THIS CHAPTER COVERS Information Technology (IT); project management; risk management including economic, social, cultural, and technology risk management; software quality-control management; the management of the IT infrastructure; alternative IT architectures; and configuration and the management of IT delivery (operations) and support (maintenance). Performance measurement and reporting and the IT balanced scorecard are also covered, as are the use of outsourcing, the implementation of IT quality assurance, and the socio-technical and cultural approach to management.
Control Objectives for Information and Related Technology (COBIT®) defines control over the IT process as involving the need to “determine the technology direction to support the business. This requires the creation of a technological infrastructure plan and an architecture board that sets and manages clear and realistic expectations of what technology can offer in terms of products, services and delivery mechanisms.”
IT staff require specialist expertise and skills in order to develop a technology infrastructure plan. The impact of emerging technologies must be taken into account and validated in order to identify anticipated deviations from the plan. The development and maintenance of a technology infrastructure plan is not to be taken lightly. The infrastructure must be responsive to change and human resources strategy must also be aligned with the technology direction ...