SlideShare ist ein Scribd-Unternehmen logo

IT Governance - Governing IT: Do or Die?

Eryk Budi Pratama
Eryk Budi Pratama

Short presentation for "Executive Briefing for CISA, CISM, CRISC Program" at Binus University International, Jakarta, Indonesia

Technologie
1 von 18
Downloaden Sie, um offline zu lesen
Governing IT Do or Die? Eryk Budi Pratama Advisory Consultant KPMG 23 Feb 2019 Executive Briefing for CISA, CISM, CRISC Program @Binus JWC
Is IT works as needed?
IT Project Management Failure 46% of CIOs say that one of the main reas ons IT projects fail is weak ownership. Source: The Harvey Nash/KPMG CIO Survey, 2017 33% of IT projects fail because senior management doesn’t get involved and requirements/scope change mid-way through the project. Source: A Replicated Survey of IT Software Project Failu res by Khaled El Emam and A. Güneş Koru, 2008 40% of CIOs say that some of the main reasons IT projects fail is an overly optimistic approach and unclear objectives. Source: The Harvey Nash/KPMG CIO Survey, 2017
Business Expectations of IT What does management expect from IT? How to be sure everything works as needed? What is an IT at all? How to use it? How to manage it? How to measure results?
Key Risk Misalignment between IT and Business Time and budget overruns Ineffective IT Investments Ineffective IT systems usage
What is IT Governance?
Definition and Coverage IT governance is the responsibility of the board of directors and executive management. It is an integral part of enterprise governance and consists of the leadership and organisational structures and processes that ensure that the organisation’s IT sustains and extends the organisation’s strategies and objectives. Source: IT Governance Institute  Strategic Alignment Aligning with the business and providing collaborative solutions  Value Delivery Executing the value proposition throughout the delivery cycle  Risk Management Safeguarding assets, disaster recovery, and compliance  Resource Management Optimising the development and use of available resources  Performance Measurement Monitoring results for corrective action
COBIT 5 as IT Governance Framework
Why IT Governence is important?
IT Governance Importance In the wake of Enron and other corporate scandals, “Governance” generally has taken on even greater significance. IT has a pivotal role to play in improving corporate governance practices. Management’s awareness of IT related risks has increased. There is a focus on IT costs in all organisations. There is a growing realization that more management commitment is needed to improve the management and control of IT activities Source: National Computing Center: Developing a Successful Governance Strategy
IT Governance Driver Source: IMPACT’s IT Governance Special Interest Group (SIG) general lack of accountability and not enough shared ownership gap between what IT departments think the business requires and vice versa value delivered by IT , both internally and from external suppliers. infrastructure underpinning today’s and tomorrow’s IT (technology, people, processes) is capable of supporting expected business needs. management needs to be more aware of critical IT risks how is my organisation doing with IT in comparison with other peer groups
Case Study “Owned-state company”
Summary Drivers • PER-02/MBU/2013 • POJK Nomor 38/POJK.03/2016 Review Area Audit Report POJK Review ITSP COBIT 5 Capa- bility COBIT 5 Map to COBIT 4 Road- map Risk Profile Other docs Methods
Approach Levels and Necessary Ratings Scale Process Attributes Rating Level 1 – Performed Process Process Performance Largely or fully Level 2 – Managed Process Process Performance Performance Management Work ProductManagement Fully Largely or fully Largely or fully Level 3 – Established Process Process Performance Performance Management Work ProductManagement Process Definition Process Deployment Fully Fully Fully Largely or fully Largely or fully Level 4 – Predictable Process Process Performance Performance Management Work ProductManagement Process Definition Process Deployment Process Measurement Process Control Fully Fully Fully Fully Fully Largely or fully Largely or fully Level 5 – Optimizing Process Process Performance Performance Management Work ProductManagement Process Definition Process Deployment Process Measurement Process Control Process Innovation Process Optimization Fully Fully Fully Fully Fully Fully Fully Largely or fully Largely or fully Top Down Bottom Up
Result Point of improvement in several process (12 process) Improve capability level from partially to fully for Level 1 Alignment between our recommendation and client’s action plan Alignment between assessment report to IT Strategic Plan Board of Director commitment to conduct regular assessment
Key Success Factor?
Key Success Factor BoD Commitment Stakeholder Transparency Strategic Alignment Portfolio/Program/Project Management Implement, Monitor, and Control IT Governance Framework Make it your KPI !! “First rule of IT governance: To cut costs, align business and IT” Source: Techtarget – First Rule of IT Governance
Thank You eryk.pratama@gmail.com https://proferyk.blogspot.co.id

