Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
12 Cards in this Set
- Front
- Back
What is the objective of corporate governance?
|
What is to resolve the conflicting objectives of exploiting available opportunities to increase stakeholder value while keeping the org's operations w/in the limits of regulatory requirements and social obligations.
|
|
What does IT governance help ensure? And what two issues does it concern?
|
What is the alignment of IT and enterprise objectives.
1. IT delivers value to the busn (driven by strategic alignment of IT with the busn). 2. Risks are managed - driven by establishing accountability |
|
Who has responsibility for IT governance?
|
Who are the board of directors and executive mgmt
|
|
What are the Key IT governance practices for exec mgmt?
|
What are:
1. IT strategy committee 2. Risk mgmt process 3. IT balanced scorecard |
|
What does an IT strategy committee monitor?
|
What are:
1. IT value 2. Risks and performance 3. info to the board to support decisions |
|
What is the importance of performing a Busn impact analysis (BIA) for Busn Continuity?
|
To understand the cost of interruption and identify which applications and process are most critical to the continued functioning of the organization
|
|
What is the difference bw the Recovery Time Objective (RTO) and the Recovery Point Obj (RPO)?
|
RTO:
1. determined based on acceptable downtime in case of disruption. 2. Indicates earliest point in time at which the busn ops must resume af disaster RPO 1. determined based on acceptable data loss in case of disruption. 2. indicates the date and time or synch pt that systems and data will be restored based on availability of backup media |
|
How risks are measured
|
What are:
1. Qualitative - defining as high, med and low. 2. Semi-qualitative - defining to a numeric scale 3. Quantitative - applying several values including financial, and calculating probability and impact. |
|
What is the purpose of segregation of duties
|
What is to reduce or eliminate busn risk through the identification of compensating controls.
|
|
Which specific duties should be segregated?
|
What is custody of assets and authorization and recording of transactions.
|
|
What are IT Governance Focus Areas?
|
What are:
1. Strategic alignment 2. Value delivery 3. Risk Mgmt 4. Resource Mgmt 5. Performance Mgmt |
|
What is the structure of an IT Balanced Scorecard?
|
What is:
1. Mission 2. Strategies 3.Measures |