3. Deliver, Service and Support: Track IT support and delivery and gather data on the type, frequency and severity of support issues. 4. Monitor, Evaluate and Assess: Continually monitor the status of IT systems, evaluate in terms of business and security goals, assess risk and adjust as needed. The full COBIT framework dives down to a very detailed level. It’s worth the effort to review the varied frameworks and adopt one that appears to best match your bank’s internal and regulatory requirements. WHAT TO KEEP IN MIND WHEN DEVELOPING AN IT GOVERNANCE PROGRAM Whichever model you chose, or if you chose to design your own, remember these important points: • IT Governance is not IT Management. • IT Governance is the process that ensures the effective, efficient and safe use of IT to enable an organization to achieve its goals. • IT Governance is top-down and is initiated by the Board and Senior Management — but everyone in the organization has some level of responsibility. • IT Governance Frameworks provide the guidance to implement your own governance program. • Governance is a cyclical process that requires ongoing evaluation, monitoring and review. Mike Gilmore is the Chief Compliance Officer of RESULTS Technology and a Certified Information Systems Auditor (CISA) with more than 30 years of experience in the banking industry. RESULTS Technology provides IT services to community banks across the Midwest. In his role as CCO, Mike provides compliance and risk assessments, audit and exam support and policy documentation. He can be reached at mgilmore@resultstechnology.com. Since 1903, Lewis Roca has been working with financial institutions. We help community banks, regional banks, national banks and their holding companies navigate an increasingly complex business and regulatory terrain. DEDICATED TO SERVICE Lewis Roca Rothgerber Christie LLP This material has been prepared for general advertising purposes only. Karen L. Witt Partner kwitt@lewisroca.com 303.628.9586 INDEPENDENT REPORT | 35
RkJQdWJsaXNoZXIy MTg3NDExNQ==