Concise Governance
Governance is an often used term that can mean a wide range of things to different organizations. To us - Governance means understanding what is expected from a person, business unit or whole organization, and then putting the control framework in place to ensure that the expected performance is attained and maintained over time.
Many organizations have confused effective governance with frameworks such as Sarbanes-Oxley, which can be time consuming to implement and provide little value to an organization if the focus is solely compliance.
Our approach is to work with your Executive Leadership to understand what your vision is for Governance, or IT Governance and then to help execute strategies to realize that vision.
Some of the frameworks that we use to assist us in these types of projects include:
GAIT - controls rationalization approach for IT Sarbanes-Oxley, developed by the Institute of Internal Auditors
ISO 38500 - International Standard for Corporate Governance of Information Technology
IT Unified Compliance Framework - A harmonized set of IT controls that eliminate having to maintain multiple controls sets to comply with different standards.
ValIT - A controls framwork from ISACA that focuses on the VALUE that IT can deliver to organizations.
We believe that by using 'best-of-the-best' of existing frameworks, and applying our philosophy that Governance is primarily about making sure that people are doing the right things for an organization, not in service to a particular compliance objective we can achieve lasting value for our clients in this area.
Many organizations have confused effective governance with frameworks such as Sarbanes-Oxley, which can be time consuming to implement and provide little value to an organization if the focus is solely compliance.
Our approach is to work with your Executive Leadership to understand what your vision is for Governance, or IT Governance and then to help execute strategies to realize that vision.
Some of the frameworks that we use to assist us in these types of projects include:
GAIT - controls rationalization approach for IT Sarbanes-Oxley, developed by the Institute of Internal Auditors
ISO 38500 - International Standard for Corporate Governance of Information Technology
IT Unified Compliance Framework - A harmonized set of IT controls that eliminate having to maintain multiple controls sets to comply with different standards.
ValIT - A controls framwork from ISACA that focuses on the VALUE that IT can deliver to organizations.
We believe that by using 'best-of-the-best' of existing frameworks, and applying our philosophy that Governance is primarily about making sure that people are doing the right things for an organization, not in service to a particular compliance objective we can achieve lasting value for our clients in this area.