Search results for: COBIT
Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 7

Search results for: COBIT

7 An E-Government Implementation Model for Peruvian State Companies Based on COBIT 5.0: Definition and Goals of the Model

Authors: M. Bruzza, M. Tupia, F. Rodríguez

Abstract:

As part of the regulatory compliance process and the streamlining of public administration, the Peruvian government has implemented the National E-Government Plan in all state institutions with the aim of providing citizens with solid services based on the use of Information and Communications Technologies (ICT). As part of the regulations, the requisites to be met by public institutions have been submitted. However, the lack of an implementation model was detected, one that can serve as a guide to such institutions in order to materialize the organizational and technological structures needed, which allow them to provide the required digital services. This paper develops an implementation model of electronic government (e-government) for Peru’s state institutions, in compliance with current regulations based on a COBIT 5.0 framework. Furthermore, the paper introduces phase 1 of this model: business and IT goals, the goals cascade and the future model of processes.

Keywords: e-government, u-government, COBIT, implementation model

Procedia PDF Downloads 326
6 Evaluation of Information Technology Governance Frameworks for Better Governance in South Africa

Authors: Memory Ranga, Phillip Pretorious

Abstract:

The South African Government has invested a lot of money in Information Technology Governance (ITG) within the Government departments. The ITG framework was spearheaded by the Department of Public Service and Administration (DPSA). This led to the development of a governing ITG DPSA framework and later the Government Wide Enterprise Architecture (GWEA) Framework for assisting the departments to implement ITG. In addition to this, the government departments have adopted the Information Systems Audit and Control Association (ISACA) Control Objectives for Information and Related Technology (COBIT) for ITG processes. Despite all these available frameworks, departments fail to fully capitalise and improve the ITG processes mainly as these are too generic and difficult to apply for specific governance needs. There has been less research done to evaluate the progress on ITG initiatives within the government departments. This paper aims to evaluate the existing ITG frameworks within selected government departments in South Africa. A quantitative research approach was used in this study. Data was collected through an online questionnaire targeting ICT Managers and Directors from government departments. The study is undertaken within a case study and only the Eastern Cape Province was selected for the research. Document review mainly on ITG framework and best practices was also used. Data was analysed using the Google Analytic tools and SPSS. A one–sample Chi-Squared Test was used to verity the evaluation findings. Findings show that there is evidence that the current guiding National governance framework (DPSA) is out dated and does not accommodate the new changes in other governance frameworks. The Eastern Cape Government Departments have spent huge amount of money on ITG but not yet able to identify the benefits of the ITG initiatives. The guiding framework is rigid and does to address some of the departmental needs making it difficult to be flexible and apply the DPSA framework. Furthermore, despite the large budget on ITG, the departments still find themselves with many challenges and unable to improve some of the processes and services. All the engaged Eastern Cape departments have adopted the COBIT framework, but none has been conducting COBIT maturity Assessment which is a functionality of COBIT. There is evidence of too many the ITG frameworks and underutilisation of these frameworks. The study provides a comprehensive evaluation of the ITG frameworks that have been adopted by the South African Government Departments in the Eastern Cape Province. The evaluation guides and recommends the government departments to rethink and adopt ITG frameworks that could be customised to accommodate their needs. The adoption and application of ITG by government departments should assist in better governance and service delivery to the citizens.

Keywords: information technology governance, COBIT, evaluate, framework, governance, DPSA framework

Procedia PDF Downloads 123
5 Education Quality Development for Excellence Performance with Higher Education by Using COBIT 5

Authors: Kemkanit Sanyanunthana

Abstract:

The purpose of this research is to study the management system of information technology which supports the education of five private universities in Thailand, according to the case studies which have been developing their qualities and standards of management and education by service provision of information technology to support the excellence performance. The concept to connect information technology with a suitable system has been created by information technology administrators for development, as a system that can be used throughout the organizations to help reach the utmost benefits of using all resources. Hence, the researcher as a person who has been performing these duties within higher education is interested to do this research by selecting the Control Objective for Information and Related Technology 5 (COBIT 5) for the Malcolm Baldrige National Quality Award (MBNQA) of America, or the National Award which applies the concept of Total Quality Management (TQM) to the organization evaluation. Such evaluation is called the Education Criteria for Performance Excellence (EdPEx) focuses on studying and comparing education quality development for excellent performance using COBIT 5 in terms of information technology to study the problems and obstacles of the investigation process for an information technology system, which is considered as an instrument to drive all organizations to reach the excellence performance of the information technology, and to be the model of evaluation and analysis of the process to be in accordance with the strategic plans of the information technology in the universities. This research is conducted in the form of descriptive and survey research according to the case studies. The data collection were carried out by using questionnaires through the administrators working related to the information technology field, and the research documents related to the change management as the main study. The research can be concluded that the performance based on the APO domain process (ALIGN, PLAN AND ORGANISE) of the COBIT 5 standard frame, which emphasizes concordant governance and management of strategic plans for the organizations, could reach only 95%. This might be because of some restrictions such as organizational cultures; therefore, the researcher has studied and analyzed the management of information technology in universities as a whole, under the organizational structures, to reach the performance in accordance with the overall APO domain which would affect the determined strategic plans to be able to develop based on the excellence performance of information technology, and to apply the risk management system at the organizational level into every performance process which would develop the work effectiveness for the resources management of information technology to reach the utmost benefits. 

