SlideShare a Scribd company logo

Co5bit

Anne Starr
Anne Starr

COBIT 5 provides principles for effective IT governance and management. One key principle is separating governance from management. Governance defines the direction and ensures proper oversight and accountability, while management designs, implements and monitors processes to achieve the direction set by governance. Separating these roles and responsibilities helps ensure appropriate checks and balances.

1 of 68
COBIT 5 Controlled Objects in Business IT Environment OVERVIEW AND KEY FEATURES
TRAINER PROFILE LEO LOURDES (MBA IT Management, BoM Hons. HRM) Certified in ITIL IT Service Management Certified in Coaching and Calibration Skills for Call Center Certified in Delivering Learning / Teaching by City & Guilds, United Kingdom Implementer of ISO 20000-1:2011 Certified in COBIT® 5 Certified in ISO 9001 Auditor (PECB) Certified in PRINCE2® in Project Management Certified in ITIL® Practitioner Certified in ITIL® Intermediate Certificate in IT Service Operation Certified in ITIL Information Security based on ISO/IEC 27002 Certified in ITIL for Cloud Computing leo@thinkleosolutions.com +6016-349 1793 Experience: Certified Trainer Certified IT Auditor & Consultant Head of Service Desk Call Quality Monitoring Expert Senior CRM Delivery Analyst Management Representative (MR) ISO 20000-1: 2011 IT Service Management (Incident, Problem, Change) Manager Security, Compliance & Risk Management
Main case study You are the Chief Architect entrusted with setting up the IT Operations with governance and controls to cater to ever changing business requirements. You are from a team of Consulting providers who work with clients and manage their services. Throughout the next 2 days you will use COBIT to define and implement controls for better governance in your organization
Benefits of COBIT 5  COBIT 5 helps enterprises create optimal value from IT by maintaining a balance between realizing benefits and optimizing risk levels and resource use: 1. It is a business framework with top down view of business needs that create goal cascade. 2. Enables IT to be governed and managed in holistic end to end manner for entire enterprise. 3. Is generic and useful for all enterprises of any size and type. 4. Provides common language for the enterprise governance and management of IT. 5. Is consistent with generally accepted corporate governance standards thus help meet regulatory requirements.
Why COBIT 5? 1. ISACA Board of Directors direction: “Tie together and reinforce all ISACA knowledge assets with COBIT. 2. Provide a renewed and authoritative governance and management framework for enterprise information and related technology. 3. Integrate all major ISACA frameworks and guidance. 4. Align with other major frameworks and standards.
The Evolution of COBIT 5
COBIT 5 MAPPING SUMMARY
COBIT 5 Mapping Summary
Where does COBIT 5 fit?
COBIT 5 PRINCIPLES
COBIT 5 Principles COBIT 5 Principles 1. Meeting Stakeholder Needs 4. Enabling Holistic Approach 5. Separating Governance from Management 3. Applying a Single Integrated Framework 2. Covering Enterprise End to End
Quiz 1 What are five (5) principles of COBIT 5?
Principle 1 MEETING STAKEHOLDER NEEDS
Value Creation Benefit Realisation Risk Optimisation Resource Optimisation Governance Objective: Value Creation Stakeholder Needs Drive Enterprise exist to create value for their stakeholder. Value Creation: Benefit Realisation at an Optimal Resource Cost while Optimizing Risk.
The Need of Goal Cascade • Enterprise have many stakeholders. • ‘Creating Value’ has different, sometimes conflicting, meanings for each. • Governance is about:- • Negotiating • Deciding among different stakeholders value interests. • Considering all stakeholders during decision making. • For each decision, ask:- • For whom are the benefits? • Who bears the risk? • What resources required? • Stakeholder needs must be transformed into actionable strategy.
COBIT 5 Goal Cascade Stakeholder Drivers Stakeholder Needs Enterprise Goals Benefit Realisation Risk Optimisation Resource Optimisation Governance Objective: Value Creation Example, strategy changes, changing business, new technologies and etc. IT Related Goals Enabler Goals Influences Cascades To Cascades To Cascades To Stakeholder needs can be related to a set of generic enterprise goals. Achievement of enterprise goals requires a number of IT related outcomes. Achieving IT related goals requires the successful application and use of enablers.
Internal Stakeholder Needs: Governance & Management Questions on IT
External Stakeholder Needs: Governance & Management Questions on IT
COBIT 5 Enterprise Goal BSC: Balance Score Card, P: Primary Relationship & S: Secondary Relationship
COBIT 5 IT Related Goal
Quiz 3 What are IT-related outcomes, required to achieve enterprise goals, represented by? a) IT-related goals b) Enabler goals c) IT balanced scorecard d) Processes
Quiz 4 What are (3) key elements of governance objective that creates value to meet stakeholder needs?
Principle 2 COVERING ENTERPRISE END TO END
Governance Approach Benefit Realisation Risk Optimisation Resource Optimisation Governance Objective: Value Creation Governance Enablers Governance Scope Roles, Activities and Relationships Key components of Governance System Governance Enablers are organizational resources; such as frameworks, structures, principles, processes and practices. Also include enterprise resources like service capabilities, people and information. Governance Scope can be applied to entire enterprise, an entity, tangible or intangible asset. Roles, Activities and Relationships defines who involved in the governance, how they are involved, what they do, how they interact within the scope of the governance system.
Co5bit
Principle 3 APPLYING A SINGLE INTEGRATED FRAMEWORK
Governance and Management Framework Integrator COBIT 5: • Aligns with latest relevant standards and frameworks thus allows enterprise use COBIT 5 as the overarching governance and management framework integrator. • Is complete in enterprise coverage providing a basis to integrate effectively with other frameworks, and practices used. • Provides simple architecture for structuring guidance materials and producing a consistent product set. • Integrates all knowledge previously dispersed over different ISACA frameworks (previously known as Information Systems Audit and Control Association, now goes on with the ISACA acronym.
COBIT 5 Single Integrated Framework 1. Bringing together the existing ISACA guidance (COBIT 4.1, Val IT 2.0, Risk IT, BMIS) into this single framework. 2. Complementing this content with areas needing further elaboration and updates. 3. Aligning to other relevant standards and frameworks, such as ITIL, TOGAF and ISO standards. 1. Populating a COBIT 5 knowledge base that contains all guidance and content produced now and will provide a structure for additional future content. 2. Providing a sound and comprehensive reference base of good practices. Defining a set of governance and management enablers, which provide a structure for all guidance materials.
Principle 4 ENABLING HOLISTIC APPROACH
