MJ Blogs

ITIL Definition Information technology infrastructure library ITIL is basically for them who deliver IT services-----M. imp. line ITIL in short is " How IT can provide better value to business " HOW???????? ITIL describes life cycle, processes, procedures, tasks, functions and checklist that are not organization specific-  i.e.  [ Good and bad practices material gathered and documented (because it is a library) are based on years of experiences by the IT practitioners designed for any information technology service delivery model.] It is used by organisations to establish integration with company vision and strategy (by continually improving as well as changing services provided by company) focused on delivering services that are of value and importance while maintaining its costs and risks. It allows the IT organisation to establish a baseline from which it can plan, implement and measure its services to its customers and ensure continual improvements. It

Chapter 1 Concepts of governance and management of enterprise IT DIFFERENCE BETWEEN IT GOVERNANCE AND GEIT According to our study material, IT Governance refers to the system in which directors of the enterprise evaluate, direct and monitor (First they evaluate i.e. form an opinion, then they direct i.e. what should be done and then in last they monitor i.e. what should be done is actually being done.)  IT Management to ensure  effectiveness, accountability and compliance  of IT. My dear friends, note the line (effectiveness, accountability and compliance of IT) i.e. only of IT. Now what is GEIT???? lets start with a definition..... GEIT is the system by which IT activities in a company are directed and controlled to achieve business objectives with the ultimate objective of meeting stakeholders needs.  And as given in earlier post  Corporate Governance  is a system by which  company  is  directed and controlled  to achieve objectives of increasing stakeholder

Chapter 1 Concepts of Governance and Management of Information Systems Risk Management There are various sources of risks  Commercial and legal relationships Economic circumstances Human behavior Technology and Technical Issues Political Circumstances Natural Events Management activities and controls Individual activities Characteristics of Risks There are various characteristics of risks. Risk have Loss potential that exists as the result of threat. Uncertainty of loss expressed in terms of probability of such loss and likelihood of threat agent causing a specific attack against a particular system. There are various Risk Related Terms that i think you can read from your study material provided by ICAI.                                                        RISK MANAGEMENT IN COBIT 5 As we have already discussed in previous post that COBIT 5 have governance process and management process. Here, under risk management governance process ensure risk optimizati

CHAPTER 1 Concepts of governance and management of information systems COBIT 5 Process Reference Model COBIT 5 Process Reference Model subdivides the IT related practices and activities of enterprise into 2 main areas One is Governance and second is Management. Governance Area Governance area have five governance processes and within each process Evaluation, Direction, Monitoring processes are defined. Management Area This area is further divided into domains of "Processes". Management domains are inline with responsibility areas of PLAN, BUILD, RUN AND MONITOR.

Ch 1 Concepts of Governance and Management of Information Systems Part 5 In this session we will talk about seven enablers of COBIT 5 which is also Principle 4 of COBIT 5.  So, we are talking about Principles, Policies and framework in resources areas, organizational structure, processes and culture i.e. A Holistic View. 1.) Processes: Describe an organised set of practices and activities to achieve certain objectives ( i.e. business objectives) and produce a set of outputs ( output may be a product or service) in support of achieving overall IT Related Goals. Whats the meaning of above highlighted line Output should be achieved so that IT related goals will be achieved because FINAL goal of IT is also the output enterprise desire. 2.) Organizational Structure: are all key decision making entities in an organization. 3.) Culture, Ethics and Behavior of Individuals and of organization, very often underestimated as a success factor in governance and

Ch 1 Concepts of governance and management of information systems Part 4 Other Principles of COBIT 5 Principle 2 Covering the enterprise from end to end COBIT 5 addresses the governance and management of information and related technology from an enterprise wide end to end perspective It covers all functions and processes. COBIT 5 doesn't focus only on IT Function but treats Information and related technologies as assets that need to be dealt with just like any other asset by everyone in the enterprise. Principle 3 Applying a single integrated framework COBIT 5 aligns with latest relevant other standards and framework used by enterprises like ISO 27001. This allows the management to use COBIT 5 as the comprehensive governance and management framework integrator. Principle 4 Enabling a holistic view COBIT Enables a holistic view by using 7 enablers of COBIT 5. ( word enabling here refers to enablers that we will discuss later) Principle 5 Separati

