Categories Corporate
Free Textbook

IT Management Controls

Governing IT Operations and Systems more effectively

385
Language :  English
Description of over 500 IT management controls (policies, procedures, etc.) related to all aspects of governing IT, developing systems, managing IT operations, etc.
Download free PDF textbooks or read online. Less than 15% adverts
Business-prenumeration gratis de första 30 dagarna, sedan $5.99/månad
Description
Content

Description of over 500 IT management controls (policies, procedures, job descriptions, practices, forms, etc.) organized in 10 chapters and 23 appendices. These are related to all aspects of governing IT, such as: organizing the IT function, managing IT operations and activities, developing and running Application Systems, ensuring adequate security of computerized facilities, systems and networks, etc.

About the Author

John Kyriazoglou obtained a B.A. (Honours) from the University of Toronto, Canada, also earning a Scholastic award for Academic Excellence in Computer Science. John has worked in Canada, England, Switzerland, Luxembourg, Greece, Saudi Arabia and other countries for over 49 years, as a Senior IT manager, Managing Director, IT auditor and consultant, in a variety of clients and projects, in both the private and the public sectors. He has published several books and articles in professional publications, has served in numerous scientific committees and is a member of several professional and cultural associations.

He is currently the Editor-in-Chief for the Internal Controls Magazine (U.S.A.) and consulting on Data Privacy and Security Issues (GDPR, e-Privacy, etc.) to a large number of private and public clients.

  • Overview and Contents
  • Preface
  1. IT Organization Controls
    1. Purpose and Main Types of IT Organization Controls
    2. Set 1: IT Department Functional Description Controls
    3. Set 2: IT Organization Controls
    4. Set 3: IT Vision, Mission and Values Statements
    5. Set 4: Monitoring and Review Controls
    6. Set 5: IT Governance and Control Frameworks
    7. IT Organization Performance Measures
    8. Reviewing and Auditing IT Organization Controls
    9. Conclusion
  2. IT Administration Controls
    1. Purpose of IT Administration Controls
    2. Main Types of IT Administration Controls
    3. Control Type 1: IT Standards, Policies and Procedures
    4. Control Type 2: IT Budget
    5. Control Type 3: IT Asset Controls
    6. Control Type 4: IT Personnel Management Controls
    7. Control Type 5: IT Procurement Controls
    8. Control Type 6: IT Management Reporting
    9. IT Administration Performance Measures
    10. Reviewing and Auditing IT Administration Controls
    11. Conclusion
  3. Enterprise Architecture Controls
    1. Purpose of EA Controls
    2. Main Types of Enterprise Architecture Controls
    3. Control Type 1: EA Frameworks
    4. Control Type 2: EA Framework Impementation Plan
    5. Control Type 3: EA Development Roles
    6. Control Type 4: EA Elements Definition
    7. Control Type 5: Other EA Business Related Controls
    8. Control Type 6: EA IT Related Controls
    9. EA Performance Measures
    10. Reviewing and Auditing EA Controls
    11. Conclusion
  4. IT Strategic Management Controls
    1. Purpose of IT Strategic Management Controls
    2. Main Types of IT Strategic Management Controls
    3. Set 1: IT Strategic Process Controls
    4. Set 2: IT Strategy Implementation and Monitoring Controls
    5. Set 3: IT Strategic Performance Management Controls
    6. Reviewing and Auditing IT Strategic Controls
    7. Conclusion
  5. Systems Development Controls
    1. Purpose of Systems Development Controls
    2. Main Types of Systems Development Controls
    3. Control Type 1: IT Systems Development Methodology
    4. Control Type 2: System Development Products
    5. Control Type 3: IT Systems Testing Process
    6. Control Type 4: End User Application Development Controls
    7. Control Type 5: Audit Trails
    8. Control Type 6: Software Package Controls
    9. Control Type 7: System Development Quality Controls
    10. Systems Development Performance Measures
    11. Reviewing and Auditing Systems Development Controls
    12. Conclusion
    13. Resources
  6. IT Security Controls
    1. Purpose of IT Security Controls
    2. Main Types of IT Security Controls
    3. CONTROL TYPE 1: IT Security Guidelines and Standards
    4. CONTROL TYPE 2: IT Security Organization, Policies and Plans
    5. CONTROL TYPE 3: Personnel Security Management Controls
    6. CONTROL TYPE 4: End User Security Administration Controls
    7. CONTROL TYPE 5: Social Engineering Controls
    8. CONTROL TYPE 6: IT Technical Protection Controls
    9. CONTROL TYPE 7: IT Disaster Controls
    10. IT Security Performance Measures
    11. Reviewing and Auditing IT Security Controls
    12. Conclusion
    13. Resources
  7. Data Center Operations Controls
    1. Purpose of Data Center Operations Controls
    2. Main Types of Data Center Operations Controls
    3. CONTROL TYPE 1: Data Centre Environmental Controls
    4. CONTROL TYPE 2: Data Centre Physical Access Controls
    5. CONTROL TYPE 3: Data Centre Infrastructure Controls
    6. CONTROL TYPE 4: Computer Operations Controls
    7. CONTROL TYPE 5: IT Contingency Planning and Disaster Recovery Controls
    8. CONTROL TYPE 6: Personal Computers Controls
    9. Data Center Operations Performance Measures
    10. Reviewing and Auditing Data Center Operations Controls
    11. Conclusion
  8. Systems Software Controls
    1. Purpose of Systems Software Controls
    2. Main Types of Systems Software Controls
    3. CONTROL TYPE 1: Systems Software Operating Environment Controls
    4. CONTROL TYPE 2: Data Base Management Controls
    5. CONTROL TYPE 3: Data Communications Controls
    6. CONTROL TYPE 4: Audit Trail Controls
    7. CONTROL TYPE 5: Systems Software Change Management Controls
    8. Systems Software Performance Measures
    9. Reviewing and Auditing Systems Software Controls
    10. Conclusion
  9. Computerized Applications Controls
    1. Purpose of Computerized Application Controls
    2. Main Types of Computerized Application Controls
    3. CONTROL TYPE 1: Input Controls
    4. CONTROL TYPE 2: Processing Controls
    5. CONTROL TYPE 3: Output Controls
    6. CONTROL TYPE 4: Database Controls
    7. CONTROL TYPE 5: Change Controls
    8. CONTROL TYPE 6: Testing Controls
    9. CONTROL TYPE 7: IT Application Systems Privacy Implementation Plan
    10. CONTROL TYPE 8: Post Implementation Review Controls
    11. Computerized Application Performance Measures
    12. Reviewing and Auditing Computerized Application Controls
    13. Conclusion
    14. Resources
  10. Business Data Management Controls
    1. Introduction
    2. BDM CONTROL TYPE 1. Business Record Keeping Systems
    3. BDM CONTROL TYPE 2. Files, Documents and Records (FDR) Management Procedures
    4. BDM CONTROL TYPE 3. Files, Documents and Records (FDR) Management Action Plan
    5. BDM CONTROL TYPE 4. Business Data Administration Controls
    6. BDM CONTROL TYPE 5. Data and Information Quality Monitoring and Improvement Process
    7. BDM CONTROL TYPE 6. Data Mart and Data Warehouse Controls
    8. BDM CONTROL TYPE 7. Business Data Management Performance Controls
    9. Reviewing and Auditing Business Data Management Controls
    10. Conclusion
  • Appendix. IT Operations Policies
  • Appendix 1. IT Ethics Code
  • Appendix 2. IT Performance Measures
  • Appendix 3. IT Security Policy
  • Appendix 4. Data Classification
  • Appendix 5. Backup and Recovery Policy
  • Appendix 6. Password Policy
  • Appendix 7. Acceptable Use Policy
  • Appendix 8. Information and Data Encryption Policy
  • Appendix 9. Remote Access Policy
  • Appendix 10. Vendor Access Policy
  • Appendix 11. Vendor Confidentiality Agreement
  • Appendix 12. Data Retention and Destruction Controls
  • Appendix 13. E-Mail Policy
  • Appendix 14. Network and Internet Management Policy
  • Appendix 15. Employee Confidentiality Policy
  • Appendix 16. Employee Data Protection Agreement
  • Appendix 17. Clean Desk and Screen Policy
  • Appendix 18. Information Release Authorization Policy
  • Appendix 19. Electronic Communications Policy
  • Appendix 20. Wireless Communications Policy
  • Appendix 21. Data Protection Policy
  • Appendix 22. IT Policies and Procedures Compliance Statement
  • Appendix 23. IT Management Forms
  • End Notes
  • Bibliography
About the Author

John Kyriazoglou