PO11 Process Description. Implementing and maintaining quality management standards and systems by providing for distinct development phases, clear deliverables and explicit responsibilities.
Quality Plan - develop and regularly maintain an overall quality plan based on the organizational and information technology long-range plansQuality Assurance - Management should establish a standard approach regarding quality assurance which covers both general and project-specific quality assurance activities. The approach should prescribe the type(s) of quality assurance activities (such as review, audits, inspections, etc.) to be performed to achieve the objectives of the general quality plan. 3. Key Goal Indicators 4. 5. 6. PO10 Manage Projects. A programme and project management framework for the management of all IT projects is established.
The framework ensures the correct prioritisation and co-ordination of all projects. The framework includes a master plan, assignment of resources, definition of deliverables, approval by users, a phased approach to delivery, QA, a formal test plan, and testing and post-implementation review after installation to ensure project risk management and value delivery to the business. PO9 Assess and Manage IT Risks. A risk management framework is created and maintained.
The framework documents a common and agreed-upon level of IT risks, mitigation strategies and residual risks. Any potential impact on the goals of the organisation caused by an unplanned event is identified, analysed and assessed. Risk mitigation strategies are adopted to minimise residual risk to an accepted level. The result of the assessment is understandable to the stakeholders and expressed in financial terms, to enable stakeholders to align risk to an acceptable level of tolerance.
PO08 Ensure compliance with external requirements. Objetivos de control detallados del proceso PO8.1 Sistema de administración de calidad Establecer y mantener un QMS que proporcione un enfoque estándar, formal y continuo, con respecto a la administración de la calidad, que esté alineado con los requerimientos del negocio.
El QMS identifica los requerimientos y los criterios de calidad, los procesos claves de TI, y su secuencia e interacción, así como las políticas, criterios y métodos para definir, detectar, corregir y prever las no conformidades. PO7 Manage IT Human Resources. CobiT definition: A competent workforce is acquired and maintained for the creation and delivery of IT services to the business.
This is achieved by following defined and agreed-upon practices supporting recruiting, training, evaluating performance, promoting and terminating. This process is critical, as people are important assets, and governance and the internal control environment are heavily dependent on the motivation and competence of personnel.
Control over the IT process of Manage IT human resources that satisfies the business requirement for IT of acquiring competent and motivated people to create and deliver IT services by focusing on hiring and training personnel, motivating through clear career paths, assigning roles that correspond with skills, establishing a defined review process, creating position descriptions and ensuring awareness of dependency on individuals is achieved by. PO6 Communicate Management Aims and Direction. PO5 Manage the IT Investment. CobiT definition: A framework is established and maintained to manage IT-enabled investment programmes and that encompasses cost, benefits, prioritisation within budget, a formal budgeting process and management against the budget.
Stakeholders are consulted to identify and control the total costs and benefits within the context of the IT strategic and tactical plans, and initiate corrective action where needed. The process fosters partnership between IT and business stakeholders; enables the effective and efficient use of IT resources; and provides transparency and accountability into the total cost of ownership (TCO), the realisation of business benefits and the ROI of IT-enabled investments. Control over the IT process of Manage the IT investment.
PO4 Define the IT Processes, Organisation and Relationships. CobiT definition: An IT organisation is defined by considering requirements for staff, skills, functions, accountability, authority, roles and responsibilities, and supervision.
PO03 COBIT. Objetivos de control detallados del proceso PO3.1 Planeación de la dirección tecnológica Analizar las tecnologías existentes y emergentes y planear cuál dirección tecnológica es apropiado tomar para materializar la estrategia de TI y la arquitectura de sistemas del negocio.
PO2 Define the Information Architecture. The information systems function creates and regularly updates a business information model and defines the appropriate systems to optimise the use of this information.
This encompasses the development of a corporate data dictionary with the organisation’s data syntax rules, data classification scheme and security levels. PO1 Define a Strategic IT Plan.