Skip to content

Cobit: Acquisition and Implementation (2 of 4)

August 11, 2008
tags:

1. Identify Automated Solutions

  • Definition of information requirements

  • Formulation of alternative courses of action

  • Formulation of acquisition strategy

  • Third-party service requirements

  • Technological feasibility study

  • Economic feasibility study

  • Information architecture

  • Risk analysis report

  • Cost-effective security controls

  • Audit trails design

  • Ergonomics

  • Selection of system software

  • Procurement control

  • Software product acquisition

  • Third-party software maintenance

  • Contract application programming

  • Acceptance of facilities

  • Acceptance of technology

2. Acquire and Maintain Application Software

  • Design methods

  • Major changes to existing systems

  • Design approval

  • File requirements definition and documentation

  • Program specifications

  • Source data collection design

  • Input requirements definition and documentation

  • Definition of interfaces

  • User-machine interface

  • Processing requirements definition and documentation

  • Output requirements definition and documentation

  • Controllability

  • Availability as a key design factor

  • IT integrity provisions in application program software

  • Application software testing

  • User reference and support materials

  • Reassessment of system design

3. Acquire and Maintain Technology Infrastructure

  • Assessment of new hardware and software

  • Preventive maintenance for hardware

  • System software security

  • System software installation

  • System software maintenance

  • System software change controls

  • Use and monitoring of system utilities

4. Develop and Maintain Procedures

  • Operational requirements and service levels

  • User procedures manual

  • Operations manual

  • Training materials

5. Install and Accredit Systems

  • Training

  • Application software performance sizing

  • Implementation plan

  • System conversion

  • Data conversion

  • Testing strategies and plans

  • Testing of changes

  • Parallel/pilot testing criteria and performance

  • Final acceptance test

  • Security testing and accreditation

  • Operational test

  • Promotion to production

  • Evaluation of meeting user requirements

  • Management’s post-implementation review

6. Manage Changes

  • Change request initiation and control

  • Control of changes

  • Emergency changes

  • Documentation and procedures

  • Authorized maintenance

  • Software release policy

  • Distribution of software

Advertisements
No comments yet

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: