The external and internal requirements
VerifiedAdded on 2022/09/11
|18
|4322
|21
AI Summary
Assignment attached Report and presentation
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: IS Governance
Information System Governance
Name of Student
Name of the University
Author notes
Information System Governance
Name of Student
Name of the University
Author notes
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1IS GOVERNANCE
Table of Contents
Introduction................................................................................................................................3
Organizational overview............................................................................................................3
Question 1:.................................................................................................................................4
Need of information system governance................................................................................5
Organizational factors aligned with IS governance...............................................................6
Question 2:.................................................................................................................................7
Confidentiality........................................................................................................................7
Integrity..................................................................................................................................7
Availability.............................................................................................................................8
Necessary suggestions for improvement of the IS governance policy..................................8
Establishing information system organization wide..........................................................8
Adopting risk based approach............................................................................................8
Setting clear goal of the investment decision.....................................................................9
Conformance with the external and internal requirements................................................9
Fostering system environment for the stakeholders...........................................................9
Question 3:.................................................................................................................................9
Question 4:...............................................................................................................................11
Challenges and solution.......................................................................................................12
Information management.................................................................................................12
Regulatory compliance.....................................................................................................12
Storage management........................................................................................................13
Table of Contents
Introduction................................................................................................................................3
Organizational overview............................................................................................................3
Question 1:.................................................................................................................................4
Need of information system governance................................................................................5
Organizational factors aligned with IS governance...............................................................6
Question 2:.................................................................................................................................7
Confidentiality........................................................................................................................7
Integrity..................................................................................................................................7
Availability.............................................................................................................................8
Necessary suggestions for improvement of the IS governance policy..................................8
Establishing information system organization wide..........................................................8
Adopting risk based approach............................................................................................8
Setting clear goal of the investment decision.....................................................................9
Conformance with the external and internal requirements................................................9
Fostering system environment for the stakeholders...........................................................9
Question 3:.................................................................................................................................9
Question 4:...............................................................................................................................11
Challenges and solution.......................................................................................................12
Information management.................................................................................................12
Regulatory compliance.....................................................................................................12
Storage management........................................................................................................13
2IS GOVERNANCE
E-Discovery......................................................................................................................13
Benefits of IS governance for the organization....................................................................14
Strategic alignment...........................................................................................................14
Risk management.............................................................................................................14
Value delivery..................................................................................................................14
Resource management.....................................................................................................14
Conclusion................................................................................................................................14
Reference..................................................................................................................................16
E-Discovery......................................................................................................................13
Benefits of IS governance for the organization....................................................................14
Strategic alignment...........................................................................................................14
Risk management.............................................................................................................14
Value delivery..................................................................................................................14
Resource management.....................................................................................................14
Conclusion................................................................................................................................14
Reference..................................................................................................................................16
3IS GOVERNANCE
Introduction
The objective of the report is to discuss the role of information system governance.
Discussing the role of information system governance from an organizational perspective, it
can be analysed that, this particular approach is increasingly essential yet critical process that
depends on the nature of the information. The policy is important for avoiding the unethical
access to the information and reducing any kind of uncertainty over the information by
providing higher system to it (Flores, Antonsen and Ekstedt 2014). On a broader aspect the
concept of information governance can be explained by the system using which an
organization can control as well as direct the process and policies related to the IT system.
This report is going to discuss about the Information system governance policies,
elements of the Saudi Arabia based Islamic Development Bank. In addition, the interrelation
between the business strategies of the organization and the IS governance along with the risks
and opportunities related to this process are going to be discussed in this report. Moreover,
the Information system governance also specifies the organization’s accountability
framework as well as provides an oversight for ensuring that all the risks are mitigated
adequately (Whitman and Mattord 2014).
Organizational overview
Founded in the year 1973, the Islamic Development Bank is one multilateral financial
developmental institution that emphasizes on enhancing the Islamic finance present in the
Saudi Arabia. Currently, the organization has approximately 57 number of memberships in
different states and identified as the single largest stakeholder of the Saudi Arabia. With the
motto of “together we build a better future”, the organization is now serving the country
people successfully. A total of 932 individuals are currently being employed inside the
organization (Isdb.org. 2019). The major activities of this organization includes SME
Introduction
The objective of the report is to discuss the role of information system governance.
Discussing the role of information system governance from an organizational perspective, it
can be analysed that, this particular approach is increasingly essential yet critical process that
depends on the nature of the information. The policy is important for avoiding the unethical
access to the information and reducing any kind of uncertainty over the information by
providing higher system to it (Flores, Antonsen and Ekstedt 2014). On a broader aspect the
concept of information governance can be explained by the system using which an
organization can control as well as direct the process and policies related to the IT system.
This report is going to discuss about the Information system governance policies,
elements of the Saudi Arabia based Islamic Development Bank. In addition, the interrelation
between the business strategies of the organization and the IS governance along with the risks
and opportunities related to this process are going to be discussed in this report. Moreover,
the Information system governance also specifies the organization’s accountability
framework as well as provides an oversight for ensuring that all the risks are mitigated
adequately (Whitman and Mattord 2014).
