Chapter 11. Management
This chapter covers Information Technology (IT); project management; risk management including economic, social, cultural, and technology risk management; as well as software quality control management; the management of Information Systems (IS) infrastructure; alternative IT architectures, and configuration and the management of IS delivery (operations) and support (maintenance). Performance measurement and reporting and the IT balanced scorecard are also covered as are the use of outsourcing, the implementation of IS quality assurance, and the sociotechnical and cultural approach to management.
IS Infrastructures
Control Objectives for Information and Related Technology (COBIT®) defines control over the IT process as involving the need to “determine the technology direction to support the business. This requires the creation of a technological infrastructure plan and an architecture board that sets and manages clear and realistic expectations of what technology can offer in terms of products, services and delivery mechanisms.”
IT staff require specialist expertise and skills in order to develop a technology infrastructure plan. The impact of emerging technologies must be taken into account and validated in order to identify anticipated deviations from the plan. The development and maintenance of a technology infrastructure plan is not to be taken lightly. The infrastructure must be responsive to change and human resources strategy must also be aligned with ...
Get Auditor’s Guide to Information Systems Auditing now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.