Enterprises that effectively govern their information technology achieve their IT and business goals more frequently, according to a study of 538 organizations worldwide. Commissioned by ISACA and conducted by the IT Alignment and Governance Research Institute, the study examined the business outcomes of implementing the COBIT and Val IT frameworks.
“The study revealed a strong relationship between the implementation of COBIT and Val IT processes and the achievement of IT goals—and a strong relationship between the achievement of IT goals and the achievement of business goals,” said Wim Van Grembergen, co-author of the report and professor at the University of Antwerp and the University of Antwerp Management School. “As a result, a strong business case exists that shows the benefits enterprises achieve when using COBIT and Val IT.”
The survey also identified which COBIT and Val IT processes are most frequently and fully implemented.
“The results show that enterprises are still focusing more on operational issues - implementation, delivery and support - than on the equally important planning and monitoring issues, indicating that there is room for improvement,” said Steven De Haes, also a co-author of the report and professor at the University of Antwerp and University of Antwerp Management School.
According to respondents, most of the top five most fully implemented COBIT processes at organizations around the world are in the Deliver and Support (DS) domain, with one each in the Acquire and Implement (AI) and the Monitor and Evaluate (ME) domains:
1. Manage the physical environment. (DS12)
“The study revealed a strong relationship between the implementation of COBIT and Val IT processes and the achievement of IT goals—and a strong relationship between the achievement of IT goals and the achievement of business goals,” said Wim Van Grembergen, co-author of the report and professor at the University of Antwerp and the University of Antwerp Management School. “As a result, a strong business case exists that shows the benefits enterprises achieve when using COBIT and Val IT.”
The survey also identified which COBIT and Val IT processes are most frequently and fully implemented.
“The results show that enterprises are still focusing more on operational issues - implementation, delivery and support - than on the equally important planning and monitoring issues, indicating that there is room for improvement,” said Steven De Haes, also a co-author of the report and professor at the University of Antwerp and University of Antwerp Management School.
According to respondents, most of the top five most fully implemented COBIT processes at organizations around the world are in the Deliver and Support (DS) domain, with one each in the Acquire and Implement (AI) and the Monitor and Evaluate (ME) domains:
1. Manage the physical environment. (DS12)
2. Manage service desk and incidents. (DS8)
3. Acquire and maintain technology infrastructure. (AI3)
4. Ensure systems security. (DS5)
5. Ensure compliance with external requirements. (ME3)
While many similar findings existed among regions, some key differences were identified. European organizations, for instance, reported a fuller implementation status than most North American and Asian enterprises, particularly for P09 Assess and manage IT risks. This finding is likely due to the impact of regulatory requirements such as Basel II. North America reported the highest implementation score for ME2 Monitor and evaluate internal control—likely due to the Sarbanes-Oxley Act. Asia outperformed other regions for AI1 Identify automated solutions, which is most likely explained by the presence of many outsourced service providers that develop systems.
SecurityPark.co.uk
While many similar findings existed among regions, some key differences were identified. European organizations, for instance, reported a fuller implementation status than most North American and Asian enterprises, particularly for P09 Assess and manage IT risks. This finding is likely due to the impact of regulatory requirements such as Basel II. North America reported the highest implementation score for ME2 Monitor and evaluate internal control—likely due to the Sarbanes-Oxley Act. Asia outperformed other regions for AI1 Identify automated solutions, which is most likely explained by the presence of many outsourced service providers that develop systems.
SecurityPark.co.uk
No comments:
Post a Comment