Empfohlen

Introduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT managementIntroduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT management
Christian F. Nissen
 
Understanding IT Governance and Risk Management
Understanding IT Governance and Risk ManagementUnderstanding IT Governance and Risk Management
Understanding IT Governance and Risk Management
jiricejka
 
An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019
Gregor Polančič
 
IT Governance Framework
IT Governance FrameworkIT Governance Framework
IT Governance Framework
Sherri Booher
 
IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing world IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing world
PECB
 
IT Governance
IT GovernanceIT Governance
IT Governance
Carlos Chalico
 
IT Governance - COBIT Perspective
IT Governance - COBIT PerspectiveIT Governance - COBIT Perspective
IT Governance - COBIT Perspective
Sayyed Zakir Ali Rizwe
 
IT Governance Presentation
IT Governance PresentationIT Governance Presentation
IT Governance Presentation
jmcarden
 

Empfohlen

Introduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT managementIntroduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT management
Christian F. Nissen
 
Understanding IT Governance and Risk Management
Understanding IT Governance and Risk ManagementUnderstanding IT Governance and Risk Management
Understanding IT Governance and Risk Management
jiricejka
 
An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019
Gregor Polančič
 
IT Governance Framework
IT Governance FrameworkIT Governance Framework
IT Governance Framework
Sherri Booher
 
IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing world IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing world
PECB
 
IT Governance
IT GovernanceIT Governance
IT Governance
Carlos Chalico
 
IT Governance - COBIT Perspective
IT Governance - COBIT PerspectiveIT Governance - COBIT Perspective
IT Governance - COBIT Perspective
Sayyed Zakir Ali Rizwe
 
IT Governance Presentation
IT Governance PresentationIT Governance Presentation
IT Governance Presentation
jmcarden
 
It governance
It governanceIt governance
It governance
Mahetab Khan
 
cobit 2019 presentation.pdf
cobit 2019 presentation.pdfcobit 2019 presentation.pdf
cobit 2019 presentation.pdf
mohammed539963
 
IT General Controls Presentation at IIA Vadodara Audit Club
IT General Controls Presentation at IIA Vadodara Audit ClubIT General Controls Presentation at IIA Vadodara Audit Club
IT General Controls Presentation at IIA Vadodara Audit Club
Kaushal Trivedi
 
It governance
It governanceIt governance
It governance
Lusungu Mkandawire CISA,CISM,CGEIT,CPF,PRINCE2
 
IT Governance - COBIT 5 Capability Assessment
IT Governance - COBIT 5 Capability AssessmentIT Governance - COBIT 5 Capability Assessment
IT Governance - COBIT 5 Capability Assessment
Eryk Budi Pratama
 
Cobit 5 - An Overview
Cobit 5 - An OverviewCobit 5 - An Overview
Cobit 5 - An Overview
Anurag Purohit
 
IT Audit For Non-IT Auditors
IT Audit For Non-IT AuditorsIT Audit For Non-IT Auditors
IT Audit For Non-IT Auditors
Ed Tobias
 
Basic introduction to iso27001
Basic introduction to iso27001Basic introduction to iso27001
Basic introduction to iso27001
Imran Ahmed
 
Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing
Dinesh O Bareja
 
COBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdfCOBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdf
MartinPatrici
 
IT Governance Introduction
IT Governance IntroductionIT Governance Introduction
IT Governance Introduction
Keith Rackley
 
IT Risk Management
IT Risk ManagementIT Risk Management
IT Risk Management
Tudor Damian
 
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise ITCOBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
Mark Constable
 
DMBOK 2.0 and other frameworks including TOGAF & COBIT - keynote from DAMA Au...
DMBOK 2.0 and other frameworks including TOGAF & COBIT - keynote from DAMA Au...DMBOK 2.0 and other frameworks including TOGAF & COBIT - keynote from DAMA Au...
DMBOK 2.0 and other frameworks including TOGAF & COBIT - keynote from DAMA Au...
Christopher Bradley
 
ISO 27001:2022 Introduction
ISO 27001:2022 IntroductionISO 27001:2022 Introduction
ISO 27001:2022 Introduction
Andrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
It governance & cobit 5
It governance & cobit 5It governance & cobit 5
It governance & cobit 5
Laddawan Rattanaruang
 
