Q: It is of the utmost importance to separate management from governance policy-making, which is usually undertaken by the board of directors. Without this structure in place, fraud, bribery and corruption are very high risks.
Yes I agree with the above statement. Consideration of the statement has given me cause to reflect on the need for separation of management and governance policy as one of the key COBIT 5 framework principals. I have come to better understand the critical need to maintain segregation between governance and management as two fundamentally different disciplines. Segregation ensures that management of the overall organisation, as driven by the CEO and executives, is in line with the broader governance requirements as set by the board (COBIT 5, 2007).
Yes I agree with the above statement. Consideration of the statement has given me cause to reflect on the need for separation of management and governance policy as one of the key COBIT 5 framework principals. I have come to better understand the critical need to maintain segregation between governance and management as two fundamentally different disciplines. Segregation ensures that management of the overall organisation, as driven by the CEO and executives, is in line with the broader governance requirements as set by the board (COBIT 5, 2007).
I believe
if governance and management were not separated, the organisation opens itself
up to fraud and corruption risk as it removes key monitoring and control
measures which guide behaviour (De Haes, 2009). We provide employees with a framework to
encourage appropriate behaviour in line with expectations. I feel that
the loss of these checks and balances provides opportunity, and with the right
motive, people may be tempted into fraud, corruption or misconduct.
Understanding
the principals of the COBIT 5 framework has helped me define the different
roles of governance and management and the associated risks that result.
Either in an employee or management role, I would feel more comfortable with a
proper segregated framework to work within.
References
COBIT 5 Executive Summary and Framework. IT Governance Institute (2007). (pp5-28,
29-32)
De Haes, Steven and Van Grembergen, Wim (2009) ‘An
Exploratory Study into IT Governance: Implementations and its Impact of
Business/IT Alignment’, Information
Systems Management, 26:2, 123-137.
Additional links to more relevant information and in-depth research on how COBIT 5 helps seperate management and governance policy making:
https://www.isaca.org/COBIT/Documents/COBIT5-Introduction.ppt
Additional links to more relevant information and in-depth research on how COBIT 5 helps seperate management and governance policy making:
http://www.isaca.org/cobit/focus/pages/using-cobit-5-to-deliver-information-and-data-governance.aspx
https://www.isaca.org/COBIT/Documents/COBIT5-Introduction.ppt
No comments:
Post a Comment