Global ETD Search

71	Analysis of the relationship between Governance of Enterprise Information Technology (IT) and strategic business-IT alignment using COBIT 5 in the case of the Commercial Bank of Ethiopia Fiseha, Martha Sileshi 06 1900 (has links) Effective Governance of Enterprise Information Technology (GEIT) is very important for an enterprise that has a huge investment in IT infrastructure. Implementing effective GEIT helps an enterprise to meet stakeholder needs by creating business value through strategic business-IT alignment. This study focuses on the analysis of GEIT implementation related to strategic business-IT alignment using Control Objectives for Information and Related Technology (COBIT 5), using the Commercial Bank of Ethiopia (CBE) as a case study. Strategic alignment is found to be the main concern of GEIT and strong alignment between business objectives and IT capabilities as a means of creating an effective foundation for business execution. There are various internationally accepted GEIT good practices and standards. In this study, COBIT 5 is selected for its strong aspects of control objectives for strategic business-IT alignment that help enterprises’ security, risk and compliance guidance and serves as a tool for leveraging GEIT. COBIT 5 is the leading business framework for the GEIT by making clear that there is a separation between governance and management of IT. This is a single integrated framework that covers the enterprise holistically and integrates with other important frameworks and standards at an advanced level. In addition to this, the use of COBIT 5 Balanced Score Card (BSC) for performance measurement tool (goals cascade), Process Reference Model (PRM), Process Assessment Model (PAM), principles and enablers and Capability Maturity Model (CMM) tool also utilise IT investments more effectively and accurately and measure performance with lower costs through stronger governance. This study analysed how enterprises effectively implement GEIT practices using COBIT 5 to achieve strong strategic business-IT alignment. The target groups of the study were the top management and IT management of CBE. The researcher used explanatory sequential mixed methods (both quantitative and qualitative) data collection techniques and analysis procedures. In the quantitative data collection, data were collected and analysed using GEIT practices maturity assessment tool, Luftman Strategic Alignment Maturity Model (LAMM) tool and the data analysed using Statistical Package for the Social Science (SPSS). In the qualitative phase of the study, evidence was collected and examined from observation and participation, document review, focus group, formal and informal discussions with selected managements of CBE and gap assessment using COBIT 5. Finally, the researcher integrated results to combine the quantitative and qualitative methods. The finidngs of the quantitative analysis indicate that the maturity level of GEIT practices implementation was 1.77, around level 2 maturity level (repeatable but intuitive), whereas the business-IT alignment maturity level of 53.13% agrees that strategic alignment business-IT was good level 3 (established, focused processes) in the case of CBE. GEIT practices implementation regarding strategic business-IT alignment is found to be positive. The data qualitative analysis indicates that the achievement of the capability level of GEIT processes is not defined and deployed based on international best practices and also confirms that the GEIT BSC is not yet implemented. The achievement capability level of GEIT processes implementation using COBIT 5 is under level 2. In this study, the gap between the existing GEIT practices processes and desirable level 4 (managed and measurable) using COBIT 5 was identified and a method to fill the gap was proposed. / School of Computing / M. Sc. (Computing) Business-IT alignment BSC COBIT GEIT ISACA SO/IEC 15504 LAMM PRM PAM Performance measurement 658.40380110963 Banks and banking -- Ethiopia Employees -- Rating of -- Ethiopia YaʼItyoṗyā negd bānk
72	Governance of virtual private networks using COBIT as framework Sherry, Zaida 04 1900 (has links) Thesis (MAcc (Accountancy))--University of Stellenbosch, 2007. / The purpose of this assignment is to ascertain whether the COBIT framework is an adequate framework to assist in the governance of virtual private networks. The assignment focuses on whether the framework can ensure the identification of virtual private network-related risks and address IT compliance with policies and statutory regulations. A brief summary of the risks and issues pertaining to the pre-implementation, implementation and post-implementation phases of virtual private networks is included in the assignment. These risks and issues are then individually mapped onto a relevant COBIT control objective. The scope of the assignment does not include the intricacies of how these networks operate, the different types of network topologies or the different technologies used in virtual private networks. It was found that the COBIT framework can be implemented to manage and/or mitigate virtual private network risks. Dissertations -- Accountancy Theses -- Accountancy
