912 resultados para IT Governance practice
Resumo:
O tema Governança de Tecnologia da Informação (GTI) tornou-se mais premente no ambiente empresarial brasileiro, principalmente após as repercussões mundiais ocorridas com a queda da bolsa de valores americana Nasdaq, com a nova configuração mundial após os ataques aos Estados Unidos em 11 de setembro de 2001 e a partir da promulgação da Lei Sarbanes-Oxley em 2002. Esse modelo de gestão tem sido implementado por organizações que buscam não somente obter melhor controle de gestão em Tecnologia da Informação, como para aquelas que têm de atender às conformidades legais exigidas pelos órgãos de controle. Implementá-la é um processo complexo e desafiador em virtude da necessidade de se identificar o melhor modelo de GTI dentre as práticas existentes no mundo empresarial. As empresas precisam fazer uma composição daquelas que melhor se aderem às suas realidades. Este trabalho tem como objetivo analisar os modelos de GTI adotados em organizações no Brasil, avaliar os seus resultados, seus níveis de maturidade, os seus benefícios, suas dificuldades e suas tendências, contribuindo assim para o seu melhor entendimento e para amenizar a carência de estudos nessa área no Brasil. Este estudo, que é de natureza empírica, baseou-se na metodologia de estudo de casos múltiplos realizado em cinco empresas para explorar como este modelo de gestão vem sendo adotado, quais estruturas, metodologias e práticas de mercado têm sido utilizadas para a sua efetividade. Neste contexto, apresentam-se os resultados obtidos, os aspectos que envolvem a implementação dos modelos de GTI nas organizações, as dificuldades encontradas, o que têm condicionado o seu desempenho e suas tendências.
Resumo:
Estudo sobre o Projeto Casa Brasil no seu conjunto verificando suas origens e panorama atual, além de enfatizar as experiências de Comunicação Comunitária presentes na unidade Casa Brasil Imbariê. A pesquisa tem como objetivo geral resgatar o contexto histórico do Projeto Casa Brasil e sua situação atual como política pública e sua relação com a Comunicação Comunitária. Por meio de pesquisa bibliográfica constitui-se toda uma base teórica, principalmente no que se refere a Comunicação Comunitária como potencializadora do poder de comunicar. O método utilizado foi o cartográfico, viabilizado por meio das seguintes técnicas: pesquisa documental, entrevistas semiestruturadas e a observação participante. Conclui-se que a Comunicação Comunitária estava prevista nas diretrizes do Projeto Casa Brasil, porém como conceito e prática é uma categoria ausente na maioria das unidades, pois os interesses privados e político-partidários sobrepõem-se ao interesse público, o que aparenta ser um problema estrutural no próprio projeto. Mas, apesar da Casa Brasil Imbariê não se apropriar da Comunicação Comunitária como conceito, se apropria dela na prática, pois as experiências desenvolvidas pelos seus usuários servem como um instrumento de participação popular no exercício da cidadania e promove, em partes, a articulação da comunidade.
Resumo:
Time is in constant motion: the present, the future and the past, although they are not concepts having a fixed meaning, they are present in everyday life both at the conscious and the unconscious levels. The author’s intention in this paper is to grasp the relationship of companies to time and to the future in the mature and nascent states of their life cycles. As discussed in this paper, this relationship may appear with little reflection in the form of assumptions in the eyes of strategy researchers and practitioners. At first the interrelatedness of theory and practice is discussed in order to focus on the role of scholars and practitioners in creating theory and putting it to practice or vice versa. This general introduction will lay the ground for the study of interpretations of the future and time from the perspective of strategy research and strategy practice, respectively.
