Ideas. Interesting. Public catering. Production. Management. Agriculture

Concepts for managing the IT infrastructure of an enterprise. Enterprise IT infrastructure: effective management (ITSM), monitoring and audit. Brief summary of the lecture

To ensure the successful operation of an enterprise, its IT department develops an information infrastructure (applications, servers, disk arrays, networks) that allows it to provide a service of the appropriate level.

The historically established way of building IT departments fully reflects the structure of the information systems. At the same time, each specific unit supports a certain information system. With this approach, as a rule, there is no effective system of interaction with business users and there are problems with determining the quality of services provided.

Along with the first information systems, there was a need to manage corporate infrastructure.

Under information technology companies usually understand a set of information systems that support and automate existing business processes.

IT that is used in the service differ in a number of features:

  • The variety of applied IT, which is associated with the presence of a large number of subject areas related to the service sector, and their diversity.
  • IT intelligence. The service must implement the entire complex intellectual services associated with individualization, i.e. with a more efficient operation of the product in the specific conditions of its use by this consumer (or with the expansion of the sphere of usefulness of the product for him).
  • Unification and standardization, the need to take into account Russian and international standards regulating the use of IT in the service sector.
  • Individualization of IT, focus on a specific user. The success of a service activity is determined by the demand for the service offered and by how accurately and timely the service enterprise is able to determine the needs and individual preferences of each of its customers, offering a product or service at a higher level than competitors, which is possible thanks to IT.
  • IT scalability to meet the needs of both small and large businesses. large enterprises service.
  • Adaptability of IT, the ability to meet a variety of requests and needs of customers, transform directly into the service process.

Information technology is a system of organizational structures that ensure the functioning and development of the information space of an enterprise and means of information interaction. The basis of information technology is IT infrastructure.

Infrastructure(lat.infra - below, under and naT.structura - structure, location) - a complex of interconnected service structures or objects that make up and / or provide the basis for the functioning of the system

Information technology infrastructure (IT infrastructure)- this is an organizational and technical association of software, computing and telecommunications facilities, communications between them and operational personnel, ensuring the provision of information, computing and telecommunications resources, capabilities and services to employees (divisions) of an enterprise (organization) necessary for the implementation professional activity and solving relevant business problems.

IT infrastructure includes a set of various applications, databases, servers, disk arrays, network equipment and provides consumers with access to information resources. IT infrastructure becomes a technological component of any service and ensures its provision in accordance with agreed rules and procedures.

Enterprise IT infrastructure- this is a single complex of software, technical, communication, information, organizational and technological means of ensuring the functioning of the enterprise, as well as means of managing them.

To provide efficient operation modern enterprises need an IT infrastructure consisting of an integrated set of systems, programs and services. IT infrastructure must be integral, as reliable as possible, well-designed, have a large margin of safety, correspond not only to the current state of the business, but also take into account its development in the future.

The underlying IT infrastructure is the technological underpinning for the operation of other layers of the corporate architecture. Proper design allows you to:

  • Reduce IT costs;
  • Simplify the modernization of existing infrastructure;
  • Minimize the likelihood of downtime or system failure;
  • Maintain the security of the organization's infrastructure at the proper level;
  • Provide simple IT infrastructure management;
  • Improve the reliability of the organization's IT infrastructure.

One of the conditions for the effectiveness of the functioning IT infrastructure is the established practice of its operation. The operation of the IT infrastructure should be based on policies and procedures developed and established as corporate standards. The distribution of functions and tasks within the IT department should ensure timely Maintenance all elements of the IT infrastructure.

Maintenance is a set of software and hardware level measures carried out at the stage production operation and aimed at ensuring the required reliability and efficiency of the information system.

At the moment, we can distinguish the following group of tasks solved by the IT department:

  • Ensuring efficiency, accessibility, confidentiality of processed information.
  • Ensuring the operation of the IT infrastructure.
  • Prevention and elimination of failures.
  • Crisis planning and management.
  • Providing automatic monitoring of IT health.
  • Ensuring the reliability of the IT infrastructure.
  • Ensuring information security.
  • Modernization of equipment.
  • Minimize the cost of maintaining the IT infrastructure.

