6 Principles for a Governance System

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
3 hours 43 minutes
Difficulty
Intermediate
CEU/CPE
4
Video Transcription
00:01
Let's start off with the six principles for a government system as defined by co bit.
00:07
So in this video, we're going to cover the six principles needed for a governance system
00:15
cope. It defined six principles needed for a successful governance system.
00:20
Keep in mind we're talking about the system and not the framework.
00:24
Ah, governance system is the way in which the enterprise will govern and manage its I T resource is to derive business value.
00:32
The principles listed will be necessary to ensure that your I T governance framework is both useful and effective. So let's start with principal. One
00:43
principle, one states that each enterprise requires a governance system to satisfy stakeholder needs.
00:49
So what does that mean exactly?
00:52
It means we need a government system to derive value from the I T department, as opposed to costs being excessively high without bringing in much business value.
01:02
On the other hand, it also means that you need to use I T to get business value from the information and business processes that support the organization's goals and objectives.
01:12
The value that is derived should result in benefits, lowered risks or a risk a line to the risk appetite of the business
01:21
and resource optimization.
01:23
Thus, businesses need an actionable strategy to realize that value
01:29
actionable is the key word here.
01:30
If you have a strategy, but there's no way to implement it, it doesn't add much value.
01:38
Principle. Two states that a government system should be built from components that can be different types and that it should work together.
01:47
Components can be processes, structures, infrastructures, architectures, information, people and more.
01:56
These components can be different.
01:57
So, for example, people and process that should work together. You don't want technology running independently from organizational structures and people. It should work together for a smooth and comprehensive way to manage business assets such as information
02:16
principle. Three addresses the fact that the government system should be dynamic.
02:21
Let's talk about why that is, when you change something in an organization, it usually has ripple effects.
02:27
If a person leaves a certain position, it could affect the entire department who relied on that person for certain information.
02:35
The same goes for technology. If you take out a part of the infrastructure, you need to consider the effect it can have on the entire architecture ER and other processes or systems that use that component.
02:47
So when something has changed in the I T infrastructure, consider the impact it can have on different components, like automated processes.
02:57
Subsequently, we're talking. We're taking on a dynamic view of the I T infrastructure and treating it as such, so creating a dynamic governance system will reflect the actual state of things. And then this dynamic view will create a system that is both viable and lowers risk because it can
03:15
less in future issues. If you take a dynamic view
03:17
of the entire enterprise and its I T systems,
03:22
So why do you think an I T governance framework should be dynamic?
03:27
Can you think of a time when you're governance, when your organization was not dynamic and what problems that caused and created for you?
03:38
So then let's talk about the fourth principle for a governance system that is to distinguish between management and governance activities and structures.
03:46
Remember how we went over the difference between governance and management?
03:51
This is where governance sets the strategic direction for an enterprising man, and then management plans, bills and executes that vision.
04:00
So it's important to distinguish between the two and have activities and structures be differentiated within your governance system.
04:10
Principal five means that the government system should be customized and tailored to the specific business needs.
04:16
Businesses within the same industry will have different needs, objectives and goals.
04:21
No two businesses are the same.
04:25
Thus the governance system needs to be customized to the specific businesses needs.
04:30
Design factors should be parameters in which to customize the governance system.
04:34
It's also important to remember to prioritize your decisions, parameters and customize ations. So you're doing the most pertinent actions first.
04:46
Lastly, the six principle dictates that the governance system should inquire should cover the entire enterprise end to end.
04:54
Don't only focus on the I T department in this government system.
04:58
Include all technology and information located within the company and utilized within the business. Thio achieve business goals and objectives
05:08
cope. It provides ah, holistic and comprehensive way in which to implement I t. Governance
05:14
and naturally you're going to want to cover the enterprise from end to end to ensure that it is effectively governing and managing your I T infrastructures.
05:25
So in this video we talked about the six principles needed for a governance system and how these principles contribute to an I T governance program.
Up Next