Resumo:
It is considered that the Strategic Alignment IT is the first step within the IT Governance process for any institution. Taking as initial point the recognition that the governance corporate has an overall view of the organizations, the IT Governance takes place as a sub-set responsible for the implementation of the organization strategies in what concerns the provision of the necessary tools for the achievement of the goals set in the Institutional Development Plan. In order to do so, COBIT specifies that such Governance shall be built on the following principles: Strategic Alignment, Value Delivery, Risk Management, Performance Measurement. This paper aims at the Strategic Alignment, considered by the authors as the foundation for the development of the entire IT Governance core. By deepening the technical knowledge of the management system development, UFRN has made a decisive step towards the technical empowerment needed to the “Value Delivery”, yet, by perusing the primarily set processes to the “Strategic Alignment”, gaps that limited the IT strategic view in the implementation of the organizational goals were found. In the qualitative study that used documentary research with content analysis and interviews with the strategic and tactical managers, the view on the role of SINFO – Superintendência de Informática was mapped. The documentary research was done on public documents present on the institutional site and on TCU – Tribunal de Contas da União – documents that map the IT Governance profiles on the federal public service as a whole. As a means to obtain the documentary research results equalization, questionnaires/interviews and iGovTI indexes, quantitative tools to the standardization of the results were used, always bearing in mind the usage of the same scale elements present in the TCU analysis. This being said, similarly to what the TCU study through the IGovTI index provides, this paper advocates a particular index to the study area – SA (Strategic Alignment), calculated from the representative variables of the COBIT 4.1 domains and having the representative variables of the Strategic Alignment primary process as components. As a result, an intermediate index among the values in two adjacent surveys done by TCU in the years of 2010 and 2012 was found, which reflects the attitude and view of managers towards the IT governance: still linked to Data Processing in which a department performs its tasks according to the demand of the various departments or sectors, although there is a commission that discusses the issues related to infrastructure acquisition and systems development. With an Operational view rather than Strategic/Managerial and low attachment to the tools consecrated by the market, several processes are not contemplated in the framework COBIT defined set; this is mainly due to the inexistence of a formal strategic plan for IT; hence, the partial congruency between the organization goals and the IT goals.
Resumo:
The information constitutes one of the most valuable strategic assets for the organization. However, the organizational environment in which it is inserted is very complex and heterogeneous, making emerging issues relevant to the Governance of information technology (IT) and Information Security. Academic Studies and market surveys indicate that the origin of most accidents with the information assets is the behavior of people organization itself rather than external attacks. Taking as a basis the promotion of a culture of safety among users and ensuring the protection of information in their properties of confidentiality, integrity and availability, organizations must establish its Information Security Policy (PSI). This policy is to formalise the guidelines in relation to the security of corporate information resources, in order to avoid that the asset vulnerabilities are exploited by threats and can bring negative consequences to the business. But, for the PSI being effective, it is required that the user have readiness to accept and follow the procedures and safety standards. In the light of this context, the present study aims to investigate what are the motivators extrinsic and intrinsic that affect the willingness of the user to be in accordance with the organization's security policies. The theoretical framework addresses issues related to IT Governance, Information Security, Theory of deterrence, Motivation and Behavior Pro-social. It was created a theoretical model based on the studies of Herath and Rao (2009) and D'Arcy, Hovav and Galletta (2009) that are based on General Deterrence Theory and propose the following influencing factors in compliance with the Policy: Severity of Punishment, Certainty of Detection, Peer Behaviour, Normative Beliefs, Perceived Effectiveness and Moral Commitment. The research used a quantitative approach, descriptive. The data were collected through a questionnaire with 18 variables with a Likert scale of five points representing the influencing factors proposed by the theory. The sample was composed of 391 students entering the courses from the Center for Applied Social Sciences of the Universidade Federal do Rio Grande do Norte. For the data analysis, were adopted the techniques of Exploratory Factor Analysis, Analysis of Cluster hierarchical and nonhierarchical, Logistic Regression and Multiple Linear Regression. As main results, it is noteworthy that the factor severity of punishment is what contributes the most to the theoretical model and also influences the division of the sample between users more predisposed and less prone. As practical implication, the research model applied allows organizations to provide users less prone and, with them, to carry out actions of awareness and training directed and write Security Policies more effective.
Resumo:
Increasingly, the Information Technology (IT) has been used to sustain the business strategies, causing increased its relevance. Therefore IT governance is seen as one of the priorities of organizations at the time. The search for strategic alignment between business and IT is debated as a factor for business success, but even with that importance, usually the main business managers are reluctant to take responsibility for decisions involving IT, mainly due to the complexity of your infrastructure. Since cloud computing is being seen as an element capable of assisting in the implementation of organizational strategies, because their characteristics enable greater efficiency and agility in IT, and is considered as a new computing paradigm. The main objective of the analyze the relationship between IT governance arrangements and strategic alignment with the infrastructure as a service (IaaS) of public cloud computing. Therefore, an exploratory, descriptive and inferential was developed, with approach to the problem of quantitatively research, with descriptive survey method and cross section. An electronic questionnaire that was applied to the ISACA chapters Associates of São Paulo and the Distrito Federal, totaling 164 respondents was used. The instrument used based on the theories of Weill and Ross (2006) for array of IT governance arrangement; Henderson and Venkatraman (1993) and Luftman (2000), for maturity of the strategic alignment model; and NIST (2011 b), ITGI (2007) and CSA (2010) for infrastructure maturity as a service (IaaS) public in its essential characteristics. As regards the main results, this research proved that with public IaaS decision-making structures have changed, with a greater participation of senior executives in all five key IT decisions (IT governance arrangement array) including more technical decisions as architecture and IT infrastructure. With increased participation of senior executives the decrease was also observed in the share of IT specialists, characterizing the decision process with the duopoly archetype (shared decision). With regard to strategic alignment, it was observed that it changes with cloud computing, and organizations with public IaaS, a maturity of strategic alignment with statistically significant and greater difference when compared to organizations without IaaS. The maturity of public IaaS is at the intermediate level (level 3 - "defined process"), with the elasticity and measurement achieved level 4 - "managed and measurable" It was also possible to infer in organizations with public IaaS, there are positive correlations between the key decisions and the maturity of IaaS, especially at the beginning, architecture and infrastructure, and the archetypes involving senior executives and IT specialists. In the correlation between the maturity and mature strategic alignment of public IaaS therefore the higher the strategic alignment, the greater the maturity of the public IaaS and vice versa.
Resumo:
The information technology - IT- benefits have been more perceived during the last decades. Both IT and business managers are dealing with subjects like governance, IT-Business alignment, information security and others on their top priorities. Talking about governance, specifically, managers are facing it with a technical approach, that gives emphasis on protection against invasions, antivirus systems, access controls and others technical issues. The IT risk management, commonly, is faced under this approach, that means, has its importance reduced and delegated to IT Departments. On the last two decades, a new IT risk management perspective raised, bringing an holistic view of IT risk to the organization. According to this new perspective, the strategies formulation process should take into account the IT risks. With the growing of IT dependence on most of organizations, the necessity of a better comprehension about the subject becomes more clear. This work shows a study in three public organizations of the Pernambuco State that investigates how those organizations manage their IT risks. Structured interviews were made with IT managers, and later, analyzed and compared with conceptual categories found in the literature. The results shows that the IT risks culture and IT governance are weakly understood and implemented on those organizations, where there are not such an IT risk methodology formally defined, neither executed. In addition, most of practices suggested in the literature were found, even without an alignment with an IT risks management process
Resumo:
