Stewardship is extending to IT as Boards question the depth of their enterprise’s reliance on IT.
Some thoughts on how IT risk, control, audit and assurance is evolving toward the broader concept of IT governance.
Why IT governance should be on the Board of Directors’ agenda wherever IT is strategic to the business.
How it fits in the broader concepts of enterprise governance and how management and boards can address it.
34. IT Balanced Scorecard Information Financial Customer Process Goals Measures Goals Measures Learning Goals Measures Goals Measures
35.
36.
37.
38.
39.
40.
41.
42. Cost of IT Security Have a clarity of purpose Cost of security and control vs. IT Budget 5 - 10% 20 - 25% 45 - 50% 55% Cost of noncompliance Benchmarking Leadership “ Cowboy” operation Baseline operation Good Practice Industry reference site = driver for change
43.
44. IT Security is a C ontinuous E ffort Keep on doing it Perform Intrusion Testing Ž Perform Active Monitoring Œ Issue Security Policy Security Management Design Security Defenses