Page 29 - Courses
P. 29

IT Essentials — Introduction to IT
            Risk Management
            A process to identify, assess, manage, and control potential events or situations to provide
            reasonable assurance regarding the achievement of the organization’s objectives.

            Understanding IT Operations

            IT operations refer to the department or area in an organization (people, processes, and equipment)
            that performs the function of running the computer systems and various devices that support the
            business objectives and activities. These activities include executing routine tasks related to the
            infrastructure and networking operations. It is not uncommon for IT operations to provide help desk
            support, password reset assistance, network services monitoring, desktop support, and job
            scheduling. IT operations is a cross-functional, essential service provider to the entire organization.

            IT operations’ overarching goal is business enablement — it creates value, enables almost all core
            business processes, innovates and supports critical strategies, and supports internal devices and
            applications.

            Common Objectives

            Common objectives include:

               •  Deliver IT services timely, reliably, securely, and in compliance with legal and regulatory
                   requirements.
               •  Protect data and information assets against breaches of confidentiality, integrity, and
                   availability.

            Achieving IT operations’ overarching goal and objectives requires skilled management and good
            governance.

            IT Governance

            IT governance refers to the leadership, structure, and oversight processes that ensure the
            organization’s IT supports the objectives and strategies of the organization.

            Leadership and Structure

            In most organizations, chief information officers (CIOs) and/or chief technology officers (CTOs) are
            responsible for managing and ensuring delivery of IT services and data access across the enterprise,
            and must enable the organization while tactically balancing and optimizing the direction of IT
            strategies and architectures. CIOs should consider their organizational peers and related business
            units as customers or clients. In many large organizations, IT follows a “partnership” model in which
            the CIO manages and oversees internal and external service providers that are expected to deliver a
            seamless experience to the organization.



            Copyright © 2020 by The Institute of Internal Auditors, Inc. All rights reserved.
   24   25   26   27   28   29   30   31   32   33   34