COBIT 5 Enablers • Factors that individually and collectively, influence whether something will work. • Driven by goal cascade. • Described by the COBIT 5 framework in seven categories. • Support a comprehensive governance and management system for enterprise of IT.
The seven (7) Enablers Categories 1. Principles, Policies & Frameworks 2. Processes 3. Organizational Structures 4. Culture, Ethic & Behavior 5. Information 6. Services, Infrastructures & Applications 7. People, Skill & Competencies Resources
Quiz 5 What are the seven (7) key Enablers categories of COBIT 5?
Enablers Dimensions and Performance Management
COBIT 5 Enablers Dimensions All enablers have a set of common dimensions. This set of common dimensions 1. Provides a common, simple and structured way to deal with enablers 2. Allows an entity (enablers) to manage its complex interactions 3. Facilitates successful outcomes of the enablers
Dimensions 1: Stakeholders 1. Each enabler has stakeholders (parties who play an active role and/or have an interest in the enabler). 2. For example, processes have different parties who execute process activities and/or who have an interest in the process outcomes. 3. Stakeholders can be internal or external to the enterprise, all having their own, sometimes conflicting, interests and needs. 4. Stakeholders’ needs translate to enterprise goals, which in turn translate to IT- related goals for the enterprise. (COBIT 5 Goal Cascade)
Dimensions 2: Goals 1. Each enabler has a number of goals, and enablers provide value by the achievement of these goals. 2. Goals can be defined in terms of:  Expected outcomes of the enabler  Application or operation of the enabler itself 3. The enabler goals are the final step in the COBIT 5 goals cascade.
Dimensions 2: Goals Characteristics A. Intrinsic quality:  The extent to which enablers work accurately, objectively and provide reputable results. B. Contextual quality:  The extent to which enablers and their outcomes are fit for purpose, relevant, complete, current, appropriate, consistent, understandable and easy to use. C. Access and security:  The extent to which enablers and their outcomes are accessible and secured.
Dimensions 3: Lifecycle 1.Each enabler has a life cycle, from inception through an operational/useful life until disposal. 2.The phases of the life cycle consist of: • Plan (includes concepts development and concepts selection) • Design • Build/acquire/create/implement • Use/operate • Evaluate/monitor • Update/dispose
Dimensions 4: Good Practices 1.For each of the enablers, good practices can be defined. 2.Good practices support the achievement of the enabler goals. 3.Good practices provide examples or suggestions on how best to implement the enabler, and what work products or inputs and outputs are required.
COBIT 5 Enabler Performance Management 1. Enterprises expect positive outcomes from the application and use of enablers. 2. Lag indicators (Achievement of Goals) - What extent the goals are achieved? • Are stakeholder needs addressed? • Are enabler goals achieved? 3. Lead indicators (Application of Practice) - Actual functioning of the enabler itself. • Is the enabler life cycle managed? • Are good practices applied?
Principle 5 SEPARATING GOVERNANCE FROM MANAGEMENT
Governance and Management Defined Governance ensures stakeholders needs, conditions and options are: • Evaluated to determine balanced, agreed-on enterprise objectives to be achieved. • Setting direction through prioritization and decision making. • Monitoring performance and compliance against agreed-on direction and objectives. Management plans, builds, runs and monitors activities in alignment with the direction set by the governance body to achieve the enterprise objectives. (PBRM)
Governance and Management Note: Detailed informations on above diagram will be explained in next slides onwards.
COBIT 5 PROCESS REFERENCE MODEL
COBIT 5: Process Reference Model 1. Details of 37 processes across five domains. 2. Governance: One domain (EDM) with 5 processes aligned with key process area of (practice defined) - evaluating, directing and monitoring (EDM). 3. Management: Four domains with 32 processes aligned with key process area of (responsibility areas) - plan, build, run & monitor (PBRM):-  Plan: APO (Align, Plan & Organize) -> 13 processes  Build: BAI (Build, Acquire & Implement) -> 10 processes  Run: DSS (Deliver, Service & Support) -> 6 processes  Monitor: MEA (Monitor, Evaluate & Assess) -> 3 processes
Governance and Management: Key Process Areas & Domains
COBIT 5: Process Reference Model
Quiz 6 In Process Reference Model, what does EDM key process area stands for Governance? a) Plan, Organize & Align b) Evaluate, Design & Measure c) Evaluate, Direct & Monitor d) Build, Acquire & Implement
Quiz 7 In Process Reference Model, what does DSS domain stands for Management? a) Plan, Organize & Align b) Deliver, Service & Support c) Evaluate, Direct & Monitor d) Build, Acquire & Implement
Quiz 8 In Process Reference Model, what does MEA domain stands for Management? a) Plan, Organize & Align b) Deliver, Service & Support c) Monitor, Evaluate & Assess d) Build, Acquire & Implement
Quiz 9 In Process Reference Model, how many processes are aligned to (Build, Acquire & Implement) BAI domain in Management? a) 6 processes b) 10 processes c) 13 processes d) 60 processes
Quiz 10 In Process Reference Model, what does PBRM key process area stands for Management?
Co5bit
Co5bit
Co5bit
Co5bit
Co5bit
Process Reference Model: Mapping to Current ISO/IEC 20000 Process Domains COBIT 5 Process Current ISO/IEC 20000 Process Align, Plan & Organize (APO) APO06 Manage Budget & Costs IT Financial Management APO08 Management Relationships Business Relationship Management APO09 Manage Service Agreements Service Level Management APO10 Manage Suppliers Vendor Management APO11 Manage Quality Quality Management System APO13 Manage Security Information Security Management
Process Reference Model: Mapping to Current ISO/IEC 20000 Process Domains COBIT 5 Process Current ISO/IEC 20000 Process Build, Acquire & Implement (BAI) BAI04 Manage Availability & Capacity Availability Management Capacity Management BAI06 Manage Changes Change Management BAI07 Manage Change Acceptance and Transitioning Release & Deployment Management BAI10 Manage Configuration Configuration Management
Process Reference Model: Mapping to Current ISO/IEC 20000 Process Domains COBIT 5 Process Current ISO/IEC 20000 Process Deliver, Support & Service (DSS) DSS02 Manage Service Requests & Incidents Incident & Service Request Management DSS03 Manage Problems Problem Management DSS04 Manage Continuity IT Service & Continuity Management
Process Reference Model: Mapping to Current ISO/IEC 20000 Process Domains COBIT 5 Process Current ISO/IEC 20000 Process Monitor, Evaluate and Assess (MEA) MEA01 Monitor, Evaluate and Assess Performance and Conformance Service Reporting MEA02 Monitor, Evaluate and Assess the System of Internal Control Internal Audit MEA03 Monitor, Evaluate and Assess Compliance With External Requirements Legal, Regulatory, and Contractual Requirements
COBIT 5 LIFE CYCLE APPROACH
COBIT 5: Life Cycle Approach
COBIT 5 PROCESS CAPABILITY MODEL
COBIT 5: Process Capability Model
COBIT 5: Process Capability Model
Slides Reference Source This slides content is aligned to the ISACA COBIT V5 2012.
Thank You

More Related Content

What's hot

Study Notes - COBIT 5 Foundation Certification
Study Notes - COBIT 5 Foundation CertificationStudy Notes - COBIT 5 Foundation Certification
Study Notes - COBIT 5 Foundation Certification
WAJAHAT IQBAL
 
COBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an IntroductionCOBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an Introduction
aqel aqel
 
Comparación de CobiT 5 con CobiT 4.1
Comparación de CobiT 5 con CobiT 4.1Comparación de CobiT 5 con CobiT 4.1
Comparación de CobiT 5 con CobiT 4.1
Slime Argentina
 
COBIT 5 Basic Concepts
COBIT 5 Basic ConceptsCOBIT 5 Basic Concepts
COBIT 5 Basic Concepts
Spyros Ktenas
 
Business and ITSM on the same page at last! ITIL, TOGAF and COBIT working to...
Business and ITSM on the same page at last! ITIL, TOGAF and COBIT working to...Business and ITSM on the same page at last! ITIL, TOGAF and COBIT working to...
Business and ITSM on the same page at last! ITIL, TOGAF and COBIT working to...
CTE Solutions Inc.
 
Cobit Foundation Training
Cobit Foundation TrainingCobit Foundation Training
Cobit Foundation Training
vyomlabs
 
ThinkFaculty ITIL Training Course IBM
ThinkFaculty ITIL Training Course IBMThinkFaculty ITIL Training Course IBM
ThinkFaculty ITIL Training Course IBM
Zyma Arsalan
 
Implementing ITIL - Product First Or Process First
Implementing ITIL - Product First Or Process FirstImplementing ITIL - Product First Or Process First
Implementing ITIL - Product First Or Process First
Vyom Labs
 
Implementing ITIL® Service Strategy Through Enterprise Architecture
Implementing ITIL® Service Strategy Through Enterprise ArchitectureImplementing ITIL® Service Strategy Through Enterprise Architecture
Implementing ITIL® Service Strategy Through Enterprise Architecture
NUS-ISS
 
ITIL Training Module 1 Service Management Part 2
ITIL Training Module 1 Service Management Part 2ITIL Training Module 1 Service Management Part 2
ITIL Training Module 1 Service Management Part 2
Skillogic Solutions
 
ADD: New itil implementation approach
ADD: New itil implementation approachADD: New itil implementation approach
ADD: New itil implementation approach
Mohamed Zohair
 
Introduction to ITIL 4 and IT service management
Introduction to ITIL 4 and IT service managementIntroduction to ITIL 4 and IT service management
Introduction to ITIL 4 and IT service management
Christian F. Nissen
 
Merit Event - ITIL Framework
Merit Event - ITIL FrameworkMerit Event - ITIL Framework
Merit Event - ITIL Framework
meritnorthwest
 
Role with IT(IL) - V3 Roles and Responsibilities - ITSM Academy Webinar
Role with IT(IL) - V3 Roles and Responsibilities - ITSM Academy WebinarRole with IT(IL) - V3 Roles and Responsibilities - ITSM Academy Webinar
Role with IT(IL) - V3 Roles and Responsibilities - ITSM Academy Webinar
ITSM Academy, Inc.
 
ITIL vs TOGAF First Round
ITIL vs TOGAF First RoundITIL vs TOGAF First Round
ITIL vs TOGAF First Round
BITIL.COM
 
IT Service Management Concept - Mamdouh Sakr
IT Service Management Concept - Mamdouh Sakr IT Service Management Concept - Mamdouh Sakr
IT Service Management Concept - Mamdouh Sakr
Mamdouh Sakr
 
ITIL v4 Foundation course
ITIL v4 Foundation course ITIL v4 Foundation course
ITIL v4 Foundation course
QRPInternational
 
IT Portfolio Management Using Enterprise Architecture and ITIL® Service Strategy
IT Portfolio Management Using Enterprise Architecture and ITIL® Service StrategyIT Portfolio Management Using Enterprise Architecture and ITIL® Service Strategy
IT Portfolio Management Using Enterprise Architecture and ITIL® Service Strategy
NUS-ISS
 
From Value Governance To Benefits Realization In A Controlled Environment
From Value Governance To Benefits Realization In A Controlled EnvironmentFrom Value Governance To Benefits Realization In A Controlled Environment
From Value Governance To Benefits Realization In A Controlled Environment
George Papoulias
 
ITIL Course Wide version
ITIL Course Wide versionITIL Course Wide version
ITIL Course Wide version
Phillip Smith
 

What's hot (20)

Study Notes - COBIT 5 Foundation Certification
Study Notes - COBIT 5 Foundation CertificationStudy Notes - COBIT 5 Foundation Certification
Study Notes - COBIT 5 Foundation Certification
 
COBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an IntroductionCOBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an Introduction
 
Comparación de CobiT 5 con CobiT 4.1
Comparación de CobiT 5 con CobiT 4.1Comparación de CobiT 5 con CobiT 4.1
Comparación de CobiT 5 con CobiT 4.1
 
COBIT 5 Basic Concepts
COBIT 5 Basic ConceptsCOBIT 5 Basic Concepts
COBIT 5 Basic Concepts
 
Business and ITSM on the same page at last! ITIL, TOGAF and COBIT working to...
Business and ITSM on the same page at last! ITIL, TOGAF and COBIT working to...Business and ITSM on the same page at last! ITIL, TOGAF and COBIT working to...
Business and ITSM on the same page at last! ITIL, TOGAF and COBIT working to...
 
Cobit Foundation Training
Cobit Foundation TrainingCobit Foundation Training
Cobit Foundation Training
 
ThinkFaculty ITIL Training Course IBM
ThinkFaculty ITIL Training Course IBMThinkFaculty ITIL Training Course IBM
ThinkFaculty ITIL Training Course IBM
 
Implementing ITIL - Product First Or Process First
Implementing ITIL - Product First Or Process FirstImplementing ITIL - Product First Or Process First
Implementing ITIL - Product First Or Process First
 
Implementing ITIL® Service Strategy Through Enterprise Architecture
Implementing ITIL® Service Strategy Through Enterprise ArchitectureImplementing ITIL® Service Strategy Through Enterprise Architecture
Implementing ITIL® Service Strategy Through Enterprise Architecture
 
ITIL Training Module 1 Service Management Part 2
ITIL Training Module 1 Service Management Part 2ITIL Training Module 1 Service Management Part 2
ITIL Training Module 1 Service Management Part 2
 
ADD: New itil implementation approach
ADD: New itil implementation approachADD: New itil implementation approach
ADD: New itil implementation approach
 
Introduction to ITIL 4 and IT service management
Introduction to ITIL 4 and IT service managementIntroduction to ITIL 4 and IT service management
Introduction to ITIL 4 and IT service management
 
Merit Event - ITIL Framework
Merit Event - ITIL FrameworkMerit Event - ITIL Framework
Merit Event - ITIL Framework
 
Role with IT(IL) - V3 Roles and Responsibilities - ITSM Academy Webinar
Role with IT(IL) - V3 Roles and Responsibilities - ITSM Academy WebinarRole with IT(IL) - V3 Roles and Responsibilities - ITSM Academy Webinar
Role with IT(IL) - V3 Roles and Responsibilities - ITSM Academy Webinar
 
ITIL vs TOGAF First Round
ITIL vs TOGAF First RoundITIL vs TOGAF First Round
ITIL vs TOGAF First Round
 
IT Service Management Concept - Mamdouh Sakr
IT Service Management Concept - Mamdouh Sakr IT Service Management Concept - Mamdouh Sakr
IT Service Management Concept - Mamdouh Sakr
 
ITIL v4 Foundation course
ITIL v4 Foundation course ITIL v4 Foundation course
ITIL v4 Foundation course
 
IT Portfolio Management Using Enterprise Architecture and ITIL® Service Strategy
IT Portfolio Management Using Enterprise Architecture and ITIL® Service StrategyIT Portfolio Management Using Enterprise Architecture and ITIL® Service Strategy
IT Portfolio Management Using Enterprise Architecture and ITIL® Service Strategy
 
From Value Governance To Benefits Realization In A Controlled Environment
From Value Governance To Benefits Realization In A Controlled EnvironmentFrom Value Governance To Benefits Realization In A Controlled Environment
From Value Governance To Benefits Realization In A Controlled Environment
 
ITIL Course Wide version
ITIL Course Wide versionITIL Course Wide version
ITIL Course Wide version
 

Similar to Co5bit

Donna Febriani
Donna FebrianiDonna Febriani
Donna Febriani
Donna Febriani
 
Cobit 4.1 ivo oktavianti
Cobit 4.1 ivo oktaviantiCobit 4.1 ivo oktavianti
Cobit 4.1 ivo oktavianti
darminritonga amy
 
Cobit 4.1 ivo oktavianti
Cobit 4.1 ivo oktaviantiCobit 4.1 ivo oktavianti
Cobit 4.1 ivo oktavianti
darminritonga amy
 
Cobit 4.1 ivooktavianti
Cobit 4.1 ivooktaviantiCobit 4.1 ivooktavianti
Cobit 4.1 ivooktavianti
Ivo Oktavianti
 
Cobit 4.1 indri
Cobit 4.1 indriCobit 4.1 indri
Cobit 4.1 indri
dwiza indri
 
Darmin ritonga 11353205418
Darmin ritonga 11353205418Darmin ritonga 11353205418
Darmin ritonga 11353205418
darminritonga amy
 
Uas dwi widiastuti
Uas dwi widiastutiUas dwi widiastuti
Uas dwi widiastuti
Dwi Widiastuti
 
Audit rizkie hafizzah
Audit rizkie hafizzahAudit rizkie hafizzah
Audit rizkie hafizzah
Rizkie Hafizzah
 
Lailatul izzati
Lailatul izzatiLailatul izzati
Lailatul izzati
Lailatul Izzati
 
Principal 4 Enabling A Holistic Approach
Principal 4 Enabling A Holistic ApproachPrincipal 4 Enabling A Holistic Approach
Principal 4 Enabling A Holistic Approach
Mohammad Reda Katby
 
COBIT
COBITCOBIT
COBIT
ERUMSULAYMAN1
 
Cobit5 compare-with-4.1
Cobit5 compare-with-4.1Cobit5 compare-with-4.1
Cobit5 compare-with-4.1
AVASP - Ambiente Virtual de Aprendizado de São Paulo
 
Cobit® 5 Comparação com Cobit® 4
Cobit® 5 Comparação com Cobit® 4Cobit® 5 Comparação com Cobit® 4
Cobit® 5 Comparação com Cobit® 4
brunise
 
IT Governance Framework
IT Governance FrameworkIT Governance Framework
IT Governance Framework
Sherri Booher
 
PPT-UEU-Topik-dalam-IT-Resources-Management-13.pptx
PPT-UEU-Topik-dalam-IT-Resources-Management-13.pptxPPT-UEU-Topik-dalam-IT-Resources-Management-13.pptx
PPT-UEU-Topik-dalam-IT-Resources-Management-13.pptx
ssuserd1791e
 
Cobit 5 - An Overview
Cobit 5 - An OverviewCobit 5 - An Overview
Cobit 5 - An Overview
Anurag Purohit
 
Cobit5 brochure
Cobit5 brochureCobit5 brochure
Cobit5 brochure
Knowledgehut
 
COBIT 5 FAQ
COBIT 5 FAQCOBIT 5 FAQ
COBIT 5 FAQ
Mas'ud Adhi Saputra
 
Cobit 2019 framework by ISACA
Cobit 2019 framework by ISACACobit 2019 framework by ISACA
Cobit 2019 framework by ISACA
MDFazlaRabbiAbir
 
Diskusi buku: Securing an IT Organization through Governance, Risk Management...
Diskusi buku: Securing an IT Organization through Governance, Risk Management...Diskusi buku: Securing an IT Organization through Governance, Risk Management...
Diskusi buku: Securing an IT Organization through Governance, Risk Management...
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 

Similar to Co5bit (20)

Donna Febriani
Donna FebrianiDonna Febriani
Donna Febriani
 
Cobit 4.1 ivo oktavianti
Cobit 4.1 ivo oktaviantiCobit 4.1 ivo oktavianti
Cobit 4.1 ivo oktavianti
 
Cobit 4.1 ivo oktavianti
Cobit 4.1 ivo oktaviantiCobit 4.1 ivo oktavianti
Cobit 4.1 ivo oktavianti
 
Cobit 4.1 ivooktavianti
Cobit 4.1 ivooktaviantiCobit 4.1 ivooktavianti
Cobit 4.1 ivooktavianti
 
Cobit 4.1 indri
Cobit 4.1 indriCobit 4.1 indri
Cobit 4.1 indri
 
Darmin ritonga 11353205418
Darmin ritonga 11353205418Darmin ritonga 11353205418
Darmin ritonga 11353205418
 
Uas dwi widiastuti
Uas dwi widiastutiUas dwi widiastuti
Uas dwi widiastuti
 
Audit rizkie hafizzah
Audit rizkie hafizzahAudit rizkie hafizzah
Audit rizkie hafizzah
 
Lailatul izzati
Lailatul izzatiLailatul izzati
Lailatul izzati
 
Principal 4 Enabling A Holistic Approach
Principal 4 Enabling A Holistic ApproachPrincipal 4 Enabling A Holistic Approach
Principal 4 Enabling A Holistic Approach
 
COBIT
COBITCOBIT
COBIT
 
Cobit5 compare-with-4.1
Cobit5 compare-with-4.1Cobit5 compare-with-4.1
Cobit5 compare-with-4.1
 
Cobit® 5 Comparação com Cobit® 4
Cobit® 5 Comparação com Cobit® 4Cobit® 5 Comparação com Cobit® 4
Cobit® 5 Comparação com Cobit® 4
 
IT Governance Framework
IT Governance FrameworkIT Governance Framework
IT Governance Framework
 
PPT-UEU-Topik-dalam-IT-Resources-Management-13.pptx
PPT-UEU-Topik-dalam-IT-Resources-Management-13.pptxPPT-UEU-Topik-dalam-IT-Resources-Management-13.pptx
PPT-UEU-Topik-dalam-IT-Resources-Management-13.pptx
 
Cobit 5 - An Overview
Cobit 5 - An OverviewCobit 5 - An Overview
Cobit 5 - An Overview
 
Cobit5 brochure
Cobit5 brochureCobit5 brochure
Cobit5 brochure
 
COBIT 5 FAQ
COBIT 5 FAQCOBIT 5 FAQ
COBIT 5 FAQ
 
Cobit 2019 framework by ISACA
Cobit 2019 framework by ISACACobit 2019 framework by ISACA
Cobit 2019 framework by ISACA
 
Diskusi buku: Securing an IT Organization through Governance, Risk Management...
Diskusi buku: Securing an IT Organization through Governance, Risk Management...Diskusi buku: Securing an IT Organization through Governance, Risk Management...
Diskusi buku: Securing an IT Organization through Governance, Risk Management...
 

