Your All-in-One AI-Powered Toolkit for Academic Success.

+13062052269

info@desklib.com

Available 24*7 on WhatsApp / Email

Company

Tools

Support

IT Frameworks and Controls

Verified

Added on 2023/06/05

AI Summary

This article discusses IT management frameworks such as COBIT, ITIL, and PMBOK and how they can be used to align IT operations with business goals. It also covers the advantages of integrating IT into business processes and the importance of IT security.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running Head: IT FRAMEWORKS AND CONTROLS
IT FRAMEWORKS AND CONTROLS
Insert Your Name Here
Insert Your Tutor’s Name Here
Institution Affiliation
Date

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

IT FRAMEWORKS AND CONTROLS
IT Management Frameworks
There is quite a number of Control Frameworks in IT. These frameworks include COBIT, ITIL
and PMBOK (Medium, 2018). These frameworks are very useful in the businesses, as they help
in controlling the businesses. Each framework has its own advantages in a business.
COBIT is a framework for information technology that was developed by a group called
Information System Audit and Control Association (ISACA) and Information Technology
Governance Institute (ITGF) in the early 1990s. The current version of COBIT is version 5
(COBIT 5). COBIT provides: a set of accepted measures, indicators, best practices and process.
COBIT was developed to help in the growth of enterprise IT (Resourcenter.net, 2018). It
provided the best practices and working standards that would result into improvement. The major
difference between COBIT framework and the other frameworks is that COBIT mainly focuses
on security, information governance and risk management. COBIT framework has goals that it is
meant to achieve (Rozemeijer and Bon, 2007). COBIT is meant to streamline information
sharing across an organization. COBIT also helps in reaching the corporate goals by integrating
IT into the business strategy. Security in a business is very important and any company would
pay for any cost to ensure that the business is secure. The final goal of the COBIT framework is
to integrate ISACA research and the COBIT framework. The COBIT framework has got five
main components. These components include: The framework, the process descriptions, control
objectives, the management guidelines and the maturity model (Zhang and Fever, 2013).
The framework of COBIT guides the organization through best practices and standard IT
processes and infrastructure (Rozemeijer & Bon, 2008). The framework also helps the executives
in an organization to understand the IT objectives. The process descriptions have got a language
that all people in an organization can understand. This helps to establish firm base for integration
between IT department and the entire department within the organization and outside the
organization. The control objectives offers an overview of the requirements that will help in the
improvement of the IT process in order to help in attaining the business goals. The management
guidelines helps in establishing objectives and assigning tasks and responsibilities across the
organization. Finally, the COBIT maturity models helps an organization to assess the maturity of
their organization and enable an organization to grow and identify problems that might arise in
the business. COBIT 5 is advisable to use by most organizations. The organization should use

IT FRAMEWORKS AND CONTROLS
many frameworks such as ITIL, ISO 2000, IEC 200 or CMI. The organization should also use
the regulatory guidelines. The regulated guidelines are also accompanied by some principles
which lead to a successful completion of a project. The COBIT principles include: meeting key
stakeholder needs, cover the enterprise end-to-end, encourage approaches to business and move
governance away from management.
IT Infrastructure Library (ITIL) is also a framework that IT service in the management in an
organization. The ITIL is a public framework for governance of IT. ITIL was developed by
Britain’s Central Computer and Telecommunications Agency (CCTA), which is currently known
as Office of Government Commerce (OGC). ITIL tends to mainly focus on the quality of IT
service delivered. Quality IT services leads to may benefits in an organization in their business
processes. The benefits include: increased customer and user satisfaction, availability of services
and therefor resulting to big profit margins, improved time to market the produce and services
and better decision making thus minimizing the risks in an organization (Itinfo.am, 2018).
The structure of ITIL has five core components. This components include: the service strategy,
service design, service transition, service operation and continuation of service improvement.
The service strategy gives the guidance on how to view a service. The service strategy include:
the developments of service markets, service assets and the implementation of a strategy ("ITIL
refreshed", 2007). The use of service strategies leads to the improvement of the business
strategies. The service design provide the blueprint for delivering the organization objectives.
The service design provides guidance for the design and development of management services.
Service design also includes the changes and the improvements that are necessary to increase and
maintain value to customers in the process of delivering services and products to the customers
(Alojail and Corbitt, 2016). The service transition gives the guidance that is required in the
improvement and the capabilities o changing into a new service operation. The service transition
tend to merge the practices in change, configuration, deployment and risk management. The
service operation enhances the management of daily operation services. It aims at achieving the
efficiency and effectiveness of the business processes. The organizations are given the guidelines
on providing support on the daily operations and to help in the decision making. Finally, the
continual service improvement provides the guidance on how to bring more customers and
maintain the current customers. This result to greater profits and revenue in organizations.

