Professional IT


IT Toolkit

Bradley Shedd

IT 7833

April 29, 2013


My perspective outlook on an IT professional is to view them as information gatherers. The IT professional can build, program, and manage computer systems. There is always a need for technology to fix problems that cannot be mended with other resources. The IT professional is available to manage the situation by using policies, strategies and

governance. Each IT professional will continually follow a trail of reaching a better understanding of becoming an IT
computer guru. According to Wikipedia, you can have a chartered IT professional certification that can be earned and accredited through the British Computer Society. You can be an IT professional if you work in an environment that uses your computer skills to help others in the working world. However, nobody can ever become a complete computer guru and know everything about computers.

The IT Professional


According to the University of California in Santa Cruz, policy is

used to define how employees, staff and students are to approach
security (Information Technology Services, 2012).

The Control Objectives for Information and Related Technology (COBIT) states that policy is to follow a set of security guidelines that are to control companies’ set objectives. COBIT is a framework created by Information Systems Audit and Control Association (ISACA) for information technology (IT) management and IT governance (COBIT, 2013).

IT Policy


Define and maintain an overall IT

security plan that includes:

A complete set of security policies and standards in line with the established information security policy framework

Procedures to implement and enforce the policies and standards

Roles and responsibilities

Staffing requirements

Security awareness and training

Enforcement practices

Investments in required security resources

Scope and objectives of the security management function

Responsibilities of the security management function

Compliance and risk drivers

Security compliance policy

Management risk acceptance (security non-compliance acknowledgement)

External communications security policy

Firewall policy

E-mail security policy

An agreement to comply with IS


Laptop/desktop computer security policy

Internet usage policy

Ensure system security

Manage the configuration, data, third- parties, operations, and problems or incidents.

Install and accredit solutions and changes

End-user computing

IT Policy Guidelines


IT strategy is defined as “the overall plan which consists of

objectives, principles and tactics relating to the use of the
technologies within a particular organization” (Technology
Strategy, 2013). “Such strategies primarily focus on the
technologies themselves and in some cases the people who
directly manage those strategies” (IT Strategy, 2013).

“Such strategies primarily focus on the technologies themselves and in some cases the people who directly manage those strategies”.

IT Strategy

Plan and Organize

This domain provides directions to solutions’ delivery and service delivery

Define a Strategic IT Plan and


Define the Information


Determine Technological


Define the IT Processes, Organization and Relationships

Manage the IT Investment

Communicate Management

Aims and Direction

Manage IT Human Resources

Manage Quality

Assess and Manage IT Risks

Manage Projects

Acquire and Implement


This domain provides the solutions and passes them on to be turned into services in the next domain.

Identify Automated


Acquire and Maintain

Application Software

Acquire and Maintain

Technology Infrastructure

Enable Operation and Use

Procure IT Resources

Manage Changes

Install and Accredit

Solutions and Changes

Strategy Guidelines


According to Weill and Ross IT governance

focuses on specifying the rights and
accountability to encourage desirable behavior
in the use of IT.

IT governance is a subset of discipline of corporate governance focused on IT systems and their performance and risk management (Information Technology Governance, 2013).

IT Governance


Deliver and Support

This domain receives the solutions and makes them usable for end users.

Manage Service Levels

Manage Third-party Services

Manage Performance and


Manage Service Desk and


Manage the Configuration

Manage Problems

Manage Data

Manage the Physical


Manage Operations

Ensure Continuous Service

Ensure System Security

Identify and Allocate Costs

Educate and Train Users

Monitor and Evaluate

This domain monitors all processes to ensure that the direction provided is followed.

Monitor and Evaluate IT Processes

Monitor and Evaluate

Internal Control

Ensure Regulatory


Provide IT Governance

IT Governance Guidelines