Analysis of IT Governance and risk management in t

It governance and risk management analysis of manufacturing industry

manufacturing industry is the core of the national economy. The total industrial output value of China's manufacturing industry accounts for more than 40% of the national GDP. With China's entry into WTO and economic globalization, China is becoming the center of the world's manufacturing industry because of its obvious cost advantage in the manufacturing process. In the face of fierce competition and special opportunities, it is very important to improve the IT Governance and risk management ability of Chinese manufacturing enterprises

looking back on the development in recent years, the national strategy of "informatization drives industrialization and industrialization promotes informatization" has become increasingly popular, and the application of informatization has made remarkable achievements. Especially this year, the construction of e-government, enterprise informatization, e-commerce, urban informatization and so on has provided a huge market space for the development of IT industry. At the same time, we should also clearly realize that with the in-depth development of information construction and application, some deep-seated problems in information construction and application have also attracted more and more attention. Professor hukejin believes that: "The current situation of information construction in China is characterized by: the large-scale, complex, diversified and networked information system; the increasing dependence on information and information system; the increasing investment scale and cost of information system; the increasing vulnerability and threat scope of the system; and the management of it related risks is considered to be a major part of enterprise governance. At the same time, the challenge before us is: what does information technology bring us? How to change and meet challenges? How to make full use of IT resources? How to manage the information and information platform? How to control and minimize the risk? "

How can China's informatization construction achieve sustainable development and improve the return on investment? Many people begin to think about it governance. The new field of IT governance takes "it governance" as the general framework, covering it audit, information security audit and it service management, and focuses on the research of new problems, new knowledge and new methods of it development and enterprise development in terms of governance structure, enterprise strategy, enterprise operation management, risk and value, cost and control, audit and supervision, service standards and norms, etc. These contents are bound to be of great significance to the development of IT industry and the promotion of information construction in the future. Mr. Lu Peiwei said, "the proposal of IT governance provides a mechanism for enterprises to balance it investment and risk while achieving business goals. In order to ensure that enterprises can achieve business goals and achieve an effective balance between risk management and income realization, it is very urgent to guide and manage all kinds of it activities." The question now is: how to apply the auxiliary means and standards of IT Governance in China

when the enterprise's IT infrastructure construction is gradually taking shape, the importance of it to the enterprise's core business is also becoming increasingly prominent. However, due to the lack of effective monitoring and governance of it risks, many enterprises are suffering from such problems: enterprise it and data are always facing risks, but lack of overall security measures; Enterprises cannot predict potential risks, let alone take targeted measures; Enterprises cannot guarantee the high availability of it, let alone allow it to respond to business needs in a timely manner and provide high-quality services to customers, employees and suppliers, etc

therefore, the implementation of IT Governance and risk management solutions has quickly become a top priority for many Chinese enterprises. According to a recent survey by IBM, 79% of chief financial officers (CFOs) said they would gradually build an IT governance architecture to integrate information and conduct business analysis in the next three years. At the same time, 64% of CIOs benefit from the fact that more and more aircraft components have begun to use advanced polymer composites. CIOs believe that unifying security policies and protecting data security is one of the biggest challenges currently faced by IT departments

in order to make it investment consistent with the business objectives of the enterprise, it is necessary to establish an effective "it governance and risk management" strategy from three points: improving service management level, ensuring business continuity and flexibility, and strengthening information security management

as we all know, IBM has always been the most authoritative manufacturer in the field of IT service management, and has done a lot of work in promoting the process and scientization of IT management. In response to the needs of the IT Governance and risk management market, IBM integrates its advantages in services, software and hardware. With its broadest service, technology and product portfolio in the industry, IBM provides customers with a number of new capabilities to achieve more effective IT Governance and risk management, so as to comprehensively optimize enterprise performance and flexibility. These new capabilities include:

it governance across the enterprise

the business of it dashboard is a service suite based on asset evaluation, designed to help customers evaluate the strengths and weaknesses of their current key areas of IT Governance and risk management, and synchronize it performance with enterprise performance. Unlike other it monitoring tools that usually provide limited visibility to a single system, it business dashboards contain services and software (based on IBM Tivoli Netcool Technology) that provide a complete view for users at all levels inside and outside the IT department. This view can help customers evaluate, plan, audit, implement and manage multiple real-time applications. These applications can support customer monitoring and ensure that it activities and performance are directly linked to enterprise performance and effectiveness. In addition, the dashboard can also help customers coordinate the relationship between IT investment and business priorities and business needs, improve the automation of it processes to improve effectiveness, and identify and manage security risks. Tivoli service desk's it lifecycle management and governance services for Tivoli service desk can help customers quickly and seamlessly deploy comprehensive service desk solutions, realize unified support processes, create a single point of contact for it problems, simplify the access path of business reports, and establish key performance indicators. Tivoli service desk fault analysis: low zero is usually the only interface between IT department and end users, so it becomes the key to create a unified and integrated process