IT FRAMEWORKS AND CONTROLS
The other framework is PMBOK. The framework is mainly used in the project management. In
IT projects, it is necessary to manage the projects. There are various areas that require
management such as in managing integration, managing scope, managing time and schedule,
managing costs, managing quality, managing human resources, managing communication and
managing risks (J.D. Meier's, 2018).
Management integration enable all the modules being developed in a project to move
collectively. This help in monitoring and controlling the changes made in a project. Every scope
need s to have a defined scope. The entire scope must be broken down in order to be worked on
in small manageable sections. This will enhance easy controlling of the project (Fernández-Parra,
Garrido-Saroza, Ramírez-Martínez & Perdomo-Bello, 2016). PMBOK helps in managing costs
in the resource planning, budgeting and cost estimating. PMBOK helps in managing quality of
the project. Service resource management enhances team work in project development. It also
enhances team work hence faster completion of IT tasks. Communication is also enhance using
this framework. Communication is very important in a project development (Opentextbc.ca,
2018). The communication enhance proper planning, information distribution and reporting on
the performance. The framework helps in risk management too. PMBOK leads to faster
completion of projects that are of high quality.
Aligning IT operations with the business goals
Usually a weak IT strategy in a business will always lead to a business failure. It is advisable to
have a well analyzed IT strategy that will help in attaining the business goals more efficiently
and effectively. The IT operations are meant to help the business to improve on achieving their
goals compared to the traditional methods. Most businesses today have implemented the IT
infrastructure and operations in their business (Laware, 2009). These process of implementing
the IT infrastructure and operation into a business has to be well analyzed and ensure that the
business will meet the business goals. A weak IT implementation will be costly and time
wasting. In an organization, the resources are constrained and they operate with a minimal
budget, tools and people. Therefore the implementation of the IT operations and infrastructure
should be less expensive and time saving. The IT strategy should be in a position to meet the

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

IT FRAMEWORKS AND CONTROLS
goals in business. The first goal is that the IT implementation should do the right things with the
technology to meet the business priorities and offer high value services to the business and the
customers. Secondly, the IT department should make the right technology investments. This will
ensure that the software the IT personnel choose for the business are affordable and will have a
great advantage in the business. Thirdly, the IT infrastructure in use should be flexible to
continuous support and accommodate the future growth of an organization (Isal, Pikarti,
Hidayanto & Putra, 2016). The IT infrastructure and the operations should be properly managed,
secure and able to support all the organization clients’ .The IT operations should be cost effective
in the business (Mark McManus, 2018).
Aligning IT to business goal is achievable by using a systematic approach that translates the
business model into a set of service oriented programs. Service Oriented Modelling and
Architecture technique tends to provide a great analysis and design methodology to attain the
SOA solution. SOA application is design to ensure that that system provide the right service to
the consumers and the providers. SOA is aligned with the business goals and processes. It
enhances the automation of the business processes that are supported by the business
components. IT infrastructure tends to align with the business processes by using an architecture
(Dodani, 2008).
An IT strategy is required to be interactive with the business processes in order to achieve the
business goal. The IT strategy is iterative thereby need to review often due to the rapid
technology changes. The IT strategies should be reviewed annually to ensure that the budget
cycles are met. The emerging technologies have higher chances of enhancing the business
processes (Morton, 2011). This is the reason there is need to frequently review the IT strategies
documented. The IT strategy will enable setting a future direction for the IT function in the
organization. This strategy will ensure that that the IT budget is spent on value enhancement to
the business activities. The IT strategy can be broken down into element which include:
infrastructure strategy, application strategy, service strategy, sourcing strategy, innovation
strategy and the integration strategy (Alzayed & Alraggas, 2014).
Usually the IT supports an organization’s visions and goals. The IT depends on the integration of
business process with IT, the improvement of the technology and innovation. Most of the IT
professional are trying to transform traditional operations in the IT operations for efficiency and

