Enterprise governance is an emerging term that describes a framework covering both the corporate governance and the business governance aspects of an organization. Control Objectives for Information and Related Technology (COBIT), Committee of Sponsoring Organizations of the Treadway Commission (COSO), Factor Analysis of Information Risk (FAIR), and Information Technology Infrastructure Library (ITIL) are considered some of the governance framework that are being used, explain your understanding on them and provide the function of each framework.
a. Enterprise governance is an emerging term that describes a framework covering both the corporate governance and the business governance aspects of an organization. Control Objectives for Information and Related Technology (COBIT), Committee of Sponsoring Organizations of the Treadway Commission (COSO), Factor Analysis of Information Risk (FAIR), and Information Technology Infrastructure Library (ITIL) are considered some of the governance framework that are being used, explain your understanding on them and provide the function of each framework.
b. It is considered that Organizational Structure is also one of the key components of governance because it identifies the key decision-making entities in an enterprise. For that being said, enumerate at least three (3) organizational structures and discuss its role and function to the organization.
c. Business Continuity Planning (BCP) is the process of creating a system of prevention and recovery from potential threats to a company. The plan ensures that personnel and assets are protected and can function quickly in the event of a disaster. In that regard, illustrate theimportance of having a Business Continuity Plan. Also, explain the downsides of not having one, as well.
d. In prevention and recovery from potential threats to the IT of a company, the same will be known as Disaster Recovery Plan (DRP). DRP is a formal document created by an organization that contains detailed instructions on how to respond to unplanned incidents such as natural disasters, Human-made disasters, and system failures. It contains strategies on minimizing the effects of a disaster on the information technology (IT) of an organization to continue to operate or quickly resume key operations. As an IS auditor conducting an audit of DRP, identify and explain the following procedures that must be observed.
Trending now
This is a popular solution!
Step by step
Solved in 5 steps