Ideally, IT infrastructure responds to environmental changes

functioning, increasing load, tightening business requirements, while maintaining its functionality, integrity, readiness, and the agreed level of security. The development of the market forces the organization to change business models, which, in turn, requires adequate changes in the IT infrastructure.

Enterprise IT Infrastructure Components

Over time, the composition of the IT infrastructure has changed.

In the days of mainframes, the infrastructure was:

  • communication lines,
  • modems,
  • power supply systems,
  • conditioning.

During the development local networks the infrastructure has remained the same, but the structure of its elements has become more complex.

Transition to global networks further complicate the concept.

At the same time, the complexity increased:

  • by increasing the number of elements,
  • connections between them
  • due to the complication internal structure elements, redistribution of functions between them.

For example: channel management programs have moved to network device management. That is, in parallel with the complexity of the equipment, mathematics became more complicated - infrastructure management programs

The standard network complex infrastructure of any company includes the following components:

The physical composition includes:

  • wiring, routers,
  • switching devices,
  • servers, desktops,
  • cable system;
  • passive and active network equipment;
  • client jobs;
  • additional equipment (printers, fax machines, authorization devices);
  • system software (operating systems (OS), information security tools, device drivers);
  • standard application software (spreadsheet processing tools, word processing, email, files);
  • network services (DNS servers, packet protection, authorization, Internet access and application servers - database management systems (DBMS), mail services);
  • technical support services, dispatching and quality control center.

Organizational and administrative components:

  • instructions for setting up a server and client software site, work schedule;
  • rules for dividing the network into areas in accordance with the needs of security and performance;
  • special software focused on providing certain business processes (design, inventory control, accounting, interaction with suppliers, production management).

Information infrastructure of various levels (global, national, industry, organizations, etc.) contains:

  • distributed information resources, including web resources (websites, portals, etc.), banks and databases (including those with remote access), digital libraries, electronic journals;
  • distributed computing resources, including shared computing centers, supercomputer centers, network computing resources of organizations, individual computers;
  • telecommunications resources that ensure the interaction of remote users with information and computing resources.

Types of IT infrastructure

IT types

infrastructure

tours

Characteristics

lack of coordination, manual accompaniment, scattered workplaces.

building a server infrastructure;

introduction of a directory service for authentication;

establishing services for automatic updates; application of anti-virus protection; traffic protection; implementation of basic scenarios of network technology (DNS, DHCP).

standardized

centralized management of IT infrastructure, the presence of automated basic processes, a directory service for authentication,

updates are automated,

workplace anti-virus protection;

backup system for critical servers;

central firewall;

internal DNS, DHCP.

workplace software updates latest versions OS and office suite; active use of System Management Server;

application of solutions for centralized backup and recovery after failures; organization of remote access to VPN networks;

isolation of critical servers through the use of the IPSec protocol (for Active Directory / Exchange).

rational

centralized managed and consolidated IT

implementation of technologies for automating identity management;

infrastructure, use of the directory service and group policies for centralized administration; automation of control / monitoring of the functioning of software and hardware;

server monitoring; backup and recovery for all servers and workstations; remote access(VPN, Remote Desktop); server isolation with IPSec.

use System Management Server to manage servers; checking applications for compatibility;

workstation image management;

deployment / management of firewalls in the workplace;

organization of secure wireless network access via Internet Authentication Service (IAS) and Active Directory directory service.

dynamic

fully automated IT infrastructure, full provision of user needs in heterogeneous environments; automatic control server updates; automated application compatibility testing and automated workstation image management; firewalls - on servers and workstations; secure wireless connections.

solution for automatic distribution of server images; solution for determining the load level;

support for the quarantine of workplaces;

workplace performance monitoring;

readiness to move to new version OS;

tools for effective transition to new software versions; isolate Active Directory domains using IPSec.

