one of the focuses of the co bit framework is on Stakeholders
cope. It defines who the stakeholders are and what they bring to an overall i t governance program.
So in this video we will talk about who the stakeholders are in a nightie governance program
as defined by co bit thes air major stakeholders that should be considered and included in the design, implementation and monitoring of a governance system.
We will also talk about the responsibilities of stakeholders and why these stakeholders are necessary.
So we mentioned this in module one,
the board of directors.
The board of directors is important for a nightie governance program and that they will deliver insights on how to obtain value from i. T.
The responsibility of the board is to set the strategic direction of the business and the governance system.
They fall under the governance category where the direction ISS set and management will execute that vision
and objectives to derive maximum business value.
Executives are another stakeholder included in the Corbett framework.
Their role is to give guidance on how to organize and monitor the performance of informations. Resource is and systems.
Ultimately they're providing high level guidance and doing the executing of the strategic direction that is set by the governance body.
The next level of stakeholders are business managers.
Their primary responsibilities include how tow obtain I T solutions and how to use new technology for strategic opportunities set by the governance or board of directors.
They provide a more hands on approach to give guidance on how to go about actually getting the needed technology and how it can be used for the business strategy and opportunities and business goals.
I T managers will provide guidance on how to build and structure the I T department and manage the performance of I T. To ensure that they stay aligned with business goals and objectives.
They will be running the I T operations, ensuring constant alignment of i t. Strategy to business strategies set by senior leaders.
So do you see how it's going from a high level to a more hands on and technical approach?
Who do you think would be the main stakeholder for a nightie governance program In your organization?
There may be ah, few or there may be a lot, but it varies on your specific organization and your structure and your culture and more
assurance providers are also stakeholders. In the I T governance process,
assurance providers managed the dependency on external providers like ISPs and third party vendors.
They're ultimately ensuring there's assurance over i t, meaning that a third party does not have total control over and enterprises I t systems.
If the business starts to lose its control over I t Resource is to another party, it could result in tangible or financial and intangible or reputational losses.
Essentially, assurance providers are ensuring effective and efficient system of internal controls over I T and external service providers.
The risk management team is another stakeholder that will identify and manage I t related. Risk
their stakeholders in the I t governance process because they're managing the risks that I T systems inevitably bring to an organization.
Remember, Kobe is a framework that optimizes risks to align with the risk appetite of the business.
Subsequently, risk managers are inevitably going to be stakeholders in the i T governance process.
So let's not forget there are external stakeholders
cope. It defines them as regulators, business partners and I T vendors.
Regulators are a form of an external stakeholder in that they ensure compliance with rules and regulations.
They're focused on managing and maintaining compliance within an organization.
A prime example of this could be auditors that ensure compliance with standards like ISO 27,001 or with regulations like with HIPPA.
They can be considered a stakeholder in the I T governance process because they're making sure you are remain compliant with the laws and regulations you are subject. Thio
Business partners are another form of stakeholders defined by co bit.
Your I T governance program should have a way of managing business partners and making sure that the third parties you conduct business with our secure, reliable and compliant with laws and regulations they're obligated to comply with.
Don't forget to include third parties in your I T governance system.
I T vendors are another external stakeholder that should be encompassed by your I T. Governance program.
Just like with your business partners, make sure your I T vendors are secure, reliable and compliant with laws and regulations.
If they're working with your data or manage your business processes that interact with data, make sure they are secure.
Maintaining confidentiality of information is essential for your business and to remain compliant with laws and regulations.
You also want to uphold integrity and availability of re sources and data by ensuring that your I T vendors are reliable.
So in this video we talked about who the stakeholders are in the Corbett framework and what the's stakeholders contribute to a government system.