Beyond the Network: A Holistic Perspective on State Cybersecurity Governance

I. Introduction II. Governance: The New Frontier of Information Assurance III. State Cybersecurity Governance Extends Beyond the Network IV. Centralizing Security Governance to Defend State Networks V. Governance Beyond Network Defense ... A. Disruption Response ... B. Law Enforcement ... C. Cybersecurity Centers VI. Conclusion Appendix: States and Indicator

Diseño de un modelo para el gobierno y gestión de proyectos de TI en sedes territoriales de entidades públicas colombianas - Entidad Estadística Nacional

Los desafíos que se presentan en las entidades públicas en la búsqueda del alineamiento de la tecnología de la información con los objetivos estratégicos corporativos, ha desencadenado una preocupación en los directivos, por lo tanto, darle un enfoque integral bidireccional arriba-abajo y abajo-arriba incluyendo las actividades de alineación, planificación, ejecución y gobierno de los proyectos de TI es fundamental para gestionar y ofrecer soluciones efectivas. Se hace necesario el gobierno y la gestión de TI para asegurar que en el desarrollo de los proyectos de TI se minimicen los riesgos de desfasarse en tiempo y costos y que de esta manera se lleven a cabo con éxito las actividades propias de la ejecución de proyectos TI, es fundamental que los profesionales de TI tengan pensamientos estratégicos, que cultiven sus habilidades gerenciales y de comunicación, demostrar credibilidad frente a todos los usuarios y compañeros de grupo, con orientación a los logros y siempre perseguir las metas establecidas, pero ante todo tener propiedad y conocimiento en el negocio. Este trabajo de grado contribuirá como herramienta guía para que los funcionarios efectúen las prácticas de los procesos de gobierno y gestión de proyectos de TI proactivamente en sedes territoriales de entidades públicas, asegurando que los rubros sean usados de manera efectiva en cualquier entidad del estado colombiano

A Strategy for good IT Governance in South African Municipalities

Information technology (IT) is widely used in South African municipalities as a tool for enabling business processes and therefore its design and implementation are critical to municipalities delivering on their core mandate of delivering services to their communities. The implementation of IT relies on the adoption of sound IT governance practices, whose outcome is to ensure that municipalities derive value from the use of IT and minimise the risk associated with it. However, the implementation of IT governance has proved to be challenging in most municipalities. This research sought to devise a strategic approach to the effective and viable implementation of IT governance in municipalities in South Africa. The research was carried out by adopting a design science research approach, which is increasingly being used for studies in the IT discipline as it assists in solving problems through the design of innovative artefacts, in this case a strategy for the implementation of IT governance. To address the objectives, the research was carried out through case studies of South African municipalities which enabled a detailed investigation of phenomena in its natural context. The data was collected by means of mixed methods consisting of a literature review, a survey and semi-structured interviews. A literature review connected to the research problem was done in order to identify the present state of the issues and how they have been confronted. A survey was sent out to municipalities, institutions and individuals with a mandate to support municipalities, while semi-structured interviews were conducted in five municipalities, government departments and regulatory bodies. A thematic analysis of the data collected was performed which led to a diagnosis of the issues. These include inadequate IT infrastructure; lack of coordinated external support; inadequate IT skills; lack of strong and committed IT leadership; poor IT controls; and fragmented planning. Guiding policies and a set of coherent actions for solving the issues were developed. This culminated in the devising of a strategy for the coordinated implementation of IT governance in municipalities. The primary contribution of this study is the formulation of a strategy for the sound implementation of IT governance in South African municipalities. The research contends that by identifying the strategic issues facing municipalities and implementing the proposed actions, most of which fall outside the municipalities, a new contribution to knowledge has been made. Accordingly, the strategy facilitates the development of plans that address the root causes of the poor implementation of IT in municipalities

A Strategy for good IT Governance in South African Municipalities

Information technology (IT) is widely used in South African municipalities as a tool for enabling business processes and therefore its design and implementation are critical to municipalities delivering on their core mandate of delivering services to their communities. The implementation of IT relies on the adoption of sound IT governance practices, whose outcome is to ensure that municipalities derive value from the use of IT and minimise the risk associated with it. However, the implementation of IT governance has proved to be challenging in most municipalities. This research sought to devise a strategic approach to the effective and viable implementation of IT governance in municipalities in South Africa. The research was carried out by adopting a design science research approach, which is increasingly being used for studies in the IT discipline as it assists in solving problems through the design of innovative artefacts, in this case a strategy for the implementation of IT governance. To address the objectives, the research was carried out through case studies of South African municipalities which enabled a detailed investigation of phenomena in its natural context. The data was collected by means of mixed methods consisting of a literature review, a survey and semi-structured interviews. A literature review connected to the research problem was done in order to identify the present state of the issues and how they have been confronted. A survey was sent out to municipalities, institutions and individuals with a mandate to support municipalities, while semi-structured interviews were conducted in five municipalities, government departments and regulatory bodies. A thematic analysis of the data collected was performed which led to a diagnosis of the issues. These include inadequate IT infrastructure; lack of coordinated external support; inadequate IT skills; lack of strong and committed IT leadership; poor IT controls; and fragmented planning. Guiding policies and a set of coherent actions for solving the issues were developed. This culminated in the devising of a strategy for the coordinated implementation of IT governance in municipalities. The primary contribution of this study is the formulation of a strategy for the sound implementation of IT governance in South African municipalities. The research contends that by identifying the strategic issues facing municipalities and implementing the proposed actions, most of which fall outside the municipalities, a new contribution to knowledge has been made. Accordingly, the strategy facilitates the development of plans that address the root causes of the poor implementation of IT in municipalities

It governance evaluation: Adapting and adopting the COBIT framework for public sector organisations

This thesis examined the potential to develop an IT governance evaluation framework for an Australian state public sector and identified factors that would positively influence the adoption of the adapted framework. Using four linked studies the research revealed that an adapted framework for the evaluation of IT governance could be derived from best-practice models to fit the specific needs of individual organisations or sectors. The findings contribute to improving the ease of use, enhance usefulness, and increase the intent to adopt IT governance frameworks within a public sector context

An argument for centralization of IT governance in the public sector

Using a configurational crisp set Qualitative Comparative Analysis (csQCA) approach, we find that effective public sector IT governance is structured differently than in the private sector. While states adopt a variety of IT governance structures, it is unmistakable that centralized yields better organizational outcomes than decentralized. As such, this paper makes a case for additional research in public sector governance in order to understand and explain these differences