This study aims to understand the general model of governance of information technology adopted by telecommunication companies operating in Rio Grande do Norte. The research methodology used involved a theoretical and empirical approach prepared, involving two case studies on companies in the telecommunications industry working in the state of Rio Grande do Norte. The study covered the area of IT organizations, through interviews with managers responsible for the area of Telecommunications / IT. To study in accordance with the approach and address the problem of research, this study was based on qualitative criteria, which enabled the understanding of how companies adopt the governance of information technology. In conclusion, it was found that the governance practices of information technology employees are incipient, but that meet the needs of business and that they intend to implement in specific areas and use other practices of IT governance
Resumo:
Companies have always been organized by processes, often imperceptible to its employees. With the advancement of technology, organizational processes currently run an organization through computers, and thus generate immediate information that is available to each sector. With the objective of seeking business information in real time, the government created the SPED - Public System of Digital, which involves three subsystems, which are the Electronic Invoice, Digital Accounting Bookkeeping and Digital Tax Bookkeeping. This system is revolutionizing the business structures when gathering, in an innovative way, all information and interlinked business processes. For the implementation of SPED, a revision in the organizational processes is required, since the information is generated and is sent online to the government, without mistakes. Thus the study aimed to analyze the change brought about by the implementation of the Public System of Digital SPED in the main business processes. In order to do so, we have performed a multiple case study involving three companies in the state of Para, two operate in wholesale and one explores agribusiness. The Data collection was performed by accounting professionals, IT and managers. According to the results obtained, it was found that in two companies, the IT infrastructure was capable of deploying the new system without major problems, while one company had more difficulties to cope with the new system. However, all companies had to examine its processes to make the customizations needed to fit. It was also observed that there is no IT Governance in two companies. Therefore, we recommend the use of an appropriate model, not only for the implementation of SPED, but as a way to manage and extract better results from investment in information technology
Resumo:
This research has as an objective to study the IT Governance in the Brazilian Federal Universities, discusses the relationships between the IT Governance (ITG) mechanisms and the noticed IT management development in those public institutions. The subject Information Technology Governance, is not only vast, but constitutes implications in most different operational and knowledge areas, being relevant to the Public Administration, as a part of Corporative Governance and the public related, evolves high investments, such as financial, structure and material and human resources. The universities are entities from Indirect Administration and essential actors in the knowledge developing and creating and on its managers. Theirs public administrative agents, responds for the managing public resources competence and to provide internal policy that determines how IT will allow a bigger alignment and reaching of institutions business. We highlight the role of universities that manage significant quantity of public resources to achieve its institutional purposes. Looking this way, this theoretical and empirical study has as its goal to design an ITG panorama in the Brazilian universities (67 universities), for the strategic alignment on governance actions and institutional development focusing on the efficiency of the public service offered by those institutions. Facing this research focus delimitation, the methodology process will evolve three investigative activities: (1) documental and bibliographical research, (2) questioning, and exploratory tool, to investigate the IT Governance and Management perception in the IFES, directed to IT executive responsible, as a data collection device and (3) research the availability of ITG information in institutes websites. This project contributes to the studies this subject; it investigates the relations that make the ITG as a business strategy and shows the implementation IT Governance, such as a tool to allow the viability of Corporate Governance. This way, expected to contributes to the Public Administration development, following the principle that to improve it’s needed diagnose, and then, offer better results to the society on this field of working.