Best Practices in Auditing ISO/IEC 27001
Best Practices in Auditing ISO/IEC 27001Best Practices in Auditing ISO/IEC 27001
Best Practices in Auditing ISO/IEC 27001
PECB
 
Cobit 2019 framework by ISACA
Cobit 2019 framework by ISACACobit 2019 framework by ISACA
Cobit 2019 framework by ISACA
MDFazlaRabbiAbir
 
IT Strategy Framework
IT Strategy FrameworkIT Strategy Framework
IT Strategy Framework
Vishal Sharma
 
IT Governance Vs IT Management Presentation V0.1
IT Governance Vs IT Management Presentation V0.1IT Governance Vs IT Management Presentation V0.1
IT Governance Vs IT Management Presentation V0.1
Richard Willis
 
IT Governance in Banks, May, 2014
IT Governance in Banks, May, 2014IT Governance in Banks, May, 2014
IT Governance in Banks, May, 2014
ArmeniaFED
 
Understanding IT Strategy, Sourcing and Vendor Relationships
Understanding IT Strategy, Sourcing and Vendor RelationshipsUnderstanding IT Strategy, Sourcing and Vendor Relationships
Understanding IT Strategy, Sourcing and Vendor Relationships
Goutama Bachtiar
 

Weitere ähnliche Inhalte

Was ist angesagt?

IT Risk Management
IT Risk ManagementIT Risk Management
IT Risk Management
Tudor Damian
 
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise ITCOBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
Mark Constable
 
Best Practices in Auditing ISO/IEC 27001
Best Practices in Auditing ISO/IEC 27001Best Practices in Auditing ISO/IEC 27001
Best Practices in Auditing ISO/IEC 27001
PECB
 

Was ist angesagt? (20)

It governance
It governanceIt governance
It governance
 
cobit 2019 presentation.pdf
cobit 2019 presentation.pdfcobit 2019 presentation.pdf
cobit 2019 presentation.pdf
 
IT General Controls Presentation at IIA Vadodara Audit Club
IT General Controls Presentation at IIA Vadodara Audit ClubIT General Controls Presentation at IIA Vadodara Audit Club
IT General Controls Presentation at IIA Vadodara Audit Club
 
It governance
It governanceIt governance
It governance
 
IT Governance - COBIT 5 Capability Assessment
IT Governance - COBIT 5 Capability AssessmentIT Governance - COBIT 5 Capability Assessment
IT Governance - COBIT 5 Capability Assessment
 
Cobit 5 - An Overview
Cobit 5 - An OverviewCobit 5 - An Overview
Cobit 5 - An Overview
 
IT Audit For Non-IT Auditors
IT Audit For Non-IT AuditorsIT Audit For Non-IT Auditors
IT Audit For Non-IT Auditors
 
Basic introduction to iso27001
Basic introduction to iso27001Basic introduction to iso27001
Basic introduction to iso27001
 
Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing
 
COBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdfCOBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdf
 
IT Governance Introduction
IT Governance IntroductionIT Governance Introduction
IT Governance Introduction
 
IT Risk Management
IT Risk ManagementIT Risk Management
IT Risk Management
 
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise ITCOBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
 
DMBOK 2.0 and other frameworks including TOGAF & COBIT - keynote from DAMA Au...
DMBOK 2.0 and other frameworks including TOGAF & COBIT - keynote from DAMA Au...DMBOK 2.0 and other frameworks including TOGAF & COBIT - keynote from DAMA Au...
DMBOK 2.0 and other frameworks including TOGAF & COBIT - keynote from DAMA Au...
 
ISO 27001:2022 Introduction
ISO 27001:2022 IntroductionISO 27001:2022 Introduction
ISO 27001:2022 Introduction
 
It governance & cobit 5
It governance & cobit 5It governance & cobit 5
It governance & cobit 5
 
Best Practices in Auditing ISO/IEC 27001
Best Practices in Auditing ISO/IEC 27001Best Practices in Auditing ISO/IEC 27001
Best Practices in Auditing ISO/IEC 27001
 
Cobit 2019 framework by ISACA
Cobit 2019 framework by ISACACobit 2019 framework by ISACA
Cobit 2019 framework by ISACA
 
IT Strategy Framework
IT Strategy FrameworkIT Strategy Framework
IT Strategy Framework
 
IT Governance Vs IT Management Presentation V0.1
IT Governance Vs IT Management Presentation V0.1IT Governance Vs IT Management Presentation V0.1
IT Governance Vs IT Management Presentation V0.1
 

Ähnlich wie IT Governance - Governing IT: Do or Die?

Understanding IT Strategy, Sourcing and Vendor Relationships
Understanding IT Strategy, Sourcing and Vendor RelationshipsUnderstanding IT Strategy, Sourcing and Vendor Relationships
Understanding IT Strategy, Sourcing and Vendor Relationships
Goutama Bachtiar
 
Critical Success Factors (CSFs) for Effective IT Governance Implementations
Critical Success Factors (CSFs) for Effective IT Governance ImplementationsCritical Success Factors (CSFs) for Effective IT Governance Implementations
Critical Success Factors (CSFs) for Effective IT Governance Implementations
Rachid Meziani, PhD, CGEIT, PMP
 
Establishing a framework for it governance by dave cunningham 2007
Establishing a framework for it governance by dave cunningham 2007Establishing a framework for it governance by dave cunningham 2007
Establishing a framework for it governance by dave cunningham 2007
David Cunningham
 
Best Practices For ITSM Process Assessment v1.pdf
Best Practices For ITSM Process Assessment v1.pdfBest Practices For ITSM Process Assessment v1.pdf
Best Practices For ITSM Process Assessment v1.pdf
CaasMarta
 
The Value of Portfolio Management
The Value of Portfolio ManagementThe Value of Portfolio Management
The Value of Portfolio Management
Productivity Intelligence Institute
 
Build a Business-Driven IT Risk Management Program
Build a Business-Driven IT Risk Management ProgramBuild a Business-Driven IT Risk Management Program
Build a Business-Driven IT Risk Management Program
Info-Tech Research Group
 
The State of Business
The State of BusinessThe State of Business
The State of Business
techweb08
 
The State of Business
The State of Business The State of Business
The State of Business
techweb08
 
IT Governance Presentation by omaha 2008
IT Governance Presentation by omaha 2008IT Governance Presentation by omaha 2008
IT Governance Presentation by omaha 2008
ssusera19f45
 
The 6 Steps to Becoming a Top-Performing Organization in Managing IT Operations
The 6 Steps to Becoming a Top-Performing Organization in Managing IT OperationsThe 6 Steps to Becoming a Top-Performing Organization in Managing IT Operations
The 6 Steps to Becoming a Top-Performing Organization in Managing IT Operations
OpsRamp
 

Ähnlich wie IT Governance - Governing IT: Do or Die? (20)

IT Governance in Banks, May, 2014
IT Governance in Banks, May, 2014IT Governance in Banks, May, 2014
IT Governance in Banks, May, 2014
 
Understanding IT Strategy, Sourcing and Vendor Relationships
Understanding IT Strategy, Sourcing and Vendor RelationshipsUnderstanding IT Strategy, Sourcing and Vendor Relationships
Understanding IT Strategy, Sourcing and Vendor Relationships
 
Governance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 FrameworkGovernance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 Framework
 
Critical Success Factors (CSFs) for Effective IT Governance Implementations
Critical Success Factors (CSFs) for Effective IT Governance ImplementationsCritical Success Factors (CSFs) for Effective IT Governance Implementations
Critical Success Factors (CSFs) for Effective IT Governance Implementations
 
Establishing a framework for it governance by dave cunningham 2007
Establishing a framework for it governance by dave cunningham 2007Establishing a framework for it governance by dave cunningham 2007
Establishing a framework for it governance by dave cunningham 2007
 
Governance: The key to effecting successful Digital Transformation
Governance: The key to effecting successful Digital TransformationGovernance: The key to effecting successful Digital Transformation
Governance: The key to effecting successful Digital Transformation
 
Best Practices For ITSM Process Assessment v1.pdf
Best Practices For ITSM Process Assessment v1.pdfBest Practices For ITSM Process Assessment v1.pdf
Best Practices For ITSM Process Assessment v1.pdf
 
The Value of Portfolio Management
The Value of Portfolio ManagementThe Value of Portfolio Management
The Value of Portfolio Management
 
Governance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 FrameworkGovernance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 Framework
 
Build a Business-Driven IT Risk Management Program
Build a Business-Driven IT Risk Management ProgramBuild a Business-Driven IT Risk Management Program
Build a Business-Driven IT Risk Management Program
 
