GORC - Governance, Risk, Compliance
Es handelt sich hierbei um Themen, welche man für die GORC Prüfung im FS19 auswendig lernen darf :-) Die Karten sind als Ergänzung zur Zusammenfassung gedacht.
Es handelt sich hierbei um Themen, welche man für die GORC Prüfung im FS19 auswendig lernen darf :-) Die Karten sind als Ergänzung zur Zusammenfassung gedacht.
Set of flashcards Details
Flashcards | 29 |
---|---|
Students | 17 |
Language | Deutsch |
Category | Micro-Economics |
Level | University |
Created / Updated | 17.06.2019 / 26.06.2023 |
Licencing | Not defined |
Weblink |
https://card2brain.ch/box/20190617_gorc_governance_risk_compliance
|
Embed |
<iframe src="https://card2brain.ch/box/20190617_gorc_governance_risk_compliance/embed" width="780" height="150" scrolling="no" frameborder="0"></iframe>
|
Fünf COBIT 5 Prinzipien
Principle 1: Meeting Stakeholder Needs
Principle 2: Covering the Enterprise End-to-End
Principle 3: Applying a Single Integrated Framework
Principle 4: Enabling a Holistic Approach
Principle 5: Separating Governance and Management
Teile der Holistic View (GORC)
1. Governance
2. Risk
3. Compliance
In der Mitte: Business Strategy
Plus Audit & Assurance
Key Findings IT Governance (3)
- Corporate Governance is an important input for defining IT Governance
- IT Governance must ensure that IT risks are effectively managed
- IT Governance requires senior business participation, especially at the board level
10 Outcomes von GRC
- Achieve Business Objectives
- Ensure Risk Aware Setting of Objectives & Strategic Planning
- Enhance Organizational Culture
- Increase Stakeholder Confidence
- Prepare and Protect the Organization
- Prevent, Detect, and Reduce Adversity & Weaknesses
- Motivate and Inspire Desired Conduct
- Stay Ahead of the Game
- Improve Responsiveness and Efficiency
- Optimize Economic Return and Values
Teile des GRC Capability Model (4)
- Learn
- Align
- Perform
- Review
Vorteile von Governance für Unternehmung (6)
- Understand and prioritize stakeholder expectations
- Set business objectives that are congruent with values and risks
- Achieve objectives while optimizing the risk profile and protecting value
- Operate within legal, contractual, internal, social, and ethical boundaries
- Provide relevant, reliable, and timely information to stakeholders
- Enable the measurement of a systems performance and effectiveness
Ansichten von IT Governance (2)
1. Entscheidungen (Decisions&Accountability)
2. Integration
Arten von IT Governance Praktiken (3)
- Structures: Organisationseinheiten, Rollen, um IT Entscheidungen zu tätigen. Gremien. Formale Festlegung von Rollen und Funktionen. Statisch, Aufbauorganisatorisch
- Prozesse: dynamische Sicht. Formal Prozesse definieren.
- Relational Mechanisms: Massnahmen, die dazu beitragen sollen, den Austausch zu fördern. Vertikale sowie horizontale Ausrichtung à Plattform / Rahmen schaffen