4 - information skills and resources
Post on 13-Feb-2016
30 Views
Preview:
DESCRIPTION
TRANSCRIPT
1
4 - Information Skills and Resources
Information Skills and Resources
© Robert G Parker – UW-CISA 2010
4 - Information Skills and Resources – In the Information Age
• Loss of Key Individuals and Their Knowledge Through Downsizing,
Lay-offs and Retirements
• Lack of an Effective Knowledge Management Program
• Difficulty in Retaining Skilled Resources• Lack of a Career• Inability to Offer leading Edge Technology
• Difficulty on Obtaining Appropriately Skilled and Qualified Resources
• Accounting Staff Who Deal with Information Technology Don’t Have the Necessary IT Knowledge and Skills
Acquiring, training, retaining, and managing career expectations of professionals in IT and IT related areas and the loss of knowledge and skills due to outsourcing, departures and retirement
S-2
3
IT Skills and ResourcesPerformance Analyst
Controller
Public Accountant
ERP Business Analyst
IT Auditor
Lead Application Developer
Lawyer
Law Clerk
Top 2011 JobsNot IT Specific
Executive Assistant
Medical Data Entry SpecialistSenior Administrative AssistantSource: Robert Half 2011
4
IT Skills and Resources
Performance Analyst
Controller
Public Accountant
ERP Business Analyst
IT Auditor
Lead Application Developer
Lawyer
Law Clerk
Executive Assistant
Medical Data Entry Specialist
Senior Administrative Assistant
$56,250 - $86,250 Base
$85,500 - $113,750 Average
$65,500 - $84,250 Small Firms
$80,000 - $105,000 Base
$74,500 - $97,000 Base
$78,250 - $109,000 Base
$96,500 - $183,250 Avg 4-9 yrs exp
$44,555 - $54,750 Average
$42,750 - $54,000 Starting
$28,500 - $35,000 Base
$38,000 - $48,250 Starting
Position Salary
Source: Robert Half 2011
5
IT Skills and Resources
The Need For More “Rounded” Employees
6
IT Skills and Resources
ISACA Journal – Volume 3 2010
This article explores the pros, cons and risks of providing the
IT audit and assurance professional with increased
business knowledge and skills
7
Business Reaction
Regulatory Compliance Risk ManagementLack of a comprehensive “Career Management” programLack of leading edge technologyUncompetitive salary and benefitsOut of favour business
Implement retention program for key staff and top talentSeek expanded sourcing for new and replacement positionsEnsure HR programs and benefits are attractive and appropriateImplement training and advancement programsBroaden the skills of existing IT staff (business, accounting, process management)
IT Skills and Resources
8
5 - IT Governance
IT Governance
© Robert G Parker – UW-CISA 2010
IT Governance
• Limited Awareness of the Information Technology Issues
• Poor Alignment of IT with Business and Organization Strategy
• Unclear Responsibility and Accountability
• Lack of Effective and Timely Reporting
Oversight responsibility for the strategic and tactical management for the Planning and Organization, Acquisition and Implementation, Delivery and Support, and Monitoring and Evaluation of the information technology environment.
S-9
• Lack of Effective IT Governance Program
• Lack of Funding for IT Governance Initiatives
• Lack of Support from Management or Board for IT Governance
• Lack of Effective Monitoring or Follow-up
• Lack of interest or Awareness of IT Issues by the Board
1 to
45
to 9
10
• Lack of:• Recognized Framework of Standard• Policies and Procedures to Operationalize Framework or Standard• Lack of Effective Metrics• Lack of Monitoring and Enforcement• Continuous Imperfect Processes
IT Governance
Additional IT Governance Concerns
IT Governance Ranked 5th Overall in This Survey
However
IT Governance (combined with Enterprise Based IT Management) Ranked 2nd Overall in the ISACA 2011 Survey of Top Business/Technology Issues
Governance Models
IT Governance
Models
IT Control Frameworks
COSO
COCO
Cadbury
King
Carver
COBIT
IT CG
ITIL
ISO 38500
ISO 27000 Security
ISO 25999 Continuity
ISO 31000 Risk
IT Governance
12
IT Governance
IT Classification
Type 1: Supports the BusinessType 2: Supports Competitive AdvantageType 3: Provides Competitive AdvantageType 4: Is the Business
IT is often seen in terms of the business process and not as a
“stand alone” item to be discussed at board meetings
The big conundrum
• Nearly one third of respondents where IT was deemed as either a ‘Type 3’ or ‘Type 4’ had no formal board involvement with technology
• Only 11% say they are ‘completely and actively involved in IT strategy’
Source: What Boards Needs to Know About IT
IT Governance
Board and CIO/CTO Interactions
• Only 16% of CIOs/CTOs interact with the board at each board meeting
• There is a lack of involvement in IT by those responsible for enterprise governance
Source: What Boards Needs to Know About IT
IT Governance
Premier IT Leaders polled by
ComputerWorld put these projects at the top
of their to-do lists for 2008
From the Computerworld Computerworld Magazine is a publication of International Data Group Inc.
Strategic Alignment
Governance
Direction
MonitorCompliancePerformance
Align
Deliver Value
IT Governance
“IT governance is the responsibility of the board of directors and executive management. It is an integral part of enterprise governance and consists of the leadership and organizational structures and processes that ensure that the organization’s IT sustains and extends the organization’s strategies and objectives.”
ITGI, Board Briefing on IT Governance
www.itgi.org
www.isaca.org
IT Governance
IT Governance Control Cycle
Source: ITGI
IT Governance
ITGI - IT Governance
Model
18
IT Governance
Business Reaction
IT Governance Risk ManagementNot embracing IT as a business driverNot recognizing the importance and pervasiveness of IT to the success of businessNot implementing and maintaining sustainable risk and compliance initiativesFailure to provide C-suite and boards with appropriate technology focused information
Assign responsibility and accountability for IT GovernanceReview and assess IT governance models and frameworks, and selectImplement appropriate IT governance policies, procedures and systems that are aligned with, and support, enterprise governance initiativesConduct awareness and training
top related