Share:
View:
3310
Apr 26, 2020
PART 6 – CISA Domain 3 – Information Systems Acquisition, development and implementation
- What is Benchmarking process?
- What is Capacity Maturity Model Integration (CMMI)?
- What are process procedures and controls?
- Benchmarking is about improving business processes.
- It is defined as a continuous, systematic process for evaluating the products, services or work processes of organizations recognized as a world-class “reference” in a globalized world
- Benchmarking process includes the following exercise:
- Plan
- Research
- Observe
- Analyze
- Adopt
- Improve
2. Capacity Maturity Model Integration (CMMI):
|
- Capability Maturity Model Integration (CMMI) is a process level improvement training and appraisal program. Administered by the CMMI Institute, a subsidiary of ISACA.
- The following are the characteristics of the maturity levels:
- Level 1 – Initial – Processes are unpredictable, poorly controlled and reactive.
- Level 2 – Managed – Process is characterized for projects and is often reactive.
- Level 3 – Defined – Process characterized for the organization and is proactive
- Level 4 – Quantatively managed – Process is measured and controlled
- Level 5 – Optimizing – Focus is on process improvement.
3. Processing procedures and controls:
|
- Processing procedures and controls are meant to ensure the reliability of application program processing.
- IS auditors need to understand the procedures and controls that can be exercised over processing to evaluate what exposures are covered by these controls and what exposures remain.
Part 1, Part 2, Part 3, Part 4, Part 5, Part 6, Part 7, Part 8, Part 9