COBIT (Control Objectives for Information and related Technology), the latest ISO 17799:2005, which defines best practices for security and effective security planning, processing, and controls are implemented across many industries, to improve Sarbanes-Oxley compliance and to prepare for future changes in financial regulations. Like Sarbanes-Oxley itself, this can be a source of frustration, given its cumbersome nature. However, without regulations such as Sarbanes-Oxley and COBIT, there would likely be a return to the pre-Enron corporate environment in many organizations. No ethical person wishes a return to a climate of obfuscation and mistrust in corporate America. The existence of more stringent regulations has held dishonest people accountable, and honest organizations have nothing to hide. And one great advantage of more stringent government regulation of industry is that prospective investors are able to see that an organization is aboveboard more easily

Part 3: Systems development and project management

There are many sequential models for the development of IT projects. A number of common models exist, including the ad hoc model, the waterfall model, and iterative development. The ad hoc model is perhaps the most common model, particularly for small projects (Survey of systems development process models, 1998, Center for Technology in Government). There is no specific timetable,...

The advantage of this is that bureaucratic red tap is minimized, there are no delays due to built-in time tables, and the free flow of ideas can be generated. The negatives are that without structured project management and no clear leadership, needless delays can result because of conflicts in information -- and worst of all, even a successful project is difficult to replicate.
The classic waterfall model of systems design has very specific stages: system conceptualization, system analysis, system design, coding, and testing (Survey of systems development process models, 1998, Center for Technology in Government). Criticism of the waterfall model is that in the 'real world' projects seldom progress in such a tidy, orderly fashion. Also, the model can be cumbersome and lengthy. Iterative development makes use of a kind of 'mini-waterfall' within every phase of the project. Its value is that it provides continual feedback to project managers, given that testing is done at every phase. However 'scope creep' is common given that additional feedback can cause the project to expand.

References

Survey of systems development process models. (1998). Center for Technology in Government. University of Albany. Retrieved June 28, 2011 at http://www.ctg.albany.edu/publications/reports/survey_of_sysdev/survey_of_sysdev.pdf