Anda di halaman 1dari 39

GROUP 8

HUAM MEI HUEY KHAIRUN NISSA TAHWAN KOH SENG WEI KAM KOH SIM 195537 195817 196419 196863

Free Powerpoint Templates

Page 1

Free Powerpoint Templates

Page 2

DS1 Define and Manage Service Level

Objective
Ensuring the alignment of key IT services with the business strategy

Focus on
Identifying service requirements Agreeing on service levels Monitoring the achievement of service levels

Free Powerpoint Templates

Page 3

DS1 Define and Manage Service Level


Achieved by
Formalising internal and external agreements in line with requirements and delivery capabilities Reporting on service level achievements (reports and meetings) Identifying and communicating new and updated service requirements to strategic planning
Free Powerpoint Templates Page 4

DS2 Manage Third-party Services

Objective
Providing satisfactory third-party services whilst being transparent about benefits, costs, and risks

Free Powerpoint Templates

Page 5

DS2 Manage Third-party Services


Achieved by
Identifying and categorizing supplier services Identifying and mitigating supplier risk Monitoring and measuring supplier performance

Free Powerpoint Templates

Page 6

DS3 Manage PERFORMANCE AND CAPACITY


Objective
Optimizing the performance of IT infrastructure, resources and capabilities in response to business needs

Focusing on
Meeting respond time requirements of SLAs Minimizing downtime Making continuous IT performance and capacity improvements through monitoring and measurement
Free Powerpoint Templates Page 7

DS3 Manage PERFORMANCE AND CAPACITY

Achieved by
Planning and providing system capacity and availability Monitoring and reporting system performance Modeling and forecasting system performance

Free Powerpoint Templates

Page 8

DS4 Ensure Continuous Service


Objective
Ensuring minimal business impact in the event of and IT service interruption

Focusing on
Building resilience into automated solutions Developing, maintaining and testing IT continuity plans

Free Powerpoint Templates

Page 9

DS4 Ensure Continuous Service


Achieved by
Developing and maintaining (improving) IT contingency Training on and testing IT contingency plans Storing copies of contingency plans and data at offsite locations

Free Powerpoint Templates

Page 10

DS5 Ensure Systems Security


Objective
Maintaining the integrity of information and processing infrastructure Minimizing the impact of security vulnerabilities and incidents

Focusing on
Defining IT security policies, plans and procedures Monitoring, detecting, reporting and resolving security vulnerabilities and incidents

Free Powerpoint Templates

Page 11

DS5 Ensure Systems Security

Achieved by
Understanding security requirements, vulnerabilities and threats Managing user identities and authorizations in a standardized manner Testing security regularly

Free Powerpoint Templates

Page 12

DS6 Identify and Allocate Costs


Objective
Ensuring transparency and understanding of IT costs and improving cost-efficiency through well-informed use of IT service

Focusing on
Complete and accurate capture of IT costs A fair system of allocation agreed upon by business users A system for timely reporting of IT use and costs allocated
Free Powerpoint Templates Page 13

DS6 Identify and Allocate Costs


Achieved by
Aligning charges to the quality and quantity of services provided Building and agreeing on a complete cost model Implementing charges as per the agreed-upon policy

Free Powerpoint Templates

Page 14

DS7 Educate and Train Users

Objective
Effectively using applications and technology solutions Ensuring user compliance with policies and procedures

Focusing on
A clear understanding of IT user training needs Execution of an effective training strategy Measurements of results

Free Powerpoint Templates

Page 15

DS7 Educate and Train Users

Achieved by
Establishing training curricula Organizing training Delivering training Monitoring and reporting on training effectiveness

Free Powerpoint Templates

Page 16

DS8 Service Desk and Incidents


Focuses on

A professional service desk function with quick response Clear escalation procedures Resolution and trend analysis

Free Powerpoint Templates

Page 17

DS8 Service Desk and Incidents

Achieved by
Monitoring and escalation procedures based on agreed-upon service levels relative to the appropriate SLA that allow classification and prioritisation of any reported issue as an incident, service request or information request. Measure end users satisfaction with the quality of the service desk and IT services to satisfy all the requirement of Business

Free Powerpoint Templates

Page 18

DS8 Service Desk and Incidents

Controlled by
Service Desk Registration of Customer Queries Incident Escalation Incident Closure Reporting and Trend Analysis

Free Powerpoint Templates

Page 19

DS8 Service Desk and Incidents Incident Management


Restore agreed service to the business as soon as possible or to respond to service requests Incident Management Requirement All Incidents shall be recorded Procedures shall be adopted to manage the impact of incidents Define the recording, prioritization, business impact, classification, updating, escalation. Resolution and formal closure of all incidents. The customer kept informed of the progress All staff involved Free Powerpoint Templates Page 20

DS9 Manage The Configuration


Focuses on
Maintaining accurate and complete repository asset Baseline Comparing against actual asset

Controlled by
Configuration Repository and baseline Identification and Maintenance of Configuration Items Integrity Review

Free Powerpoint Templates

Page 21

DS10 Manage Problems


Defining solution for identified operations problems Investigating the root cause of all significant problems Recording, tracking and resolving operational problems. Identification and classification of problems Problem Tracking and Resolution: All associated configuration items Outstanding problems and incidents Controlled Known and suspected errors by Tracking of problem trends Problem Closure Integration of Configuration, Incident and Problem Management
Free Powerpoint Templates Page 22

DS11 Manage data


Ensure the quality Completeness Timeliness Accuracy Availability Protection Data

Controlled by
Business Requirement for Data management Storage and Retention Arrangements Media Library Management System Disposal Backup and Restoration Security Requirement for Data Management
Free Powerpoint Templates Page 23

DS12 Manage the Physical Environment


Providing and Maintaining a suitable physical environment to protect IT assets from access, damage or theft. Achieved by Implementing physical security measures. Selecting and managing facilities.

