COBIT

Course
Time
4 hours 7 minutes
Difficulty
Intermediate
CEU/CPE
4

Video Transcription

00:00
Hello, everybody. Welcome to lessen fine point forth Coming 2019 Governance. Workflow.
00:07
My name is Alejandro Gina, and I'll be instructor for today's lesson.
00:13
They're learning operatives of this session is to identify and understand covets governance system designed workflow.
00:21
So ah, this what you're saying under screen illustrates that proposed flow for designing a tailor governance system.
00:31
First, we need thio. Understand the enterprise context on Mr Strategy. This means forming up
00:39
our objectives are for me. Points you need to understand is to understand the enterprise is striving itself. Understand? Understand the enterprise goals underst understand that the risk profile, for example, if the company is,
00:54
doesn't want to take much risk because you know it already has a name established or a brand established. But if it is a start up, for example, off a new business or a small business looking to expand, maybe they will take more risk. Or, you know the risk appetite will be higher.
01:14
So and the final question is, to our point is to understand the car ng i t related issues like, for example, do they have a slave's define with the external IittIe fighters? Do they have on into a response plan that they have a business continuity and disaster recovery plan.
01:33
You know, understand everything. So basically understand our contextualize,
01:38
the business and the i t that the place you know what? What role plays? I t in the business. The second is to debt. Remind the initials cope off the governance system and also includes four main points.
01:51
Consider enterprises strategy, consider enterprise goals and apply the carpet goals. Cascade remembered. The escape was so you don't please go back in the bilious and and check it out. Considered the risk profile of the inter press and consider the current related issues.
02:09
The 3rd 1 is real.
02:12
Refine this. Cope off the governance system. This includes seven points to take into consideration. Basically considered the threat landscape.
02:23
I mean, what kind of hackers are there? Are you targeting this business? Because it will not be the same for bank, for example as it will be four. I know a retail. For example. Hackers are looking for different things. Maybe name or recognition or maybe money. So, yeah,
02:40
consider the threat landscape are either are they using up today? Operating systems?
02:46
Are they using fire? Well, are they using? Do they have a D m Z? They have a nice architecture. Define. Do they have an anti buyers? I mean everything that can be a potential threat. You should be considered to consider Act to actually get to know the threat landscape.
03:02
Consider compliance requirements. Do they have business in Europe, For example, they have They have business
03:09
in Central America. In Brazil. Where do they have? Do they have business to choose what compliance need to be done? Do they They handle credit card information. They do. They handle health information. You know, whatever compliance requirements are, do you have to be? You have to consider them.
03:29
Consider the roll off i d. D does. It has to have Ah, good role. Does he have, you know, communicates directly with executive management or is just putting out fires? Every *** it, then you know, kind of a technical role
03:46
considered the sourcing model. Do they hire the cloud? Do they have on outsourcing support center, for example, What sourcing model they have
03:58
Consider I t implementation methods that they use our age l A jail. Do they use scrammed? The years? I don't know. Whatever method is you have to consider it
04:09
and consider the enterprise its size. Is it large? Is it a startup? Work size is the enterprise.
04:17
And consider the IittIe adoption strategy. Do they move first in the in the market? I mean, do they go to the events and they buy the technology right away? Or do they wait for the technology to sell to settle in and have a couple of years? You know, so they can see how it works
04:34
and finally conclude the government system to sign.
04:39
He has two points, which is resolved priority conflicts and conclude the governance system design
04:48
the difference. That stage is that we just saw and steps into the same process were assaulted in recommendations for priority that prayer precise and privatizing. I'm sorry. Governance and management operatives are related governance system components for target capability levels or or for adopting a specific,
05:08
you know, governor insistent components
05:10
or, you know, change. Or at this government system components. Some of these steps are sub steps. My result in conflicts, conflicting guidance, which is you know, you cannot abide that, you know, when considering a large number of the sign factors, maybe did same factor. It's actually helping this business goal, but it's actually
05:30
messing up this author business school. So there's something you have to
05:32
see common.
05:34
It is recommend to pull our, you know, all guidance obtained during the different steps on a signed landscape and in the last stage of the design process, resolve the conflicts amongst the elements of the design landscape.
05:48
There's no magic formula here, it guys, you have to work hard and, you know, try to be given an order as much as possible. And, you know, see mm eyes here to help you as well.
06:00
The final design will be case by case decision, based on all elements on the sign landscape. Like, for example, of you come across with two decisions are two processes or two signs that will, you know, interfere with each other. You have to
06:16
take into consideration the benefits off, going with one or the other.
06:21
The risk they, uh, you know, the culture acceptance that will be from this projects or this implementation off this the design guides.
06:32
By following these steps enterprise, we realized governance system is sailor to their nets. I mean, whatever your result is I assure you, even for our business that is coming, you know your competitors or is working in the same business child well, it will not be the same result.
06:51
What's the first step in government system designed flow?
06:56
Ah, well, the first step is to understand the enterprise context on a strategy. This includes four points, which is understand at enterprises strategy. Understand the enterprise goals, understand the risk profile and understand the current I T related issues.
07:12
In one step of the governance system, designed workflow is included that considered the enterprise size point well is included in the third point, which is refined the scope off the governance system.
07:28
In today's video, we discussed covered governance system designed workflow
07:33
against supplemental materials, not none other than they I sacha guides. Well, that's it for today, folks. I hope you get the video and talk to you soon.

Up Next

COBIT

This COBIT 2019 training course will prepare students to successfully attain the COBIT 2019 certification. Students will learn to implement governance and management concepts within organizations to help minimize the gap between business and IT.

Instructed By

Instructor Profile Image
Alejandro Guinea
CERT Regional Director
Instructor