IT infrastructure and process management - ITSM (IT Service Management (English), IT service management) - modern approach to the management and organization of the provision of IT services, focused on meeting the needs of the company's business activities. Solutions built to ITIL v2 and v3 guidelines, including Last update ITIL 2011 Edition - a collection of proven international practices for organizing IT processes, helps to cope with all the difficulties in managing the information infrastructure of an enterprise and its personnel involved in the provision and support of services. The success of enterprise IT infrastructure management is largely determined by the experience of an internal unit or an outsourcing company in this area.

At the initial stage, the solution of managerial tasks involves the identification of expected from work information services results, an objective assessment of the state of the IT management system and subsequent planning of measures aimed at its optimization. In each specific case, an individual concept for the development of an IT infrastructure management system should be developed. The main tasks facing the head of the IT department are prompt response to requests from employees of the enterprise and the rapid elimination of emerging failures. To solve them, it is necessary to organize a high-quality user support service and customer support service.

Support Service Requirements:

  • automatic registration of incoming applications;
  • a well-established and strictly regulated support process;
  • availability of a process control and optimization system;
  • the ability to assess user satisfaction;
  • training of personnel to work with the automated system.

One more key task control over the changes taking place in the infrastructure. For this purpose, solutions are used for the inventory of software and hardware and automated receipt of data about the IT infrastructure in order to take into account changes in the composition and settings of its components.

Advantages of these solutions:

  • creation of an automatically updated unified database of assets;
  • regulation of changes to the infrastructure;
  • fast troubleshooting;
  • preparation of reports in an automated mode.

Specialized solutions offered by outsourcing companies help them competently organize the processes of planning, as well as the deployment and provision of IT services, which allows them to achieve the required level of service quality. Systems for monitoring the quality of services and IT infrastructure components provide reliable control. Effective management of the IT infrastructure of an enterprise is impossible without constant monitoring, which allows you to receive up-to-date information required to make the right decisions to improve the quality of services provided.

As a result of using modern solutions in planning, deploying and providing IT services, the following occurs:

  • formation of the structure of the catalog of services and templates for the description of IT services;
  • implementation of their financial planning;
  • fixing the required level of service provision based on SLA;
  • introduction of monitoring of key indicators of services in accordance with the Service Level Agreement.

IN Lately solutions aimed at automating IT infrastructure management processes using software and hardware systems created by leading manufacturers, including BMC Remedy, HP Service Manager, Axios Assyst, have become widespread.

Certification according to the international standard ISO/IEC 20000, which testifies to the quality of IT services and serves as an important performance indicator information processes in relation to the company's customers, is also the key to the reliable functioning of its IT infrastructure.

Special tools for monitoring and managing the IT infrastructure help plan its necessary modernization and development, significantly reduce the number of time-consuming routine manual operations for setting up user workstations, reduce maintenance and support costs, while at the same time increasing the reliability and quality of information services. For every enterprise software solution should be selected individually, only after the IT structure and related business processes have been studied in detail.

Experts believe that Microsoft System Center will be the most justified choice for a Microsoft-centric infrastructure. Components this decision needed for:

  • secure, scalable OS and application deployment;
  • end-to-end service management;
  • storage system management, backup and recovery in a Windows environment;
  • server asset, configuration, desktop and mobile device management;
  • protecting applications and data.

IN large companies where the IT infrastructure is organized on the basis of equipment and software from different manufacturers, specialized software from the largest international vendors is used, including IBM Tivoli, HP Service Manager, MS Service Manager, BMC Remedy, which supports most operating systems, hardware platforms, databases and business applications (IBM, Microsoft, Oracle, etc.).

Solutions include systems:

  • managing software and hardware configurations, installing and updating applications;
  • managing the degree of availability of business services;
  • monitoring and control of engineering equipment, server and peripheral equipment, programs on computers and servers;
  • installed license control software;
  • backup and recovery of information;
  • data storage and protection system management;
  • Service Desk automation.