IT FRAMEWORKS AND CONTROLS
effectiveness. There is also an improvement in the IT responsiveness to meet the business
requirements, which results to achieving of the company goals at a faster pace. IT has made the
business operations become more flexible and smoother. This makes the employees to enjoy the
task they are given in an organization.
IT security is another important aspect that has helped the organizations. First, the IT team has to
understand the business and the organization requirements. Security issues is had been followed
in most organizations. There is need to understand the type of customers an organization serves.
Get to understand the main partners of the organization and what they expect of the organization.
The IT team should also understand the relation of the technology and the organization.
Secondly, the IT team should know what to prioritize when it comes to security issues of a
system. The things that deserve prioritizing in security should be solved first. This may include
the login details. An unauthenticated user can login into a system, if, he/she has the login
credentials. This indicates that the login information should be secure and should also be store in
servers in an encrypted format. For financial companies the data is also very critical. The data in
the servers should not be tampered with. Much security and restrictions should be enhanced in
the financial systems. The function in the system should be monitored efficiently and make sure
there are no down times. In case the down times occur the problems are management quickly and
the organization employees will continue with their tasks. When the security process are
enhanced there are high chances of achieving the business goals with the incorporation of the IT
solutions. To achieve the business goals, the business strategy has to be clearly articulated and
documented while considering some of the IT aspects.
Successful cost-control in an achievement for aligning the IT with the business goals. Every
business have clearly defined financial goals. The IT department tend to focus on the cost control
objectives. The technical team measures the IT operations, checking for the success or determine
how the IT projects have reach depending on financial goals set. The task is challenging but
worth it. Also, the efficiency of the IT operations have a complex measuring strategy. The
measuring of the IT efficiency in achieving the business goals has to be planned. The service of
the software is focused on the availability and the ability to integrate with the business process
successfully. To achieve the balance of the IT services and the business goals then, there is need
to carefully understand the effective management fundamentals and the efficient management

IT FRAMEWORKS AND CONTROLS
fundamentals. Usually, efficiency is focus on the service availability and control issues. On the
other hand, effectiveness is based on the IT infrustructure used in the IT operations. The IT
operations services are very useful in marketing the business products and services.
Operational IT organizations and their processes against models
Most companies today have their operation integrated with IT. Before the implementation of the
IT in the organizations there has to be some models that are required to be followed. This models
include Business Layer Model, Application Layer Model, Technology layer Model and other
necessary models. This models are very useful as their help the IT personals to understand
business process so as to successful integrate IT into the organization processes. The Business
Layer model involves the business actors. This includes the employees in an organizations and
the users of the system. The Application Layer Model include the software applications and the
programs that have been integrated in the businesses processes for efficiency and effectiveness.
The Technology Layer Model involves the infrastructure services. This includes the data,
servers, computers and other hardware components and system software (Ullah, Lai &
Marjoribanks, 2013).
The organization that have integrated IT in the business process have some advantages. First, the
organizations communication is enhances. Communication is an important factor to consider in
all companies. Email is the core mean of communication in an organization between the
employers, suppliers and the customers. This is because it is convenient and one can always refer
to the communication anywhere and anytime as long one has access to the internet. Emails is
simple and cheap to use. There are other means of communication that technology has brought
about. They include: voice over internet protocol (VOIP), video-conferencing systems, live chat
systems and use of smart phones. Good communication leads efficiency business process.
Communication is necessary to get update with information (Hamrouni, 2018).
IT helps in data management. Data is important asset in every organization. Every one relies on
data. Some data is confidential. This is information should be secured and should only be
accessed by authorized users of the system developed. The organization documents on the
servers and other storage devices should be instantly available to the authorized employees in an

