Iso iec 29382 the new standard for ict governance christophe feltus

This document provides an overview and comparison of ITIL, COBIT, and ISO27001 frameworks. ITIL is an IT service management framework that aims to align IT with business needs. COBIT is an IT governance framework that bridges control requirements, technical issues, and business risks. ISO27001 provides a framework for building an information security management system to protect information assets and achieve certification. While the frameworks have different origins and objectives, they can work together to standardize IT processes, implement controls, and manage information security.

IT Governance or Corporate governance of information technology is a subset discipline of corporate governance, focused on information and technology (IT) and its performance and risk management. The interest in IT Governance is due to the ongoing need within organizations to focus value creation efforts on an organization's strategic objectives and to better manage the performance of those responsible for creating this value in the best interest of all stakeholders.

The document summarizes a discussion on governance for the European Open Science Cloud (EOSC). It outlines three levels of governance: institutional, executive/operational, and advisory. The panelists discussed the main purpose of EOSC governance, what should be in and out of scope, and its relation to EuroHPC governance. Crucial elements from stakeholders' perspectives include engaging the community, getting things done through an executive board and working committees, and measuring results. Key working groups for the first implementation phase and concluding remarks on success factors were also presented.

theroom will build a website that goes above and beyond to create brand recognition for your business. By considering your customers every step of the way theroom can deliver a strategic information architecture and an intuitive user experience.

This document summarizes the findings of research conducted by the IT Governance Institute on how business goals drive IT goals. An expert panel from various industries and geographic locations validated lists of 17 business goals and 18 IT goals. The top 10 most important goals were consistent across sectors and included improving customer orientation/service and managing business/IT risks in the top business goals, and ensuring reliable/secure IT services and aligning IT strategy to business strategy in the top IT goals. The research also identified priorities that varied by industry sector.

1. This study examines the challenges faced by IT managers in their management practices. It analyzes the drivers of management practices adopted from an experiential leadership model, including rules, initiatives, integrity, immediate action, and emotions. 2. A mixed-methods approach was used, including focus group discussions and a survey of 149 IT managers and administrators. The survey examined how the managers perceived the importance of each driver in their work. 3. The findings showed that immediate action in response to emergencies was seen as the most important driver. Rules and commitment to rules was seen as the second most challenging impediment faced by IT managers in their work.

This document discusses the roles of Chief Information Officers (CIOs) in government. It covers several topics: - CIOs play an important role in leading public sector transformation for the information age and facilitating e-leadership in government. - National legislation and policies are needed to promote e-leadership and the development of CIO systems within government. - For CIOs to be effective, they must understand government institutional frameworks and work within national ICT policy structures. - Developing human capacity and cross-agency coordination are also important for successful e-government initiatives led by CIOs.

Fujitsu manages over 500,000 ICT assets for customers in Australia and New Zealand, with an annual power and cooling bill of over $42 million and carbon emissions of 150,000 tonnes. Most organizations have an average ICT sustainability score of 53 out of 100, while best practice is 80. Fujitsu worked with customers like Meridian Energy and Qantas to improve their scores through benchmarking, workshops identifying improvement projects, and setting targets to achieve best practice within a year. Meridian achieved a score of 80+ through initiatives like a green IT policy, procurement standards, and executive support. Achieving best practice can save up to $16 million and reduce emissions by 60,000 tonnes annually.

Governance of IT COBIT 5 Background COBIT 5 Other frameworks COBIT 5 Principles COBIT 5 Processes COBIT 5 Control Objectives COBIT 5 Process capability assessment COBIT 5 Implementation guidance

Harley Davidson recognized the need to align IT with its business strategy for continued growth. It implemented an IT governance framework to unite management, IT, and audit functions while preserving company culture. The framework aligned IT decision making with business objectives, managed risks, and ensured IT resources supported business goals. This allowed Harley Davidson to sustain record growth for 20 consecutive years while effectively governing its increasing IT usage and investments.

This document discusses challenges facing the New Zealand health system and opportunities to improve information technology (IT) governance and implement shared services. It notes a highly complex health system with over 3,000 GPs, 82 health organizations, and IT investments accounting for over 9% of GDP. Questions are raised about coordinating change across stakeholders and leveraging scale through a common approach to services. The key barriers to shared services need to be addressed and next steps identified to make progress on this. Strong IT governance is important, clarifying decision rights, accountability, investment priorities, and architecture to encourage better coordination and outcomes from IT.

The presentation is to introduce the Green IT \'Readiness\' Framework to quantify Green IT capability and maturity of organisations

Green-ICT has been invited to present its vision on IT-Goverance related to Green-IT at the World Conference on Green IT in Kuala Lumpur. Enjoy !!

This document summarizes a research study on managerial impediments facing information technology (IT) managers. The study investigated five key drivers of management that can hinder IT managers' ability to implement organizational strategies and objectives: rules, initiatives, emotions, immediate action, and integrity. A survey of 147 IT managers and administrators in Canada found that emotions was the most significant obstacle, followed by rules and immediate action. While various obstacles exist, the findings suggest IT managers must address drivers like emotions and immediate issues in order to better support their competencies and job performance.

This document summarizes a research study on managerial impediments facing information technology (IT) managers. The study investigated five managerial drivers that can hinder IT managers' ability to implement organizational strategies and objectives: rules, initiatives, emotions, immediate action, and integrity. A mixed-methods approach was used, involving focus groups and surveys of 147 IT managers and administrators. The results found that the emotion driver was perceived as the biggest obstacle, followed by rules, immediate action, and initiatives. The study concludes that while various obstacles exist for IT managers, further research is needed to better understand how these impediments affect their competencies and job performance.