ITSM systems developed domestic companies, have now proven to be highly effective solutions, and they continue to be constantly improved and developed. Their use allows Russian enterprises improve the quality of functioning of internal IT services.

Effective IT infrastructure management systems are based on the ITIL library, which contains best practices for organizing the work of an IT infrastructure and combines a repository of information about it and the tools necessary to serve user requests. Electronic infrastructure documentation (CMS) provides specialists with the ability to quickly receive the required information in the process of processing applications. The HelpDesk module is essential for responding to user requests and quality service management. IT management must always use a systematic approach, which is the key to its effectiveness. ITSM solutions help enterprises improve IT infrastructure management, control the quality of IT services and reduce their costs.

Introduction

Currently, information technology is one of the main tools for creating competitive advantage. Information technologies make it possible to organize such processes as management at a qualitatively new level. project activities, operations management, risk management, sales management, financial management and other business processes.

The high-quality, timely and efficient performance of daily business functions by the Company's employees is largely determined by the reliability and functionality of the corporate systems used, and the operational activity depends on and is fully built on the capabilities of information systems.

The development of information systems, in turn, can only be carried out within the framework of appropriate infrastructure support. This concept includes the whole complex of interconnected systems, equipment and communication channels that unite stand-alone software and hardware systems into a single interaction environment. It is the capabilities of infrastructure support that determine the ability of applied information systems to process and transmit the required amount of information through communication channels, uniting all participants in information exchange into a single information technology space.

The uninterrupted operation and development of existing corporate information systems, as well as testing and implementation of new business applications in accordance with development plans, should be based on a reliable, modern, adaptive, flexible, functional IT infrastructure.

At the heart of the development of information systems of any organization, first of all, are the needs of the business. The requirements formed by the business are used in the analysis of the information systems market and the selection of the most appropriate solutions.

1. Strategic goals for the development of the Company's business

There is no single strategy for all companies, just as there is no single universal strategic management. Each company is unique in its own way, therefore, the strategy developed by each individual company is unique, since it depends on the position of the company in the market, the dynamics of its development, its potential, the behavior of competitors, the characteristics of the goods it produces or the services it provides, the state of the economy, the cultural environment and many more factors. And at the same time, there are some fundamental points that allow us to talk about the generalized principles of behavioral strategies and the implementation of strategic management. Usually the main strategic goal commercial organization is to ensure profitability and growth of business capitalization.

2. Goals of informatization strategy

The relationship between the strategic goals and objectives of the Company and the informatization strategy can be expressed as follows:

  • The business strategy determines the directions for the development of the main area of ​​the Company's activity and the reasons for moving in this direction;
  • The informatization strategy identifies those information technologies that are required to support and optimize the business strategy and shows how these technologies and systems can be implemented in the Company.

Thus, the informatization strategy is designed to determine a set of priority initiatives in the field of information technology, which will allow for the consistent and coordinated development of the information technology complex of the Company, with the participation of all departments, based on unified requirements to achieve the strategic goals of the Company.

3. Analysis and assessment of the current state of the Company's IT support

Goals and objectives of diagnosing the current state of IT support

The purpose of diagnostics is to determine the current state of IT provision for its further development in accordance with the developed IT strategy.

To carry out diagnostics, the following main tasks must be performed:
Diagnostics of IT support for basic, functional business processes and management tools;
Analysis of IT infrastructure;
Characteristics of ensuring information security;
Characteristics of the organizational support of information technology;
Typology and characteristics of IT support costs;

4. Formation of the concept of IT development

Basic principles of IT development

The development of information technologies of the Company should be based on the following principles:

  • The development of information technology should be in line with strategic development Companies, and information technologies themselves, are a strategic component of the Company's business architecture;
  • In the information technology architecture, both the structure of the Company's activities and the content of the key business processes of this activity should be fixed and supported;
  • Satisfying priority business objectives: reducing costs, improving the Company's manageability, financial transparency, a single information space.
  • IT investment protection: implementation of systems that are least exposed to the risk of business strategy uncertainty;
  • End-to-End Solution: IT investments should go towards creating a “whole asset”.
  • Balance between current and strategic tasks: the implementation of long-term IT projects should not lead to blocking the current work of functional units.

The real return on the automation of the Company can only be obtained through optimization management processes in the Company, managing operational processes and managing financial funds. Therefore, the development of the IT Company should go in four main directions:

  • Consistent automation of all operational processes providing increased cost reduction and improvement of key performance indicators of the company's business units;
  • Development of a corporate information system based on an integrated solution and effective procedures for collecting, processing and providing information;
  • Creation of an information technology infrastructure that meets modern requirements for the level of reliability and security;
  • Improving the efficiency of users and IT staff.

5. Approach to the implementation of the concept of IT development

IT Development Concept Implementation Projects

The scope and timing of projects are determined based on the results of assessing the current state of the Company's IT support, a detailed analysis of the results and determining the direction of development of the Company's IT. The project implementation program begins with the implementation of a set of works to prepare for implementation and detailed planning of work on individual tasks of automating business functions as part of the IT development strategy.

6. Organization of work on the implementation of the concept

Roles and functions of IT departments

In the organizational structure of the IT department, there are divisions responsible for the development of IT - this is the IT project management department.
The activity of this division is built on a project basis. The head of this department forms the required number of project teams (according to the number of projects in their direction), in which specialists of the relevant specialization are gathered. At the same time, project teams can be formed from specialists who are administratively subordinate to other heads of departments, depending on the specifics of each specific project.

Basic principles of management and control during the implementation of the concept

Management of the implementation process of the IT Strategy and control over the progress and results of each of the projects are built on the basis of the following principles:
Project goals should be set based on S.M.A.R.T.
The IT service should have a group of specialists - project quality auditors.
Every project should have a quality controller.
The Company must clearly define and approve the principles of project risk management.
The Company must approve uniform indicators for the control of project processes.
The motivation of project participants should be related to the result of the project.
Mandatory is the procedure for monitoring the project upon its completion.
A single frequency of control processes should be established.
After each project, internal “project lessons” (lessons learned) should be formed.

Conclusion

The primary task facing any IT manager is to ensure that the IT infrastructure and information systems of the enterprise meet the requirements of the business. The development of information technology requires significant investment, which is why it is of great importance for the head of the IT department to have a qualitative analysis of business needs in order to select information systems that meet these needs.

The IT infrastructure development concept defines the rules for building the company's IT infrastructure, the main architectural solutions and standards, the infrastructure management model and the requirements for management processes. The concept also defines the principles of transition from the existing state of the enterprise's IT infrastructure to the target one.

When developing the concept, an analysis of the current state of the Company's IT support is carried out, including an assessment of the existing IT infrastructure, the level of information security, and organizational support. After the analysis, various development options are evaluated, the direction of IT development in the Company is determined, the target IT architecture, requirements for infrastructure services are developed. Based on the data obtained, the level of compliance of the current state of IT with the target is determined and the stages of achieving the required level are formed, the choice of software and hardware solutions is made. Preparation and implementation of the selected solutions is carried out on a project basis.

