Monthly Archives: October 2012

Evaluation: Your IT-Business Preparedness

As this Deloitte Consulting survey indicates, business today is being strongly influenced by these key complexity forces:

  • Globalization
  • Rising customer expectations
  • Faster pace of transactions
  • Increasing demand for collaboration
  • Calls for sustainability

If even one of these forces is having a significant impact on your current or future business, then a solid information technology (IT) strategy that is aligned with the business will be critical for continued success.

We’ve created an evaluation form that will help you to quantify how well you understand the role that information technology plays in enabling your business to proactively and effectively address the forces of complexity. The higher your score, the more critical your need for a robust IT strategy that is aligned with your business pressures and goals.

Download the evaluation form (PDF) >>

We invite you to contact us for help in auditing your IT preparedness and laying a strategic foundation for success.

Advertisements

Best Practice: Assess the Capabilities & Performance of Your Information Technology

Professional organizations often hire third-party experts to analyze business operations and make recommendations for improvement. For example, financial audits, quality audits, and process audits are common best practices for most businesses.

Beyond ensuring that processes are followed, third-party audits can help an organization step back from day-to-day activities, take stock of overall performance, and make the best decisions regarding resource allocation, budgets and priorities.

Yet, few organizations examine their IT operations in a similar fashion.

The Importance of IT Audits

IT is owned and operated to underpin both day-to-day business operations and long-term planning. The IT organization also provides the leadership and organizational structures, systems and processes that sustain and support business objectives. Today’s IT departments play such an integral role within corporate operations and governance that they should be subject to the same scrutiny as other groups.

An IT audit, conducted as part of an annual review or prior to a major project, can report critical information to the organization and its stakeholders on the following topics:

  • Overall performance: How is the IT organization doing? It is meeting best practices? Are there redundancies that can be eliminated? What efficiencies can the group take advantage of? What silos need to be broken down with other departments? Are there areas of risk that need to be addressed?
  • Compliance with regulatory requirements.
  • Budget constraints and staffing considerations.
  • Recommendations for new corporate projects, such as a new enterprise or line of business solution, a new collaboration solution, or an infrastructure migration.
  • Business activity gaps that should be addressed before documenting business activities in preparation for a workflow, collaboration or records management project.

Audit Areas

To be effective, an IT audit should examine three main aspects of the IT organization. These are:

  1. IT Governance: Organizations planning major IT projects – such as a new business system, migration to the cloud, collaboration or other significant investment – need to ensure that the IT Department and technical teams within other business units are able to deliver. An IT audit should examine all governance aspects of the IT organization and evaluate factors such as the IT department’s corporate structure, existing systems and processes, capacity, track record on recent projects, etc.

 

  1. Information Management: IT organizations must be able to develop (and manage) policies and procedures that promote efficient operations and support the rollout of new business initiatives.  IT audits should therefore include an evaluation of the organization’s records management and account management practices, access privileges, policies, procedures, and standards.

 

  1. Information Technology Security:  IT risk is always present in a modern organization and companies should understand their external and internal IT vulnerabilities. An IT audit should contain a security component that examines potential infiltration points, flaws in line-of-business systems, fraud risks, device weaknesses, and security of email, web hosting, publishing environments and social media channels.

Actionable Results

By analyzing the above areas, a third-party expert can perform a comprehensive IT risk assessment of your organization. This assessment will provide you with the information you need to improve IT governance and effectively safeguard your organization against attacks that can damage your brand reputation or financial viability.

At Tango, we regularly conduct IT audits for our clients. Learn more about our IT auditing services or contact us to talk about your specific auditing needs.