73	Alinhamento estratégico entre objetivos de negócio e segurança da informação no contexto da governança de tecnologia da informação (TI): um estudo no setor de automação Knorst, André Marcelo 2010 March 1926 (has links) Made available in DSpace on 2015-03-05T18:41:00Z (GMT). No. of bitstreams: 0 Previous issue date: 26 / Nenhuma / A teoria traz como um problema e uma limitação dos modelos de gestão de TI presentes em grande parte das empresas a abordagem excessivamente operacional envolvendo o tema segurança da informação. Esta visão operacional não leva em consideração elementos estratégicos essenciais em busca das práticas mais adequadas no contexto do negócio. O objetivo desta dissertação é desenvolver e aplicar um framework para promover o alinhamento estratégico entre os objetivos de negócio, objetivos de TI e as práticas de segurança da informação. Estas práticas são avaliadas e analisadas no contexto da governança de TI e governança da segurança da informação. Para este fim, foi realizada a integração dos modelos do BSC x COBIT x ISO27002 com a aplicação prática em uma empresa de automação significativamente dependente de sistemas de informação. A integração destes modelos foi com base nos requisitos de segurança confidencialidade, integridade e disponibilidade resultando em um framework que possibilita abordar a segurança da i Ciências Sociais Aplicadas BSC COBIT governança de TI ISO 27002 segurança da informação alinhamento estratégico information security IT governance
74	Definição de critérios para avaliação de processos de tecnologia da informação (TI) considerando accountability no gerenciamento de riscos: um estudo em instituições financeiras bancárias no Brasil Crepaldi, Marcos 24 April 2013 (has links) Submitted by Fabricia Fialho Reginato (fabriciar) on 2015-06-16T23:01:25Z No. of bitstreams: 1 CREPALDI.pdf: 2849817 bytes, checksum: 4a0cc7c7e736c134ada23714e837ecc3 (MD5) / Made available in DSpace on 2015-06-16T23:01:25Z (GMT). No. of bitstreams: 1 CREPALDI.pdf: 2849817 bytes, checksum: 4a0cc7c7e736c134ada23714e837ecc3 (MD5) Previous issue date: 2013-04-24 / Nenhuma / Definir critérios para avaliação de processos de TI considerando accountability no gerenciamento de riscos nas maiores instituições financeiras bancárias com operação no Brasil constitui-se o objetivo da presente pesquisa, classificada como descritiva. Analisar critérios de modelo estabelecido, evidenciar formas de mensuração de desempenho à luz da GTI e investigar evidências do gerenciamento de riscos, responsabilização, prestação de contas e transparência em Relatórios de Gerenciamento de Riscos, constituíram-se meios para a definição de critérios proposta. Técnicas de Análise de Conteúdo, Análise Lexical, Estatística Descritiva e construção de Mapas Fatoriais, auxiliaram na evidenciação dos resultados. A Análise de Conteúdo permitiu a identificação de frequência dos critérios. Aliada à Análise Lexical permitiu a verificação de influências entre as variáveis categóricas e as variáveis léxicas. A Análise Lexical viabilizou o estabelecimento de relações de influência entre os conceitos (risco, estratégia, desempenho, tecnologia da informação, segurança, responsabilidade, prestação de contas e transparência) e as categorias (critérios para avaliação). Os resultados mostraram que há relação significante entre os critérios analisados e os elementos de gerenciamento de riscos e accountability. / This descriptive study aims at define criteria which are used to evaluate IT processes considering accountability in risk management within the largest bank financial institutions which operate in Brazil. Analyzing established model criteria, spotting performance measurement procedures in light of GTI and investigating risk management evidences, responsibilities, accounting and transparency within Risk Management Reports were the means used for the definition of criteria. Content Analysis Techniques, Lexical Analysis, Descriptive Statistics and Factorial Maps development supported the results corroboration. Content Analysis allowed the criteria frequency to be identified and together with Lexical Analysis permitted the influences among categorical and lexical variables to be verified. Lexical Analysis provided the establishment of influence relations among concepts (risk, strategy, performance, information technology, security, responsibility, accounting and transparency) and categories (evaluation patterns). The results demonstrated that there is a meaningful relation among the analyzed criteria, risk management elements and accountability. Tecnologia da informação Governança de TI Gerenciamento de riscos Accountability COBIT® Information technology IT governance Risk management
75	Análise da relação entre a gestão de riscos da tecnologia da informação (TI) e a gestão de riscos corporativos Machado, Rosane 26 July 2012 (has links) Submitted by Silvana Teresinha Dornelles Studzinski (sstudzinski) on 2015-06-25T15:43:48Z No. of bitstreams: 1 Rosane Machado.pdf: 5627687 bytes, checksum: 217ef585ddc49cf22c5c6e610d7d133a (MD5) / Made available in DSpace on 2015-06-25T15:43:48Z (GMT). No. of bitstreams: 1 Rosane Machado.pdf: 5627687 bytes, checksum: 217ef585ddc49cf22c5c6e610d7d133a (MD5) Previous issue date: 2012 / Nenhuma / A crescente utilização da tecnologia e dos sistemas de informação, tornou a tecnologia um aliado na gestão das organizações. Neste ambiente, os riscos inerentes à tecnologia da informação (TI) e aos processos de negócios (riscos corporativos) podem impactar de forma negativa os resultados das corporações. É mediante a gestão destes riscos que as organizações podem explorar suas oportunidades e reduzir suas fraquezas, evitando assim perdas desnecessárias. O foco deste trabalho se concentrou em analisar a relação entre a gestão de riscos da tecnologia da informação (TI) e a gestão dos riscos corporativos, mediante um estudo fundamentado teoricamente que foi aprofundado em um estudo de caso único. Evidenciou-se o tipo de pesquisa metodológica como um estudo de caso exploratório de natureza aplicada, com abordagem qualitativa. A coleta de dados foi realizada a partir de múltiplas fontes, tais como: entrevistas, questionário e documentos, as entrevistas foram tratadas mediante utilização do software para as análises léxicas. Os resultados decorrentes desta pesquisa indicaram que no caso investigado não existe um processo formal de gerenciamento de riscos de TI, apesar de existirem iniciativas pontuais. Já em se tratando dos riscos corporativos a atuação do comitê de riscos foi identificada, porém a estrutura instaurada não contempla a gestão do risco do tipo operacional, neste prisma os dados indicaram oportunidades de melhorias da relação entre a gestão dos riscos de TI e riscos corporativos. / The increasing use of technology and information systems became the technology an ally in the management of organizations. In this environment, the risks of information technology (IT) and business processes (enterprise risk) may impact in a negative way the results of the corporations. It is through the management of these risks that organizations can exploit opportunities and reduce their weaknesses, thus avoiding unnecessary losses. The focus of this work is concerned on analyzing the relationship between the risk management of information technology (IT) and management of corporative risk, it is a study based upon a theory that was detailed in a single case study. It became evident the kind of research methodology as an exploratory case study of an applied nature, with a qualitative approach. Data collection was performed from multiple sources such as interviews, questionnaires and documents, interviews were treated by use of software for the lexical analyzer. The results arising from this research indicated that in the case investigated there is no formal process for managing IT risks, although there are specific initiatives. Already in the case of corporate risk committee of the performance of risk has been identified, but the structure does not include established risk management of the type operating, in this perspective the data indicated opportunities for improvement of the relationship between IT risk management and corporate risk. Gestão de riscos Tecnologia da informação ISO 31000 COBIT Risk management Information technology
76	Análise da relação entre risco operacional e processos tecnológicos Campos, Rafael Herden 22 May 2014 (has links) Submitted by William Justo Figueiro (williamjf) on 2015-07-28T22:16:30Z No. of bitstreams: 1 33d.pdf: 6041070 bytes, checksum: c6dbddb70ba9aae55a9e5afd3175dd9a (MD5) / Made available in DSpace on 2015-07-28T22:16:30Z (GMT). No. of bitstreams: 1 33d.pdf: 6041070 bytes, checksum: c6dbddb70ba9aae55a9e5afd3175dd9a (MD5) Previous issue date: 2014-05-22 / Nenhuma / O objetivo deste estudo é analisar as relações entre risco operacional e processos tecnológicos. São analisados os 34 processos pertencentes ao modelo de governança Cobit versão 4.1 com o auxilio de recurso computacional ligado à aprendizagem de máquina para extração de conhecimento - Data Mining. O método utilizado para desenvolvimento deste estudo foi definido como Design Research. Foram coletadas 341 respostas sobre os processos de governança de TI de 140 empresas localizadas principalmente no estado do Rio Grande do Sul. Para aplicação da mineração de dados foi utilizado o software de código aberto Waikato Environment for Knowledge Analysis (Weka), com o uso de algoritmos de geração de agrupamentos, seleção de atributos, classificação e associação. Os dados obtidos evidenciam que o processo com maior nível de maturidade nas 140 empresas pesquisadas é o ES5 – Garante a segurança dos sistemas, enquanto que o de menor nível é o PO7 – Gerencia os recursos humanos de TI. Os resultados também indicam que entre os 34 processos, PO7 - Gerencia os recursos humanos de TI, PO10 – Gerencia os projetos, AI1 – Identifica soluções de automação, AI2 – Adquiri e mantém software aplicativo, PO8 – Gerencia a qualidade são os processos de governança que possuem maior relação com a avaliação e gerenciamento de riscos (PO9). / The objective of this study is to analyze the relation between operational risk and technological processes. 34 processes were analyzed belonging to the governance model COBIT version 4.1, with the aid of a computational resource associated with machine learning for knowledge extraction, known as Data Mining. The method used to conduct this study is defined as Design Research. It was collected 341 replies about the IT governance processes of 140 companies, located, mainly in the state of Rio Grande do Sul. For the application of Data Mining was used a software open source called Waikato Environment for Knowledge Analysis (Weka), using algorithms to generate clusters, attribute selection, classification and association. The obtained data show that the process with the highest level of maturity in the surveyed 140 companies is the ES5 - it ensures the security of the systems, while the lowest level is the PO7 - which Manage Human resources in IT. The results also show that between 34 processes, those which have greater relations with P09 - evaluating and managing risks, are the governance processes PO7 - Managing Human Resources in IT, PO10 - managing the projects, Al1 - Identifies automation solutions, Al2 - acquire and maintain application software, PO8 - Management the quality. Governança de TI Riscos operacionais Cobit Data mining IT governance Operational risks
77	Governança de TI: eficiência na GTI: um estudo de caso no segmento de telefonia móvel Monteiro, Daniela Wariss 18 February 2009 (has links) Made available in DSpace on 2016-04-25T16:45:14Z (GMT). No. of bitstreams: 1 Daniela Wariss Monteiro.pdf: 2225041 bytes, checksum: 8895c4a5f8d078eae0cbc8cfc5856db0 (MD5) Previous issue date: 2009-02-18 / The goal of this work is to analyze by means of a case study the IT governance processes in a mobile phone company. First, it intends to verify if the controls required by these processes incur in bureaucratic dysfunctions and then to suggest ways for a gradually effective implementation. In order to comprehend how a certain implementation was made, it was carryed out a comparative between the situation before and after of the implementation. Also, interviews were done to verify if the individuals who work on the organization were satisfied with the result. The choice of the mobile phone sector is due to the large investments in technological and procedural innovations and to the strategic role played by IT within this sector, which aggregates value to the company. Since technological processes have been decisive in IT and in the whole company, IT area is not more only that one that provides technological services but plays a fundamental role in the general structure of the company. Dealing with the present case, some questions arise: Is IT governance effective or it has become a merely bureaucratic process? Are there advantages in its implantation? Do the individuals need to be prepared for the change? Does the market require these modifications? Are the certifications important to the phone companies? Has the quality of deliveries improved? Are the controls more effective without the utilization of frameworks? If they are, how do these controls burden the company? What kind of improvements could be done to make IT governance processes better? In order to answer such questions, a theoretical study on IT governance and bureaucracy has been done aiming to investigate their similarities and find out that some bureaucratic dysfunctions are present also in governance, even tough this kind of problems tends to be not considered or even neglected , preventing critical attitudes necessary to find practices solutions / O objetivo desta dissertação é analisar, mediante estudo de caso, os processos de governança de TI em uma organização de telefonia móvel. Pretende-se, em primeiro lugar, verificar se os controles exigidos por esses processos incorrem em disfunções burocráticas e, depois, sugerir caminhos para uma implementação gradualmente eficaz. Buscando compreender como uma determinada implementação foi efetuada, realizou-se um comparativo entre a situação antes e depois de tal implementação, além de aplicação de entrevistas a fim de verificar se os indivíduos que trabalham na organização ficaram satisfeitos com o resultado. Escolheu-se o setor de telefonia móvel porque é um segmento que possui grandes investimentos em inovações