Keywords: COBIT5, APO, EdPEx Criteria, MBNQA

Procedia PDF Downloads 326
4 Audit and Assurance Program for AI-Based Technologies

Authors: Beatrice Arthur

Abstract:

The rapid development of artificial intelligence (AI) has transformed various industries, enabling faster and more accurate decision-making processes. However, with these advancements come increased risks, including data privacy issues, systemic biases, and challenges related to transparency and accountability. As AI technologies become more integrated into business processes, there is a growing need for comprehensive auditing and assurance frameworks to manage these risks and ensure ethical use. This paper provides a literature review on AI auditing and assurance programs, highlighting the importance of adapting traditional audit methodologies to the complexities of AI-driven systems. Objective: The objective of this review is to explore current AI audit practices and their role in mitigating risks, ensuring accountability, and fostering trust in AI systems. The study aims to provide a structured framework for developing audit programs tailored to AI technologies while also investigating how AI impacts governance, risk management, and regulatory compliance in various sectors. Methodology: This research synthesizes findings from academic publications and industry reports from 2014 to 2024, focusing on the intersection of AI technologies and IT assurance practices. The study employs a qualitative review of existing audit methodologies and frameworks, particularly the COBIT 2019 framework, to understand how audit processes can be aligned with AI governance and compliance standards. The review also considers real-time auditing as an emerging necessity for influencing AI system design during early development stages. Outcomes: Preliminary findings indicate that while AI auditing is still in its infancy, it is rapidly gaining traction as both a risk management strategy and a potential driver of business innovation. Auditors are increasingly being called upon to develop controls that address the ethical and operational risks posed by AI systems. The study highlights the need for continuous monitoring and adaptable audit techniques to handle the dynamic nature of AI technologies. Future Directions: Future research will explore the development of AI-specific audit tools and real-time auditing capabilities that can keep pace with evolving technologies. There is also a need for cross-industry collaboration to establish universal standards for AI auditing, particularly in high-risk sectors like healthcare and finance. Further work will involve engaging with industry practitioners and policymakers to refine the proposed governance and audit frameworks. Funding/Support Acknowledgements: This research is supported by the Information Systems Assurance Management Program at Concordia University of Edmonton.

Keywords: AI auditing, assurance, risk management, governance, COBIT 2019, transparency, accountability, machine learning, compliance

Procedia PDF Downloads 24
3 Towards A New Maturity Model for Information System

Authors: Ossama Matrane

Abstract:

Information System has become a strategic lever for enterprises. It contributes effectively to align business processes on strategies of enterprises. It is regarded as an increase in productivity and effectiveness. So, many organizations are currently involved in implementing sustainable Information System. And, a large number of studies have been conducted the last decade in order to define the success factors of information system. Thus, many studies on maturity model have been carried out. Some of this study is referred to the maturity model of Information System. In this article, we report on development of maturity models specifically designed for information system. This model is built based on three components derived from Maturity Model for Information Security Management, OPM3 for Project Management Maturity Model and processes of COBIT for IT governance. Thus, our proposed model defines three maturity stages for corporate a strong Information System to support objectives of organizations. It provides a very practical structure with which to assess and improve Information System Implementation.

Keywords: information system, maturity models, information security management, OPM3, IT governance

Procedia PDF Downloads 447
2 Measurement Tools of the Maturity Model for IT Service Outsourcing in Higher Education Institutions

Authors: Victoriano Valencia García, Luis Usero Aragonés, Eugenio J. Fernández Vicente

Abstract:

Nowadays, the successful implementation of ICTs is vital for almost any kind of organization. Good governance and ICT management are essential for delivering value, managing technological risks, managing resources and performance measurement. In addition, outsourcing is a strategic IT service solution which complements IT services provided internally in organizations. This paper proposes the measurement tools of a new holistic maturity model based on standards ISO/IEC 20000 and ISO/IEC 38500, and the frameworks and best practices of ITIL and COBIT, with a specific focus on IT outsourcing. These measurement tools allow independent validation and practical application in the field of higher education, using a questionnaire, metrics tables, and continuous improvement plan tables as part of the measurement process. Guidelines and standards are proposed in the model for facilitating adaptation to universities and achieving excellence in the outsourcing of IT services.

Keywords: IT governance, IT management, IT services, outsourcing, maturity model, measurement tools

Procedia PDF Downloads 591
1 A Systemic Maturity Model

Authors: Emir H. Pernet, Jeimy J. Cano

Abstract:

Maturity models, used descriptively to explain changes in reality or normatively to guide managers to make interventions to make organizations more effective and efficient, are based on the principles of statistical quality control promulgated by Shewhart in the years 30, and on the principles of PDCA continuous improvement (Plan, Do, Check, Act) developed by Deming and Juran. Some frameworks developed over the concept of maturity models includes COBIT, CMM, and ITIL. This paper presents some limitations of traditional maturity models, most of them based on points of reflection and analysis done by some authors. Almost all limitations are related to the mechanistic and reductionist approach of the principles over those models are built. As Systems Theory helps the understanding of the dynamics of organizations and organizational change, the development of a systemic maturity model can help to overcome some of those limitations. This document proposes a systemic maturity model, based on a systemic conceptualization of organizations, focused on the study of the functioning of the parties, the relationships among them, and their behavior as a whole. The concept of maturity from the system theory perspective is conceptually defined as an emergent property of the organization, which arises from as a result of the degree of alignment and integration of their processes. This concept is operationalized through a systemic function that measures the maturity of an organization, and finally validated by the measuring of maturity in organizations. For its operationalization and validation, the model was applied to measure the maturity of organizational Governance, Risk and Compliance (GRC) processes.

Keywords: GRC, maturity model, systems theory, viable system model

Procedia PDF Downloads 312