IT Risks and Governance
на русском языке
Companies need to feel confident that the risks arising from reliance on technology are controlled effectively and that the benefits flowing from technology projects are being leveraged business-wide. Designing and implementing IT risk and control solutions that reflect a complex and fast changing technological landscape and leverage investment in IT for maximum business benefit, should be the ultimate goal for companies in choosing to better utilize its IT function.
|Issues you are facing
- Changing business objectives;
- A failure to understand the role of IT in the organization;
- IT strategy not being aligned with business goals;
- Outdated technology infrastructure and a lack of clear information about IT’s performance;
- IT's ineffectiveness and lack of contributions to the organization;
- An inability to anticipate potential incidents as well as a reliance on inefficient processes for identifying and assessing risk;
- Considering IT risk and its impact on the business in the decision-making processes is not adequate.
- Helping the business clearly articulate the role of IT;
- Aligning the requirements of the business with the services provided by IT;
- Ensuring the effective use of resources and implementing frameworks to help the business measure the value IT generates;
- Build risk management reporting mechanisms that help the Client understand the risks to the organization and their consequential impacts;
- Help integrate the wider business into the risk mitigation strategy for IT;
- Help the Client achieve improved decision-making based on a clear understanding of inherent and residual risk and enhanced reporting;
- Defining project portfolio management processes;
- Identifying opportunities for reducing application cost;
- Ensuring projects are delivering the intended business returns and are appropriately prioritized and scheduled;
- Implementing metrics for monitoring portfolio performance.
A global transportation company asked PwC to conduct an IT control optimization assessment. The procedures included independent IT assurance consisting of the following components:
- Diagnosis of IT governance and its segregation by sectors;
- Assessment of the lines of business and benchmarking.
PwC delivered to the company, an assessment of the current utilisation of IT services and processes, management’s current understanding of the day-to-day IT operational performance, and whether that the IT strategy is aligned to the business strategy, achievable and supported.