More from Anne Starr

I01letor20so201leutor2020
I01letor20so201leutor2020I01letor20so201leutor2020
I01letor20so201leutor2020
Anne Starr
 
Iso27001leadauditor2020
Iso27001leadauditor2020Iso27001leadauditor2020
Iso27001leadauditor2020
Anne Starr
 
Ccsddm5days
Ccsddm5daysCcsddm5days
Ccsddm5days
Anne Starr
 
Dayblic
DayblicDayblic
Dayblic
Anne Starr
 
Day1cspbeblic
Day1cspbeblicDay1cspbeblic
Day1cspbeblic
Anne Starr
 
Dncybersecurity
DncybersecurityDncybersecurity
Dncybersecurity
Anne Starr
 
Dancyrityshy 1foundatioieh
Dancyrityshy 1foundatioiehDancyrityshy 1foundatioieh
Dancyrityshy 1foundatioieh
Anne Starr
 
2 slides(2ndvariadaystion)
2 slides(2ndvariadaystion)2 slides(2ndvariadaystion)
2 slides(2ndvariadaystion)
Anne Starr
 
Sec4
Sec4Sec4
Sec4
Anne Starr
 
Secuntialesse
SecuntialesseSecuntialesse
Secuntialesse
Anne Starr
 
Securityic2
Securityic2Securityic2
Securityic2
Anne Starr
 
)k
)k)k
)k
Anne Starr
 
inte
inteinte
inte
Anne Starr
 
Awtitioneressentialsdeckscloudprac401-577
Awtitioneressentialsdeckscloudprac401-577Awtitioneressentialsdeckscloudprac401-577
Awtitioneressentialsdeckscloudprac401-577
Anne Starr
 
01wslouAsentialsdeck2dpractitioneres-400
01wslouAsentialsdeck2dpractitioneres-40001wslouAsentialsdeck2dpractitioneres-400
01wslouAsentialsdeck2dpractitioneres-400
Anne Starr
 
uderessAwscloentialsdeck1-2ion00
uderessAwscloentialsdeck1-2ion00uderessAwscloentialsdeck1-2ion00
uderessAwscloentialsdeck1-2ion00
Anne Starr
 
Cloudhnologysstecociat
CloudhnologysstecociatCloudhnologysstecociat
Cloudhnologysstecociat
Anne Starr
 
Cmbysantocsddsh
CmbysantocsddshCmbysantocsddsh
Cmbysantocsddsh
Anne Starr
 
Cddmbysantcsosh
CddmbysantcsoshCddmbysantcsosh
Cddmbysantcsosh
Anne Starr
 
Ccbysantsddosh
Ccbysantsddosh Ccbysantsddosh
Ccbysantsddosh
Anne Starr
 

More from Anne Starr (20)

I01letor20so201leutor2020
I01letor20so201leutor2020I01letor20so201leutor2020
I01letor20so201leutor2020
 
Iso27001leadauditor2020
Iso27001leadauditor2020Iso27001leadauditor2020
Iso27001leadauditor2020
 
Ccsddm5days
Ccsddm5daysCcsddm5days
Ccsddm5days
 
Dayblic
DayblicDayblic
Dayblic
 
Day1cspbeblic
Day1cspbeblicDay1cspbeblic
Day1cspbeblic
 
Dncybersecurity
DncybersecurityDncybersecurity
Dncybersecurity
 
Dancyrityshy 1foundatioieh
Dancyrityshy 1foundatioiehDancyrityshy 1foundatioieh
Dancyrityshy 1foundatioieh
 
2 slides(2ndvariadaystion)
2 slides(2ndvariadaystion)2 slides(2ndvariadaystion)
2 slides(2ndvariadaystion)
 
Sec4
Sec4Sec4
Sec4
 
Secuntialesse
SecuntialesseSecuntialesse
Secuntialesse
 
Securityic2
Securityic2Securityic2
Securityic2
 
)k
)k)k
)k
 
inte
inteinte
inte
 
Awtitioneressentialsdeckscloudprac401-577
Awtitioneressentialsdeckscloudprac401-577Awtitioneressentialsdeckscloudprac401-577
Awtitioneressentialsdeckscloudprac401-577
 
01wslouAsentialsdeck2dpractitioneres-400
01wslouAsentialsdeck2dpractitioneres-40001wslouAsentialsdeck2dpractitioneres-400
01wslouAsentialsdeck2dpractitioneres-400
 
uderessAwscloentialsdeck1-2ion00
uderessAwscloentialsdeck1-2ion00uderessAwscloentialsdeck1-2ion00
uderessAwscloentialsdeck1-2ion00
 
Cloudhnologysstecociat
CloudhnologysstecociatCloudhnologysstecociat
Cloudhnologysstecociat
 
Cmbysantocsddsh
CmbysantocsddshCmbysantocsddsh
Cmbysantocsddsh
 
Cddmbysantcsosh
CddmbysantcsoshCddmbysantcsosh
Cddmbysantcsosh
 
Ccbysantsddosh
Ccbysantsddosh Ccbysantsddosh
Ccbysantsddosh
 

Recently uploaded

The basics of sentences session 9pptx.pptx
The basics of sentences session 9pptx.pptxThe basics of sentences session 9pptx.pptx
The basics of sentences session 9pptx.pptx
heathfieldcps1
 
Howe Writing Center - Orientation Summer 2024
Howe Writing Center - Orientation Summer 2024Howe Writing Center - Orientation Summer 2024
Howe Writing Center - Orientation Summer 2024
Elizabeth Walsh
 
The membership Module in the Odoo 17 ERP
The membership Module in the Odoo 17 ERPThe membership Module in the Odoo 17 ERP
The membership Module in the Odoo 17 ERP
Celine George
 
NAEYC Code of Ethical Conduct Resource Book
NAEYC Code of Ethical Conduct Resource BookNAEYC Code of Ethical Conduct Resource Book
NAEYC Code of Ethical Conduct Resource Book
lakitawilson
 
Split Shifts From Gantt View in the Odoo 17
Split Shifts From Gantt View in the Odoo 17Split Shifts From Gantt View in the Odoo 17
Split Shifts From Gantt View in the Odoo 17
Celine George
 
CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 12 - GLOBAL SUCCESS - FORM MỚI 2025 - HK1 (C...
CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 12 - GLOBAL SUCCESS - FORM MỚI 2025 - HK1 (C...CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 12 - GLOBAL SUCCESS - FORM MỚI 2025 - HK1 (C...
CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 12 - GLOBAL SUCCESS - FORM MỚI 2025 - HK1 (C...
Nguyen Thanh Tu Collection
 