tecnológicas e processuais, dentro do qual a área de TI possui um papel estratégico agregando valor para a organização. Na verdade, como os processos tecnológicos tornam-se determinantes para o funcionamento da área de TI e, conseqüentemente, para a própria organização, a área de tecnologia passa a desempenhar um papel fundamental na estrutura geral da organização, deixando de ser apenas aquela que provê serviços técnicos. Diante do caso em questão surgem questionamentos como: a governança de TI é eficaz ou se tornou apenas um processo burocrático? Existem vantagens na sua implantação? Os indivíduos precisam estar preparados para a mudança? O mercado exige essas modificações? As certificações são importantes às empresas de telefonia? A qualidade dos entregáveis melhorou? Os controles são mais efetivos sem a utilização dos frameworks? Se sim, em que onera a organização efetivar estes controles? Quais melhorias podem ser feitas para aperfeiçoar os processos de governança de TI? Para responder a tais perguntas foi efetuado um estudo teórico tanto de governança de TI, como de burocracia, no intuito de investigar suas similaridades e de perceber que algumas disfunções burocráticas também existem na governança, embora problemas do tipo tendam a ser desconsiderados ou mesmo negligenciados , dificultando a tomada de postura crítica necessária para se buscar soluções práticas Governança de TI ITIL COBIT PMI Telefonia celular Burocracia IT governance Bureaucracy
78	INNO IT Framework, Innovation in IT Governance / Řízení informačních služeb Šimková, Eva January 2004 (has links) The main topic of this thesis is IT innovation management which is very up to date theme as a research within the thesis documents. IT innovation should be managed jointly with the IT Governance to support effectiveness of IT and competitiveness of the whole company.
79	Issues in IT Governance & IT service management - a study of their adoption in Australian universities Grewal, Sandeep Kaur, n/a January 2006 (has links) IT service management (ITSM) has emerged as one of the approaches to implementing IT Governance in Australian Universities. A number of ITSM frameworks have been proposed however, IT Infrastructure Library (ITIL) and Control OBjectives for Information and related Technology (COBIT) have been most widely accepted and implemented internationally and within Australia. The research reported in this thesis was undertaken to shed light on the issues related to ITIL adoption and implementation within Australian universities. To date academic research in ITIL adoption and implementation has not been extensive as it is comparatively a new framework, especially within Australian universities. The theoretical framework proposed in this thesis has IT service management as the central concept, implementing IT Governance to align the university and technology. This framework is used to examine the experience of ITIL adoption in seven Australian universities, plus a detailed case study on one university�s experience. This research reveals a complex web of factors relating to ITIL implementation including; the pre-implementation process; processes implemented; order of implementation; hiring external expertise;, tool selection;, staff training; ongoing assessments; managing cultural change; managing learning curve and resource strain. The findings provide an insight into practical lessons for other Australian universities or similar organisations considering implementing IT Governance through IT Service management frameworks. The method used in this research may be useful for other organisations and researchers analysing universities and similar organisations implementing ITIL. IT Governance and IT service management frameworks are diverse and important areas which open a poorly researched field for further work. IT service management ITSM Australian universities IT Infrastructure Library ITIL COBIT IT Governance
80	IT Governance & Management : An ability to be more efficient and competitive Salavati, Sadaf January 2007 (has links) <p>This thesis is written about IT Governance and Management, a phenomenon which can result in higher efficiency and stronger competition for the organization or enterprise in mind. By implementing good IT Governance and Management, IT can support business goals and optimize investments in IT while at the same time IT manages risks and opportunities.</p><p>The main case study is done at County Administrative Board of Kronoberg where Kronoberg County is counted as one of the smaller counties in Sweden. The County Administrative Board of Kronoberg has an awareness of the importance of good and effective IT Governance and Management even though there is room for improvement.</p> IT Governance Management Corporate Governance CobiT Balance Scorecard Governance Arrangement Matrix Governance Performance Survey County Administrative Board of Kronoberg Informatics Informatik

Search results