A solid governance model supported by effective processes is a must for any company that wants to excel in its IT performance and business support mechanisms. Through the RMSAfrica unique phased approach, certain limitations, such as the amount of work that is required to truly enable IT Governance as the controlling factor of auditing and measuring performances and improvements, is taken care of. This in turn contributes to ensure successful completion of the most complex project implementations.
• A way of thinking - a new way of thinking for some. Successful adoption requires orientation, education, and training.
• A framework that must be tailored to the organisation. For example, CobiT’s IT processes must be compared to existing customer processes, customer’s risks must be reviewed, and responsibilities for the IT processes must be established.
• As a governance, control and audit reference, CobiT must be used with other resources, including Codes of Practice such as King III and industry Best Practices such as ITIL & ISO27001.
• Not a collection of IT controls and audit programs. CobiT contains IT control objectives that generally must be addressed by most organisations and audit guidelines that may be used to assess performance against those IT control objectives.
• Provides generally applicable guidance and do not provide industry specific measures. Each customer will need to customise this general set of guidelines to their specific environment.
Service offering
IT Governance consulting service offering is based on guiding IT Governance principles such as accountability, strategy, acquisition, conformance, performance and human behaviour. At a conceptual level a typical consulting engagement would start with defining a Governance model, doing an assessment based on a best practice Governance Framework such as CobiT, conducting various workshops to verify assessment results and doing final improvement recommendations. Although consulting engagements on IT Governance is referenced to best practice frameworks such as CobiT and the ISO 38500 IT Governance standard, these are merely used as starting points and are never followed blindly. In practice, CobiT is normally used to assist in conducting maturity levels of IT Governance within a client environment, and the ISO 38500 principles are referenced when analysing the results of these assessments. Recommended improvements are then made based on the assessment results. ICT governance provides reasonable assurances that strategic intent can be met. The requirement for maturity level in governance is informed by the criticality and complexity of ICT services