Guidelines for writing a literature review applied to the topic of Knowledge Management in SMEs. This paper provides a systematic review of the literature on knowledge management (KM) in small and medium enterprises (SMEs) and SME networks. The main objective is to highlight the state-of-the-art of KM from the management point of view in order to identify relevant research gaps. The review highlights that in recent years the trend of papers on the topic is growing and involves a variety of approaches, methodologies and models from different research areas. The vast majority of papers analysed focus on the topic of KM in the SME while there are only few papers analysing KM in networks populated by SMEs. The content analysis of the papers highlights six areas of investigation from which were derived ten research questions concerning three perspectives: the factors affecting KM; the impact of KM on firm’s performance; the knowledge management systems. to cite this paper: Cerchione, R., Esposito, E., Spadaro, M.R. A literature review on knowledge management in SMEs (2016) Knowledge Management Research and Practice, 14 (2), pp. 169-177. to link to this paper: doi:10.1057/kmrp.2015.12

Some companies have achieved better performance as a result of their IT investments, while others have not, as organizations are interested in calculating the value added by their IT. There is a wide range of literature that agrees that the best practices used by organizations promote continuous improvement in service delivery. Nevertheless, overuse of these practices can have undesirable effects and unquantified investments. This paper proposed a practical tool formally developed according to the DSR design science approach, it addresses a domain relevant to both practitioners and academics by providing IT service governance (ITSG) domain model ontology, concerned with maximizing the clarity and veracity of the concepts within it. The results revealed that the proposed ontology resolved key barriers to ITSG process adoption in organizations, and that combining COBIT and ITIL practices would help organizations better manage their IT services and achieve better business-IT alignment.

Multi-Agent System (MAS) monitoring solutions are designed for a plethora of usage topics. Existing approach mostly used cloned back-end architectures while front-end monitoring interface tends to constitute the real specificity of the solution. These interfaces are recurrently structured around three dimensions: access to informed knowledge, agent’s behavioural rules, and restitution of real-time states of specific system sector. In this paper, we propose prototyping a sector-agnostic MAS platform (Smart-X) which gathers in an integrated and independent platform all the functionalities required to monitor and to govern a wide range of sector specific environments. For illustration and validation purposes, the use of Smart-X is introduced and explained with a smart-mobility case study.

This document provides an agenda and overview for a joint workshop on security modeling hosted by the ArchiMate Forum and Security Forum. The workshop aims to identify opportunities to improve the conceptual and visual modeling of enterprise information security using TOGAF and ArchiMate. The agenda includes introductions, a research spotlight on strengthening role-based access control with responsibility modeling, an open discussion on complementing TOGAF and ArchiMate with enhanced security modeling, and identifying next steps. The workshop purpose is to enable better security architecture decisions and drive usage of TOGAF and ArchiMate for security architecture.

Aligning the business operations with the appropriate IT infrastructure is a challenging and critical activity. Without efficient business/IT alignment, the companies face the risk not to be able to deliver their business services satisfactorily and that their image is seriously altered and jeopardized. Among the many challenges of business/IT alignment is the access rights management which should be conducted considering the rising governance needs, such as taking into account the business actors' responsibility. Unfortunately, in this domain, we have observed that no solution, model and method, fully considers and integrates the new needs yet. Therefore, the paper proposes firstly to define an expressive Responsibility metamodel, named ReMMo, which allows representing the existing responsibilities at the business layer and, thereby, allows engineering the access rights required to perform these responsibilities, at the application layer. Secondly, the Responsibility metamodel has been integrated with ArchiMate® to enhance its usability and benefits from the enterprise architecture formalism. Finally, a method has been proposed to define the access rights more accurately, considering the alignment of ReMMo and RBAC. The research was realized following a design science and action design based research method and the results have been evaluated through an extended case study at the Hospital Center in Luxembourg.

Modeling enterprise risk management and secutity with the archimate language - The Open Group White Paper

Aligning access rights to governance needs with the responsibility meta model (remmo) in the frame of enterprise architecture

Who govern my responsibilities sim a methodology to align business and it policies in the industrial field

This document proposes an innovative systemic approach to risk management across interconnected sectors. It suggests using enterprise architecture models to manage cross-sector risks in Luxembourg's complex ICT ecosystem. The approach would provide regulators an overview of all players and systems, as well as models of different sectors to analyze collected data and risks at a national level, fostering accurate and reactive risk mitigation across economic domains.

This document proposes extending the HL7 standard with a responsibility perspective to better manage access rights to patient health records. It presents the ReMMo responsibility metamodel, which defines actors' responsibilities and associated access rights. The paper aims to align ReMMo with the HL7-based eSanté healthcare platform model in Luxembourg to semantically enhance access controls based on users' real responsibilities rather than just roles. It will first map concepts between the two models, then evaluate the alignment through a prototype applying inference rules.

Solution standard de compensation appliquée à une architecture e business sécurisée

This document presents a study that aims to develop and validate a responsibility model to improve IT governance. It analyzes concepts of responsibility from literature and frameworks like COBIT. The researchers developed a responsibility model with key concepts like obligation, accountability, right, and commitment. They then compare this model to COBIT's representation of responsibility to identify areas for potential enhancement, like adding concepts that COBIT lacks. The document illustrates how the responsibility model could be used to refine COBIT's process for identifying system owners and their responsibilities.