Objectives of the Presentation
Why Should you Attend
- Establishing processes for sustainable risk management
- Critical IT risk assessment success factors
- Evaluating IT Risk Countermeasures
- Identifying risks in controls
- Ensuring governance alignment
- Deploying an integrated governance strategy
As a framework, IT governance enables a "system of controls" assisting in assuring organizational goals and objectives are achieved effectively and efficiently. "Integrating COBIT with COSO and other frameworks" highlights IT governance alignment considerations for information and related technology. Didactically, this webinar covers five focus areas for merging COBIT with the entity's adopted frameworks to enable effective and efficient design and operation of an organizational system of controls. In terms of managerial design content, this webinar will convey the necessary ingredients for establishing appropriate governance, risk management, and compliance. Furthermore, in this webinar, we will discuss operational control system deployments using COBIT and COSO domains as the foundational frameworks for ensuring entity-wide adaptability.
At the end of this session, the speaker will handle your specific questions and address any challenges you have/had in setting Integrating COBIT with other frameworks.
By attending, you will learn:
Who can Benefit
- Requirements for total governance integration and alignment
- Extracting convergence points when integrating frameworks
- Architectural conceptualization to achieve framework integration
- COBIT and COSO program, system, process, and activity considerations that sustain cohesiveness with other frameworks
- Audit Committee Members
- Risk Management Executives
- Chief Audit Executives
- External Audit Partners
- Chief Executive Officers
- Chief Financial Officers
- Chief Information Officers
- Compliance Executives
- Chief Information Security Officers
An entity's control environment (CE) can provide discipline and structure to processes ensuring operational, financial, and compliance requirements are adequately addressed. As an integrated component, technology has and will continue to influence the CE as well as assume activity change agent responsibility. Nevertheless, technological development and deployment is inextricably connected to the economic, social, political, and informational factors that prevail in the entity's CE.
Managements' interest in, and awareness of, IT capabilities (including those performed for the entity by Third Party Providers (TPPs)) is important in establishing an entity-wide consciousness of control issues. To determine appropriate IT control issues, an entity's CE normally requires management define control emphasis through 'assessments of importance' between IT domain criteria and entity objectives.
Derivatively, an entity's CE affects the IT organizational structure. Centralized structures often have a single computer processing strategy and use a single set of systems and infrastructure software, enabling tighter management control over the IT architecture. Alternatively, in decentralized structures, each profit or cost center generally has its own computer processing strategy, application programs, and infrastructure software, which may result in differences in policies and procedures and various levels of compliance at each location. Regardless, IT policies and procedures should demonstrate alignment with the entity's mission.