IT Governance - PowerPoint PPT Presentation

About This Presentation
Title:

IT Governance

Description:

Graham Blain. Partner, KPMG Information Risk Management. kpmg. Information Risk Management ... 85 Empire Road, Parktown (011) 647 7853. graham.blain_at_kpmg.co.za ... – PowerPoint PPT presentation

Number of Views:31
Avg rating:3.0/5.0
Slides: 13
Provided by: lastn86
Category:
Tags: blain | governance

less

Transcript and Presenter's Notes

Title: IT Governance


1
IT GovernanceRisk Management A paradigm of
the relationship between Information Risk
Management and IT Governance Graham Blain
Partner, KPMG Information Risk Management
2
Presentation Road Map
3
IT Governance and Information Risk Managementare
synonymous from a certain point of view!
  • Risk is the chance of something happening that
    will have an impact on objectives (AS/NZS 4360)
  • Risk management is the culture, processes and
    structure which come together to optimise the
    management of potential opportunities and adverse
    threats (AS/NZS 4360)
  • IT Governance is A management framework which
    ensures the delivery of expected benefits of IT
    in a controlled manner (Poole V)

4
Risk Management can be practically applied as a
comprehensive Governance approach
  • Risks should be stated in terms of organisational
    objectives
  • Treatment of risks should comprise a combination
    of structure, processes, projects and specific
    actions
  • In the long term, appropriate structure and
    process maturity should be the goal

5
A suggested distinction between inherent and
residual risk
  • Inherent Risk is the chance of something
    happening that will have an impact on objectives
    in the absence of structure and processes to
    optimise opportunities and threats
  • Residual Risk is the chance of something
    happening that will have an impact on objectives
    despite the structure and processes that are in
    place to optimise opportunities and threats

6
There is a relationship betweeninherent risk,
process maturity and residual risk
7
The Seven Inherent Risks
8
The relationships between inherent risk and
targeted process maturity
9
The focus of IT Management, Risk Management,
Internal and External audit in IT Governance
Risk Management
  • External Audit review Internal Audits work

InternalAudit
ITManagement
10
Conclusions
  • Information Risk Management and IT Governance can
    be considered synonymous, depending on your point
    of view and approach
  • Process maturity improvement programmes can (and
    should?) be driven from a risk management based
    approach
  • Focus of relevant parties should be as follows
  • IT Management on High Residual Risks
  • Internal Audit on Mature Processes
  • Risk Management on the Risk Management Process
  • External Audit on Internal Audits work

11
A car has brakes to allow it to go faster
12
IT Governance(Information Risk Management)
  • Graham Blain
  • Partner
  • kpmg Information Risk Management
  • 85 Empire Road, Parktown
  • (011) 647 7853
  • graham.blain_at_kpmg.co.za
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2025 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "IT Governance" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!