The State of Business
The State of BusinessThe State of Business
The State of Business
 
The State of Business
The State of Business The State of Business
The State of Business
 
IT Governance Presentation by omaha 2008
IT Governance Presentation by omaha 2008IT Governance Presentation by omaha 2008
IT Governance Presentation by omaha 2008
 
The Roadmap to Becoming a Top Performing Organization in Managing IT Operations
The Roadmap to Becoming a Top Performing Organization in Managing IT OperationsThe Roadmap to Becoming a Top Performing Organization in Managing IT Operations
The Roadmap to Becoming a Top Performing Organization in Managing IT Operations
 
EFFECTIVE IT GOVERNANCE presentation
EFFECTIVE IT GOVERNANCE presentationEFFECTIVE IT GOVERNANCE presentation
EFFECTIVE IT GOVERNANCE presentation
 
Sharpening the Lens
Sharpening the LensSharpening the Lens
Sharpening the Lens
 
IT Infrastructure - Importance of IT to Business
IT Infrastructure - Importance of IT to BusinessIT Infrastructure - Importance of IT to Business
IT Infrastructure - Importance of IT to Business
 
IT investments
IT investmentsIT investments
IT investments
 
Information Technology for Management Chapter 12
Information Technology for Management Chapter 12Information Technology for Management Chapter 12
Information Technology for Management Chapter 12
 
The 6 Steps to Becoming a Top-Performing Organization in Managing IT Operations
The 6 Steps to Becoming a Top-Performing Organization in Managing IT OperationsThe 6 Steps to Becoming a Top-Performing Organization in Managing IT Operations
The 6 Steps to Becoming a Top-Performing Organization in Managing IT Operations
 

Mehr von Eryk Budi Pratama

Ringkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTI
Ringkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTIRingkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTI
Ringkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTI
Eryk Budi Pratama
 
Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...
Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...
Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...
Eryk Budi Pratama
 

Mehr von Eryk Budi Pratama (20)

Ringkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTI
Ringkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTIRingkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTI
Ringkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTI
 
Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...
Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...
Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...
 
Privacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program ImplementationPrivacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program Implementation
 
Cybersecurity 101 - Auditing Cyber Security
Cybersecurity 101 - Auditing Cyber SecurityCybersecurity 101 - Auditing Cyber Security
Cybersecurity 101 - Auditing Cyber Security
 
Personal Data Protection in Indonesia
Personal Data Protection in IndonesiaPersonal Data Protection in Indonesia
Personal Data Protection in Indonesia
 
Urgensi RUU Perlindungan Data Pribadi
Urgensi RUU Perlindungan Data PribadiUrgensi RUU Perlindungan Data Pribadi
Urgensi RUU Perlindungan Data Pribadi
 
Modern IT Service Management Transformation - ITIL Indonesia
Modern IT Service Management Transformation - ITIL IndonesiaModern IT Service Management Transformation - ITIL Indonesia
Modern IT Service Management Transformation - ITIL Indonesia
 
Common Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementCommon Practice in Data Privacy Program Management
Common Practice in Data Privacy Program Management
 
The Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarThe Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI Webinar
 
Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_ErykData Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
 
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - ErykData Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
 
Cyber Resilience - Welcoming New Normal - Eryk
Cyber Resilience - Welcoming New Normal - ErykCyber Resilience - Welcoming New Normal - Eryk
Cyber Resilience - Welcoming New Normal - Eryk
 
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEnabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
 
Enterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating ModelEnterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating Model
 
Blockchain for Accounting & Assurance
Blockchain for Accounting & AssuranceBlockchain for Accounting & Assurance
Blockchain for Accounting & Assurance
 
Guardians of Trust: Building Trust in Data & Analytics
Guardians of Trust: Building Trust in Data & AnalyticsGuardians of Trust: Building Trust in Data & Analytics
Guardians of Trust: Building Trust in Data & Analytics
 
The Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDThe Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA ID
 
Cybersecurity Skills in Industry 4.0
Cybersecurity Skills in Industry 4.0Cybersecurity Skills in Industry 4.0
Cybersecurity Skills in Industry 4.0
 
Identity & Access Management for Securing DevOps
Identity & Access Management for Securing DevOpsIdentity & Access Management for Securing DevOps
Identity & Access Management for Securing DevOps
 
Cybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas CompanyCybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas Company
 

Kürzlich hochgeladen

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Roshan Dwivedi
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 

Kürzlich hochgeladen (20)

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 

IT Governance - Governing IT: Do or Die?