Bibliography

1. Gurkov I.B. Strategy and structure of the corporation, Moscow, 2008, 288 p.
2. Mikhailov A. " Strategic planning system development information support". Moscow, 2001, 134 p.
3. Danilin A. Slyusarenko A. Architecture and strategy. "Yin" and "Yang" of information technology enterprises, Moscow 2005, 504 p.
4. White T. What does business want from IT. Minsk, 2007, 256 p.
5. Ermoshkin N., Tarasov A. Strategy of information technologies of the enterprise. How Cisco Systems and the World's Leading Companies Use Internet Business Solutions. Moscow, 2003, 360 p.
6. Marasko D. IT-projects: front-line essays. Moscow, 2007, 384 p.
7. Snedaker S. IT project management, or How to become a full-fledged CIO. Moscow, 2009, 616 p.
8. Thompson A, Strickland A. Strategic management. Moscow, 2000, 412 p.
9. Rumyantsev M. IT strategy: what's in my name to you. Moscow, CIO magazine No. 9, 2002. [ Electronic document] URL: http://www.cio-world.ru/offline/2002/8/22012/ Accessed 12.01.2009.
10. Mikhailov A. Consolidation of IT resources of the holding. Moscow, CIO magazine No. 5, 2003. [Electronic document] URL: http://www.cio-world.ru/offline/2003/15/26749/index.html. Accessed 12.01.2009.
11. Mikhailov A. Seven approaches to the development of IT strategies. Moscow, magazine "Director of the Information Service" No. 02, 2004. [Electronic document] URL: http://www.info-strategy.ru/publications/IT-strategy-2003/index.htm . Accessed 12.01.2009.
12. Nekrasova E. Strategic document. Moscow, CIO magazine No. 3, 2003. [Electronic document] URL: http://www.cio-world.ru/analytics/comments/25096/ . Accessed 12.01.2009.
13. Nekrasova E. Our slogan is "Not IT for IT, but IT for business". Moscow, CIO magazine No. 8, 2003. . [Electronic document] URL: http://www.cio-world.ru/casestudy/28817/ . Accessed 12.01.2009.
14. Erkola E. CIO tasks are becoming more complex. cnews | Analytics, 2003. [Electronic document] URL: http://www.cnews.ru/reviews/index.shtml?2003/05/29/144700 . Accessed 12.01.2009.
15. Rumyantsev M. Start from scratch. Moscow, CIO magazine No. 11, 2003. [Electronic document] URL: http://www.cio-world.ru/offline/2002/10/23168/ Accessed 12.01.2009.

Copyright © 2010 Shlyaptsev A.O.

In the early 1990s the process of formalization and regulation of relations in the field of corporate governance- Corporate Governance, aimed at the efficient use of capital and taking into account the interests of a wide range of stakeholders. Requirements for further growth and improvement of business efficiency can be met mainly through the continuous improvement and development of ICT, the creation of corporate-level IS, which is associated with large-scale investments and large financial risks.

Information technology management system is understood as "the structure of relationships and processes for choosing the vector of enterprise development and its control, aimed at increasing its value with a balanced risk in the field of information and related technologies" . The development of the management system is based on the IT strategy, and the ICT management process links IT processes, material, labor and production resources, as well as information to achieve your business goals.

The ICT management should ensure:

  • ? development of a strategy for the development of IP and technology, consistent with the business strategy;
  • ? optimization of resource costs for the functioning of the ICT system;
  • ? reliable and efficient operation of IT services provided to the business;
  • ? continuous monitoring and management of the activities of IT departments.

IT management approaches began to take shape in the late 1990s. in the form of IT Governance (“information technology strategy”).

In the United States, the Klinger-Cohen Act was passed in 1996, which can be seen as the first IT management reform law. It obliges government agencies to focus on the results of IT investments, requires the management of each agency to build processes that guarantee maximization of returns and minimization of risks from their use.

The international association ISACA, which provides management, maintenance and audit of information systems and technologies, on the one hand, and the Information Systems Audit and Control Foundation (ISACF), on the other hand, have successfully worked in the field of IT management and audit. They organized the IT Governance Institute (ITGI) for the purpose of developing an information technology management system methodology. ITGI's mission is to assist executives (leaders) in their responsibility for linking IT processes and business goals, delivering ICT business value, measuring the performance and effectiveness of IT processes, and appropriately allocating resources to reduce negative consequences risks. Russian Federation is an associate member of the international organization ISACA, which also conducts systematic work in adapting international standards and methodologies for IT systems.

The management term Governance means the process of keeping the object of management under control. ITGI defined IT Governance as a structure of relationships and processes that guides and controls an enterprise in order to achieve its goals through the use of IT and subject to a balance of effects and risks from their use. At the same time, IT Governance is the responsibility of the board of directors and senior management, an integral part of corporate governance (Enterprise Governance) and consists of key leadership concepts, organizational governance structure and management processes that ensure that IT departments support and implement business strategy and business goals.