No, it's not a robot: prompt writing for investigative journalism
No, it's not a robot: prompt writing for investigative journalismNo, it's not a robot: prompt writing for investigative journalism
No, it's not a robot: prompt writing for investigative journalism
Paul Bradshaw
 
Book Allied Health Sciences kmu MCQs.docx
Book Allied Health Sciences kmu MCQs.docxBook Allied Health Sciences kmu MCQs.docx
Book Allied Health Sciences kmu MCQs.docx
drtech3715
 
L1 L2- NLC PPT for Grade 10 intervention
L1 L2- NLC PPT for Grade 10 interventionL1 L2- NLC PPT for Grade 10 intervention
L1 L2- NLC PPT for Grade 10 intervention
RHODAJANEAURESTILA
 
Front Desk Management in the Odoo 17 ERP
Front Desk Management in the Odoo 17 ERPFront Desk Management in the Odoo 17 ERP
Front Desk Management in the Odoo 17 ERP
Celine George
 
2024 KWL Back 2 School Summer Conference
2024 KWL Back 2 School Summer Conference2024 KWL Back 2 School Summer Conference
2024 KWL Back 2 School Summer Conference
KlettWorldLanguages
 
Credit limit improvement system in odoo 17
Credit limit improvement system in odoo 17Credit limit improvement system in odoo 17
Credit limit improvement system in odoo 17
Celine George
 
AI Risk Management: ISO/IEC 42001, the EU AI Act, and ISO/IEC 23894
AI Risk Management: ISO/IEC 42001, the EU AI Act, and ISO/IEC 23894AI Risk Management: ISO/IEC 42001, the EU AI Act, and ISO/IEC 23894
AI Risk Management: ISO/IEC 42001, the EU AI Act, and ISO/IEC 23894
PECB
 
The Jewish Trinity : Sabbath,Shekinah and Sanctuary 4.pdf
The Jewish Trinity : Sabbath,Shekinah and Sanctuary 4.pdfThe Jewish Trinity : Sabbath,Shekinah and Sanctuary 4.pdf
The Jewish Trinity : Sabbath,Shekinah and Sanctuary 4.pdf
JackieSparrow3
 
How to Store Data on the Odoo 17 Website
How to Store Data on the Odoo 17 WebsiteHow to Store Data on the Odoo 17 Website
How to Store Data on the Odoo 17 Website
Celine George
 
Webinar Innovative assessments for SOcial Emotional Skills
Webinar Innovative assessments for SOcial Emotional SkillsWebinar Innovative assessments for SOcial Emotional Skills
Webinar Innovative assessments for SOcial Emotional Skills
EduSkills OECD
 
ENGLISH-7-CURRICULUM MAP- MATATAG CURRICULUM
ENGLISH-7-CURRICULUM MAP- MATATAG CURRICULUMENGLISH-7-CURRICULUM MAP- MATATAG CURRICULUM
ENGLISH-7-CURRICULUM MAP- MATATAG CURRICULUM
HappieMontevirgenCas
 
How to Create Sequence Numbers in Odoo 17
How to Create Sequence Numbers in Odoo 17How to Create Sequence Numbers in Odoo 17
How to Create Sequence Numbers in Odoo 17
Celine George
 
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
siemaillard
 

Recently uploaded (20)

The basics of sentences session 9pptx.pptx
The basics of sentences session 9pptx.pptxThe basics of sentences session 9pptx.pptx
The basics of sentences session 9pptx.pptx
 
Howe Writing Center - Orientation Summer 2024
Howe Writing Center - Orientation Summer 2024Howe Writing Center - Orientation Summer 2024
Howe Writing Center - Orientation Summer 2024
 
The membership Module in the Odoo 17 ERP
The membership Module in the Odoo 17 ERPThe membership Module in the Odoo 17 ERP
The membership Module in the Odoo 17 ERP
 
NAEYC Code of Ethical Conduct Resource Book
NAEYC Code of Ethical Conduct Resource BookNAEYC Code of Ethical Conduct Resource Book
NAEYC Code of Ethical Conduct Resource Book
 
Split Shifts From Gantt View in the Odoo 17
Split Shifts From Gantt View in the Odoo 17Split Shifts From Gantt View in the Odoo 17
Split Shifts From Gantt View in the Odoo 17
 
CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 12 - GLOBAL SUCCESS - FORM MỚI 2025 - HK1 (C...
CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 12 - GLOBAL SUCCESS - FORM MỚI 2025 - HK1 (C...CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 12 - GLOBAL SUCCESS - FORM MỚI 2025 - HK1 (C...
CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 12 - GLOBAL SUCCESS - FORM MỚI 2025 - HK1 (C...
 
No, it's not a robot: prompt writing for investigative journalism
No, it's not a robot: prompt writing for investigative journalismNo, it's not a robot: prompt writing for investigative journalism
No, it's not a robot: prompt writing for investigative journalism
 
Book Allied Health Sciences kmu MCQs.docx
Book Allied Health Sciences kmu MCQs.docxBook Allied Health Sciences kmu MCQs.docx
Book Allied Health Sciences kmu MCQs.docx
 
L1 L2- NLC PPT for Grade 10 intervention
L1 L2- NLC PPT for Grade 10 interventionL1 L2- NLC PPT for Grade 10 intervention
L1 L2- NLC PPT for Grade 10 intervention
 
Front Desk Management in the Odoo 17 ERP
Front Desk Management in the Odoo 17 ERPFront Desk Management in the Odoo 17 ERP
Front Desk Management in the Odoo 17 ERP
 
2024 KWL Back 2 School Summer Conference
2024 KWL Back 2 School Summer Conference2024 KWL Back 2 School Summer Conference
2024 KWL Back 2 School Summer Conference
 
Credit limit improvement system in odoo 17
Credit limit improvement system in odoo 17Credit limit improvement system in odoo 17
Credit limit improvement system in odoo 17
 
AI Risk Management: ISO/IEC 42001, the EU AI Act, and ISO/IEC 23894
AI Risk Management: ISO/IEC 42001, the EU AI Act, and ISO/IEC 23894AI Risk Management: ISO/IEC 42001, the EU AI Act, and ISO/IEC 23894
AI Risk Management: ISO/IEC 42001, the EU AI Act, and ISO/IEC 23894
 
The Jewish Trinity : Sabbath,Shekinah and Sanctuary 4.pdf
The Jewish Trinity : Sabbath,Shekinah and Sanctuary 4.pdfThe Jewish Trinity : Sabbath,Shekinah and Sanctuary 4.pdf
The Jewish Trinity : Sabbath,Shekinah and Sanctuary 4.pdf
 
How to Store Data on the Odoo 17 Website
How to Store Data on the Odoo 17 WebsiteHow to Store Data on the Odoo 17 Website
How to Store Data on the Odoo 17 Website
 
Webinar Innovative assessments for SOcial Emotional Skills
Webinar Innovative assessments for SOcial Emotional SkillsWebinar Innovative assessments for SOcial Emotional Skills
Webinar Innovative assessments for SOcial Emotional Skills
 
ENGLISH-7-CURRICULUM MAP- MATATAG CURRICULUM
ENGLISH-7-CURRICULUM MAP- MATATAG CURRICULUMENGLISH-7-CURRICULUM MAP- MATATAG CURRICULUM
ENGLISH-7-CURRICULUM MAP- MATATAG CURRICULUM
 
“A NOSSA CA(U)SA”. .
“A NOSSA CA(U)SA”. .“A NOSSA CA(U)SA”. .
“A NOSSA CA(U)SA”. .
 
