Reference no: EM131071990 , Length: word count:4000

Case Study

You are required to read and analyse the teaching case. The name of the organisation has been changed for anonymity purposes, and while the case is semi-fictitious the issues discussed in the case are real.

For those of you not familiar with case studies you are advised to firstly read quickly through the case to get an overview. Then read the case again in more detail. You might then ask yourself the following general questions when reading the case:

- Who are the main players/people involved? What roles did they occupy?

- What are the names of the key applications/systems, and what functions did they perform?

- What were the key events; and trigger points in the case?

- Why did things turn out as they did?

- What aspects were successful and what less so?

- Who made the decisions? Business or IT? Who had overall control?

- Was IT used to drive business strategy?

- Did the organisation have good internal controls and management accountability?

- What processes did they have in place to mitigate against risk?

- What aspects in the case can you identify with the principles of IT Governance?

- What aspects of the case relate directly to some of the CobiT5 enabling processes? Starting Assignment Questions

- Briefly discuss your chosen IT Governance framework, and how it attempts to achieve IT/Business alignment.

- Top-down Analysis: What are the key stakeholder, business and IT goals? Discuss what your findings mean?

- Use a capability assessment model rate the case in terms of process maturity. Provide data in a worksheet.

o Discuss and justify the rating. Give the current status, actions & targets you would recommend to improve key processes.

o For processes where you have no information in the case, what Qs would you ask of organisational management so as you could make a rating?

- What risk scenarios can you identify and how would you mitigate against such risk?- Prepare an appropriate and relevant IT Strategic Plan for the case.

Scoping Process Steps

1. Identify relevant business drivers for the assessment of IT processes. On the basis of these business drivers, define the objective of the assessment. The prioritisation and selection of one or more COBIT 5 processes for inclusion in the process assessment should be based on the business drivers for the assessment. The following table provides some examples of possible business drivers for completing an assessment of IT processes.

2. Identify and prioritise the enterprise's IT processes that should be included within the scope of the assessment. Utilise the business drivers and assessment objectives identified previously, along with, as appropriate, the COBIT 5 process mappings contained in the scoping tool kit. For example, if the objective of the assessment is to assist IT management in identifying and prioritising improvement initiatives related to one or more specified goals identified, the COBIT process mappings may be useful to identify the processes most closely related to those IT goals.

3. Perform a preliminary scoping selection of target processes for inclusion in the assessment, based on the previous prioritisation. Ensure that they will satisfy the identified business drivers and meet the objectives of the assessment.

4. Confirm the preliminary selection of target COBIT 5 processes with the project sponsor and key stakeholders of the process assessment.

5. Finalise the COBIT 5 processes to be included in the assessment.

6. Document the scoping methodology in the assessment records.

At this stage, just familiarise yourself with the case and commence your analysis week by week. Remember you are writing a report to the CEO of the organisation containing your analysis and recommendations. Do not re-state the case. Use concepts and analytical devices from the course.

Attachment:- Assignment.rar