alfabet - IT Planning and Management

Download list
|
Amount:

Products

Infobox

  • Product information
    Download add to Download list
    IT Master Planning

  • White papers
    Download add to Download list
    Decision Support for Managing the Enterprise Architecture

Product Tour

Play Compliance Management Tour


Compliance Management


Compliance Management

In its responsibility for ensuring compliance in the enterprise, IT has the task of scoping compliance-relevant systems, eliminating any risks posed to the systems, determining responsibilities for compliance evaluation, continuous monitoring, documentation and assessment of the compliance-relevance of system changes, and reporting changes to the compliance or risk management office. It is an on-going exercise in controls assessment in the evolution of a corporation’s IT landscape. In learning to anchor control processes and objectives into the IT architecture, enterprises will be able to identify and assess risk more effectively and achieve greater efficiencies in compliance control.

As part of their compliance efforts, enterprises identify and define the critical questions that need to be answered to be compliant. These ‘controls’ are typically combined into control sets usually representing the controls required by specific issues (e.g., SOX, Basel II or COBIT) or internal control levels such as system internal audit controls, company level controls, application controls and IT general controls. Control sets:

  • define the type of architecture artefacts that are subject to the controls of that set
  • define policies used to determine who is responsible for conducting evaluations on individual artefacts
  • define the metrics used to evaluate the affected artefacts when answering the control questions


planningIT’s Compliance Management functionality allows enterprises to define control sets and thus anchor control processes into the IT architecture. Specific compliance projects are derived from approved control sets. Auditing is conducted on a specific compliance project. It involves reporting on completeness of coverage for the associated control set, reporting on completeness of the evaluations in the compliance project, and compliance level of evaluated artefacts.


This product tour demonstrates how planningIT helps organizations:

  • anchor control processes into the IT architecture
  • achieve greater efficiencies in compliance control
  • identify and assess risk more effectively



Watch this planningIT tour on www.youtube.com.

Quick picks