Organizational overview
Founded in the year 1973, the Islamic Development Bank is one multilateral financial
developmental institution that emphasizes on enhancing the Islamic finance present in the
Saudi Arabia. Currently, the organization has approximately 57 number of memberships in
different states and identified as the single largest stakeholder of the Saudi Arabia. With the
motto of “together we build a better future”, the organization is now serving the country
people successfully. A total of 932 individuals are currently being employed inside the
organization (Isdb.org. 2019). The major activities of this organization includes SME
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4IS GOVERNANCE
financing, Emergency relief, resource mobilization, trade financing, reinsurance and
insurance coverage for the investment as well as export credit, financing the projects of
private and public sectors, providing technical assistance for building higher capability and
many others. Holding thousands of crucial and sensitive financial and other customer related
information, it has become necessary for the organization to maintain higher system of those
information and protecting those from unethical accesses.
Question 1:
Critically assess the extent to which IS Governance is aligned, inclusive, educated,
engaged, connected and informed in relation to the existing system in your organisation.
Organizational factors aligned with IS governance
Usage of COBIT 5 is made by Islamic Development Bank. COBIT 5 finds its usage in
the operational section of the bank. With the help of this governance tool, management
support have been getting benefitted to the highest extent. The organizational factors that act
crucial for the bank includes the likes of developing proper understanding regarding
stakeholder needs. Developing both short term as well as long term goals also act important.
Cascading of goals also act important in the operational process. It have been seen that
COBIT 5 framework infrastructure is integrated in such a manner that it fulfils the above
stated requirements. This framework also helps in performing benefit realisation,
optimisation of resources as well as risk optimization. These are the aspects that benefits
fulfilling the stakeholder demands. Setting of enterprise goals have been another task that is
performed by COBIT 5. Thus it can be stated that alignment of the COBIT 5 framework is
high with the requirement of the bank.
In order to gather efficient result from the IS governance practice, it is mandatory for the
business to have supporting elements such as infrastructure, organizational network and many
financing, Emergency relief, resource mobilization, trade financing, reinsurance and
insurance coverage for the investment as well as export credit, financing the projects of
private and public sectors, providing technical assistance for building higher capability and
many others. Holding thousands of crucial and sensitive financial and other customer related
information, it has become necessary for the organization to maintain higher system of those
information and protecting those from unethical accesses.
Question 1:
Critically assess the extent to which IS Governance is aligned, inclusive, educated,
engaged, connected and informed in relation to the existing system in your organisation.
Organizational factors aligned with IS governance
Usage of COBIT 5 is made by Islamic Development Bank. COBIT 5 finds its usage in
the operational section of the bank. With the help of this governance tool, management
support have been getting benefitted to the highest extent. The organizational factors that act
crucial for the bank includes the likes of developing proper understanding regarding
stakeholder needs. Developing both short term as well as long term goals also act important.
Cascading of goals also act important in the operational process. It have been seen that
COBIT 5 framework infrastructure is integrated in such a manner that it fulfils the above
stated requirements. This framework also helps in performing benefit realisation,
optimisation of resources as well as risk optimization. These are the aspects that benefits
fulfilling the stakeholder demands. Setting of enterprise goals have been another task that is
performed by COBIT 5. Thus it can be stated that alignment of the COBIT 5 framework is
high with the requirement of the bank.
In order to gather efficient result from the IS governance practice, it is mandatory for the
business to have supporting elements such as infrastructure, organizational network and many
5IS GOVERNANCE
others. However, the necessary factors that are aligned with the information governance
policies and practices of the discussed organization are as follows;
Organizational structure
Strategic planning
Establishment of role and responsibility
Integration with enterprise architecture
Documenting the objectives of the system in guidelines and policies.
The strategic planning of the discussed organization is widely explained by the
enterprise strategic planning, IT strategic planning, IS or cyber system strategic planning.
The first factor that is the enterprise strategic planning includes strategies for defining long
term goals of the organization and the ways of achieving it (Bobbert and Mulder 2015).
Meanwhile, the IT strategic planning of this organization usually aligned with the IT
management, operations and the enterprise planning for managing the technical aspects of the
organization. The purpose of the information system governance of the selected organization
is to pervasive using and understanding the value of the information and ensuring its system.
COBIT 5 is an educated system as data analysis is made and hence wise system
generated decision making is also made. Data is gathered in daily basis. These data are stored
in the system (Huygh et al 2018). This stored data set ensures that information that is
gathered and used in the process will be having a better management of the data and hence
wise better data analysis can be performed. The data that are stored in the system are updated
in a frequent manner. This section ensures that the Information System governance tool stays
well informed.
COBIT 5 is engaged in a differential manner. The methodology that is performed
includes proper mapping of the current IT process. Setting of Goals and framework risks that
others. However, the necessary factors that are aligned with the information governance
policies and practices of the discussed organization are as follows;
Organizational structure
Strategic planning
Establishment of role and responsibility
Integration with enterprise architecture
Documenting the objectives of the system in guidelines and policies.
The strategic planning of the discussed organization is widely explained by the
enterprise strategic planning, IT strategic planning, IS or cyber system strategic planning.
The first factor that is the enterprise strategic planning includes strategies for defining long
term goals of the organization and the ways of achieving it (Bobbert and Mulder 2015).
Meanwhile, the IT strategic planning of this organization usually aligned with the IT
management, operations and the enterprise planning for managing the technical aspects of the
organization. The purpose of the information system governance of the selected organization
is to pervasive using and understanding the value of the information and ensuring its system.
COBIT 5 is an educated system as data analysis is made and hence wise system
generated decision making is also made. Data is gathered in daily basis. These data are stored
in the system (Huygh et al 2018). This stored data set ensures that information that is
gathered and used in the process will be having a better management of the data and hence
wise better data analysis can be performed. The data that are stored in the system are updated
in a frequent manner. This section ensures that the Information System governance tool stays
well informed.
COBIT 5 is engaged in a differential manner. The methodology that is performed
includes proper mapping of the current IT process. Setting of Goals and framework risks that
6IS GOVERNANCE
might be present in the operational process is performed in a proper manner. Stakeholder
engagement is yet another section that is affected in a positive manner.
Question 2:
Evaluate the effectiveness of the existing IS Governance policies, plans, projects and
priorities and identify any areas of improvement.
The IS Governance policies can be differentiated in between IT Policies and Policies
as Enablers. Being in a Banking domain the main aspect that will be considered is that there
will be several IT operations. It have been seen that IT policies are not only related to the IT
principles but also end to end business processes have been considered. Performing proper
cooperation across the bank have been one of the major aspect that is performed with the help
of the COBIT 5. With the help of proper COBIT 5 proper communication of policies can be
made. Policies as Enablers deals with different stakeholder dimension, goal dimension, Life
Cycle Dimension as well as Good Practices Dimension (Pereira, Ferreira and Amaral 2017).
Strategic Planning can be made with the help of COBIT 5. There are certain data sets
that are required for performing strategic planning. The section includes the likes of
collecting data regarding generic enterprise goals, goals are the cascaded with all levels.
Developing IT generic goals are also performed in this section. Proper mapping in between
IT strategic goals as well as enterprise strategic planning can be made. Data regarding
enabler’s goal are also collected. Enabling process of governance and management have been
included in the process as well. Analysing stakeholder needs have been another domain that
is considered in the process. Details regarding life cycle phases also acts important in the
planning process of COBIT 5 (Pane et al 2018).
COBIT 5 have been benefitting the prioritization process. There are few sections that
are considered while performing the prioritization process. The processes are namely
ensuring governance framework setting and maintenance. After this process, analysing the
might be present in the operational process is performed in a proper manner. Stakeholder
engagement is yet another section that is affected in a positive manner.
Question 2:
Evaluate the effectiveness of the existing IS Governance policies, plans, projects and
priorities and identify any areas of improvement.
The IS Governance policies can be differentiated in between IT Policies and Policies
as Enablers. Being in a Banking domain the main aspect that will be considered is that there
will be several IT operations. It have been seen that IT policies are not only related to the IT
principles but also end to end business processes have been considered. Performing proper
cooperation across the bank have been one of the major aspect that is performed with the help
of the COBIT 5. With the help of proper COBIT 5 proper communication of policies can be
made. Policies as Enablers deals with different stakeholder dimension, goal dimension, Life
Cycle Dimension as well as Good Practices Dimension (Pereira, Ferreira and Amaral 2017).
Strategic Planning can be made with the help of COBIT 5. There are certain data sets
that are required for performing strategic planning. The section includes the likes of
collecting data regarding generic enterprise goals, goals are the cascaded with all levels.
Developing IT generic goals are also performed in this section. Proper mapping in between
IT strategic goals as well as enterprise strategic planning can be made. Data regarding
enabler’s goal are also collected. Enabling process of governance and management have been
included in the process as well. Analysing stakeholder needs have been another domain that
is considered in the process. Details regarding life cycle phases also acts important in the
planning process of COBIT 5 (Pane et al 2018).
COBIT 5 have been benefitting the prioritization process. There are few sections that
are considered while performing the prioritization process. The processes are namely
ensuring governance framework setting and maintenance. After this process, analysing the
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7IS GOVERNANCE
benefit delivery is also considered. After this benefit delivery process, risk optimization is
also performed. Risk optimization plays as an important factor that will ensure proper
understanding of the prioritization. Resource optimization have also been another aspect that
is to be considered. After gathering data of such process, the entire prioritization process
begins (De Haes et al 2016).
The above discussed policies related to the IS governance in context of the selected
organization are definitely efficient for maintaining the confidentiality and system of the
information. Yet, there are some principles or practices need to be carried out by the
organization for enhancing the above discussed IS governance policies.
Necessary suggestions for improvement of the IS governance policy
Establishing information system organization wide
Information system or mainly known as the cyber system shows higher concerns to
the existing structure and function of the organization. Therefore, the management of all
levels need to ensure that the information system of the organization should integrated with
the IT and other necessary activities. It is necessary for the top level management of the
discussed organization to ensure the selected areas of the information system practice and
principle to serves the overall business objectives by establishing higher responsibility as well
as accountability throughout the business (Kim and Ahn 2013).
