User Account

All Pages

Implementing cobit for gardner novelties

Assignment Help Other Subject
Reference no: EM13760696

You decide solution - identify the critical issues related to IT Governance and determine how you would resolve the issues.

You decide solution - identify the critical issues related to IT Governance and determine how you would resolve the issues.

Using APA format provide a 3 page paper of original work with a reference page - NO PLAGARIZED WORK. Submit work by June 10, 2015 at 10 PM EST. I will pay $25 dollars for original work

Read the scenario below and identify the critical issues related to IT Governance and determine how you would resolve the issues.

Write a 3 page paper that addresses the following issues:
Explain your plan for implementing COBIT for Gardner Novelties. Your plan should include a discussion of the following elements:
What will Gardner Novelties be required to do with IT to remain in compliance with SOX?
What is COBIT and how can it help keep Gardner Novelties in compliance with SOX?
What are the benefits of using COBIT as opposed to other control frameworks?
What questions would you expect to receive from the Executive Committee of Gardner Novelties? Identify two questions that you could be asked and address how you would answer them.
Scenario
YOUR ROLE - You will play the role of Joseph Barnes. Barnes has been with Gardner Novelties for 15 years and is the Chief Information Officer, a position he has help for over 7 years. His primary job responsibilities have been maintaining the firewall, patching software, virus removal and other similar duties. Barnes has a basic understanding of the requirements mandated by the Sarbanes-Oxley Act, but is not that familiar with COBIT.

Information from Key Players -
William Montgomery Gardner III - Owner, Gardner Novelties

Thanks for coming in to my office Joe. I only have a few minutes so I'm going to get right to the point. As you may have heard, we are preparing to take Gardner Novelties public. Our Initial Public Offering has been set for the end of next month. We have been working very hard on this matter and we want to make sure we have everything in order.

I don't know if you have heard of Sarbanes-Oxley, but there are some compliance provisions that are going to affect your job with IT. Section 404 requires that we make an assessment of the company's internal controls over our financial reporting. We've been told by our outside legal counsel that the SEC will want to know that we have adequate internal controls that are tested and audited. They have suggested that we explore the COBIT framework. Are you familiar with any of this?

Legal counsel has recommended that we consult with Sharon Martin. She's a consultant with a Diamond Consulting Group. They specialize in COBIT and SOX compliance. I've already had my assistant email you her contact information. Get in touch with her right away. We will be having an Executive Committee meeting next week and I want you to present your proposed plan of action dealing with this compliance issue.

Oh, and Joe one other thing...don't me let me down...there's a lot at stake here.
Robert Rodes - CIO, Acme Technology

Wow Joseph...sounds like you have a lot of work ahead of you!

I'm glad you reached out for me. I have a lot of experience in dealing with SOX compliance. I was here when SOX was passed, so I remember it pretty well. I understand the need for SOX, but one of the biggest problems that we had was there was this list of compliance issues, but no real guidance on how to do any of it. Ultimately, we settled on using the COBIT framework to make sure we had the proper controls in place. Once we did that, it's been fairly routine. We test and audit our controls continuously and when we spot a problem it's pretty easy to fix it.

We chose COBIT for several reasons. We thought that COBIT had several advantages for us. It really is the only IT management and control framework that covers the end-to-end IT life cycle. And, it's updated continuously and, not to be overlooked, it's free.

It's nice that it's free, but there are some other reasons we like it. COBIT is an internationally accepted standard for IT governance. It also provides a common language that management, end users and IT can all use to communicate, and finally COBIT provides an easy method of benchmarking your compliance.

Good luck and if you need help, give me a call.
Sharon Martin - Consultant, Diamond Consulting Group

Joseph, thanks for meeting with me today. Our company has a lot of experience helping companies like yours understand SOX compliance and develop the appropriate control framework. We recommend you use COBIT. To start, let me give you the "30,000 foot view" of COBIT, and I'll tell you why we recommend it to our clients. COBIT is a control framework that was first developed by ISACA in the 1990's. It is now the de facto standard for companies in need of SOX compliance and auditors when assessing control features. COBIT has approximately 300 control objectives grouped into six COBIT components: Executive Summary, Framework, Control Objective, Control Practice, Management Guidelines, and Audit Guidelines. There are four COBIT domains...planning and organization, acquisition and implementation, delivery and support, and monitoring.

This might sound complicated, but your first hurdle is really selling this to your management. As you probably know, an effective IT governance framework provides clear direction to ensure that IT supports the business, is effective at managing change, creates value for the business, and addresses the complete lifecycle of IT investment. COBIT is also very effective at improving efficiency and effectiveness of IT, helps to align IT with business needs, makes it easy for management to understand and manage IT, and, most importantly, helps companies develop the right organizational structures, processes and tools to the proper management of IT.

The next thing you may be wondering is how COBIT supports IT governance. Well, the COBIT framework helps to ensure that IT is aligned with the business, helps to enable the business and maximize benefits, ensure that IT resources are used correctly, and manages IT risks.

Good luck with your presentation to the Executive Committee. I look forward to working with you on this project!

Actual SCENARIO

William Montgomery Gardner III (WG) is the owner of Gardner Novelties, Inc., a large family business that designs and manufactures specialty items for sale at roadside restaurants around the country. The company has over 2,500 employees in 13 locations around the world. They have recently begun to outsource a lot of their manufacturing to China, Mexico and India. In spite of a bad economy, WG has been able to consistently grow the company's revenues at a rate of over 10% per year over the last ten years. As a result, WG has decided to take the company public. The Initial Public Offering (IPO) is scheduled to take place next month.