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

IT FRAMEWORKS AND CONTROLS
organization. These documents should be available everywhere regardless of the location. The IT
implementation in the company helps in companies to store and maintain a lot of data. This data
is analyzed using analyzing tools such as Google Analytics. This analyzed data can be used in
making important decisions for the company.
IT helps in managing the customer relationship. Customer Relationship Management (CRM)
captures the interaction a company makes with its customers (Eurotech,2018). This enriches the
customers’ experience. Customer support is also enhance via live chat, email and many other
forms. In a customer has an issue or needs some support, the support is instant and this will make
the customer remain.
However, the IT operations in an organization may also result to big failure. These shows that
the IT process implementation of such systems went against the business, application and
technology models. First, there was no a clear definition of the project objectives. Failure to
point out objectives clearly will always lead to project failure. For a successful IT project
implementation, there has to be clear objectives. Most people tend to ignore the CRM solution.
There is no doubt the project will not be successful (2018).
Poor planning can lead to an ERP implementation failure. This could disrupt the company daily
activities leading to losses and inconvenience. The time and the resource should be well
budgeted. Failure to plan to make the right time estimates and the resource planning such as
labor and the cost. May result to incompletion of a project due to lack of enough money. The
project development may also take longer than intended hence, inconveniencing the
organization. This is expensive measure for any organization. Proper planning is very important
(Kurleto, 2018). Insufficient training and support is also another factor makes a useless system.
An organization would like to use a system where the employees are offered support when they
need it. This may make the users of the system abandon the system. Support of the system is
necessary in every organization. Failure in not using the model in developing a system may lead
to a system failure. Following the business model, the application model, and the technology
model will help the IT operational organization have the IT operations in the organization
efficient and effective. Aligning IT with business is a top priority. Most business are have
become successful by aligning IT in the business operation but other have also failed because of
fails to use the right strategy. Most CEO have embraced the concept of IT. This has really

IT FRAMEWORKS AND CONTROLS
improved the business operations. Most organization have benefits such as increased revenue,
quality products, making right decision, efficiency and effectiveness in the daily business
operations.
Problems arising from the used of frameworks and their recommendations.
Despite the many advantages an organization may experience from the use of the frameworks,
there are some challenges that one may experience for using these framework.
In COBIT 5 implementation the main challenge is that there are many stakeholders with many
and differing priorities. Usually COBIT 5 requires participation from most of the sectors in an
organization. These includes people such as the directors, senior managers, IT personnel and any
other user who is intended to use the system. With the involvement of all this people with the
different view, there exists a conflict in the process of aligning the goals and the implementation
of the system. The main cause is that some of the stake holders view risk migration as a risk and
others view it as misuse of resources leading to a difference in the commitment. There is also
conflict in communication, poor execution of the system and poor software being delivered. This
problem can be solved by having a measurable plan, enhancing the communication between all
the stake holders and have executive sponsorship. Every stakeholder should be accountable of
his his/her tasks and ensure they are all done. The tasks should be complete within the time
planned. The other challenge is that context changes frequently. The frameworks can only
become useful it they can accommodate the upcoming changes. Most of the changes occurring
lead to the business improvement. For any framework to be successful it must adopt the changes
made. While using the frameworks there is no right or wrong solutions to a problem. Each and
every implementation should to result to solving any problem in an organization. The
stakeholder should not argue of wrong solutions, but should term them as inadequate solutions.
In frameworks there is no consensus about the problem’s solution. The problem can be solved in
any way. This may cause conflicts. The problems should only be solved according to the
organization’s culture and the objectives (Forbes.com, 2018).
Another challenge is that using the frameworks, people argue that the problem is not understood
when they are not able to solve it. This shows that they reason the IT team is not understanding a
problem. It is until they solve it that, it depicts that they understood the problem. Mostly the

IT FRAMEWORKS AND CONTROLS
problem has a lot of interlocking issues. Therefore other issues have to be solved first, in order to
solve the main problem. A solution to this challenge is that the team should have different views
in solving the problem and look at the best solution from all the views of the problems and the
suggested ideas on how to solve the problem. These problems should be given alternate
solutions. In some cases there is no solution but in other cases there is more than one way to
solve the problem. The team should think with creativity on how to solve the problem. All ideas
given should be evaluated by the entire team and the find the best solution to the problem (2018).
Also, there is no definitive formulation of a problem. The explanation of a problem teds to differ
in most cases. The problem definition usually explains the nature of a problem. Poor definition
of a problem could lead to a poor solution. This solution is not helpful o the organization. There
should be the use of GEIT in order to point out the underlying issues that may require to be
solved first. Then the team will understand the whole problem and the depth of the problem. In
this way the problem will be solved permanently.
ITIL has challenges that may also frighten the managers away. ITIL can leave the IT operations
obsolete and irrelevant. To solve this challenges, the ITIL should train or bring skill sets in the
organization. This will help the employees in organization understand the framework. Worries of
ITIL could have rigid process. The ITIL is flexible in the process therefore it’s more effective.
The other challenge is the process selection challenge ("Top 5 reasons why ITIL
implementations don't happen by the book", 2018). ITIL has more than 20 processes within the
framework. To solve this challenge the organization is required to identify and prioritize the
most importance service and the associated processes. ITIL is also complexity. Some people tend
to fear the complexity of ITIL. The framework is complex since there was some functionality
added to ITIL. ITIL is not a standard. The changes made were meant to increase the efficiency,
communication and collaboration (Mar, 2018).

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

IT FRAMEWORKS AND CONTROLS
References
(2018). Retrieved from http://liacs.leidenuniv.nl/assets/2011-19LudmilaSobolewska.pdf
(2018). Retrieved from http://www.isaca.org/Knowledge-Center/Research/Documents/COBIT-
Focus-Seven-COBIT-5-Implementation-Pitfalls-to-Avoid_nlt_Eng_0418.pdf
Alojail, M. and Corbitt, B. (2016). Does the ITIL Service Quality Framework Improve
Outsourcing Relationship Outcomes?. Journal of Advanced Management Science,
pp.452-456.
Alzayed, A., & Alraggas, B. (2014). The Alignment of Information Technology and Business
Strategy in the Kuwaiti Companies. International Journal Of Computer Applications,
101(7), 39-45. doi: 10.5120/17702-8694
Design Principles for a Robust Operating Model. (2018). Retrieved from
https://www.bain.com/insights/design-principles-for-a-robust-operating-model/
Dodani, M. (2008). Aligning IT to Business Through Architecture. The Journal Of Object
Technology, 7(6), 1. doi: 10.5381/jot.2008.7.6.c4
Eurotech , (2018). Retrieved from https://www.eurotech.com/attachment/download?id=105
Fernández-Parra, K., Garrido-Saroza, A., Ramírez-Martínez, Y., & Perdomo-Bello, I. (2016).
PMBOK y PRINCE 2 similitudes y diferencias -PMBOK and PRINCE 2, similarities and
differences. Revista Científica, 3(23), 111. doi: 10.14483/udistrital.jour.rc.2015.23.a9
Forbes.com, F. (2018). Retrieved from
https://www.forbes.com/sites/barrylibert/2018/01/18/companies-fail-at-transformation-
by-focusing-on-optimization/#67e9603f1efe
Hamrouni, W. (2018). 5 of the Biggest Information Technology Failures and Scares. Retrieved
from https://www.exoplatform.com/blog/2017/08/01/5-of-the-biggest-information-
technology-failures-and-scares
Isal, Y., Pikarti, G., Hidayanto, A., & Putra, E. (2016). Analysis of IT infrastructure flexibility
impacts on IT-Business strategic alignment. Journal Of Industrial Engineering And
Management, 9(3), 657. doi: 10.3926/jiem.1916