Adopting risk based approach
System governance, which mainly involves the allocation of resources as well as
budgets, need to emphasize on the risk appetite of the organization. In addition, it also focus
on minimizing the competition, compliance along with all the liability risks, reputational
harm, financial loss and operational disruptions (Flores, Antonsen and Ekstedt 2014).
benefit delivery is also considered. After this benefit delivery process, risk optimization is
also performed. Risk optimization plays as an important factor that will ensure proper
understanding of the prioritization. Resource optimization have also been another aspect that
is to be considered. After gathering data of such process, the entire prioritization process
begins (De Haes et al 2016).
The above discussed policies related to the IS governance in context of the selected
organization are definitely efficient for maintaining the confidentiality and system of the
information. Yet, there are some principles or practices need to be carried out by the
organization for enhancing the above discussed IS governance policies.
Necessary suggestions for improvement of the IS governance policy
Establishing information system organization wide
Information system or mainly known as the cyber system shows higher concerns to
the existing structure and function of the organization. Therefore, the management of all
levels need to ensure that the information system of the organization should integrated with
the IT and other necessary activities. It is necessary for the top level management of the
discussed organization to ensure the selected areas of the information system practice and
principle to serves the overall business objectives by establishing higher responsibility as well
as accountability throughout the business (Kim and Ahn 2013).
Adopting risk based approach
System governance, which mainly involves the allocation of resources as well as
budgets, need to emphasize on the risk appetite of the organization. In addition, it also focus
on minimizing the competition, compliance along with all the liability risks, reputational
harm, financial loss and operational disruptions (Flores, Antonsen and Ekstedt 2014).
8IS GOVERNANCE
Setting clear goal of the investment decision
The investments related to the process of Information system need to support all the
organizational objectives. Additionally, the process will also ensure that the IS governance
policy to be integrated with the existing processes of the organization so that the capital as
well as operational expenditure, can be efficiently addressed and the risks associated with the
organization can also be avoided.
Conformance with the external and internal requirements
The external requirements usually involves the mandatory legislation as well as the
set of regulations and standards that lead to the contractual requirements and certification. On
the other hand the internal requirements encompasses the organizational objectives and goals
on a broader aspect (Tsiakis, Kargidis and Chatzipoulidis 2013). Ensuring both the
requirements effectively, the discussed organization can ensure efficient accessibility to the
information.
Fostering system environment for the stakeholders
The information system policies undertaken by the organization need to be discussed
with the stakeholders and it should responsive to the expectation of the stakeholders’.
Promotion of the IS cultures and providing necessary training to the employees regarding
maintenance of the system is also essential for addressing all the facilities provided by the
discussed technological solution.
Question 3:
Analyse the link between IS Governance and the business strategy. Are there any
discrepancies? How would you address them?
The main goal of involving the IS governance into the organizational workplace is to
gather a set of tools, methodologies as well as processes for maintaining the system of the
Setting clear goal of the investment decision
The investments related to the process of Information system need to support all the
organizational objectives. Additionally, the process will also ensure that the IS governance
policy to be integrated with the existing processes of the organization so that the capital as
well as operational expenditure, can be efficiently addressed and the risks associated with the
organization can also be avoided.
Conformance with the external and internal requirements
The external requirements usually involves the mandatory legislation as well as the
set of regulations and standards that lead to the contractual requirements and certification. On
the other hand the internal requirements encompasses the organizational objectives and goals
on a broader aspect (Tsiakis, Kargidis and Chatzipoulidis 2013). Ensuring both the
requirements effectively, the discussed organization can ensure efficient accessibility to the
information.
Fostering system environment for the stakeholders
The information system policies undertaken by the organization need to be discussed
with the stakeholders and it should responsive to the expectation of the stakeholders’.
Promotion of the IS cultures and providing necessary training to the employees regarding
maintenance of the system is also essential for addressing all the facilities provided by the
discussed technological solution.
Question 3:
Analyse the link between IS Governance and the business strategy. Are there any
discrepancies? How would you address them?
The main goal of involving the IS governance into the organizational workplace is to
gather a set of tools, methodologies as well as processes for maintaining the system of the
9IS GOVERNANCE
organizational information. Identification of the relationship between the business strategies
and the IS governance, the fact that comes into consideration is that, aligning the business
strategies with the selected technological solution can be beneficial for the organization in
addressing its goal and objectives (AlHogail and Mirza 2014). The IS governance is nothing
but a formal framework that helps the organization in aligning the IT strategies with the
business strategies, thus ensuring effective investment and success of the business.
(Figure 1: Relationship between the information system governance with business strategy)
(Source: Kim and Ahn 2013)
The main role of including IS governance into the business environment of the
discussed Saudi Arabian bank can be analysed in terms of building successful strategic plans
(Whitman and Mattord 2014). Strategic plans are nothing but the documentation of the
business objectives and goals and the actions required for achieving the goals. The
management actions or activities involved in the process of strategic planning of the
organization can be explained by the set of practices, priorities, focus, energy as well as
resource need to strengthen the operational functionality of the organization so that the
organizational objectives can be achieved. In addition, the process of IS Governance also
organizational information. Identification of the relationship between the business strategies
and the IS governance, the fact that comes into consideration is that, aligning the business
strategies with the selected technological solution can be beneficial for the organization in
addressing its goal and objectives (AlHogail and Mirza 2014). The IS governance is nothing
but a formal framework that helps the organization in aligning the IT strategies with the
business strategies, thus ensuring effective investment and success of the business.
