IT Project Management Control and the Control Objectives for IT and Related Technology (CobiT) Framework

Bernroider, Edward, Ivanov, Milen

January 2011

Motivated by scarce academic consideration of project management control frameworks, this article explores usage, value and structure of frameworks with a focus on the popular Control Objectives for IT and related Technology (CobiT) construct. We attempt to add to an empirically validated structure of internal control over IT project management by including CobiT's views on the intended domain of content. Results from the empirical survey indicate that the metrics suggested by CobiT are regarded as feasible and important by project management professionals, and are regularly used in controlling practice. Experience, regularity of significant projects and the size of the hosting organisations, however, seem to be stronger moderators of success rates than the use of a management control system with or without support of CobiT. CobiT's suggestions are of generic nature and in particular useful for programme performance management. The latent dimensions of project quality on process and activity levels were not validated and gaps to other project assessment models were identified.

Towards a framework for business continuity management : an IT governance perspective

Wessels, Eugene

06 April 2007

The concept of business continuity management has gained wide acceptance in recent years. Recent natural disasters such as the 2004 tsunami and terrorist activities such as the 911 World Trade Centre bombing, has emphasised the importance of business continuity management. Many of these events had catastrophic consequences, which left most executives faced with the challenge of improving the continuity of their organisation. Not to long ago, these executives were also faced with the challenge of managing their IT investments in such a way that it is aligned with the strategic goals of the organisation. An initiative referred to as IT governance was developed and IT governance frameworks instantly assisted executives to obtain direct business value from IT investments. The problem statement addressed in this research is the lack of a generally accepted business continuity management framework. This research aims to leverage of the success of IT governance in an attempt to establish the beginnings of a framework for business continuity management. In addition, the research also illustrates a paradigm shift where the enterprise continuity of a typical organisation has evolved from disaster recovery to business continuity management. The research approach executed is based on the interpretivism paradigm and is used to interpret the results of the research methodology and research method. The research methodology consists of a literature survey and empirical study whereas a content analysis is used as the research method. / Dissertation (M.Com (Informatics))--University of Pretoria, 2007. / Informatics / unrestricted

Content analysis

Cobit

It governance

Disaster recovery

Business continuity management

Itil

UCTD

Towards a framework for building security operation centers

Jacobs, Pierre Conrad

January 2015

In this thesis a framework for Security Operation Centers (SOCs) is proposed. It was developed by utilising Systems Engineering best practices, combined with industry-accepted standards and frameworks, such as the TM Forum’s eTOM framework, CoBIT, ITIL, and ISO/IEC 27002:2005. This framework encompasses the design considerations, the operational considerations and the means to measure the effectiveness and efficiency of SOCs. The intent is to provide guidance to consumers on how to compare and measure the capabilities of SOCs provided by disparate service providers, and to provide service providers (internal and external) a framework to use when building and improving their offerings. The importance of providing a consistent, measureable and guaranteed service to customers is becoming more important, as there is an increased focus on holistic management of security. This has in turn resulted in an increased number of both internal and managed service provider solutions. While some frameworks exist for designing, building and operating specific security technologies used within SOCs, we did not find any comprehensive framework for designing, building and managing SOCs. Consequently, consumers of SOCs do not enjoy a constant experience from vendors, and may experience inconsistent services from geographically dispersed offerings provided by the same vendor.

Security systems industry

Systems engineering

Expert systems (Computer science)

Computer security

Měření vazby mezi efektivností firemních IS/ICT a efektivností podnikání firmy jako celku / Measuring of relationship between IS/ICT's effectiveness and company?s effectiveness

Trávníček, Tomáš

January 2008

V první části práce jsou analyzány nástroje pro měření efektivnosti firmy a nástroje pro měření efektivnosti firemního IS/ICT. U obou skupin je hodnocena jejich vhodnost pro měření efektivnosti. Dále jsou analyzovány faktory podmiňující efektivnost IS/ICT ? tj. řízení firemního IS/ICT a řízení a hodnocení IS/ICT investic. V další části jsou popsána specifika bankovního odvětví a současné trendy ovlivňující efektivnost bankovních procesů. V závěru práce jsou navrženy dvě metody měření vazby mezi efektivností IS/ICT a efektivností firmy jako celku. První z nich se opírá o statické hodnocení zralosti IT procesů a plnění firemních cílů. Druhá metoda vychází ze systémové dynamiky a dynamických modelů.

Information system audit in Terms company / Audit informačního systému společnosti Terms a.s.

Eremiáš, Karel

January 2007

The work summary problems of information systems audit and use these findigs while performing information system audit in a real company. Audit is performed using COBIT methodology and it respects not only requirements set by methodology but even special requirements set by organization. The work is also checking usability of COBIT methodology while performing audit in the conditions of medium size czech company.

Softwarová podpora řízení projektů, návrh a volba řešení odpovídajícího požadavkům IT firmy / Software support for project management, proposal and implementation of solution according to IT company requirements

Petřík, Tomáš

January 2009

This diploma thesis focuses at first on COBIT and CMMI for Development methodics from a software project management support point of view. Based on those methodics is a current state of processes and software support analysis performed in unmentioned real IT company and list of necessary changes is created. This thesis also contains overview of chosen open-source tools supporting project management and describes benefits of using them in combination. Crucial part is about implementation of those selected tools, changes performed in processes and in current tailor made application. Before and after changes is process maturity state assigned based on used methodics. At the end is described verification of achieved results based on pilot operation of updated processes, and new or updated software tools for its support.

Metoda hodnocení ServiceDesku dle ITILu a dalších metodik / The Method of Service Desk assessment according to ITIL and other methodologies

Vrchotová, Olga

January 2010

The goal of this diploma thesis is to create a methodology for rapid assessment of Service Desk function. The thesis comprises three logical units. The introductory part describes a theoretical framework of methodologies used for general functions of IT services. As a part of this section, the case study of delivery of IT services in company Pražská energetika a.s. follows. In the second part, the diploma thesis describes a methodology based on introductory analysis for evaluation of Service Desk in certain aspects of its operation including related issues of lifecycle of providing IT services. The final part of the thesis provides a case study which is based on application of the proposed methodology on several selected companies.

Systémy řízení podnikové informatiky / Systems for managing Enterprise IT

Hrubý, Karel

January 2011

The topic of this master thesis are the Systems for managing enterprise IT. This paper is divided into three parts, where the first and second part gives a comprehensive view and concentrates existing knowledge from the examined area. The third part consists of my own conclusions based on available resources. For the overall IT Management, it is necessary to manage and measure IT Performance. Therefore, the first part deals with IT Performance Management (ITPM).Performance Management should penetrate the entire organization and ITPM should be part of the overall Performance Management of the organization. It is necessary to manage and measure performance at all levels of the organization (strategic, tactical and operational level). To measure the organizational IT performance, it is necessary to design relevant metrics. To design these metrics it is recommendable to follow a framework, whether ITIL or COBIT. The second part of this paper deals with IT Management frameworks and their support for designing metrics. It deals with the new wave in IT -- ITSM (IT Service Management). The de facto standard for ITSM is ITIL. Furthermore, the second part discusses the de facto standard for IT Governance -- COBIT and IT Balanced Scorecard for clarifying and translating the vision and strategy into specific objectives. The third part describes a specific procedure for designing metrics according to the ITIL framework. In addition, this part describes the software Metricus which enables a centralized management of ITPM and uses a holistic view of the overall ITPM.

Řízení interního service desku ve středních a velkých společnostech / Manage of internal Service desk in medium and large companies

Labant, Patrik

January 2014

This thesis is focused on managing the internal Service desk in medium and large companies. In the theoretical part is firstly defined what it's ICT service and how it is managed. It is followed by a characteristics of theoretical Framework ITIL, which deals with ICT services management. Then, a further theoretical framework COBIT is characterized, which also deals with the management of services, and these two frameworks are compared. The practical part consists of case study. A case study is based on analysis and evaluation of the current status of internally provided service Service desk at ALS Czech Republic. The analysis and evaluation is based on the knowledge and information contained in the theoretical part. The outcome of this work is general guidance for management of internally provided service Service desk in medium and large companies.

Návrh kontrol systému řízení přístupů a správy identit / A proposal of controls for identity and access management system

Hurych, Tomáš

January 2014

Nowadays, the focus of IT security is increasingly concerned with the safety of the identities of employees and users of information systems. This phenomenon is even more compounded by the rapidly growing number of cloud services. This thesis briefly explains the basic concepts of access control and identity management. The thesis also contains identification of requirements and implications of risks on identity and access management system. The main objective is the general design of controls for identity and access management system, which has been designed to match legislative requirements, regulations, standards or frameworks commonly used in enterprise IT practice. For describing of the controls, mainly Cobit framework and IT Assurance Guide were used. The thesis also contains a suggestion how to adjust proposed controls in a cloud environment.