How to Create Sequence Numbers in Odoo 17
How to Create Sequence Numbers in Odoo 17How to Create Sequence Numbers in Odoo 17
How to Create Sequence Numbers in Odoo 17
 
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
 

Co5bit

  • 1. COBIT 5 Controlled Objects in Business IT Environment OVERVIEW AND KEY FEATURES
  • 2. TRAINER PROFILE LEO LOURDES (MBA IT Management, BoM Hons. HRM) Certified in ITIL IT Service Management Certified in Coaching and Calibration Skills for Call Center Certified in Delivering Learning / Teaching by City & Guilds, United Kingdom Implementer of ISO 20000-1:2011 Certified in COBIT® 5 Certified in ISO 9001 Auditor (PECB) Certified in PRINCE2® in Project Management Certified in ITIL® Practitioner Certified in ITIL® Intermediate Certificate in IT Service Operation Certified in ITIL Information Security based on ISO/IEC 27002 Certified in ITIL for Cloud Computing leo@thinkleosolutions.com +6016-349 1793 Experience: Certified Trainer Certified IT Auditor & Consultant Head of Service Desk Call Quality Monitoring Expert Senior CRM Delivery Analyst Management Representative (MR) ISO 20000-1: 2011 IT Service Management (Incident, Problem, Change) Manager Security, Compliance & Risk Management
  • 3. Main case study You are the Chief Architect entrusted with setting up the IT Operations with governance and controls to cater to ever changing business requirements. You are from a team of Consulting providers who work with clients and manage their services. Throughout the next 2 days you will use COBIT to define and implement controls for better governance in your organization
  • 4. Benefits of COBIT 5  COBIT 5 helps enterprises create optimal value from IT by maintaining a balance between realizing benefits and optimizing risk levels and resource use: 1. It is a business framework with top down view of business needs that create goal cascade. 2. Enables IT to be governed and managed in holistic end to end manner for entire enterprise. 3. Is generic and useful for all enterprises of any size and type. 4. Provides common language for the enterprise governance and management of IT. 5. Is consistent with generally accepted corporate governance standards thus help meet regulatory requirements.
  • 5. Why COBIT 5? 1. ISACA Board of Directors direction: “Tie together and reinforce all ISACA knowledge assets with COBIT. 2. Provide a renewed and authoritative governance and management framework for enterprise information and related technology. 3. Integrate all major ISACA frameworks and guidance. 4. Align with other major frameworks and standards.
  • 8. COBIT 5 Mapping Summary
  • 11. COBIT 5 Principles COBIT 5 Principles 1. Meeting Stakeholder Needs 4. Enabling Holistic Approach 5. Separating Governance from Management 3. Applying a Single Integrated Framework 2. Covering Enterprise End to End
  • 12. Quiz 1 What are five (5) principles of COBIT 5?
  • 14. Value Creation Benefit Realisation Risk Optimisation Resource Optimisation Governance Objective: Value Creation Stakeholder Needs Drive Enterprise exist to create value for their stakeholder. Value Creation: Benefit Realisation at an Optimal Resource Cost while Optimizing Risk.
  • 15. The Need of Goal Cascade • Enterprise have many stakeholders. • ‘Creating Value’ has different, sometimes conflicting, meanings for each. • Governance is about:- • Negotiating • Deciding among different stakeholders value interests. • Considering all stakeholders during decision making. • For each decision, ask:- • For whom are the benefits? • Who bears the risk? • What resources required? • Stakeholder needs must be transformed into actionable strategy.
  • 16. COBIT 5 Goal Cascade Stakeholder Drivers Stakeholder Needs Enterprise Goals Benefit Realisation Risk Optimisation Resource Optimisation Governance Objective: Value Creation Example, strategy changes, changing business, new technologies and etc. IT Related Goals Enabler Goals Influences Cascades To Cascades To Cascades To Stakeholder needs can be related to a set of generic enterprise goals. Achievement of enterprise goals requires a number of IT related outcomes. Achieving IT related goals requires the successful application and use of enablers.
  • 17. Internal Stakeholder Needs: Governance & Management Questions on IT
  • 18. External Stakeholder Needs: Governance & Management Questions on IT
  • 19. COBIT 5 Enterprise Goal BSC: Balance Score Card, P: Primary Relationship & S: Secondary Relationship
  • 20. COBIT 5 IT Related Goal
  • 21. Quiz 3 What are IT-related outcomes, required to achieve enterprise goals, represented by? a) IT-related goals b) Enabler goals c) IT balanced scorecard d) Processes
  • 22. Quiz 4 What are (3) key elements of governance objective that creates value to meet stakeholder needs?
  • 24. Governance Approach Benefit Realisation Risk Optimisation Resource Optimisation Governance Objective: Value Creation Governance Enablers Governance Scope Roles, Activities and Relationships Key components of Governance System Governance Enablers are organizational resources; such as frameworks, structures, principles, processes and practices. Also include enterprise resources like service capabilities, people and information. Governance Scope can be applied to entire enterprise, an entity, tangible or intangible asset. Roles, Activities and Relationships defines who involved in the governance, how they are involved, what they do, how they interact within the scope of the governance system.
  • 26. Principle 3 APPLYING A SINGLE INTEGRATED FRAMEWORK
  • 27. Governance and Management Framework Integrator COBIT 5: • Aligns with latest relevant standards and frameworks thus allows enterprise use COBIT 5 as the overarching governance and management framework integrator. • Is complete in enterprise coverage providing a basis to integrate effectively with other frameworks, and practices used. • Provides simple architecture for structuring guidance materials and producing a consistent product set. • Integrates all knowledge previously dispersed over different ISACA frameworks (previously known as Information Systems Audit and Control Association, now goes on with the ISACA acronym.
  • 28. COBIT 5 Single Integrated Framework 1. Bringing together the existing ISACA guidance (COBIT 4.1, Val IT 2.0, Risk IT, BMIS) into this single framework. 2. Complementing this content with areas needing further elaboration and updates. 3. Aligning to other relevant standards and frameworks, such as ITIL, TOGAF and ISO standards. 1. Populating a COBIT 5 knowledge base that contains all guidance and content produced now and will provide a structure for additional future content. 2. Providing a sound and comprehensive reference base of good practices. Defining a set of governance and management enablers, which provide a structure for all guidance materials.
  • 30. COBIT 5 Enablers • Factors that individually and collectively, influence whether something will work. �� Driven by goal cascade. • Described by the COBIT 5 framework in seven categories. • Support a comprehensive governance and management system for enterprise of IT.