Resumo:
Relatório de estágio apresentado à Escola Superior de Educação de Paula Frassinetti, para obtenção do grau de mestre em Educação Pré-Escolar
Resumo:
The information technology - IT- benefits have been more perceived during the last decades. Both IT and business managers are dealing with subjects like governance, IT-Business alignment, information security and others on their top priorities. Talking about governance, specifically, managers are facing it with a technical approach, that gives emphasis on protection against invasions, antivirus systems, access controls and others technical issues. The IT risk management, commonly, is faced under this approach, that means, has its importance reduced and delegated to IT Departments. On the last two decades, a new IT risk management perspective raised, bringing an holistic view of IT risk to the organization. According to this new perspective, the strategies formulation process should take into account the IT risks. With the growing of IT dependence on most of organizations, the necessity of a better comprehension about the subject becomes more clear. This work shows a study in three public organizations of the Pernambuco State that investigates how those organizations manage their IT risks. Structured interviews were made with IT managers, and later, analyzed and compared with conceptual categories found in the literature. The results shows that the IT risks culture and IT governance are weakly understood and implemented on those organizations, where there are not such an IT risk methodology formally defined, neither executed. In addition, most of practices suggested in the literature were found, even without an alignment with an IT risks management process
Resumo:
This study aims to understand the general model of governance of information technology adopted by telecommunication companies operating in Rio Grande do Norte. The research methodology used involved a theoretical and empirical approach prepared, involving two case studies on companies in the telecommunications industry working in the state of Rio Grande do Norte. The study covered the area of IT organizations, through interviews with managers responsible for the area of Telecommunications / IT. To study in accordance with the approach and address the problem of research, this study was based on qualitative criteria, which enabled the understanding of how companies adopt the governance of information technology. In conclusion, it was found that the governance practices of information technology employees are incipient, but that meet the needs of business and that they intend to implement in specific areas and use other practices of IT governance
Resumo:
Companies have always been organized by processes, often imperceptible to its employees. With the advancement of technology, organizational processes currently run an organization through computers, and thus generate immediate information that is available to each sector. With the objective of seeking business information in real time, the government created the SPED - Public System of Digital, which involves three subsystems, which are the Electronic Invoice, Digital Accounting Bookkeeping and Digital Tax Bookkeeping. This system is revolutionizing the business structures when gathering, in an innovative way, all information and interlinked business processes. For the implementation of SPED, a revision in the organizational processes is required, since the information is generated and is sent online to the government, without mistakes. Thus the study aimed to analyze the change brought about by the implementation of the Public System of Digital SPED in the main business processes. In order to do so, we have performed a multiple case study involving three companies in the state of Para, two operate in wholesale and one explores agribusiness. The Data collection was performed by accounting professionals, IT and managers. According to the results obtained, it was found that in two companies, the IT infrastructure was capable of deploying the new system without major problems, while one company had more difficulties to cope with the new system. However, all companies had to examine its processes to make the customizations needed to fit. It was also observed that there is no IT Governance in two companies. Therefore, we recommend the use of an appropriate model, not only for the implementation of SPED, but as a way to manage and extract better results from investment in information technology
Resumo:
Os Açores reúnem nove ilhas com singularidades peculiares em termos paisagísticos, arquitetónicos e riqueza dos seus recursos naturais. Este panorama levanta contudo grandes desafios de sustentabilidade, de entre eles a reorientação de estratégias, atendendo à especificidade da região (segundo os objetivos à escala nacional em sede da Estratégia Nacional Desenvolvimento Sustentável (ENDS)). No caso da Ilha de Santa Maria (SMA), pequena ilha em que as estratégias tendem a ser ignoradas, a participação da população e dos dirigentes locais é minorada por interesses económicos desvinculados do desenvolvimento sustentável (DS). Para inverter esta situação é necessário conhecer para preservar, proteger para conservar, planificar e orientar os comportamentos e atitudes visando a sustentabilidade dos recursos naturais (RN) da ilha. Aplicando uma metodologia que conjugou os métodos quantitativos e qualitativos, com uma componente prática, utilizando um método de amostragem não casual dirigida, não probabilística com um método de amostragem por clusters, agrupado em grupos (workshop, séniores e jovens), pretendeu-se descrever os conhecimentos, as práticas e as perceções sobre a gestão dos RN’s, DS e instrumentos de gestão territorial (IGT’s). Os resultados mostram que os conhecimentos, práticas e perceções dos diferentes grupos são insuficientes no que respeita ao conhecimento dos conceitos e dimensões do DS (independentemente das idades ou habilitações literárias), verificando-se contudo melhorias, por vezes significativas, após as ações de sensibilização e educação. É imperativo continuar o esforço de valorização dos RN’s, envolvendo a população nas estratégias de conservação, objetivando uma proposta orientadora e participada numa visão para sustentabilidade da Ilha (SMA). Recomenda-se uma proposta de modelo de Estratégia DS dos recursos naturais e biodiversidade para SMA e diversas propostas de ações para colocar em prática essa estratégia como desenvolvimentos futuros.