Chapter 1 Concepts of Governance and Management of Information Systems PART 3 As we have already discussed about basics of governance. Now this is time to understand one of the most important topic of this chapter. COBIT 5. Control objectives for information and related technology (COBIT 5) . It is developed by "Information System Audit and Control Association" (ISACA), USA. What is COBIT 5. ( This para is for basic understanding of term) Why and Purpose? Its purpose is Shareholders value creation and goal achievement. How? Through good governance and management of IT assets. Why of IT Assets? Delivering enterprise stakeholders value requires good governance and management of IT assets.  Therefore, enterprise board, executive and management have to embrace IT like any other significant part of the business. COBIT 5 is a Governance as well as Management model. Under governance comes  * Evaluation * Direction Setting  * M

CH 1 Concepts of Governance and Management of Information Systems PART 2 Corporate Governance and IT Governance As we have already discussed Corporate Governance. Definition of IT Governance is derived from definition of Corporate Governance as follows- IT Governance is the system by which IT Activities in a company or enterprise are directed and controlled to achieve business objectives with the ultimate objective of meeting stakeholders needs. Therefore IT Governance is a subset of Corporate Governance. Benefits of Governance 1.) Achieving enterprise objectives i.e. value creation. 2.) Transparent Framework for decision making. (Because jobs are assigned i.e. decision making accountability and also because of single point responsibility) 3.) Desirable Behavior in the use of IT and IT resources. 4.) Implementation and integration of desired business processes into the enterprise. 5.) Providing stability in the organization. 6.) Improving customer satisfaction and bus

Ch.1 Concepts of Governance and Management of Information Systems Basics WHAT IS GOVERNANCE?????? Governance= To Control, To Regulate, To Rule Establishment of polices and continuous monitoring of their proper implementation by the members of governing body of an organisation. It includes the mechanisms required to balance the powers of the members (with the associated accountability) and their primary duty of enhancing the prosperity and viability of the organisation. Analyse from the point of view of government. Govt. is basically for governance. Govt. establish polices and then monitor their implementation.They also have some powers and responsibilities. Now we need to understand the difference between three terms  *Governance *Corporate Governance *Enterprise Governance Enterprise Governance is set of Responsibilities and practices exercised by the Board and Executive management (i.e. BOD and CEO) for      1.) providing strategic direction

Chapter 8 Emerging Technologies PART 3 CLOUD COMPUTING MODELS We will discuss each model one by one in detail. FIRST MODEL SaaS (Software as a service) Just think that you need not to install a software on your system. All we have to do is to go to the website of service provider to use that software. i.e SaaS provides users to access large variety of applications (i.e. Software) over internet that are hosted on service provider's infrastructure. for eg: Pixlr.com, google docs. SECOND MODEL IaaS (Infrastructure as a service) IaaS provides computers, more often virtual machines and other resources (Storage Space) as service. Lets clear this topic with some examples; Amazon EC2 (Amazon Elastic Compute Cloud) Using Amazon EC2 eliminates your need to invest in hardware up front, so you can use Amazon EC2 to launch as many or as few virtual servers as you need, configure security, networking and manage storage. Take another eg; like gmail.com provides us st

Chapter 8 Emerging Technologies PART 2 Goals of Cloud Computing 1.) Pooling of resources: It means common resources can be shared between many users. 2.) Cost: Cost of using cloud are aligned to what resources are actually used. 3.) Highly efficient IT system: why??? because of load balancing feature. (Read part 1) 4.) Anywhere Access: Applications can be accessed from anywhere using internet. 5.) Cost Effectiveness: Due to pay as you use feature. 6.) Scalability  Cloud Computing Architecture Cloud Computing architecture means the overall structure of the cloud system, which consists of many hardware and software resources put together.  It consists of front end and a back end. FRONT END Client + Application part (see diagram) = Which are needed to access cloud computing system. Theses can be different for different service providers. ( remember API Discussed under part 1) Front end can be specific client applications or web browsers. Like Ins

Chapter 8  Emerging Technologies PART 1                                                                     Cloud Computing What is Cloud Computing? As the name suggest, it is Computing done through internet. Its a combination of SOFTWARE, HARDWARE AND NETWORK. It provides anywhere access. Imp. pts:  1.)  Location of physical resources may not be known to user. 2.)  Pay as you use.  It provides simple front end interface like web browser. For Eg. Google Apps Now two terms will be used in this chapter. DYNAMIC VS. SCALABLE. Dynamic: Which can be changed as per need. Scalable: Which can be expanded as per need. For eg; Most Cloud Service providers will allow you to increase your existing resources to accommodate increased business needs or Changes . This will allow you to support your business growth without expensive changes to your existing IT Systems.                                                                                         CLOUD COMPUTING V