COBIT 5 provides principles for effective IT governance and management. One key principle is separating governance from management. Governance defines the direction and ensures proper oversight and accountability, while management designs, implements and monitors processes to achieve the direction set by governance. Separating these roles and responsibilities helps ensure appropriate checks and balances.
Study Notes - COBIT 5 Foundation CertificationWAJAHAT IQBAL
This presentation is a mindmap created to help readers preparing for COBIT5 Foundation Certification which is one of the prime Certifications for IT Governance.Please share and give your Comments at my Email Id:Wajahat_Iqbal@Yahoo.com.Thanks
COBIT 5 IT Governance Model: an Introductionaqel aqel
This lecture provides quick and direct insight about Information technologies governance using COBIT 5 framework. COBIT 5 in its fifth edition released by information systems audit and control association (www.isaca.org) in 2012 to supersede the version 4.1 / 2007. It also included ISACA’s VAL-IT model that aimed to manage the financial perspective of IT as well as RISK-IT framework.
The lecture was part of ISACA- Riyadh chapter activities in April 2015 under the sponsorship of Al-Fisal University.
The document compares COBIT 4.1 and COBIT 5, noting several key changes in COBIT 5 including a new process reference model, new and modified processes, increased focus on enablers, new GEIT principles, and changes to process capability assessments. COBIT 5 builds on previous versions and integrates COBIT 4.1, Val IT, and Risk IT into a single framework aligned with current best practices. Enterprises can transition from earlier versions to COBIT 5 and benefit from its improved guidance.
COBIT 5 is a framework for the governance and management of enterprise IT. It has 5 principles: meeting stakeholder needs, covering the enterprise end-to-end, applying a single integrated framework, enabling a holistic approach, and separating governance from management. COBIT 5 defines 37 processes, 7 enablers, and a goals cascade to translate stakeholder needs into goals. It also provides a process capability model to assess processes at 6 levels from incomplete to optimizing. The presentation summarized the key concepts and components of COBIT 5.
Business and ITSM on the same page at last! ITIL, TOGAF and COBIT working to...CTE Solutions Inc.
The document discusses various frameworks that can be used together to develop an integrated IT management framework, including:
- TOGAF for enterprise architecture, including its Architecture Development Method (ADM) process.
- ITIL for IT service management processes across the service lifecycle.
- COBIT for IT governance and controls.
It provides an example of how these frameworks can be mapped together with other standards like ISO 20000 and CMMI to create a comprehensive approach to managing IT across the enterprise.
This document provides an overview of the Control Objectives for Information and Related Technologies (COBIT) framework. It discusses the relevance and objectives of COBIT, including ensuring IT alignment with business objectives and managing IT risks. The document also outlines the four domains and 34 control objectives that make up the COBIT framework, as well as the seven information criteria for defining business information requirements.
Best ITIL Certification Training Program by IBM - Providing Quality Education to People. People who have enrolled with ThinkFaculty ITIL Program have successfully passed the examinations.
Implementing ITIL - Product First Or Process FirstVyom Labs
Implementing ITIL involves deciding whether to take a product-first or process-first approach. A phased implementation targeting "low hanging fruits" like incident and problem management is recommended. Introducing compliant ITSM products early allows processes to be standardized across organizations. Examples of products with pre-defined ITIL processes include BMC Remedy, which can help implement key processes out of the box.
Implementing ITIL® Service Strategy Through Enterprise ArchitectureNUS-ISS
The document discusses how implementing ITIL Service Strategy through enterprise architecture can help organizations. It provides background on the presenter and their organization, an overview of ITIL Service Strategy and why adoption has been low. The presentation then examines how enterprise architecture can be leveraged to help jumpstart implementation of ITIL Service Strategy processes and principles.
Skillogic Knowledge Solutions is uploading Part 2 of ITIL Training Module 1 (Service Management).
Skillogic Knowledge Solutions is one of the best training centres in India which providing ITIL Course Both Classroom and online.
If you are looking for classroom training for ITIL Certification (Foundation, Intermediate Modules and Expert) in Bangalore / Bengaluru, Chennai, Delhi, Pune, Mumbai and Hyderabad etc visit: http://in.skillogic.com/
The ADD is acronym of Assess, Design and Deliver. This is a model, not a framework, that describes how the ITIL consultancy delivers not dictates the consultants to follow. As of the ITIL is a best practices framework, its implementation will vary from organization to another, that keep the consultancy project success ties with delivery approach. So, I tried to put a holistic model starting with assessment through design till delivery.
Service management
ITIL and the Service value system
ITIL Guiding principles
ITIL Service value chain
ITIL Four dimensions
ITIL Practices
ITIL Continual improvement
ITIL Certification scheme
What’s in it for me?
The Information Revolution is transforming the nature of business. The ITIL® framework has become the most widely accepted approach to managing IT service quality and costs in a context of ever changing business requirements and increasing expectations.
Adopted and adapted by organisations of all sizes and sectors around the world, ITIL has become the de facto standard for IT Service Management.
Mark Flynn will explain the nature of the ITIL material and qualifications - ITIL origins and credentials, scope, key concepts and the benefits, costs and risks of adopting an ITIL approach.
For the ITIL experienced in the audience, this will be a useful introduction ITIL V3 which was launched earlier this year.
Attendees can expect an informative, engaging and enjoyable presentation.
Mark Flynn, founder of ITIL Consultancy organisation, Felix Maldo Ltd, has spent 21 years in the IT industry. Since 1993, he has operated exclusively in the ITIL arena, as a practitioner, trainer and consultant. He has delivered ITIL events on clients’ sites throughout the UK, Europe USA and the Far East. He is a regular presenter at professional seminars sand conferences.
