Universal Economic Operating Model - Governance by Design
Governance by Design
If we assume that Cybernetics Viable System Model suggest a self governing system AND we agree that a model is static but really has no value if not used in operations or applied and re-used.
Priority business capabilities or mission critical business capabilities are defined as follows;
Three Management Capabilities
Management capabilities are elicit objects structured with natural hierarchical rules (fixed-static-structured and monitored) objects are not unique nor would any individual organization or agency have the authority to alter any of these structures nor the values which are represented when applied to any application or report. Universality common to any business, organization or agency.
Management capabilities are the create, read, update and archive processing activities performed by a group of users who are not users in any transaction application with financial transactions created.
associated with the master record in an ERP system
can be scaled into five capabilities regardless of the size of any organization or agency.
When we acquire data from an application; Context
If we assume that Cybernetics Viable System Model suggest a self governing system AND we agree that a model is static but really has no value if not used in operations or applied and re-used.
Priority business capabilities or mission critical business capabilities are defined as follows;
Three Management Capabilities
Management capabilities are elicit objects structured with natural hierarchical rules (fixed-static-structured and monitored) objects are not unique nor would any individual organization or agency have the authority to alter any of these structures nor the values which are represented when applied to any application or report. Universality common to any business, organization or agency.
Management capabilities are the create, read, update and archive processing activities performed by a group of users who are not users in any transaction application with financial transactions created.
- A segregation of duties must be proven and therefore practiced with logging and monitoring of the capability in its entirety (lifecycle)
associated with the master record in an ERP system
can be scaled into five capabilities regardless of the size of any organization or agency.
When we acquire data from an application; Context
- we must understand the user to machine in order to derive context
- we must retain the date and time stamps without altering the original digital record(golden copy)
- we must understand any alternate uses in other 3rd party applications (integration)
- we must append rather than duplicate in any situations where we have financial or party related entities and objects - Sarbanes Oxley Act of 2002
- we must retain the application source system to target and any processing by others when acquired from the target
- we must retain the inputs and outputs by understanding the process at the time of the input
- we must monitor and map all alternative uses in any offline shadow applications (analytical or business intelligence-in house custom developed transaction applications)
- we must assume full threat penetration testing requirements on any procedure where we GET or INSERT using SQL or non-SQL or any software language programming
Comments
Post a Comment