Operational Assessment of IT: 1st Edition (Hardback) book cover

Operational Assessment of IT

1st Edition

By Steve Katzman

Auerbach Publications

338 pages | 61 B/W Illus.

Purchasing Options:$ = USD
Hardback: 9781498737685
pub: 2016-04-01
SAVE ~$14.99
$74.95
$59.96
x
eBook (VitalSource) : 9780429092015
pub: 2016-03-30
from $37.48


FREE Standard Shipping!

Description

Operational Assessment of IT presents ideas and concepts of optimization designed to improve an organization’s business processes and assist business units in meeting organizational goals more effectively. Rather than focus on specific technologies, computing environments, enterprise risks, resource programs, or infrastructure, the book focuses on organizational processes. Throughout the book, the author presents concerns and environments encountered throughout his career to demonstrate issues and explain how you, too, can successfully implement the tools presented in the book.

The assessment process reviews the economics as well as the effectiveness and efficiency of the process. Whether your organization is profit-based, not-for-profit, or even governmental, you cannot provide services or products at a continuous loss. For an operational assessment to be of value, the ultimate goal must be to insure that the business unit process is effective and efficient and employs the financial assets and resources appropriately or helps the business unit make adjustments to improve the operation and use resources more efficiently and economically.

After reading this book, you will be able to devise more efficient and economical ways to meet your customers’ requirements, no matter who or where your customers are. You will learn that the goal of any process is to service or supply customers with what they want. The book provides tools and techniques that will assist you in gaining a 360-degree view of the process so that you can help the business unit improve the delivery of a quality product or a service to the customer.

Reviews

When I first received this book for review, I was a bit nervous. I am not an auditor, and have never been one. It is true that I have participated in hundreds of audits across different industries and disciplines, as both a customer and much more frequently, as an advisor, but I never had to put my name to the bottom of an attestation (except, I suppose, for a few PCI self-assessment questionnaires).

In short, I was concerned that I would not be able to properly grasp it, and thus fail to do it justice.

By the time I was done, I found myself with the same concern, but this time, coming from a completely different angle.

Because Steve’s book is truly a delight. I have worked with hundreds of auditors, and only a couple of them have ever shown the scope and breadth of experience, the desire to go beyond following rote process, and the sheer interest in staying true to the purpose of an audit – any audit – that Mr. Katzman exhibits in his book.

Steve’s personal stories shine through, and really help in framing the conversation. The little quips he embeds throughout his writing made me chuckle repeatedly, certainly not what I expected from a book about what is ultimately a rather dry subject matter. The planning chapter alone is worth the price of entry, as first and foremost it does such a great job at reminding all of us why audits exist in the first place.

For me, this work provided a great insight into the mind of an auditor, in a way that I never quite grasped before. That is undoubtedly going to help me in future audits. Considering the way Steve seamlessly transitions between the client and auditor viewpoints, if you are an auditor (the stated target audience for this book), then I cannot imagine how it would fail to help in a mirrored fashion.

I find it fitting to end this review by borrowing Steve’s own ending words from the book:

"Stay well, stay happy, and stay productive".

-- Barak Engel, CISO and author, Why CISOs Fail – The Missing Link in Security Management and How to Fix It

Table of Contents

PRELUDE

Introduction

Overview

Rationale

GOALS

The Organization

Organizational Goals

Measuring the Success of an Organization

Voice of the Customer

Process

Productivity

Measuring the Success of the Processes

Summary

OPERATIONAL ASSESSMENTS

Operational Auditing

Background

Auditing

Operational Assessment

Operational Assessment Drivers/Impetus

Operational Objectives

Operational Factors: The Three Es

Process

Operational Assessment Planning

Customer Relationships

Risk Assessment

Business Acumen

RACI Matrix (or RASCI)

Planning Memo

Project Charter

Adding Value

Key Performance Indicator

Operational Process

Process Review (As Is)

Activity: Procurement Audit Planning

IT Support of the Business Unit

Background

Latency Delays

Business Continuity Planning

Planning Summation

Operational Assessment Fieldwork

Failure Mode and Effect Analysis

Root Cause Analysis (RCA)

The Five Whys

Pareto Principle (80–20 rule)

Metrics

Standardization or Anarchy

Control Charts

IT and the Business Process

The Fraud Red Flag

The Process

Business Continuity Management

Fieldwork Analysis

Purchasing Process

PUTTING IT ALL TOGETHER

Assessment Reporting

Share the Picture

Report Distribution

Focus on the Issue/Concern

A Picture Can Say Volumes

Presenting the Report

IT and COBIT

COBIT Management Environment

Epilogue

Appendices

Risk Assessment/Management

Washington State Audit Report

Typical Swim Lane Diagram

Bibliography

About the Author

Steve Katzman is a retired master sergeant who spent four years in accounting and finance and the rest of his 21-plus-year Air Force career in information technology (IT) and data communication. He has over 35 years of computer and technology experience and 14 years in auditing (internal and external). Mr. Katzman earned a BS degree in management information systems with a focus on business from Central Connecticut State University. He maintained several professional certifications, including CIA, CISA, CRMA, CRISC, and CISSP. During his military career, he held a top-secret security clearance.

About the Series

Internal Audit and IT Audit

Learn more…

Subject Categories

BISAC Subject Codes/Headings:
BUS083000
BUSINESS & ECONOMICS / Information Management
COM032000
COMPUTERS / Information Technology
COM053000
COMPUTERS / Security / General