COBIT Information Owners and Custodians

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

4 hours 7 minutes
Video Transcription
Hello, everybody. Welcome to Lesson 2.3 covered information owners and custodians. My name is all hands are gonna and I'll be instructive for today's lesson.
Learned objectivity of these lessons to identify covets main stakeholders identified the rules and main responsibilities off each rule
identified. What's what. Expertise and knowledge is needed for each rule,
so covered stakeholders, main roles and responsibilities.
One of the main purposes of carpet is to deter mined. I fulfill the stakeholders golds.
This includes the stakeholders for the Egypt by extension stakeholders for corporate governance. Like for example, we first had the boards of directors.
They you know that the main role is to provide insights
on how to get Bali from the use of I T. And explains Rebel realm inboard responsibilities.
Then we have the executive and business manager provides guidance on how to organize and monitor performance of I t across the anther price and also helps to understand how to obtain the IittIe solution enterprise of requires on how
how best to exploit new technology and new strategic opportunities.
Then we have, um I t managers. A team under is basically provide guidance guidance on how best to bill,
instructors of the I T department managed performance off I t. Run an effective and efficient I T. Operation Contras. I t cost a line I t. Strategy to business priorities, you know, and so are
then we have assurance providers
helps to manage dependency or on external service. Is providers get assurance over i t uninsured in our existence often effective and efficient system for internal controls.
Then we have risking management and which, no, as the name suggests, helps to ensure the identification and management of I t related risk. Those could be classified as an internal stakeholders, but we'll have a step external stakeholders.
We can start with regulators. They help us to ensure that the enterprise is compliant with, you know, applicable rules rules on and,
I don't know, maybe frameworks also our regulations, you know, and so on.
Um and you know, they have the right
no governing system in place. They have to ensure that the right government system is in place to manage and sustained complaints.
Then we have the business partners. They help us to ensure that business partners operation are secured, reliable and complain with applicable the rules and regulations like, for example, let's say that we were in the hotel business and, you know, we have a partnership.
Would you know, maybe
all the other service is like food service is, for example, and we need to ensure that or or or guest data is secure. We also need to ensure that when our apartment is handling or guest or our guests data like personal and identifiable information,
they need to be sure that, you know, we need to be sure that our business partners are following
the correct complains levels or implementing the correct
Connor measures to ensure that the data is protected
And finally, we have iittie benders. You know, they help us to ensure that I t vendors operations a swell us, our secure, reliable I complain with applicable rules and regulations. Again, Same thing. Assist us with the business partners. I t benders. We need to be sure that I t benders
actually compliant whatever regulation we need.
Like, for example, if we're going to hire the cloud, I personally have some doubts about the cloud. I mean, well, I know that we all going to be there sometime, but right now,
are we sure that going to the cloud are we going to be complying with every regulation? I have seen cases here that some some of our customers, they their data I cannot leave the country.
So for us, the cloud is not a non option tunes again. We cannot have the customer to give us their data. We have. We even had to, you know, implement local engineers to actually handle that that data, because again, we cannot bring it back to headquarters
s. Oh, yeah, the cloud Just you know, those are
This is just an example of how the level off off,
you know, the control you need to have over over your data are over your I t operations cell Jeff at the cloud. I know. Just give it a second look before you just go blindly, go to the clout.
So a certain level of experience and understanding off the business are required to benefit from the carpet framework. As you can already see,
such expertise and understanding allows users to customize covet principles which are, you know, generic in nature
into Taylor, it and focused guidance for the enterprise taking into account the business context again as I told you at the very first lesson way saw
it is not the same. You know, the covet implementation will not be the same for an e commerce business. Like for a gas station business that they are, You know, they
move in different business context, and you know it's not the same. So yeah, expertise uncovered will ensure that you can turn the those generic
principles into more Taylor principle for your business context.
The stake holders include those responsibilities during the whole life cycle of the government's solution from design to execution.
Indeed, assurance providers can also apply the logic off workflow developing carpet to create ah well sustained assurance program for the business. So in summary,
there are different roles. The role that we mentioned in this lesson are, you know, maybe the main ones, but you can also have several other roles. I mean, the thing is that these are generic nature again. Board of directors can can have several names in your business.
Executive and business management can have against several names.
I have even seen some new
privacy security officer
rolls, and you know you can implement as minerals assed the business requires. So again, these are generic in nature. I have also seen that I T managers divide themselves into operations into security into privacy. So, yeah, again,
Very generic rules harming regulators,
auditors, business partners, I t vendors. All these names are generic,
so you can actually taylor those positions and rolls to your specific
business needs.
What are the two main stakeholders categories? Journal on external. Remember, for example, the question will be is, um,
business farmer on external or an internal stakeholder?
Eastern External Stakeholder.
Why it is important to identify the stakeholders. Andi rules, because at the end you have to define a business context, and you need to understand what are the rolls off each position so you can actually give them?
The ownership and economy led these roles requires. Like, for example, boards of directors are in charge off the governance park, while I t my nine years or business managers or even executive miners could be in charge off the management pork itself. So yeah,
that's why it is important
in this video, we said we described carpets Ming stakeholders and then remain responsibilities again. Bird genetic nature of rose. So you have to tail over those roles, or or those names or those responsibilities your business context.
So supplementary materials again, You guys, I cannot give you any other material or other than the official, and it's simply because you will find all the information needed to actually implement that. Ah, I Sacha has some really good
partnership payments, and you can actually apply to, and it will give you the publication, some of them for free, and you know some of them for a small amount. But believe me, you will. You will not regret about buying this publications. You can not only pass the carpet exam, but also implemented correctly
and your business goals.
Well, that's it for today, folks, I hope in your deberia and took tea soon.
Up Next

This COBIT 2019 training course will prepare students to successfully attain the COBIT 2019 certification. Students will learn to implement governance and management concepts within organizations to help minimize the gap between business and IT.

Instructed By