Understand how to design controls related to IT governance
3 important questions on Understand how to design controls related to IT governance
What are the advantages and disadvantages with the decentralized structure?
Decentralized structure
IT function reorganized into small units distributed to end users. Elimination of central IT
- Advantages:
o Cost reductions (due to new technologies)
o Cost control responsibility (authority)
o User satisfaction (more control)
o Built-in backup (excess capacity)
- Disadvantages:
o Significant expenditure not controlled and monitored centrally
o Incompatible software and hardware among the various work centers
o Application and data redundancy
o Consolidation of incompatible IT tasks (small units)
o Difficulty in hiring qualified professionals (by end users)
o Lack of standards (e.g. developing, documenting)
IT function reorganized into small units distributed to end users. Elimination of central IT
- Advantages:
o Cost reductions (due to new technologies)
o Cost control responsibility (authority)
o User satisfaction (more control)
o Built-in backup (excess capacity)
- Disadvantages:
o Significant expenditure not controlled and monitored centrally
o Incompatible software and hardware among the various work centers
o Application and data redundancy
o Consolidation of incompatible IT tasks (small units)
o Difficulty in hiring qualified professionals (by end users)
o Lack of standards (e.g. developing, documenting)
What is a corporate IT function?
A corporate IT function alleviates potential problems associated with distributed IT organizations by providing:
- Central testing of hardware and software
- User services staff
- Standard-setting body
- Hiring decisions / reviewing technical credentials of prospective systems professionals
- Central testing of hardware and software
- User services staff
- Standard-setting body
- Hiring decisions / reviewing technical credentials of prospective systems professionals
Which factors should be considered with computer security and control?
In order to prevent data losses and malfunctioning of computer systems and databases from any source of ‘danger’ it is important to consider the following factors.
- Protection from floods, fires, wind, earthquakes, power outages
- Creation of a secure physical environment ( for SOX compliance)
- Physical location of the computer center (away from human-made and natural hazards)
- Type of construction (underground utilities, windows)
- Limited access, single door, cameras
- Air conditioning, air filtration (humidity, temperature)
- Fire suppression (alarms, automatic fire extinguishing system, fire extinguishers, sound construction, marked exits)
- Fault tolerance controls (redundant disks RAID, UPS)
- Protection from floods, fires, wind, earthquakes, power outages
- Creation of a secure physical environment ( for SOX compliance)
- Physical location of the computer center (away from human-made and natural hazards)
- Type of construction (underground utilities, windows)
- Limited access, single door, cameras
- Air conditioning, air filtration (humidity, temperature)
- Fire suppression (alarms, automatic fire extinguishing system, fire extinguishers, sound construction, marked exits)
- Fault tolerance controls (redundant disks RAID, UPS)
The question on the page originate from the summary of the following study material:
- A unique study and practice tool
- Never study anything twice again
- Get the grades you hope for
- 100% sure, 100% understanding
Remember faster, study better. Scientifically proven.