Controlled by
Site Selection and Layout Physical security Measures Physical Access Protection Against Environment Factor Physical Facilities Management
Free Powerpoint Templates Page 24

DS13 Manage Operations

Meeting operational service levels for scheduled data processing Monitoring and maintaining infrastructure Protecting sensitive output

Controlled by
Operations Procedures and Instructions Job Scheduling IT Infrastructure Monitoring Sensitive Documents and Output Devices Preventive Maintenance for hardware
Free Powerpoint Templates Page 25

Free Powerpoint Templates

Page 26

ME1 Monitor and Evaluate IT Performance


Focus on
Monitoring and reporting process metrics Identifying and implementing performances improvement actions

Achieved by
Collating and translating process performance reports into management reports Reviewing performance against agreed-upon targets and initiating necessary remedial action
Free Powerpoint Templates Page 27

ME1 Monitor and Evaluate IT Performance


Measured by
Satisfaction of management and the governance entity with the performance reporting Number of improvement actions driven by monitoring activities Percent of critical processes monitored

Free Powerpoint Templates

Page 28

ME1 Monitor and Evaluate IT Performance

ME1.1 Monitoring approach ME1.2 Definition and Collection of Monitoring Data ME1.3 Monitoring Method ME1.4 Performance Assessment ME1.5 Board and Executive Reporting ME1.6 Remedial Actions

Free Powerpoint Templates

Page 29

ME2 MONITOR AND EVALUATE INTERNAL CONTROL


Focus on
Monitoring the internal control process for ITrelated activities Identifying improvement action

Is achieved by
Defining a system of internal controls embedded in the IT process framework Monitoring and reporting on the effectiveness of the internal controls over IT Reporting control exceptions to management for action
Free Powerpoint Templates Page 30

ME2 MONITOR AND EVALUATE INTERNAL CONTROL


Is measured by
Number of major internal control breaches Number of control improvement initiatives Number and coverage of control self-assessments

Control Objective

ME 2.1 Monitoring and evaluate Internal control framework ME 2.2 Supervisory Review ME 2.3 Control Exception ME 2.4 Control Self-Assessment ME 2.5 Assurance of internal control ME 2.6 Internal control at Third Party ME 2.7 Remedial Action
Free Powerpoint Templates Page 31

ME3 Ensure Compliance With External Requirement


Review process ensure compliance with laws, regulation & contractual requirement.

Focus on
identifying all applicable laws, regulations and contracts. the corresponding level of IT compliance. optimising IT processes to reduce the risk of non-compliance.
Free Powerpoint Templates Page 32

ME3 Ensure Compliance With External Requirement


Achieved by
Identifying legal, regulatory and contractual requirements related to IT Assessing the impact of compliance requirements Monitoring and reporting on compliance with these requirements

Measured by
Cost of IT non-compliance, including settlements and fines Average time lag between identification of external compliance issues and resolution Frequency of compliance reviews
Free Powerpoint Templates Page 33

ME3 Ensure Compliance With External Requirement


ME3.1: Identification of External Legal,
Regulatory, and Contractual Compliance Requirement.

ME3.2: Optimization of Response to


External Requirement. ME3.3: Evaluation of Compliance With External Requirement. ME3.4: Positive Assurance Of compliance. ME3.5 :Integrated Reporting.
Free Powerpoint Templates Page 34

Goal
IT
Ensure IT compliance with laws, regulation, and contracts

PROCESS

ACTIVITY

Identifying legal, regulatory and Identify level IT contractual compliance. requirements related Provide alignment of to IT IT policy, plans, Educating IT procedures to personnel in their efficiently manage responsibility for the risk of noncompliance compliance. Assessing the impact Minimize the of external business impact of requirements identify compliance Monitoring and issue within IT. reporting on compliance with external requirements Free Powerpoint Templates Page 35

ME4 Provide IT Governance


Establishing an effective governance framework. Defining organisational structures, processes, leadership, roles and responsibilities. Ensure that enterprise IT investments are aligned. Delivered in accordance with enterprise strategies and objectives.

Focus on
Preparing board reports on IT strategy, performance and risks, and responding governance requirements in line with board directions
Free Powerpoint Templates Page 36

ME4 Provide IT Governance


Achieved by
Establishing an IT governance framework integrated into corporate governance Obtaining independent assurance over the IT governance status

Measured by
Frequency of board reporting on IT to stakeholders (including maturity) Frequency of reporting from IT to the board (including maturity) Frequency of independent reviews of IT compliance
Free Powerpoint Templates Page 37

ME4 Provide IT Governance


Control Objective
ME4.1 Establishment of an IT Governance Framework. ME4.2 Strategic alignment. ME4.3 Value Delivery ME4.4 Resource Management ME4.5 Risk Management ME4.6 Performance Measurement ME4.7 Independent Assurance

Free Powerpoint Templates

Page 38

THE END
Any questions???

Free Powerpoint Templates

Page 39