The basis for building a strategic IT management system should be based on the following principles:

  • ? accountability for each action or decision, when the reasons for each action are clear and each decision is explainable, based on clear expectations;
  • ? transparency of objects, decisions and actions;
  • ? disclosure important information for all interested persons;
  • ? independence (Independence) of decisions from the interests of individual groups;
  • ? clarity of expectations (Clear Expectations).

The goals of IT Governance are:

  • ? alignment of the IT system with the needs and realities of the enterprise and the achievement of the promised benefits;
  • ? providing the enterprise with new opportunities and maximizing the return on existing ones;
  • ? responsible use of IT resources;
  • ? adequate IT risk management.

Goal-setting and motivation in relation to the ICT system should go to the heads of business units, and the ICT system itself should be integrated (embedded) into the business process management system. The Chief Information Officer is a member of senior management responsible for the results of the use of ICT in the corporation and business units, he is set goals related to the success of the business. Business leaders may be given partial responsibility for the use of IT services.

If the term "IT Governance" means activities related to goal setting and control, then the term "GG Management" means the management (guidance) of people in order to achieve the goals. The following concepts are also distinguished: IT management, IT supervision, IT guardianship, on the one hand, and IT management, strategic management IT, on the other hand. The development of standards in the field of IT Governance is carried out by the US General Accounting Office, IT Governance Institute, UK Office of Government Commerce, The Institute of Internal Auditors. In addition, large companies (Microsoft, Wall-Mart, Siemens, etc.) have their own methods and internal standards for managing IT processes.

According to ITGI, ICT governance should become the responsibility of the board of directors and senior management, an integral part of the corporate governance system. The conceptual foundations of IT Governance are:

  • ? creating an IT strategy aligned with business requirements (IT is Aligned with the Business);
  • ? business support from the IT system, assistance in obtaining the maximum benefit (IT Enables the Business and Maximizes Benefits);
  • ? responsible use of IT system resources (IT Resources are Used Responsibly);
  • ? appropriate IT risk management (IT Risks are Managed Appropriately).

Schematically, the mechanism of the IT Governance system can be depicted as shown in Fig. 17.1.

Rice. 17.1.

  • Corporate governance is a concept that appeared in the 1990s. and backed by leading corporations and major stock exchanges. The Organization for Economic Co-operation and Development (OECD) in 1999 developed a set of recommendations called principles of corporate governance. They have been supported by the G7 Finance Ministers and are included in the OECD Guidelines for Multinational Enterprises (MNE) in the section on disclosure and transparency.
  • Access mode: http://www.isaca.ru/upravlenie/s/cb47aa505fclb78a2f-f82e5369534cll.
  • United States Government, Clinger Cohen Act of 1996 and Related Documents. Access mode: http://www.oirm.nih.gov/policy/itmra.html. http://www.army.mil/ar-mybtkc/docs/CCA-Book-Final.pdf. The US General Accounting Office has prepared guidelines for IT investment and risk management: "Assessing Risk and Impact: A Guide to IT Investment Decision Making for Government Agencies"; "Guidelines for maximizing the success of SU - Chief Information Officer, Head of the IT Department"; "Methodology for Assessing and Improving the Maturity of the IT Investment Management Process".
  • ISACA was founded in 1969 for financial auditors in IT control, is the world's leading professional organization. ISACA develops and disseminates ICT auditing standards.
  • ISACF was founded in 1976 to conduct research in the field of IT management.
  • Access mode: http://www.itgi.org.
  • Enterprise governance is a relatively new informal term that can be referred to as different ways organization management. The Information Systems Audit and Control Foundation (ISACF) defines it as a set of responsibilities and practices implemented by the board and top management in order to provide strategic management that guarantees the achievement of set goals with adequate risk management and responsible resource management.
Loading...