WG calls you, Joseph K. Barnes (JB) into his office. You have been in charge of all Information Technology services for the company for the past 17 years. You have a staff of 12 direct reports in your department, of which 6 are located in the company headquarters office with you. Since the items being manufactured are not technical in nature, there has never been a lot of emphasis placed on protecting proprietary data in the corporate network. Most of your time is spent dealing with service calls and Internet disruptions, maintaining the firewall, and uploading software patches.

WG tells you of the plans for the company. You try to act surprised, but the rumor has been floating around the company for months now so it is anything but a surprise. You are a little alarmed by the fact that the IPO is planned for next month, however.

WG explains that once the IPO takes place, they will need to have everything in place to be in compliance with Sarbanes-Oxley. WG asks if you are familiar with Section 404 of SOX.

You struggle to find the right words. You've heard of Section 404 from friends and colleagues who have had to deal with it for years now, but you never though it was something you needed to know. You mention that you know Section 404 deals with management's assessment of internal controls, and that the IT network will need to have some controls put in place.

WG tells you he needs a plan from you in one week on how to get the IT system in compliance with SOX. You will need to make a presentation to the Executive Committee (ExCom) on your plan. The ExCom will consist of, among others, WG, the COO, VP of Human Resources, and the CFO of the company. WG warns you not to let him down...there is a lot riding on this IPO and the investors and analysts want to know that the company will be in compliance with SOX.

JB walks out of the meeting and his head is spinning. He has one week to develop a plan to bring the company's entire IT system into compliance with SOX. How is he supposed to do that? He decides that the first course of action will be to call a friend, Robert Rodes (RR), who works for a publicly-traded company. Maybe he can help point JB in the right direction.

Reference no: EM13760696

Questions Cloud

Code division multiple access (cdma) : Last week we examined the multiple access problem and its solutions. This week, as part of our study of wireless and mobility, we are considering another solution to the same problem, namely Code Division Multiple Access (CDMA).
What ways does iago try to cause othellos downfall : In what ways does Iago try to cause Othello's downfall (e.g., ruin his life)? See directions above to answer the question. What is/are Othello's tragic flaws? See directions above to answer the question.
Determine the over or underapplied overhead : Using the closeout to the COGS method, determine the over or underapplied overhead and show the journal entry to close the manufacturing overhead account
Phase of the moon : The characteristics of the moon and the Earth for each phase of the moon
Implementing cobit for gardner novelties : You will play the role of Joseph Barnes. Barnes has been with Gardner Novelties for 15 years and is the Chief Information Officer, a position he has help for over 7 years. His primary job responsibilities have been maintaining the firewall, patchi..
Determining the overall audit approach : The auditor must assess this risk as a basis for identifying areas most likely to be misstated as well as a basis for determining the overall audit approach and extent of procedures to be performed. Do you agree? Please explain.
Primary uses of a standard cost system : What are the three primary uses of a standard cost system? What is the difference between ideal standards and currently attainable standards?
Prepare a capital budget for the hot new cafe : Prepare a capital budget for the Hot New Café with the net cash flows for this project over a 5-year period. Calculate the payback period (P/B) and the net present value (NPV) for the project.
Concept analysis : The discipline of nursing with the inclusion of nursing scholarly sources to substantiate the literature review

Reviews

Write a Review

Other Subject Questions & Answers

  What is your daily experience

A letter of introduction to tell someone in the future about your day-to-day life. What is your daily experience? Tell this person about your habits, your customs, your feelings about our present time, and your dreams for the future

  Self-serving biases and adaptive or maladaptive

What are the benefits and drawbacks of self-serving biases? Also, provide two examples of self-serving bias and explain how the examples are adaptive or maladaptive.

  How much is the effective stress left in steel

An ordinary mild steel bar has been presented to working stress of 200 MPa.Youngs modulus of steel = 200 GPa.Permanent negative strain due to shrinkage and creep is 0.0008. How much is the effective stress left in steel?

  Egyptians buried with books of going forth by day

Why were Egyptians buried with Books of Going Forth by Day (Books of the Dead)?

  Determine twonbsp specific ethical issues that general

read the case study titled ge healthcare b a csr dilemma located in the xanedu case pack note you must buy an access

  Explain why socrates and theaetetus

In theaetetus, explain why socrates and theaetetus end up rejecting the third definition of account ( knowledge is true belief + account). What problem does it generate for the definition of knowledge.

  Legacies of cultural syncretism

Compare and contrast the legacies of cultural syncretism in Africa and the Americas with the resistance to cultural change Westerners encountered in China and India. What cultural factors caused the differences in outcomes?

  Describe what the facilitator-trainer and presenter

Describe what the facilitator/trainer/presenter did during the training course.was he/ she trainer,a facilitator or a presenter?why?

  T perform research using human subjects university

in order to conduct research using human subjects a university requires researchers to complete an online ethics

  What the policy for hospital

Prepare a 2-3 page report describing, comparing and/or contrasting the specific standards that apply to the authentication, dating and timing of physician orders, and make a recommendation as to what the policy for your hospital should be

  Explain musical elements-baroque and classical eras

List and explain 5 musical elements and how they are used in Baroque and Classical Eras. Make sure to cite any references in MLA format.

  Tactical trends in terrorist activity

Summarize the new tactical trends in terrorist activity and suggest how the U.S. can or should respond to them.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd