Page 105 - DCAP307_PLANNING_AND_MANAGING_IT_INFRASTRUCTURE
P. 105

Unit 5: Corporate Governance and IT




              Control Objectives for Information and related Technologies (COBIT) is a framework  Notes
              which provides control mechanisms over the information technology domain.

              The IT Infrastructure Library (ITIL), initially developed in the UK by the Office of
              Government Commerce (OGC), is gaining traction in the global IT community as a
              framework for IT governance.

              The International Organisation for Standardisation has developed the third major
              governance framework, ISO 17799, titled “Information Technology — Code of Practice for
              Information Security Management.”
              Business continuity planning involves developing a practical plan for how your business
              can prepare for, and continue to operate after an incident or crisis

          5.8 Keywords


          Business Continuity Planning: Business continuity planning involves developing a practical
          plan for how your business can prepare for, and continue to operate after an incident or crisis.

          COBIT: Control Objectives for Information and related Technologies (COBIT) is a framework
          which provides control mechanisms over the information technology domain.
          Corporate Governance: It is the system by which organisations are directed and controlled.

          ISO 17799: The intent of ISO 17799 standards is to focus on security and aid an organisation in the
          creation of an effective IT security plan.
          IT governance: IT governance determines how the IT function manages demand, delivers value,
          and protects against risk.
          ITIL: IT Infrastructure Library is focused on identifying best practices in regards to managing IT
          service levels and is particularly process-oriented.

          Risk Mitigation Strategy: An effective risk mitigation strategy involves identifying the nature
          of risks associated with each activity and prioritising them
          Risk Mitigation: Risk mitigation is basically a process to bring the level of risk to one that is
          acceptable and can be dealt with by an organisation.

          5.9 Review Questions

          1.  Explain the concept of Corporate Governance. Also discuss the benefits of Corporate
              Governance.
          2.  Describe the relationship between Corporate Governance and IT Governance.
          3.  Discuss the concept of governance structures, processes and relational mechanisms.
          4.  What is risk mitigation? Discuss the effective strategy used for mitigating risks.

          5.  Elucidate the importance of IT Governance.
          6.  List the available frameworks for developing a governance model.
          7.  What is COBIT? How does COBIT framework help in providing control mechanisms over
              the information technology domain?
          8.  Make distinctions between ITIL and ISO 17779.
          9.  What is business continuity planning? Discuss the benefits of a business continuity plan.

          10.  What are the different strategies used for testing your business continuity plan? Discuss.


                                           LOVELY PROFESSIONAL UNIVERSITY                                   99
   100   101   102   103   104   105   106   107   108   109   110