(Figure 1: Relationship between the information system governance with business strategy)
(Source: Kim and Ahn 2013)
The main role of including IS governance into the business environment of the
discussed Saudi Arabian bank can be analysed in terms of building successful strategic plans
(Whitman and Mattord 2014). Strategic plans are nothing but the documentation of the
business objectives and goals and the actions required for achieving the goals. The
management actions or activities involved in the process of strategic planning of the
organization can be explained by the set of practices, priorities, focus, energy as well as
resource need to strengthen the operational functionality of the organization so that the
organizational objectives can be achieved. In addition, the process of IS Governance also
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10IS GOVERNANCE
known as one potential solution for resolving the business challenges and dilemmas (Rebollo
et al. 2015). It also ensure that the organizational investment on the IT environment and its
associated components will generate higher value and migrate all the risks associated with the
IT environment of the business by avoiding chances of failure (Gashgari, Walters and Wills
2017). An efficient IS Governance strategically aligns the business so that it can support any
technical evolution. Moreover, it prioritise that the enterprise architecture will delivers
consistent as well as scalable business values despite of going through current technical
evolution. Emphasizing on the risk management and overall performance of the organization
for addressing the metrics definition, undertaking rigorous process, making costs efficient
business and controlling the objectives of the organization also comes under the area of an
successful IS governance (Ula and Fuadi 2017). The chosen organization can also measure
effectiveness of the technological revolutions, business goals and analysing the financial
condition of it by aligning the IS governance policies with the business strategies.
Question 4:
Identify the values, risks and opportunities to your organisations IS strategy derived
from the modifications and revisions proposed to IS Governance in your audit.
As the business objectives of the Islamic Development Bank is to provide financing
and technical solution to the country people. Despite of having several facilities of
implementing the IS governance practices and policies; yet there exist certain challenges that
might hinder the functionality of the particular process.
Challenges and solution
Information management
Information management inside the organization needs the retrieval, system,
acquisition, as well as maintenance of all the information of the organization in an efficient
known as one potential solution for resolving the business challenges and dilemmas (Rebollo
et al. 2015). It also ensure that the organizational investment on the IT environment and its
associated components will generate higher value and migrate all the risks associated with the
IT environment of the business by avoiding chances of failure (Gashgari, Walters and Wills
2017). An efficient IS Governance strategically aligns the business so that it can support any
technical evolution. Moreover, it prioritise that the enterprise architecture will delivers
consistent as well as scalable business values despite of going through current technical
evolution. Emphasizing on the risk management and overall performance of the organization
for addressing the metrics definition, undertaking rigorous process, making costs efficient
business and controlling the objectives of the organization also comes under the area of an
successful IS governance (Ula and Fuadi 2017). The chosen organization can also measure
effectiveness of the technological revolutions, business goals and analysing the financial
condition of it by aligning the IS governance policies with the business strategies.
Question 4:
Identify the values, risks and opportunities to your organisations IS strategy derived
from the modifications and revisions proposed to IS Governance in your audit.
As the business objectives of the Islamic Development Bank is to provide financing
and technical solution to the country people. Despite of having several facilities of
implementing the IS governance practices and policies; yet there exist certain challenges that
might hinder the functionality of the particular process.
Challenges and solution
Information management
Information management inside the organization needs the retrieval, system,
acquisition, as well as maintenance of all the information of the organization in an efficient
11IS GOVERNANCE
manner. However, in case of organizations like Islamic Development Bank, it is essential for
the organization to deal with a vast amount of information, therefore, managing such amount
of information sometime create several complicacy for the organization.
Solution: In order to achieve successful results from the information governance process, the
selected Saudi Arabian organization need to implement an efficient information management
automation model (Silic and Back 2014). This suggested solution can discard several
essential responsibilities such as, data storage, maintenance and even the need of backup and
it will also ensure that the particular organization will have higher system over its information
and data.
Regulatory compliance
Regardless of the country, there exist some regulatory requirement on having records,
which explains the type of information need to be storage and also decides its storage period.
Therefore, information related to this type of retention requirements need be stored, managed
and accessed with special care. If any case any violation to the compliance requirements
found, it can gather several expensive legal proceedings as well as fine for the organization,
which ultimately will harm the reputation of the organization (Debreceny 2013). Hence, it
definitely create a challenging situation for the IS governance practice.
Solution: In this case, implement one information governance software in the organization
automatically store the electronic records automatically by analysing the industry regulations
is vital. In addition, a proper archiving system can also be considered as another solution,
which will ensure that the data is automatically stored without having any end user
management.
manner. However, in case of organizations like Islamic Development Bank, it is essential for
the organization to deal with a vast amount of information, therefore, managing such amount
of information sometime create several complicacy for the organization.
Solution: In order to achieve successful results from the information governance process, the
selected Saudi Arabian organization need to implement an efficient information management
automation model (Silic and Back 2014). This suggested solution can discard several
essential responsibilities such as, data storage, maintenance and even the need of backup and
it will also ensure that the particular organization will have higher system over its information
and data.
Regulatory compliance
Regardless of the country, there exist some regulatory requirement on having records,
which explains the type of information need to be storage and also decides its storage period.
Therefore, information related to this type of retention requirements need be stored, managed
and accessed with special care. If any case any violation to the compliance requirements
found, it can gather several expensive legal proceedings as well as fine for the organization,
which ultimately will harm the reputation of the organization (Debreceny 2013). Hence, it
definitely create a challenging situation for the IS governance practice.
Solution: In this case, implement one information governance software in the organization
automatically store the electronic records automatically by analysing the industry regulations
is vital. In addition, a proper archiving system can also be considered as another solution,
which will ensure that the data is automatically stored without having any end user
management.
12IS GOVERNANCE
Storage management
Due to having increasing volume of data, it might become necessary for the IT depart-
ments of the organization to buy additional resources for storage so that the organizational
need can be met. Even if the cost of storage decreases, the velocity and volume of the
organizational information will continues to access the exact price reductions. Therefore,
complications related to the emerging storage volumes, can increase the business cost and
thus creating major challenges in the IS governance process.
Solution: In order to reduce the storage volume and extra cost, the organizations can think of
implementing an information management system. The automation provided by this will
provide prominent way of managing and storing the essential financial and other crucial data
of the organization.
E-Discovery
Improper management off the data and information can lead to increase the costs and
risks associated with the eDiscovery. In addition, the cost can increase highly when the
organization will face any lawsuit, and even in case of not finding and allocating the
appropriate information. In this series, irrelevant or over collection of data can also create
major problems thus creating hindrances for successful implementation of this technology
(Mishra 2015).
Solution: A successful program of information governance can act as a key driver for
reducing the cost as well as risk associated with the eDiscovery, as the organization can
collect store and utilize the actual data in the exact time.
Benefits of IS governance for the organization
Following are the list of benefits that the discussed organization can achieve by the
implementation of a successful IS governance system.
Storage management
Due to having increasing volume of data, it might become necessary for the IT depart-
ments of the organization to buy additional resources for storage so that the organizational
need can be met. Even if the cost of storage decreases, the velocity and volume of the
organizational information will continues to access the exact price reductions. Therefore,
complications related to the emerging storage volumes, can increase the business cost and
thus creating major challenges in the IS governance process.
Solution: In order to reduce the storage volume and extra cost, the organizations can think of
implementing an information management system. The automation provided by this will
provide prominent way of managing and storing the essential financial and other crucial data
of the organization.
E-Discovery
Improper management off the data and information can lead to increase the costs and
risks associated with the eDiscovery. In addition, the cost can increase highly when the
organization will face any lawsuit, and even in case of not finding and allocating the
appropriate information. In this series, irrelevant or over collection of data can also create
major problems thus creating hindrances for successful implementation of this technology
(Mishra 2015).
Solution: A successful program of information governance can act as a key driver for
reducing the cost as well as risk associated with the eDiscovery, as the organization can
collect store and utilize the actual data in the exact time.
Benefits of IS governance for the organization
Following are the list of benefits that the discussed organization can achieve by the
implementation of a successful IS governance system.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
13IS GOVERNANCE
Strategic alignment
The information system practices and policies can be aligned with the respective
business strategy undertaken by the organization for supporting the organization in achieving
its goals and objectives.
Risk management
The ongoing as well as the upcoming future risks related to the organization can be
identifies and analysed and the necessary solutions for migrating those risks can also be
ensured by using this technical solution.
Value delivery
IS govrnance can optimize the investments related to the information system of the
organization, thus creating a cost efficient business and helping the organization in achieving
its objectives (Gashgari, Walters and Wills 2017).
Resource management
The actual resources and information needed for managing the regular organizational
work can be identified, analysed and managed efficiently, so that too much complicacies
related can be avoided and a transparent business process and goal can be created.
Conclusion
From the above discussion, it can be stated that implementation of COBIT 5 will be
acting beneficial in the operational processing. This governance tool ensures that the
functional process might be getting benefitted. With implementation of COBIT 5, the main
aspect that is considered is that several domains are benefitted due to the implementation of
COBIT 5. COBIT 5 helps in maintaining high quality information for supporting business
decision making. Achieving strategic goals for effective as well as innovative working
process in Islamic Development Bank can be done. Compliance is also supported in the
Strategic alignment
The information system practices and policies can be aligned with the respective
business strategy undertaken by the organization for supporting the organization in achieving
its goals and objectives.
Risk management
The ongoing as well as the upcoming future risks related to the organization can be
identifies and analysed and the necessary solutions for migrating those risks can also be
ensured by using this technical solution.
Value delivery
IS govrnance can optimize the investments related to the information system of the
organization, thus creating a cost efficient business and helping the organization in achieving
its objectives (Gashgari, Walters and Wills 2017).