  • 31. The seven (7) Enablers Categories 1. Principles, Policies & Frameworks 2. Processes 3. Organizational Structures 4. Culture, Ethic & Behavior 5. Information 6. Services, Infrastructures & Applications 7. People, Skill & Competencies Resources
  • 32. Quiz 5 What are the seven (7) key Enablers categories of COBIT 5?
  • 33. Enablers Dimensions and Performance Management
  • 34. COBIT 5 Enablers Dimensions All enablers have a set of common dimensions. This set of common dimensions 1. Provides a common, simple and structured way to deal with enablers 2. Allows an entity (enablers) to manage its complex interactions 3. Facilitates successful outcomes of the enablers
  • 35. Dimensions 1: Stakeholders 1. Each enabler has stakeholders (parties who play an active role and/or have an interest in the enabler). 2. For example, processes have different parties who execute process activities and/or who have an interest in the process outcomes. 3. Stakeholders can be internal or external to the enterprise, all having their own, sometimes conflicting, interests and needs. 4. Stakeholders’ needs translate to enterprise goals, which in turn translate to IT- related goals for the enterprise. (COBIT 5 Goal Cascade)
  • 36. Dimensions 2: Goals 1. Each enabler has a number of goals, and enablers provide value by the achievement of these goals. 2. Goals can be defined in terms of:  Expected outcomes of the enabler  Application or operation of the enabler itself 3. The enabler goals are the final step in the COBIT 5 goals cascade.
  • 37. Dimensions 2: Goals Characteristics A. Intrinsic quality:  The extent to which enablers work accurately, objectively and provide reputable results. B. Contextual quality:  The extent to which enablers and their outcomes are fit for purpose, relevant, complete, current, appropriate, consistent, understandable and easy to use. C. Access and security:  The extent to which enablers and their outcomes are accessible and secured.
  • 38. Dimensions 3: Lifecycle 1.Each enabler has a life cycle, from inception through an operational/useful life until disposal. 2.The phases of the life cycle consist of: • Plan (includes concepts development and concepts selection) • Design • Build/acquire/create/implement • Use/operate • Evaluate/monitor • Update/dispose
  • 39. Dimensions 4: Good Practices 1.For each of the enablers, good practices can be defined. 2.Good practices support the achievement of the enabler goals. 3.Good practices provide examples or suggestions on how best to implement the enabler, and what work products or inputs and outputs are required.
  • 40. COBIT 5 Enabler Performance Management 1. Enterprises expect positive outcomes from the application and use of enablers. 2. Lag indicators (Achievement of Goals) - What extent the goals are achieved? • Are stakeholder needs addressed? • Are enabler goals achieved? 3. Lead indicators (Application of Practice) - Actual functioning of the enabler itself. • Is the enabler life cycle managed? • Are good practices applied?
  • 42. Governance and Management Defined Governance ensures stakeholders needs, conditions and options are: • Evaluated to determine balanced, agreed-on enterprise objectives to be achieved. • Setting direction through prioritization and decision making. • Monitoring performance and compliance against agreed-on direction and objectives. Management plans, builds, runs and monitors activities in alignment with the direction set by the governance body to achieve the enterprise objectives. (PBRM)
  • 43. Governance and Management Note: Detailed informations on above diagram will be explained in next slides onwards.
  • 45. COBIT 5: Process Reference Model 1. Details of 37 processes across five domains. 2. Governance: One domain (EDM) with 5 processes aligned with key process area of (practice defined) - evaluating, directing and monitoring (EDM). 3. Management: Four domains with 32 processes aligned with key process area of (responsibility areas) - plan, build, run & monitor (PBRM):-  Plan: APO (Align, Plan & Organize) -> 13 processes  Build: BAI (Build, Acquire & Implement) -> 10 processes  Run: DSS (Deliver, Service & Support) -> 6 processes  Monitor: MEA (Monitor, Evaluate & Assess) -> 3 processes
  • 46. Governance and Management: Key Process Areas & Domains
  • 47. COBIT 5: Process Reference Model
  • 48. Quiz 6 In Process Reference Model, what does EDM key process area stands for Governance? a) Plan, Organize & Align b) Evaluate, Design & Measure c) Evaluate, Direct & Monitor d) Build, Acquire & Implement
  • 49. Quiz 7 In Process Reference Model, what does DSS domain stands for Management? a) Plan, Organize & Align b) Deliver, Service & Support c) Evaluate, Direct & Monitor d) Build, Acquire & Implement
  • 50. Quiz 8 In Process Reference Model, what does MEA domain stands for Management? a) Plan, Organize & Align b) Deliver, Service & Support c) Monitor, Evaluate & Assess d) Build, Acquire & Implement
  • 51. Quiz 9 In Process Reference Model, how many processes are aligned to (Build, Acquire & Implement) BAI domain in Management? a) 6 processes b) 10 processes c) 13 processes d) 60 processes
  • 52. Quiz 10 In Process Reference Model, what does PBRM key process area stands for Management?
  • 58. Process Reference Model: Mapping to Current ISO/IEC 20000 Process Domains COBIT 5 Process Current ISO/IEC 20000 Process Align, Plan & Organize (APO) APO06 Manage Budget & Costs IT Financial Management APO08 Management Relationships Business Relationship Management APO09 Manage Service Agreements Service Level Management APO10 Manage Suppliers Vendor Management APO11 Manage Quality Quality Management System APO13 Manage Security Information Security Management
  • 59. Process Reference Model: Mapping to Current ISO/IEC 20000 Process Domains COBIT 5 Process Current ISO/IEC 20000 Process Build, Acquire & Implement (BAI) BAI04 Manage Availability & Capacity Availability Management Capacity Management BAI06 Manage Changes Change Management BAI07 Manage Change Acceptance and Transitioning Release & Deployment Management BAI10 Manage Configuration Configuration Management
  • 60. Process Reference Model: Mapping to Current ISO/IEC 20000 Process Domains COBIT 5 Process Current ISO/IEC 20000 Process Deliver, Support & Service (DSS) DSS02 Manage Service Requests & Incidents Incident & Service Request Management DSS03 Manage Problems Problem Management DSS04 Manage Continuity IT Service & Continuity Management
  • 61. Process Reference Model: Mapping to Current ISO/IEC 20000 Process Domains COBIT 5 Process Current ISO/IEC 20000 Process Monitor, Evaluate and Assess (MEA) MEA01 Monitor, Evaluate and Assess Performance and Conformance Service Reporting MEA02 Monitor, Evaluate and Assess the System of Internal Control Internal Audit MEA03 Monitor, Evaluate and Assess Compliance With External Requirements Legal, Regulatory, and Contractual Requirements
  • 62. COBIT 5 LIFE CYCLE APPROACH
  • 63. COBIT 5: Life Cycle Approach
  • 65. COBIT 5: Process Capability Model
  • 66. COBIT 5: Process Capability Model
  • 67. Slides Reference Source This slides content is aligned to the ISACA COBIT V5 2012.