Skip to main content

Tone from the Top


IT Governance is the process of ensuring effective and efficient IT strategies are used to manage risk, maintain quality information, generate business value and achieve company goals. Tone from the top is the behavioural example set from top management to the overall culture and ethical environment of the organisation (Schwartz, Dunfee, & Kline, 2005). With nearly 90% of PwC survey respondents indicating they believe “tone from the top” is critical in the success of a company, it is vital that senior management implement a no-tolerance attitude to risky IT behaviour (PricewaterhouseCoopers, 2013).


An example of negative “tone from the top” was in a past job of a family member of mine. The senior management infiltrated a negative culture within the workplace due to low work ethic and no future goals or governance practices being put in place. This apathetic enforcement of IT governance set the workplace culture to be one where opportunity, pressure and rationalisation was high, where employees followed the attitude set by senior management.



The COBIT 5 framework is set to create value from IT by covering all aspects of business and IT governance ensuring there is a balance between maximising benefits while still reducing risk (Omari, Barnes, & Pitman, 2012). Due to the frameworks five principles and seven categories of enablers set to manage IT requirements and improved goals, it applies successfully to many organisations (Omari, Barnes, & Pitman, 2012). COBIT 5 could have been used within my family member’s organisation to improve culture by starting from the top of the organisation to use ‘tone from the top’ to infiltrate a positive culture (Aasi, Rusu, & Han, 2014).

References

Aasi, P., Rusu, L., & Han, S. (2014, March 10). The Influence of Culture on IT Governance: A Literature Review. Retrieved from IEEE Xplore: https://ieeexplore.ieee.org/abstract/document/6759148/authors#authors
Omari, L. A., Barnes, D. P., & Pitman, D. G. (2012, December 29). Optimising COBIT 5 for IT Governance: Examples from the Public Sector . Retrieved from Queensland University of Technology: https://eprints.qut.edu.au/55561/1/LoaiAlOmari_Optimising_COBIT_5_for_IT_Governance.pdf
PricewaterhouseCoopers. (2013). Tone from the Top Transforming words into action. Retrieved from PricewaterhouseCoopers: https://www.ibe.org.uk/userimages/pwc_tone_from_the_top_2013.pdf
Schwartz, M. S., Dunfee, T. W., & Kline, M. J. (2005, May). Tone at the Top: An Ethics Code for Directors? Retrieved from Springer Link: https://link.springer.com/article/10.1007/s10551-005-1390-y#citeas


Comments

Post a Comment

Popular posts from this blog

Labelmakers Case

A forensic accountant’s role in a civil action is usually to draw out information from accounting records and establish relevant facts (Fenton & Isaacs, 2012). In the Labelmakers Group Pty Ltd v LL Force Pty Ltd case two forensic accountants were engaged by each party to examine relevant records and provide reports. They were required to calculate the profit margin, discount rate, loss of profit on paper sales and accounts of profits. The profit margin was calculated to identify losses of sales revenue and to indicate the impact of clients transferring their business away. The discount rate was calculated to be applied in calculating the quantum of the applicant’s losses as a result of the respondents misconduct in order to assist in recognising the resulting damages of each party. The loss of profit on paper sales was calculated to identify the implications of lost business on paper quantity ordered and the revenue from these sales.   Under the accounts of profits, net
Post a Comment
Read more

Strict/Vicarious Liability

Under strict/vicarious liability an employer can be held liable for the actions of their employees even if the employee engages in criminal or fraudulent behaviour (Smit & Viviers, 2016). In Australia, liability can arise under contract law, tort, criminal law or other statutes (Ryding & Reisz, 2016) . I do agree that making employers liable for their employee’s actions is a great motivation to minimise fraud, bribery and corruption; however, I disagree that it is the only solution. The backhand in a workplace could be that an employer withholds information that might lead to the conviction of an employee in the fear that they will become equally convicted initiating another area of fraud. The Royal Commission produced a report into misconduct in the banking, superannuation and financial services industry that identified types of crime. Vendor fraud was a main issue of the report due to banks charging fees for services that were not provided (Hayne, 2017) . Vica
Post a Comment
Read more

Risk Management

Risk management is a major component of IT Governance set to protect against fraud, bribery and corruption. Due to the increasing use of IT in all organisations, IT Governance must continuously evolve to manage the increasing need for higher risk management (Pasquini & Galie, 2013) . Accurate IT governance should have the ability to identify, monitor and report on the level at which IT risks are managed along with how much they need to be managed (von Solms, 2005) . HR managers can implement fraud prevention strategies such as top-down control and trust-building practices into their organisation, however these strategies do not address every aspect of fraud, like opportunity (Niehoff & Paul, 2000) . HR managers along with the use of IT Governance can effectively implement controls within an organisation to prevent fraud. COBIT 5 provides guidance through enablers to contribute to the overall governance and management of risk. Processes identify an
Post a Comment
Read more