Don’t let your digital transformation efforts outpace your ability to govern them – review and assess your policy framework now

In today’s high velocity business environment, it’s easy to lose sight of some basic governing principles that might be viewed as cumbersome and restrictive. Be careful, because governance principles exist to ensure the proper balance of performance and conformance when achieving business objectives. If your organization ignores your essential internal controls, it can introduce vulnerabilities that were never intended. Those

More

How do I interpret COBIT process guidance in the updated 2019 version of COBIT?

This year ISACA released the latest edition of the COBIT framework and one of my favorite parts is the introduction of governance and management objectives.  Check out this short video blog on what these are and how to interpret them. 

Finally! A guide for tailoring a governance system for Information and Technology

Back in November I posted about how excited I was to see ISACA’s update to the COBIT framework and provided some thoughts about navigating through the first two guides. Click here to take a look if you didn’t catch it, as it might help you with my comments in this post. Since that post, ISACA has launched two additional publications

More

IS BALANCING BUSINESS DEMAND AND IT RESOURCE SUPPLY A GOVERNANCE CONCERN?

Of course, it is an IT Governance issue If I asked a hundred IT leaders if they needed additional resources, none of them would reply, “No thanks, we’re good on resources.” We see it all the time. IT departments are traditionally short on resources—or are they? If I added 10 FTEs to your budget today, you would most likely need

More

A new COBIT® is in town and I really like how this looks.

ISACA released the latest version of the framework this month and I can tell you without hesitation that this latest structure is one of the best governance and management frameworks to date for the governance and management of enterprise IT. The first two books of COBIT 2019 have been released with additional publications to follow soon. If you haven’t taken

More

Integrating Enterprise and IT Risk Functions Using Scenarios

The challenges that organizations face today are increasingly more complex than in the past. The constant change of the global economy, dynamics of business risks and opportunities, and an increased threat of cyberattacks add complexities we’ve never faced. Organizations today must constantly scan their environments and take practical steps to make risk-informed decisions that provide value for stakeholders. It is

More

Solving Framework Fatigue. Using COBIT5 to Manage Frameworks and Achieve Business Value

With a multitude of models, standards, bodies of knowledge and frameworks in our industry, it’s easy to see how navigating through these becomes utterly exhausting for an IT service organization. The jigsaw puzzle of frameworks is daunting. Frameworks, whether adopted from industry models or built internally, provide critical structure. Nonetheless, many feel that they are a hindrance. If this sounds

More

Using Multiple Guidance Systems for the Governance of Enterprise IT

The most secured company in the world I’ve been known to tell a story about when my CEO rounded up the executive management team (I was the CIO at the time) and pounded us with the question: “Why are we going out of business as the most secured company in the world?” We couldn’t believe it. There must be some

More

Tips to gaining executive support for IT Governance initiatives

The hardest question I get as an IT governance advisor is, “how do I get executive level support for our IT governance program?”  Surprisingly, this question, which comes from operations as well as executives, is not an isolated issue.  As you might expect, the answer usually starts with “it depends.”  As in, “It depends on what?”  Adopting good governance practices

More

Why am I a huge fan of COBIT?

COBIT5 has been around for a couple of years now, so I should probably stop referring to it as the new release and simply call it the latest.  I was introduced to COBIT back in version 4.0, and have since been involved in several opportunities to use COBIT5.  There are many cool things about it, and it’s difficult to outline

More