in Administration Lecture 2c – The Research Proposal.
Chapter One: The Science of Psychology
How to write a publishable qualitative article
Business Communication Research Class 1 : What is Research? Leena Louhiala-Salminen, Spring 2013.
Advanced Research Methodology
COBIT 5: Framework, BMIS, Implementation and future Information Security Guidance Presented by.
COBIT® 5 for Risk Introduction
WELCOME! We will begin our webinar at the top of the hour As you log on, do not be surprised if you don’t hear anyone else; participants are placed on.
Planning an Applied Research Project Chapter 1 – Reading and Analyzing Research © 2014 John Wiley & Sons, Inc. All rights reserved.
GSIM Stakeholder Interview Feedback HLG-BAS Secretariat January 2012.
Selection Committee Training Scholarship Programs Office of Student Access and Completion.
The Audit Process Tahera Chaudry March Clinical audit A quality improvement process that seeks to improve patient care and outcomes through systematic.
Chapter One: The Science of Psychology. Ways to Acquire Knowledge Tenacity Tenacity Refers to the continued presentation of a particular bit of information.
Enterprise Risk Management
Bruce White Ruth Geer University of South Australia.
CSI - Introduction General Understanding. What is ITSM and what is its Value? ITSM is a set of specialized organizational capabilities for providing value.
Overview of COBIT5 and Impact on Local Content for IT By Mrs Tokunbo Martins Director Banking Supervision (Central Bank of Nigeria)
IT Control Weaknesses, IT Governance and Firm Performance Discussant Comments Gary Baker, Partner, Deloitte & Touche LLP Saturday, October 13, 2007.
Commissioning Self Analysis and Planning Exercise activity sheets.
ITIL Framework. What is ITIL ? ITIL stands for the Information Technology Infrastructure Library. ITIL is the international de facto management framework.
Drivers for the real estate investor E NVIRONMENTAL S USTAINABILITY − June, ERES Conference, Stockholm Authors: Helmut Schleich, University of.
Holistic Approach to Security
Factors Associated with IT Audits by the Internal Audit Function Discussant Comments October 2, 2009 INFORMATION RISK MANAGEMENT ADVISORY.
How did our school get involved? Iowa Sustaining Parent Involvement Network i S P I N.
Practice Management Quality Control
Fleming College Quality and Risk Management Review Summary November 10, 2005.
Morten Blomhøj and Paola Valero Our agenda: 1.The journal NOMAD’s mission, review policy and process 2.Two reviews of a paper 3.Frequent comments in reviews.
GEELONG REVISITED FROM ESD TO EBFM - future directions for fisheries management A COMMERCIAL INDUSTRY PERSPECTIVE ON THE ESD FRAMEWORK Neil MacDonald,
How to Satisfy Reviewer B and Other Thoughts on the Publication Process: Reviewers’ Perspectives Don Roy Past Editor, Marketing Management Journal.
1 CEO, CFO & CIO Engagement in Information Technology Management: The Disciplinary Effects of Sarbanes-Oxley Information Technology Material Weaknesses.
MDIC 1 George Serafin Deloitte & Touche LLP MDIC Open Forum Quality System Maturity Model Update.
 An article review is written for an audience who is knowledgeable in the subject matter instead of a general audience  When writing an article review,
Ian F. C. Smith Writing a Journal Paper. 2 Disclaimer / Preamble This is mostly opinion. Suggestions are incomplete. There are other strategies. A good.
From cost to value: 2010 Global Survey on the CIO Agenda June 15 th, 2010 IT ADVISORY KPMG INTERNATIONAL.
Introduction to Content Standards Jacqueline E. Korengel, Ed.D.
Pekka Nurminen (k90673) MSc thesis Research Plan.
Exploring differences between large and medium organizations’ Corporate Governance of Information Technology Discussant Comments Christopher O’Connor,
The Psychologist as Detective, 4e by Smith/Davis © 2007 Pearson Education Chapter One: The Science of Psychology.
Linkage of Risk, Capital and Financial Management CAS Annual Meeting Aaron Halpert, ACAS, MAAA Leslie R. Marlo, FCAS, MAAA November 12, 2007 INSURANCE.
1 COSO ERM Framework Update Our Next Challenge and Opportunity September 2015.
Idaho Conservation District’s Resolutions. Resolution res·o·lu·tion noun 1. a formal expression of opinion or intention made, usually after voting, by.
“the presentation of the thesis falls short,,,substantial proof reading,,,” “the literature,,raises a number of issues,,,many of them are also left open,
Change Management and COBIT®. Estonia & Finland Chapters Presentation Friday, November 5 th 2004 Charles Mansour CISA Tere päevast! ©Charles Mansour.
Improving Compliance with ISAs Presenters: Al Johnson & Pat Hayle.
CPD 3 - Advanced Publishing Skills 1 - How to Get Published and to Continue to Get Published in Leading Academic Journals Professor Tarani Chandola with.
Co-Creation in Higher Education
PLANNING, MATERIALITY AND ASSESSING THE RISK OF MISSTATEMENT
Data Architecture World Class Operations - Impact Workshop.
Capital Project / Infrastructure Renewal – Making the Business Case
COBIT® 5 for Risk Introduction
Guidance on risk communication in practice
Unit 4 Introducing the Study.
COSO Internal Control s Framework
COMPLIMENTARY TEACHING MATERIALS
Informative Essay.
SUCCESSION PLANNING: WHO WILL LEAD?
COBIT 5: Framework, BMIS, Implementation and future Information Security Guidance Presented by.
COBIT® 5 for Risk Introduction
Questioning and evaluating information
Persuasive Essay.
COBIT® 5 for Risk Introduction
MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further
Module: 9 Mapping the Standards How the 2020 Colorado Academic Standards Work Together for Colorado Students! Estimated time: 60 minutes.
Presentation transcript:

IT Governance Drivers of Process Maturity Discussant comments Joseph Braithwaite Friday, Oct 21, 2011

© Deloitte & Touche LLP and affiliated entities. Table of contents 1.Author’s Motivation or Justification 2.Theoretical Support 3.Analysis of results 4.Conclusion 5.Contribution to practice 6.Exposition 7.Contact IT Governance Drivers of Process Maturity1

© Deloitte & Touche LLP and affiliated entities. IT Governance Drivers of Process Maturity Author’s Motivation or Justification The author’s defend an opinion that there is a ‘Strong Association’ between the maturity of the IT Processes and the capability of those processes to function –On the surface this opinion is sound, as this is the same view that most generalist would have as the connection appears intuitive; but in practical terms the ability of a process to function as designed drives business value, not the level of maturity of that process. –This approach has outlined how the process maturity can influence how successful an IT organization can be in supporting the business but has missed looking at the business reasoning behind having less mature processes. IT Governance Drivers of Process Maturity2

© Deloitte & Touche LLP and affiliated entities. IT Governance Drivers of Process Maturity Theoretical support One half of the report is based on ‘Literature Reviews’ which has provided a lot of ‘Academic’ references and research materials. -The materials provided throughout this paper appear to be ‘academic’ with little to no ‘Industry’ research supported materials. Understanding the needs around research in the University setting I feel that there is a ‘Gap’ between the theory and the practical applicability of the results. -Industry research firms such as Gartner and Foresters would provide a level of ‘Industry’ perspective out side of the many industry journal perspectives provided. Many of the journals list publish academic papers, so they don’t truly provide a direct industry perspective. IT Governance Drivers of Process Maturity3

© Deloitte & Touche LLP and affiliated entities. IT Governance Drivers of Process Maturity Research methods The research method used had several significant flaws in the design, two are: –The 51 organizations used in the research we volunteers coming mostly from ISACA, which presents a bias with the group from the beginning (this was noted in the report) –Face-to-face interviews, although technically a good approach to gathering information results in information being presented as opinions and not facts. The ability to provide a quantitative analysis from this information needs to be considered. –Interviews introduce a bias as it’s human nature to reflect positively on the person being interviewed. This will almost always result in the values being inflated higher that reality. IT Governance Drivers of Process Maturity4