Resource management
The actual resources and information needed for managing the regular organizational
work can be identified, analysed and managed efficiently, so that too much complicacies
related can be avoided and a transparent business process and goal can be created.
Conclusion
From the above discussion, it can be stated that implementation of COBIT 5 will be
acting beneficial in the operational processing. This governance tool ensures that the
functional process might be getting benefitted. With implementation of COBIT 5, the main
aspect that is considered is that several domains are benefitted due to the implementation of
COBIT 5. COBIT 5 helps in maintaining high quality information for supporting business
decision making. Achieving strategic goals for effective as well as innovative working
process in Islamic Development Bank can be done. Compliance is also supported in the
14IS GOVERNANCE
process. This report has proposed a brief discussion about the IS governance, its policies,
practices, relation with the business strategies and the challenges and benefits associated with
the process in context of the Saudi Arabia based Islamic Development Bank.
process. This report has proposed a brief discussion about the IS governance, its policies,
practices, relation with the business strategies and the challenges and benefits associated with
the process in context of the Saudi Arabia based Islamic Development Bank.
15IS GOVERNANCE
Reference
AlHogail, A. and Mirza, A., 2014, January. Information system culture: a definition and a
literature review. In 2014 World Congress on Computer Applications and Information
Systems (WCCAIS) (pp. 1-7). IEEE.
Bobbert, Y. and Mulder, H., 2015, December. Governance practices and critical success
factors suitable for business information security. In 2015 International Conference on
Computational Intelligence and Communication Networks (CICN) (pp. 1097-1104). IEEE.
Carcary, M., Renaud, K., McLaughlin, S. and O'Brien, C., 2016. A framework for
information security governance and management. It Professional, 18(2), pp.22-30.
Debreceny, R.S., 2013. Research on IT governance, risk, and value: Challenges and
opportunities. Journal of Information Systems, 27(1), pp.129-135.
Fazlida, M.R. and Said, J., 2015. Information security: Risk, governance and implementation
setback. Procedia Economics and Finance, 28, pp.243-248.
Flores, W.R., Antonsen, E. and Ekstedt, M., 2014. Information security knowledge sharing in
organizations: Investigating the effect of behavioral information security governance and
national culture. Computers & Security, 43, pp.90-110.
Gashgari, G., Walters, R.J. and Wills, G., 2017, April. A Proposed Best-practice Framework
for Information Security Governance. In IoTBDS (pp. 295-301).
Isdb.org. (2019). Islamic Development Bank. [online] Available at: https://www.isdb.org/
[Accessed 17 Dec. 2019].
Reference
AlHogail, A. and Mirza, A., 2014, January. Information system culture: a definition and a
literature review. In 2014 World Congress on Computer Applications and Information
Systems (WCCAIS) (pp. 1-7). IEEE.
Bobbert, Y. and Mulder, H., 2015, December. Governance practices and critical success
factors suitable for business information security. In 2015 International Conference on
Computational Intelligence and Communication Networks (CICN) (pp. 1097-1104). IEEE.
Carcary, M., Renaud, K., McLaughlin, S. and O'Brien, C., 2016. A framework for
information security governance and management. It Professional, 18(2), pp.22-30.
Debreceny, R.S., 2013. Research on IT governance, risk, and value: Challenges and
opportunities. Journal of Information Systems, 27(1), pp.129-135.
Fazlida, M.R. and Said, J., 2015. Information security: Risk, governance and implementation
setback. Procedia Economics and Finance, 28, pp.243-248.
Flores, W.R., Antonsen, E. and Ekstedt, M., 2014. Information security knowledge sharing in
organizations: Investigating the effect of behavioral information security governance and
national culture. Computers & Security, 43, pp.90-110.
Gashgari, G., Walters, R.J. and Wills, G., 2017, April. A Proposed Best-practice Framework
for Information Security Governance. In IoTBDS (pp. 295-301).
Isdb.org. (2019). Islamic Development Bank. [online] Available at: https://www.isdb.org/
[Accessed 17 Dec. 2019].
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
16IS GOVERNANCE
Kim, H.J. and Ahn, J.H., 2013. An Empirical Study of Employee’s Deviant Behavior for
Improving Efficiency of Information Security Governance. Journal of Society for e-Business
Studies, 18(1).
Mishra, S., 2015. Organizational objectives for information security governance: a value
focused assessment. Information & Computer Security, 23(2), pp.122-144.
Mishra, S., 2015. Organizational objectives for information security governance: a value
focused assessment. Information & Computer Security, 23(2), pp.122-144.
Rebollo, O., Mellado, D., Fernández-Medina, E. and Mouratidis, H., 2015. Empirical
evaluation of a cloud computing information security governance framework. Information
and Software Technology, 58, pp.44-57.
Safa, N.S., Von Solms, R. and Furnell, S., 2016. Information security policy compliance
model in organizations. computers & security, 56, pp.70-82.
Silic, M. and Back, A., 2014. Information security: Critical review and future directions for
research. Information Management & Computer Security, 22(3), pp.279-308.
Soomro, Z.A., Shah, M.H. and Ahmed, J., 2016. Information security management needs
more holistic approach: A literature review. International Journal of Information
Management, 36(2), pp.215-225.
Tsiakis, T., Kargidis, T. and Chatzipoulidis, A., 2013. IT Security Governance in E-banking.
In IT Security Governance Innovations: Theory and Research (pp. 13-46). IGI Global.
Ula, M. and Fuadi, W., 2017, February. A method for evaluating information security
governance (ISG) components in banking environment. In Journal of Physics: Conference
Series (Vol. 812, No. 1, p. 012031). IOP Publishing.
Kim, H.J. and Ahn, J.H., 2013. An Empirical Study of Employee’s Deviant Behavior for
Improving Efficiency of Information Security Governance. Journal of Society for e-Business
Studies, 18(1).
Mishra, S., 2015. Organizational objectives for information security governance: a value
focused assessment. Information & Computer Security, 23(2), pp.122-144.
Mishra, S., 2015. Organizational objectives for information security governance: a value
focused assessment. Information & Computer Security, 23(2), pp.122-144.
Rebollo, O., Mellado, D., Fernández-Medina, E. and Mouratidis, H., 2015. Empirical
evaluation of a cloud computing information security governance framework. Information
and Software Technology, 58, pp.44-57.
Safa, N.S., Von Solms, R. and Furnell, S., 2016. Information security policy compliance
model in organizations. computers & security, 56, pp.70-82.
Silic, M. and Back, A., 2014. Information security: Critical review and future directions for
research. Information Management & Computer Security, 22(3), pp.279-308.
Soomro, Z.A., Shah, M.H. and Ahmed, J., 2016. Information security management needs
more holistic approach: A literature review. International Journal of Information
Management, 36(2), pp.215-225.
Tsiakis, T., Kargidis, T. and Chatzipoulidis, A., 2013. IT Security Governance in E-banking.
In IT Security Governance Innovations: Theory and Research (pp. 13-46). IGI Global.
Ula, M. and Fuadi, W., 2017, February. A method for evaluating information security
governance (ISG) components in banking environment. In Journal of Physics: Conference
Series (Vol. 812, No. 1, p. 012031). IOP Publishing.
17IS GOVERNANCE
Whitman, M. and Mattord, H.J., 2014. Information security governance for the non-security
business executive.
Whitman, M. and Mattord, H.J., 2014. Information security governance for the non-security
business executive.
Yaokumah, W. and Brown, S., 2014. An empirical examination of the relationship between
information security/business strategic alignment and information security governance
domain areas. Journal of Business Systems, Governance & Ethics, 9(2), pp.50-65.
Huygh, T., De Haes, S., Joshi, A. and Van Grembergen, W., 2018, January. Answering key
global IT management concerns through IT governance and management processes: A
COBIT 5 View. In Proceedings of the 51st Hawaii International Conference on System
Sciences.
Pereira, C., Ferreira, C. and Amaral, L., 2017, September. IT Value Management Capability
Enabled with COBIT 5 Framework. In European, Mediterranean, and Middle Eastern
Conference on Information Systems (pp. 431-446). Springer, Cham.
Pane, S.F., Awangga, R.M., Nuraini, R. and Fathonah, S., 2018, April. Analysis of
Investment IT Planning on Logistic Company Using COBIT 5. In Journal of Physics:
Conference Series (Vol. 1007, No. 1, p. 012051). IOP Publishing.
De Haes, S., Huygh, T., Joshi, A. and Van Grembergen, W., 2016. Adoption and impact of IT
governance and management practices: a COBIT 5 perspective. International Journal of
IT/Business Alignment and Governance (IJITBAG), 7(1), pp.50-72.
Whitman, M. and Mattord, H.J., 2014. Information security governance for the non-security
business executive.
Whitman, M. and Mattord, H.J., 2014. Information security governance for the non-security
business executive.
Yaokumah, W. and Brown, S., 2014. An empirical examination of the relationship between
information security/business strategic alignment and information security governance
domain areas. Journal of Business Systems, Governance & Ethics, 9(2), pp.50-65.
Huygh, T., De Haes, S., Joshi, A. and Van Grembergen, W., 2018, January. Answering key
global IT management concerns through IT governance and management processes: A
COBIT 5 View. In Proceedings of the 51st Hawaii International Conference on System
Sciences.
Pereira, C., Ferreira, C. and Amaral, L., 2017, September. IT Value Management Capability
Enabled with COBIT 5 Framework. In European, Mediterranean, and Middle Eastern
Conference on Information Systems (pp. 431-446). Springer, Cham.
Pane, S.F., Awangga, R.M., Nuraini, R. and Fathonah, S., 2018, April. Analysis of
Investment IT Planning on Logistic Company Using COBIT 5. In Journal of Physics:
Conference Series (Vol. 1007, No. 1, p. 012051). IOP Publishing.
De Haes, S., Huygh, T., Joshi, A. and Van Grembergen, W., 2016. Adoption and impact of IT
governance and management practices: a COBIT 5 perspective. International Journal of
IT/Business Alignment and Governance (IJITBAG), 7(1), pp.50-72.
1 out of 18
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.