  • 1. Governing IT Do or Die? Eryk Budi Pratama Advisory Consultant KPMG 23 Feb 2019 Executive Briefing for CISA, CISM, CRISC Program @Binus JWC
  • 2. Is IT works as needed?
  • 3. IT Project Management Failure 46% of CIOs say that one of the main reas ons IT projects fail is weak ownership. Source: The Harvey Nash/KPMG CIO Survey, 2017 33% of IT projects fail because senior management doesn’t get involved and requirements/scope change mid-way through the project. Source: A Replicated Survey of IT Software Project Failu res by Khaled El Emam and A. Güneş Koru, 2008 40% of CIOs say that some of the main reasons IT projects fail is an overly optimistic approach and unclear objectives. Source: The Harvey Nash/KPMG CIO Survey, 2017
  • 4. Business Expectations of IT What does management expect from IT? How to be sure everything works as needed? What is an IT at all? How to use it? How to manage it? How to measure results?
  • 5. Key Risk Misalignment between IT and Business Time and budget overruns Ineffective IT Investments Ineffective IT systems usage
  • 6. What is IT Governance?
  • 7. Definition and Coverage IT governance is the responsibility of the board of directors and executive management. It is an integral part of enterprise governance and consists of the leadership and organisational structures and processes that ensure that the organisation’s IT sustains and extends the organisation’s strategies and objectives. Source: IT Governance Institute  Strategic Alignment Aligning with the business and providing collaborative solutions  Value Delivery Executing the value proposition throughout the delivery cycle  Risk Management Safeguarding assets, disaster recovery, and compliance  Resource Management Optimising the development and use of available resources  Performance Measurement Monitoring results for corrective action
  • 8. COBIT 5 as IT Governance Framework
  • 9. Why IT Governence is important?
  • 10. IT Governance Importance In the wake of Enron and other corporate scandals, “Governance” generally has taken on even greater significance. IT has a pivotal role to play in improving corporate governance practices. Management’s awareness of IT related risks has increased. There is a focus on IT costs in all organisations. There is a growing realization that more management commitment is needed to improve the management and control of IT activities Source: National Computing Center: Developing a Successful Governance Strategy
  • 11. IT Governance Driver Source: IMPACT’s IT Governance Special Interest Group (SIG) general lack of accountability and not enough shared ownership gap between what IT departments think the business requires and vice versa value delivered by IT , both internally and from external suppliers. infrastructure underpinning today’s and tomorrow’s IT (technology, people, processes) is capable of supporting expected business needs. management needs to be more aware of critical IT risks how is my organisation doing with IT in comparison with other peer groups
  • 13. Summary Drivers • PER-02/MBU/2013 • POJK Nomor 38/POJK.03/2016 Review Area Audit Report POJK Review ITSP COBIT 5 Capa- bility COBIT 5 Map to COBIT 4 Road- map Risk Profile Other docs Methods
  • 14. Approach Levels and Necessary Ratings Scale Process Attributes Rating Level 1 – Performed Process Process Performance Largely or fully Level 2 – Managed Process Process Performance Performance Management Work ProductManagement Fully Largely or fully Largely or fully Level 3 – Established Process Process Performance Performance Management Work ProductManagement Process Definition Process Deployment Fully Fully Fully Largely or fully Largely or fully Level 4 – Predictable Process Process Performance Performance Management Work ProductManagement Process Definition Process Deployment Process Measurement Process Control Fully Fully Fully Fully Fully Largely or fully Largely or fully Level 5 – Optimizing Process Process Performance Performance Management Work ProductManagement Process Definition Process Deployment Process Measurement Process Control Process Innovation Process Optimization Fully Fully Fully Fully Fully Fully Fully Largely or fully Largely or fully Top Down Bottom Up
  • 15. Result Point of improvement in several process (12 process) Improve capability level from partially to fully for Level 1 Alignment between our recommendation and client’s action plan Alignment between assessment report to IT Strategic Plan Board of Director commitment to conduct regular assessment
  • 17. Key Success Factor BoD Commitment Stakeholder Transparency Strategic Alignment Portfolio/Program/Project Management Implement, Monitor, and Control IT Governance Framework Make it your KPI !! “First rule of IT governance: To cut costs, align business and IT” Source: Techtarget – First Rule of IT Governance