IT FRAMEWORKS AND CONTROLS
ITIL refreshed. (2007). ITNOW, 49(4), 17-17. doi: 10.1093/itnow/bwm007
Itinfo.am. (2018). Information Technology Infrastructure Library (ITIL) Guide. [online]
Available at: http://www.itinfo.am/eng/information-technology-infrastructure-library-
guide/ [Accessed 29 Sep. 2018].
J.D. Meier's. (2018). Project Management Body of Knowledge (PMBOK) Framework. [online]
Available at: https://blogs.msdn.microsoft.com/jmeier/2012/01/29/project-management-
body-of-knowledge-pmbok-framework/ [Accessed 29 Sep. 2018].
Kurleto, M. (2018). 10 Reasons why your new IT system implementation failed - Neoteric.
Retrieved from https://neoteric.eu/10-reasons-why-your-new-it-system-implementation-
failed/
Laware, G. (2009). STRATEGIC BUSINESS PLANNING Aligning Business Goals with
Technology. Journal Of Information Systems Management, 8(4), 44-49. doi:
10.1080/07399019108965010
Mar, A. (2018). 9 ITIL Implementation Challenges. Retrieved from
https://arch.simplicable.com/arch/new/10-ITIL-implemenation-challenges
Mark McManus, C. (2018). Aligning IT Operations With Corporate Goals. Retrieved from
https://www.computerworld.com/article/2571817/it-management/aligning-it-operations-
with-corporate-goals.html
Medium. (2018). Enterprise Architecture & Frameworks -TOGAF, ITIL, COBIT, PMBOK.
[online] Available at: https://medium.com/@arindey/enterprise-architecture-frameworks-
togaf-itil-cobit-pmbok-88a3e4dca82c [Accessed 29 Sep. 2018].
Morton, K. (2011). Running ICT as a business (aligning IT with corporate strategy). Strategic
Direction, 27(9). doi: 10.1108/sd.2011.05627iaa.004
Opentextbc.ca. (2018). 4. Framework for Project Management – Project Management. [online]
Available at: https://opentextbc.ca/projectmanagement/chapter/chapter-4-framework-for-
project-management-project-management/ [Accessed 29 Sep. 2018].

IT FRAMEWORKS AND CONTROLS
Resourcenter.net. (2018). [online] Available at:
https://www.resourcenter.net/images/AHIA/Files/2009/AnnMtg/Handouts/C3.pdf
[Accessed 29 Sep. 2018].
Rozemeijer, E. and Bon, J. (2007). Frameworks for IT Management. Zaltbommel: Van Haren
Publishing.
Rozemeijer, E., & Bon, J. (2008). Frameworks for IT Management. Zaltbommel: Van Haren
Publishing.
Top 5 reasons why ITIL implementations don't happen by the book. (2018). Retrieved from
https://www.techrepublic.com/blog/tech-decision-maker/top-5-reasons-why-itil-
implementations-dont-happen-by-the-book-104363/
Ullah, A., Lai, R., & Marjoribanks, T. (2013). A Proposed Model for Business Sustainability
Based on Business and Information Technology. Journal Of Software, 8(11). doi:
10.4304/jsw.8.11.2796-2806
Zhang, S. and Fever, H. (2013). An Examination of the Practicability of COBIT Framework and
the Proposal of a COBIT-BSC Model. Journal of Economics, Business and Management,
pp.391-395.

1 out of 13

+13062052269

info@desklib.com

IT Frameworks and Controls

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Related Documents

Comparison of Governance Models | Report

Professional Practice in IT: A Case Study

4. Professional Practice in IT. Name. Date. Doers your

Towards a New Approach For Combining The IT Frameworks

Implementing COBIT 5 Framework as a mechanism of IT Governance: A Case study of Road Fund Administration

Professional Practice in Information Technology