An Integrated Framework To Implement It Governance Principles At A Strategic And Operational Level For Medium-To Large-Sized South African Businesses

In todays technologically advanced business environments, Information Technology (IT) has become the center of most, if not all, business activities; consequently, the King III report in South Africa dedicated a chapter to IT governance principles, making senior management responsible for implementing such principles. The King IIIs implementation guidance lacks detail as to how to implement its principles. Although various guidelines in the form of IT control frameworks - models and standards - exist, it remains theoretical in nature. Companies tend to view these control frameworks on an individual basis, implementing them in an ad hoc manner, resulting in the implementation of an inefficient IT governance system that either addresses strategic areas, but not operational areas, of a business or vice versa.The purpose of this study is to develop an IT best practices integrated framework that can assist management in implementing an effective IT governance system at both a strategic and operational level. The integrated framework was developed by performing a detailed literature review of selected best practice control frameworks and its underlying processes. By combining the relevant processes of the control frameworks and aligning them to general business imperatives, IT governance principles can be implemented at a strategic level. By identifying and linking the relevant business imperatives and control areas to the access paths of an IT system, IT governance principles can be implemented at an operational level. By making use of the integrated framework, an IT governance system can be implemented at both a strategic and operational level.

Download Full-text

The development of an integrated framework in order to address King III’s IT governance principles at a strategic level

South African Journal of Business Management ◽

10.4102/sajbm.v44i4.171 ◽

2013 ◽

Vol 44 (4) ◽

pp. 91-103 ◽

Cited By ~ 5

Author(s):

R. Goosen ◽

R. Rudman

Keyword(s):

Ad Hoc ◽

It Governance ◽

Senior Management ◽

Governance System ◽

Risk Area ◽

Strategic Objectives ◽

Strategic Risk ◽

Business Environments ◽

Sufficient Detail ◽

The Board Of Directors

In today’s technologically advanced business environments, Information Technology (IT) has become the center of most businesses’ strategic activities. It is for this reason that the King III report has dedicated a chapter to addressing IT governance principles, holding the board of directors (senior management) responsible for addressing such principles. The King III report does provide broad level guidance, however lack sufficient detail on its interpretation. Although various guidelines in the form of IT control frameworks -models and -standards exist, it remains theoretical in nature and companies tend to implement these guidelines in an ad hoc manner. This ad hoc implementation of controls leads to unnecessary controls being implemented, resulting in an ineffective IT governance system that does not address each key strategic risk area. The objective of this research is to develop an integrated best practices framework, which will provide guidance to senior management in how to effectively and efficiently address King III’s IT governance principles by taking a business’ unique strategic objectives into account. A detailed literature review was performed of different control frameworks,-models and standards. These were analysed to identify a list of similar and overlapping control areas. These control areas were thereafter mapped to a list of strategic objectives applicable to most businesses. In doing so, effective and efficient IT governance principles which are understood by senior management, are able to be implemented.

Download Full-text

Analyzing COBIT 5 IT Audit Framework Implementation using AHP Methodology

JOIV International Journal on Informatics Visualization ◽

10.30630/joiv.1.2.18 ◽

2017 ◽

Vol 1 (2) ◽

pp. 33

Author(s):

Mutiara AB ◽

Prihandoko ◽

Prasetyo E ◽

Widya C

Keyword(s):

Internal Control ◽

Best Practice ◽

It Governance ◽

User Requirement ◽

Business Objective ◽

Main Support ◽

It Audit ◽

Role Of It ◽

And Control ◽

Hierarchy Process

COBIT has been known as the best practice standard in IT Governance, both in management or evaluated of the IT utilization. The role of IT Audit framework to evaluate the benefits of Information Technology in an enterprise either its gain benefits or fail in order to achieved the business objective. In Indonesia, most organization has been implemented the IT as their main support of process business, and deliberately conduct the evaluation of the implementation used some IT Audit framework such as ITIL, TOGAF, COBIT and other Government rule. Those frameworks have been known as an IT governance framework, most of organizations are choosing COBIT and ITIL due to the internal control issues. Therefore, this research will be focus on COBIT 5 utilization as an IT audit frameworks, a comparison also will be done between the COBIT 5 and ITIL. The comprehensive parameters in COBIT 5 which provides 5 category process in two domain, management and control will be the variables of prioritizing process among them for each object. This paper will analyze the use of those parameters for some selected organization and prioritize them using the Analytical Hierarchy Process (AHP) methodology that will lead to create a new model of IT Audit frameworks based on the user requirement and opinion. the analyzing process the implementation of COBIT 5 framework in some organizations, and priorities the preferred attributes of COBIT 5 that very likely and suitable to the culture and needs of user in Indonesia using AHP Methodology, and create the best qualified model of IT Audit that fit with the requirements of the organizations especially for Indonesia organizations and companies.

Download Full-text

Evaluasi Kinerja Tata Kelola TI Terhadap Penerapan Sistem Informasi Starclick Framework COBIT 5 (Studi Kasus: PT. Telekomunikasi Indonesia, Tbk Semarang)

Jurnal Teknologi dan Sistem Informasi ◽

10.25077/teknosi.v2i3.2016.157-166 ◽

2016 ◽

Vol 2 (3) ◽

pp. 157-166

Author(s):

Guido Waluyan ◽

Augie David Manuputty

Keyword(s):

Information System ◽

Best Practice ◽

Reference Model ◽

It Governance ◽

Application Framework ◽

Sales Process ◽

Control Objective ◽

Information Media ◽

Corporation Management ◽

And Control

Abstract— Information Technology (IT) Governance used for building a system to help companies in the decision-making process which involve stakeholders and all the company elements. PT. Telekomunikasi Indonesia, Tbk. engaged in Telecommunication, Information, Media, Edutainment and Services (“TIMES”) and aim of giving a competitive price with high quality TIMES that becoming the best corporation-management model in Indonesia. Starclick is one of the Information System, which support business objectives in sales process using a map. To ensure the quality of IT governance on that application, framework as reference model is required. Control Objective for Information and related Technology (COBIT) providing a best-practice reference that covers the entire business organization and explained it in a structured-logical activity that effectively can be manage and control. The result of this study is the measurement of capability level only reach manage process level. Keyword— COBIT 5, Information System, IT Governance, Telkom Semarang, Qualitative. Intisari— Tata kelola Teknologi Informasi (TI) digunakan untuk membangun suatu sistem yang membantu perusahaan dalam proses pengambilan keputasan dimana melibatkan para pemangku kepentingan dan elemen-elemen terkait dalam perusahaan. PT. Telekomunikasi Indonesia, Tbk. adalah perusahaan yang bergerak dibidang layanan Telecommunication, Information, Media, Edutainment dan Services (“TIMES”) dengan tujuan memberikan layanan TIMES yang berkualitas tinggi dengan harga yang kompetitif dan menjadi model pengelolaan korporasi terbaik di Indonesia. Usaha dalam menunjang tujuan bisnis telah didukung oleh beberapa Sistem Informasi (SI) antara lain Starclick yang mendukung proses penjualan menggunakan peta. Diperlukan suatu kerangka kerja sebagai reference model, untuk memastikan kualitas tata kelola TI pada penerapan aplikasi “Starclick” tersebut. Control Objective for Information and related Technology (COBIT) menyediakan referensi best practice yang mencakup keseluruhan proses bisnis organisasi dan memaparkannya dalam struktur aktivitas-aktivitas logis yang dapat dikelola dan dikendalikan secara efektif. Hasil dari penelitian pengukuran tingkat kapabilitas baru mencapai level manage process. Kata Kunci— COBIT 5, Sistem Informasi, Tata Kelola TI, Telkom Semarang, Kualitatif.

Download Full-text

Assessment COBIT 5 Support Time Efficiency in IT Services at PT. XYZ

ACMIT Proceedings ◽

10.33555/acmit.v2i1.9 ◽

2015 ◽

Vol 2 (1) ◽

pp. 53-62

Author(s):

Doni Luanda

Keyword(s):

Best Practice ◽

Good Practice ◽

It Governance ◽

It Services ◽

Apo E ◽

Systems And Control ◽

Technical Issues ◽

And Control ◽

Control Association ◽

Support Time

COBIT (Control Objectives for Information and related Technology) developed by ISACA(Information Systems and Control Association) and ITGI (Information Technology GovernanceInstitute) in 1992 and then used as a model of IT governance started from planning to evaluation.COBIT will always be synchronized with the standards, best practice and guidance within anorganization / company.COBIT is an IT governance framework good practice applicable International which is useful forunderstanding how a Manager managing and bridging the gap within an organization / companybetween requirements, technical issues, business risks that may arise and control to be delivered to thestakeholders. COBIT 5 is divided into 5 domains and the 37 IT process, they are:1. Evaluate, Direct and Monitor (EDM). è 5 IT process.2. Align, Plan and Organize (APO). è 13 IT process.3. Build, Acquire and Implement (BAI). è10 IT process4. Deliver, Service and Support (DSS). è 6 IT process5. Monitor, Evaluate and Assess (MEA). è 3 IT processIn the discussion of this paper author will discuss about Assessment COBIT 5 to support timeefficiency in IT services at PT.XYZ in area domain Align, Plan and Organize (APO) especially in“Manage business agreements – APO09” at the company where the author works.

Download Full-text

The management of information security: A South African case study

South African Journal of Business Management ◽

10.4102/sajbm.v34i2.679 ◽

2003 ◽

Vol 34 (2) ◽

pp. 19-29 ◽

Cited By ~ 4

Author(s):

L. C.H. Fourie

Keyword(s):

Information Security ◽

South African ◽

Ad Hoc ◽

Literature Study ◽

Current State ◽

Secure Information ◽

Manufacturing Company ◽

And Control ◽

The Ideal

The growing misuse of information technology and the increased dependence on computer technology and systems heightened the requirements for information security. Unfortunately there often is a feeling of apathy towards information security by management, which leads to an ad hoc approach to information security and resultant information and financial losses.The main objective of the research thus was to determine the current state of information security at a large manufacturing company in South Africa. The methodology entailed a field study of which three sets of structured questionnaires on information security were an important component. Based on a literature study concerning the ideal information security and control situation and the results of the three sets of questionnaires it was possible to determine the gap, problem areas and issues of information security and control at the manufacturing company. The research clearly indicated that numerous areas for improvement exist and therefore proposes a framework for the management of information security. Although a completely secure information system may not be attainable, the valuable information asset can to a large extent be protected through proper management.

Download Full-text

Beyond King III: Assigning accountability for IT governance in South African enterprises

South African Journal of Business Management ◽

10.4102/sajbm.v41i3.523 ◽

2010 ◽

Vol 41 (3) ◽

pp. 33-45 ◽

Cited By ~ 7

Author(s):

R. Butler ◽

M. J. Butler

Keyword(s):

South African ◽

It Governance ◽

Body Of Knowledge ◽

Operational Level ◽

It Systems ◽

Growing Body ◽

Management Roles ◽

First Time

With the increasing dependence on IT in modern enterprises and the significant risks associated with omnipresent IT systems in business, IT governance is becoming imperative to all organisations. King III is based on the “apply or explain” approach, that forces South African entities for the first time to apply the IT governance principles as contained in the report, or explain the reasons for not applying these principles. This paper provides a macrolevel view of IT governance, derived from King III, and determined that it correlates strongly with the growing body of knowledge on IT governance. The paper investigates the responsibilities for IT governance within organisations and provides clear guidelines on the responsibilities of management roles, from the board to the operational level, involved in IT governance to ensure accountability.

Download Full-text

ASSESSMENT OF THE SITUATION OF IT GOVERNANCE IN SERGIPE STATEPUBLIC ADMINISTRATION DEPARTAMENTS

Interfaces Científicas - Exatas e Tecnológicas ◽

10.17564/2359-4942.2020v4n1p71-87 ◽

2020 ◽

Vol 4 (1) ◽

pp. 71-87

Author(s):

Danillo Siqueira Ramos ◽

Hugo Cruz ◽

Leonardo Feistauer ◽

Methanias Colaço Junior ◽

Rogério Patricio Chagas do Nascimento

Keyword(s):

Information Technology ◽

Good Governance ◽

It Governance ◽

Public Organizations ◽

The State ◽

Governance System ◽

Leadership Strategy ◽

Governance Practices ◽

Current Scenario ◽

And Control

Context: In public administration, the focus of Governance in Information Technology is to provide its customers with greater transparency, providing better quality services, further modernization of sectors and greater efficiency. The absence of a solid Governance system brings serious problems to the organization. Objective: To know the current scenario of information technology (IT) Governance in public organizations in the State of Sergipe, Brazil, in accordance with the assessment made by the Federal Audit Court, as well as to support managers in adopting good Governance practices in their management. Method: A Survey was applied to the main state public organizations of the State of Sergipe, to evaluate the dimensions of leadership, strategy and control. Results: It was observed that only 35.7% of public organizations have a satisfactory result in relation to the adoption of IT Governance; that only 7% of the organizations carry out an audit of IT actions integrally within their organizations; and 50% of responses are between non-adoption or application of an IT Governance policy within the strategic planning of organizations. Conclusion: This scenario shows, initially, that most of the specialized agencies do not have an application to a level of excellence related to IT Governance in the State of Sergipe, Brazil.

Download Full-text

A study of cane supply benefits associated with ad hoc mechanical harvesting to mitigate cutter absenteeism

Sugar Industry ◽

10.36961/si14370 ◽

2013 ◽

pp. 532-538 ◽

Cited By ~ 1

Author(s):

Muhammad Kadwa ◽

Carel N Bezuidenhout

Keyword(s):

Supply Chain ◽

South African ◽

Ad Hoc ◽

Sugar Mill ◽

The South ◽

Optimum Performance ◽

Kwazulu Natal ◽

Cane Quality ◽

The Cost

The Eston Sugar Mill is the newest in the South African KwaZulu-Natal sugar belt. Like most other mills, it can be argued that there are inefficiencies in the supply chain due to systematic issues, which reduce optimum performance. It was alleged that mill processes are slowed, or stopped, on Sundays, Mondays, as well as some Tuesdays and Wednesdays, due to pay-weekends, because of the associated cutter absenteeism. This increases the length of the milling season (LOMS), increases milling costs and reduces the average cane quality for the season. Data on cane deliveries to the Eston Mill, over a period of five seasons, were analysed to study the magnitude of the problem. It was statistically verified that cane shortages occur immediately after payweekends and it was conservatively estimated that cutter absenteeism occurs between 25–29 days per season, which increases the LOMS by six to ten days. The associated cost of this problem equated to an average of US$159,500 (approximately EUR120,000) per milling season. In this paper, an alternative harvesting system scenario is suggested, assuming that mechanical harvesters be used after a pay-weekend, to mitigate the impacts of cutter shortages. However, the solution is calculated to be risky. When the cost of new equipment was considered, only two of the five seasons were able to justify the associated costs.

Download Full-text