use improved service management to make informed decisions

the new Tivoli business service manager software can support business and operators to view the status and performance of key business services in real time, so as to help them make effective decisions. This software is the first fully integrated product brought by IBM's acquisition of micromuse, which also combines netcool/realtime acid dashboard and Tivoli business systems manager. Tivoli business service manager is equipped with a real-time service Scorecard and key performance indicators, which can provide a high-level view of various services and processes within the Department. With this, operators can view the real-time status of a single device or system, transaction failures, handling bottlenecks, normal revenue changes, and more

real time response to security threats

ibm Tivoli security operations manager version 4.1 is a security event management platform, equipped with a real-time dashboard that can deal with malicious intrusion from external personnel and unintentional security threats from internal employees or contractors. It is designed to help enterprises maintain the normal work of computer networks and systems. IBM Tivoli software detects security threats by automatically analyzing the data in the entire IT infrastructure, so as to optimize and automate the process of event identification, investigation and response. It can support the monitoring and implementation of network security policies and it control measures, help users quickly understand security threats and violations of policies, and take countermeasures to avoid the occurrence of these hidden dangers. At the same time, it can also provide reports focusing on the operation and compliance with policies

balance investment in the life cycle of IT services

ibm rational portfolio manager v.7.1 is an enterprise project management solution that supports all personnel in the enterprise (including CIOs, project managers, business analysts, and developers) to use it to balance it investment and determine service priorities. Its new Web 2.0 interface provides support for team members to manage their networks, submit time and expense reports. In addition, the close integration of rational portfolio manager and IBM's rational portfolio ensures that the design, construction, testing, deployment and supply of software projects can be completed within the established schedule. When the analysis component of rational portfolio manager finds project trends and intersections, it can automatically provide decision-making and approval cycles for the software development team. Project teams can improve efficiency with new templates and best practices that can generate compliance reports and simplify project initiation

the efficiency and effect of corporate governance directly depend on many institutional elements. This includes not only the quality of audit and information disclosure, but also the supervision of the legal system on contracts and the ability to protect external investors. For example, under the framework of adverse selection, we can see that a better accounting standard and more timely information disclosure requirements will greatly reduce the information asymmetry between managers and external investors, thus facilitating financing and reducing agency risk. Therefore, the core problem of corporate governance is information asymmetry or incompleteness. To solve the problem of corporate governance, the core is the authenticity and accuracy of corporate information and the efficiency of processing and transmission, and it technology is increasingly becoming an effective tool in realizing the principle of transparency and embodying the strength of monitoring. Therefore, it governance should become a tool of corporate governance

because many listed companies in the United States rely on it systems for their core businesses. In view of this, the Sarbanes Oxley Act promulgated by the United States in 2002 puts forward higher requirements for public companies. The company should regularly evaluate the adequacy of its information system and its internal control based on years of advanced professional manufacturing experience to ensure the accuracy and integrity of the information provided to investors, and emphasize that the company's management establishes and maintains internal control (especially it control) and the corresponding control procedures are fully effective. Therefore, studying it governance, strengthening it control, reducing risks and effectively realizing corporate governance have become our highly concerned propositions

we believe that the impact of corporate governance and it governance on enterprises in the future must be revolutionary, and this impact is directly related to the international competitiveness of Chinese enterprises

at the same time, we also note that with the increasing importance and widespread application of it, it will be integrated into all production processes and business management systems. Therefore, the risk of it will also significantly affect the implementation of the organization's strategy and the realization of its goals. In this case, it is an inevitable choice to integrate comprehensive risk management and it governance. Finally, once Chinese enterprises have formed a good governance structure suitable for the corporate culture, this is the international core competitiveness of our enterprises

we also see that great changes have taken place in the internal and external environment of the enterprise. The influence of enterprise management informatization, information technology and information system on enterprise organizational form, governance structure, management mechanism, operation flow, bending resistance, compression resistance, low tensile strength and business model is deepening day by day. The original governance control mechanism is no longer suitable, and corporate governance is facing new challenges

in this environment of the information age, governance is the exertion process of organizational management mechanism and operation mechanism. In the information age, it has risen from an auxiliary means of enterprise management and a tool to solve management problems to a role that affects the overall situation of the enterprise. Therefore, I