COM7007 IS Governance Report: Ethical Decision Making Analysis

Verified

Added on 2022/09/11

AI Summary

This report delves into the realm of IS Governance, examining various strategies, ethical considerations, and emerging business trends. The student analyzes existing IS Governance strategies, proposes revisions, and evaluates their alignment with ethical decision-making, accountability, and business values. The report explores frameworks like COBIT and ITIL, assessing their suitability for different organizational contexts. It also addresses the importance of procurement policies in managing IT risks and ensuring social value. The analysis emphasizes the need for a balance between market opportunities, accountability, and ethical integrity. The report highlights the significance of IT governance in aligning IT services with business requirements, improving accountability, and managing risks within the organizational framework. References to relevant literature are provided to support the analysis.

Running Head: PROJECT MANAGEMENT
PROJECT MANAGEMENT
Name of the Student
Name of the University
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1PROJECT MANAGEMENT
Question 1:
Given your knowledge of existing IS strategies, what would be your recommendations for the
implementation of your classmates’ proposed revisions to IS Governance strategies, policies,
plans, projects and priorities to leverage existing resources?
Understanding the importance of safeguarding the organizational information and data, every
company now a days are adopting different strategies. Information System Governance provides
numerous facility to the organization for identifying and ranking the most crucial risks in the initial
stage that might affect the business (Mswaka and Aluko 2015). Apart from identification and analysis
of the risk, this process also provides higher facility of monitoring the access controls related to the
information and data of the organization. The strategic direction provided by this phenomenon mainly
focuses towards achieving the objective and goal of the firm, managing the ongoing as well as the
future company risks. In addition, it also ensures that the organizational will efficiently use its
resources. The success, failure and whole working procedure of the organizational security system can
also be measured by this technology.
The COBIT (Control Objectives for Information and Related Technology) is one framework
that mainly focuses on providing IT security to the organization. This model guaranties effective
maintenance of the integrity of the information system of an organization. In addition, it also perform
risk management activity for the organization by identifying and migrating the risks. Framework,
process description, control objective, maturity model and management guidelines are some important
components of COBIT (Kwon, Ulmer and Wang. 2013). I think that, this model is more costly and
not suitable for small businesses. Meanwhile, ITIL (information technology infrastructure library) is
another ISG strategy that ensures the organization’s IT service and security will be managed across
the lifecycle. Starting from monitoring IT landscapes to managing the configuration of the system,
this phenomenon is most efficient.
The COSO is another security framework explained in the classmate’s material that mainly
emphasizes on addressing the core panels and also managing the enterprise risks. However, in this
framework, some major technical flow available, which affects its performance level. The internal

2PROJECT MANAGEMENT
control framework requires to be updated in many times (Flores, Antonsen and Ekstedt 2014).
Another important strategy of addressing the IT security of an organization is by performing the factor
analysis of the information. Usually, it focuses on addressing the ongoing IT risks and make several
supplementary decisions for migrating or eliminating those risks. Discussing about the policies, the
procurement policies are selected here as suitable ones for managing and controlling the IT risks and
security threats. It was found that this policy has efficient for generating social values and sourcing
good services by approximately 25% of the community enterprises. What I think is, the purposed
systems and strategies are efficient enough for discarding the security threat of the organization and
will manage the risks efficiently, yet there exist some improvements to the system.

3PROJECT MANAGEMENT
Question 2:
How do the existing IS Governance and your classmates’ proposed revisions reflect and
consider ethical decision making, accountability as well as emerging business trends and values?
There is lack of balance in pursuing various market opportunities at the time of maintaining
accountability along with ethical integrity. The accountability as well as the responsibility of the
business enterprises is being constantly questioned. The failed attempts of corporate governance and
the business ethics have urged the organizations to come up with better ethical framework along with
governance for the businesses. It is required for an individual to understand the subject well before
taking fair decisions. In this case of IS governance it can be said that the management in the
organization should keep a check on the decisions being taken by the persons in regard of IT
investments. Ethics in IS governance refers to aligning oneself to certain policies such as meeting
end-ethics, making use of best judgement and many more.
The Information system governance framework that have been suggested are ITIL, COSO and
many more. COBIT 2019 is one of the effective IT governance frameworks and it is trending at
present. COBIT or Control Objectives for Information and Related Technology is being chosen by
many organizations as well as IT professionals throughout the world. This the IT management that is
being supported by maximum of the regulators offering an effective way for the companies to develop
as well as implement various important strategies surrounding the volumes of information and
governance related to IT. IT governance requires aligning the IT services with the requirements of the
business. Many of the times COBIT and ITIL are made used of together as these two complement one
another in a good way. COBIT 2019 can help the organization in using multiple frameworks thus
strengthening various different standards along with best practices. COBIT relies on five basic
principles and is considered by many organizations to be critical for successful management of IT
businesses (Van Meerkerk, Kleinhans, and Molenveld 2018). It includes details of the regulatory
compliances, principles related to risk management along with IT and business alignment that in turn
helps the organizations in managing the challenges that bother these areas.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4PROJECT MANAGEMENT
Business organizations can accomplish their set targets by aligning their IT strategies with the
business goals. By making use of COBIT, an organization can come up with the controls required;
identify the goals at the same time aligning the IT goals to the business strategies or goals. When
organizations adopt IT Governance it improves the accountability of the organization thus increasing
the return on investments. Accountability is considered to be one of the major aspects of IT
governance especially in case of public sector organizations because these are generally non-
profitable in nature and thus IT projects are given a lot of importance. Organizations should adopt
unified IT governance along with risk management and other compliance approaches so that various
IT related activities can be accomplished without fail (Williams, Hardy and Holgate 2013). Good IT
governance an aid an organization to achieve its goals and manage risks within the organizational
framework. Good corporate governance inculcates specific set of rules that help in defining
relationship in between the stakeholders, the management and the directors.

5PROJECT MANAGEMENT
References
Flores, W.R., Antonsen, E. and Ekstedt, M., 2014. Information security knowledge sharing in
organizations: Investigating the effect of behavioral information security governance and national
culture. Computers & Security, 43, pp.90-110.
Kwon, J., J. Ulmer, R. and Wang. T. 2013. The association between top management involvement
and compensation and information security breaches. Journal of Information Systems 27 (1).
Mswaka, W. and Aluko, O. 2015, "Corporate governance practices and outcomes in social enterprises
in the UK", International Journal of Public Sector Management, Vol. 28 No. 1, pp. 57-71
Van Meerkerk, I., Kleinhans, R. and Molenveld, A., 2018. Exploring the durability of community
enterprises: A qualitative comparative analysis. Public Administration, 96(4), pp.651-667.
Williams, S.P., Hardy, C.A. and Holgate, J.A., 2013. Information security governance practices in
critical infrastructure organizations: A socio-technical and institutional logic perspective. Electronic
Markets, 23(4), pp.341-354.