Audit of Governance of Specialized IT Resources
- 1. Executive Summary
- 2. 1.0 Introduction
- 3. 2.0 Findings and Recommendations
- 4. 3.0 Conclusion
- 5. 4.0 Management Response
- 6. Annex 1: Audit Criteria
- 7. Annex 2: List of Background Information and Supporting Documentation
- 8. Annex 3: Draft CIOB IM and IT Governance Model
- 9. Annex 4: Maturity Levels
- 10. Annex 5: Acronyms and Terms
Annex 5: Acronyms and Terms
- ADM
- Assistant Deputy Minister
- CIO
- Chief Information Officer
- CIOB
- Chief Information Officer Branch
- COBIT
- Control Objectives for Information and related Technology (a control framework for the governance of IT)
- CRM
- Client relationship manager
- CS
- Computer systems (refers to employees who are staffed in positions classified as part of the CS group and whose primary job is in IM and/or IT)
- data
- For the purposes of this audit, “data” has the most generic sense. The scope of the audit was restricted to looking at any scientific data that are captured, created or received by the Department and that are owned by the Crown. The requirements for storage of this data may vary by type; however, there are requirements, as outlined in the Library and Archives of Canada Act, related regulations, and multi-institution disposition authorities.
- EA
- Enterprise Architecture
- EC
- Environment Canada
- EMC
- Executive Management Committee
- IM
- Information Management
- IT
- Information Technology
- ITIL™
- “A registered trademark for a cohesive best practice framework, drawn from the public and private sectors internationally”, ITIL is a registered trademark that stands for Information Technology Infrastructure Library. Its focus is on IT as a service provider using IT Service Management concepts. It deals largely with the later stages of development through implementation, and includes operations.
- SLA
- Service Level Agreement. This refers to a negotiated level of service to be provided by a service provider to a service consumer for a given price.
- MAF
- Management Accountability Framework
- MSC
- Meteorological Service of Canada
- PAA
- Program activity architecture is an inventory of all the program activities undertaken by a department. The program activities are depicted in their logical relationship to each other and to the strategic outcome(s) to which they contribute. The PAA is the initial document for the establishment of a management, resources and results structure.
- Process
- “The IT organisation delivers against these goals by a clearly defined set of processes that use people skills and technology infrastructure to run automated business applications while leveraging business information. These resources, together with the processes, constitute an enterprise architecture for IT”
“COBIT defines IT activities in a generic process model within four domains. These domains are Plan and Organise, Acquire and Implement, Deliver and Support, and Monitor and Evaluate. The domains map to IT’s traditional responsibility areas of plan, build, run and monitor.” (Source: COBIT 4.1 framework for IT governance.) - TB
- Treasury Board
- TBS
- Treasury Board Secretariat
- TTAC
- Technology Transfer Advisory Committee
- WES
- Weather and Environmental Services
- Run, Renew, Transform
- This is CIOB’s term for those activities that make up the full scope of IT activity in the Department, including those activities necessary to carry out daily business and maintain the operational infrastructure (run), those necessary to incrementally improve the Department’s operations (renew), and those necessary to transform the organization and allow it to take advantage of synergies and streamline controls (transform).
Page 10
- Date modified: