Dent Del Inc - homework guide PDF

Preview

Summary

homework guide...

Description

Running head: COBIT AND THE IT GOVERNANACE

COBIT and the IT Governance Student’s Name Institutional Affiliation

1

COBIT AND THE IT GOVERNANACE

2

Information technology has been the reason behind the success for most organizations. Several enterprises and organizations are faced with the pressure of an effective risk management, regulatory compliance, and the efficient management of various business processes. IT enables an organization to maximize its shareholder’s value. Additionally, COBIT 4.1 provides an efficient and effective governance framework, which enables an organization’s management to bridge various business risks, control requirements, and the technical issues that affects the business operation. In this way, it increases organization’s value that is derived from the information technology. Overview of DentDel Inc. Case The organization management is contemplating on the system development that will be utilized to ease the placement and reception of dental supply orders from various dentist across the region. Such systems will cut down the cost involved in the manual response and placement of orders. Due to the critical conditions in which the firm is in, Chuck- director of system development, Cedric – the chief information officer, and Sarah- the president of sales decided to rush into the adoption and implementation of such systems (with the cost estimate of $20M) without a thorough background check, risks assessment and the involvement of the organization’s executive management ( CFO, CEO, and COO). In the first phase of the implementation process, the project failed to meet the required thresholds and was already experiencing several technical issues. Question 1 The system implementation challenges faced by the team can be attributed to several process, among them are the risks management function and the audit and assurance process.

COBIT AND THE IT GOVERNANACE

3

Audit and assurance are part of the COBIT framework, which provides that an organization should perform an extensive system audit and provide assurance report before adoption or implementation. Risks management function on the other hand required inclusive approach in the risk management process in an organization. Therefore, in the DentDel case, the above processes, the risk management process and the audit and assurance were not effective or rather not properly followed. For instance, the technical issues experienced by the team in implementing the system, could not have occurred or experienced is a proper system audit was done prior the adoption and implementation. Additionally, the internal audit could ease the process, however, the disclosures were extremely limited and thereby leading to the challenges in the implementation process. For instance, the project was already experiencing a loss of $4.5M since the actual cost incurred in the initial stage escalated to $8M against the budgeted $3.5M. This indicates that the management ignored the proactive management of the project and employed a reactionary approach. The process also exhibited the lack of proper management of risks. This is due to the fact that the project was implemented without a proper risk analysis on its adoption and viability. Additionally, the implementation of the project was hastened without a prior consultation with the executive management. The organization’s CEO, CFO, and COO were not consulted. Involvement of CFO and CEO in the process is very critical since it helps in determining the project’s underlying risks. Moreover, the implementation team the internal control mechanisms or measures, which could have helped in the management and control of security breaches in the system. Question 2

COBIT AND THE IT GOVERNANACE

4

Despite the fact that the project was implemented in an irregular manner, DentDel Inc. can take various measures and steps to analyze the project’s critical situation. Such measures can cushion the organization from further losses incurred from the project. Among the critical measures that should be adopted by the management is to convene a meeting with the project steering committee. The committee member together with the management will carry out the project assessment in order to understand the facts and findings underlying such project implementation. After a thorough analysis, the committee shall report the findings together with the recommendations. During the project assessment, the team will assess compliance and the audit rules. This ensures that all the relevant implementation rules and disclosures are followed. For effective assessment of the situation, the team should create and follow the action plan. Action plan provides a roadmap in which the project issues will be assessed and addressed. The action could the following: Project assessment Action Plan i)

Identification of the Assessment team, which will include experts and the organization management

ii)

Assessment of the project

This involves analyzing the project to identify whether the regulatory requirements before its acquisition and implementation. It also includes carrying out a background check to identify its viability, costs associated, and its relevancy to the organization. iii)

Compiling report and findings

COBIT AND THE IT GOVERNANACE

5

Involves the aggregation of the findings and drafting recommendation. This recommends the appropriate measures, in line with the COBIT framework, that the organization should use in implementing the project iv)

Budgeting – allocation of financial resources

v)

Resources allocation

vi)

Implementation – based on the comprehensive COBIT framework.

vii)

Evaluation. This will involve project assessment to check whether it conforms to the expectations as well as the project’s standards.

Question 3. Effective implementation and compliance to the COBIT framework will prevent or control the project failures. These COBIT components include, effective compliance and implementation of internal controls, proper project authorization, and efficient risk management. The case at DentDel, shows that the project did not receive an express authorization from the executive management before its adoption and implementation. In this case, executive team did not play their role and therefore, the project experienced several technical issues. Therefore, involvement of the executive is key as it prevent various risks. On the other hand, internal controls were not applied and therefore, the project failed. Expenditure exceeded the budgeted one meaning it lacks the cash flow controls thereby leading to losses. Internal control should be effectively implemented to prevent such failures from further occurring. Risk management strategies should also be implemented. Risk management help in assessing and detecting project risks thereby enabling the development of proper control

COBIT AND THE IT GOVERNANACE

6

mechanisms. Performance management is also key as it helps in regulating the costs incurred in the implementation of the project....