IT Governance – Key Concepts
The below can be seen as a Guideline that will assist with accomplishing goals as an IT professional.
Key concept: Control Base(d) is a concept described in COBIT4 as follows:
“Control is defined as the policies, procedures, practices and organisational structures designed to provide reasonable assurance that business objectives will be achieved, and undesired events will be prevented (or detected and corrected). IT control objectives provide a complete set of high-level requirements to be considered by management for effective control of each IT process.” [1, page 13].
If we look at the terms Control and Governance, one can say these terms are synonymous with each other due to both of them relating to having “power” to make (or attempt to make) something act in a desired manner. Control based objectives essentially focus on “keeping the house in order”, and focusing on things that will keep IT on the right path to meet organizational goals.
COBIT4 states the following on the topic of Control: “Effective controls reduce risk, increase the likelihood of value delivery, and improve efficiency because there will be fewer errors and a more consistent management approach. To achieve effective governance, controls need to be implemented by operational managers within a defined control framework for all IT processes.” [1, page 13]
Image Courtesy of IT Governance and Enterprise System
References:
- IT Governance Institute, IT Governance Using COBIT and ValIT: Student Book, 2ndEdition 2007
Acknowledgement:
IT7833 Exercise 2 – Key Concept Methods
IT Professional Toolkit 