© Deloitte & Touche LLP and affiliated entities. IT Governance Drivers of Process Maturity Analysis of results The analysis used provided strong support and quantifiable evidence behind the opinion that mature processes provide for more IT capabilities…what does that really mean to me? –CobiT and ITIL are widely used throughout all industries when 40% of CIO’s ‘Thoroughly Follow’ at least one framework. How many follow portions of those same frameworks? From an industry perspective the complete implementation of a complete framework is seldom seen…so what is the impact of not following the processes 100%? –A view on the consistent application of specific CobiT and ITIL processes would provide more practical evidence to support the defined opinion (CM impact for instance) –The resulting analysis and conclusions were difficult to filter through and in some cases contradicted the previous statements. IT Governance Drivers of Process Maturity5

© Deloitte & Touche LLP and affiliated entities. IT Governance Drivers of Process Maturity Analysis of results (continued) –There is evidence presented that supports a need for more interaction at the board level with IT (1/5 of boards had an IT strategy committee, ¼ had a risk or security committee and only 1/3 of the boards had an IT committee) but there was no clear connection provided between the maturity levels and the interactions at the board level –The most mature processes outlined (security and virus detection and prevention) are direct business facing processes and are supported only through IT. The configurations and requirements are wide and varied, with a strong compliance component related to them. These process should not be the bases for the decision that IT Capabilities are influenced by process maturities as their management might reside in IT, but the ownership could reside on the business side IT Governance Drivers of Process Maturity6

© Deloitte & Touche LLP and affiliated entities. IT Governance Drivers of Process Maturity Conclusion The conclusion that IT processes and their maturity levels provide a comprehensive IT Lifecycle view of IT organizations –This statement has several problems in it generality; the first being the determination that the IT Lifecycle and IT processes are mutually exclusive in nature when in reality they should coexist in harmony –The fact that some processes are intentionally left at a less mature state hasn’t been taken into consideration with regards to the functionality or capabilities of the IT organization. –The concept that the more mature your process is the more capable your IT department will be is sound, but what is the end result. Future research needs to look at the ability of IT to great and sustain value for the business –Enterprises exist to create value for their stakeholders, so the governance objective for any enterprise— commercial or not—is value creation - ISACA IT Governance Drivers of Process Maturity7

© Deloitte & Touche LLP and affiliated entities. IT Governance Drivers of Process Maturity Contribution to practice I’m not positive in what value this has provided to the larger industry outside of academia. In reality the evidence only shows that organizations are diverse in their adherence to higher levels of maturity The fact that there wasn’t a broader view of the business and IT interactions that support the governance processes means the research isn’t finished yet, and as such, the results and conclusions are inconclusive at best. Future research should either focus on the breadth and depth of IT Governance as a holistic approach or be narrowed to focus on the a few specific components within a CobiT process. Expand the research to a broader number of organizations and avoid a disproportionate number of ISACA volunteers. This will reduce the inherent bias. Also, focus on auditable audit results and not questionnaire based interviews as the evidence does not have a bias IT Governance Drivers of Process Maturity8

© Deloitte & Touche LLP and affiliated entities. IT Governance Drivers of Process Maturity Exposition The audience should understand the exposition, but the analytical data provided should be addressed for the non PHD’s who will be using it… IT Governance Drivers of Process Maturity9

© Deloitte & Touche LLP and affiliated entities. IT Governance Drivers of Process Maturity Contact Joseph Braithwaite is a manager in with Deloitte in the Enterprise Risk Services Practice specializing in IT Risk and Governance Contact details These views and opinions expressed herein are those of the discussant and do not necessarily represent the views and opinions of Deloitte LLP. IT Governance Drivers of Process Maturity10

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.