ITIL ® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries.
Role with IT(IL) - V3 Roles and Responsibilities - ITSM Academy WebinarITSM Academy, Inc.
The document provides an overview of ITIL roles and responsibilities including:
- Key roles such as Process Owner, Service Owner, and roles in areas like Change Management, Service Strategy, and Service Catalog Management.
- ITSM functions such as Service Desk, Technical Management, and IT Operations Management.
- The roles of a Certified Process Design Engineer in overseeing process design and improvement.
- How a RACI model can map roles and responsibilities to processes and activities.
The document provides an overview comparison of the ITIL and TOGAF frameworks. It discusses how the frameworks have evolved to overlap more in addressing business-IT alignment. Both frameworks follow a process approach and quality cycle. Key differences are that TOGAF focuses on developing business architecture, while ITIL's scope is delivering efficient IT services, and TOGAF does not cover service operations while ITIL does. The document then compares the processes and phases of each framework in detail.
IT Service Management Concept - Mamdouh Sakr Mamdouh Sakr
This document provides an overview of key concepts in service management based on ITIL best practices. It defines terms like service, outcomes, process, and the service management lifecycle. The five stages of the service lifecycle are described as service strategy, service design, service transition, service operation, and continual service improvement. For each stage, the core processes are outlined at a high-level. Benefits of adopting ITIL and potential resistance to improvement initiatives are also briefly discussed.
The ITIL v4 Foundation course aims to introduce participants to the management of modern ITenabled services, to provide them with an understanding of the common language and key concepts and to show them how they can improve their work and the work of their organization with ITIL 4 guidance.
IT Portfolio Management Using Enterprise Architecture and ITIL® Service StrategyNUS-ISS
The document discusses using enterprise architecture and ITIL service strategy for IT portfolio management. It provides examples of how enterprise architecture helped the Singapore government and Procter & Gamble reduce costs and improve processes by standardizing systems and increasing automation and access to real-time information. The definition of enterprise architecture from Gartner is given as translating business vision and strategy into effective enterprise change by defining requirements, principles and models to describe the future state and enable evolution of the enterprise.
From Value Governance To Benefits Realization In A Controlled EnvironmentGeorge Papoulias
This document outlines a presentation on IT governance. It discusses essential concepts of enterprise governance and its relationship to ISACA frameworks like COBIT5. It provides an overview of enterprise governance of IT and the risks that can arise without effective governance, such as budget overruns and project delays. The document also discusses the Val IT framework and how it can be used to realize benefits through IT governance. It notes that enterprise governance drives IT governance and outlines five focus areas of enterprise governance of IT.
The document provides an overview of ITIL (Information Technology Infrastructure Library) version 3. It discusses key concepts in ITIL such as the service lifecycle, processes, roles, and frameworks. The service lifecycle includes five stages: service strategy, service design, service transition, service operation, and continual service improvement. Each stage aims to ensure high-quality and effective IT service management.
This document defines control, audit, and information systems. It explains that control is a managerial function, and management is required by law to establish internal controls. An audit objectively examines financial statements to ensure they accurately represent transactions. Information system audits test IT infrastructure controls. The COBIT framework provides best practices for IT governance and management. It links control objectives and practices to business processes and objectives. COBIT 5 is the latest version, which builds on previous versions and other frameworks to provide more holistic enterprise guidance.
This document discusses COBIT (Control Objectives for Information and Related Technology), which is a framework for IT governance and management. It defines COBIT and its components, including control objectives, control practices, and a process reference model. It also summarizes the changes between COBIT 4.1 and the new COBIT 5 version, such as new governance processes, a revised process model, and a new process capability assessment approach. The document is intended to help users understand COBIT and transition from prior versions to COBIT 5.
This document discusses COBIT (Control Objectives for Information and Related Technology), which is a framework for IT governance and management. It defines COBIT and its components, including control objectives, control practices, and a process reference model. It also summarizes the changes between COBIT 4.1 and the new COBIT 5 version, such as new governance processes, a revised process model, and a new process capability assessment approach. The document is intended to help users understand COBIT and transition from prior versions to COBIT 5.
This document discusses COBIT (Control Objectives for Information and Related Technology), which is a framework for IT governance and management. It defines COBIT and its components, including control objectives, control practices, and a process reference model. It also summarizes the changes between COBIT 4.1 and the new COBIT 5 version, such as new governance processes, a revised process model covering both business and IT, and a new process capability assessment approach. The document is intended to help users understand and transition to using the updated COBIT 5 framework.
COBIT 5 is an updated framework for IT governance and management. It consolidates COBIT 4.1, Val IT and Risk IT into a single framework aligned with current standards. COBIT 5 introduces new governance processes and principles, increases focus on enablers, and provides a revised process reference model covering end-to-end business and IT activities. It also includes changes to processes, inputs/outputs, and introduces a new process capability assessment approach.
This document discusses changes between COBIT 5 and previous versions of COBIT. Some key changes include:
- COBIT 5 introduces new governance processes and principles.
- It places increased focus on enablers like culture, skills and frameworks.
- The process reference model and some individual processes were updated or modified.
- Inputs and outputs are now defined for each practice rather than just processes.
- The capability maturity assessment approach was changed to be based on ISO standards rather than CMM.
The document discusses several key changes between COBIT 4.1 and COBIT 5, including:
- COBIT 5 introduces new governance processes and principles.
- It increases the focus on enablers like culture, skills, and policies.
- The process reference model and some individual processes were revised.
- Inputs and outputs are now defined for each practice to improve process integration.
- A new process capability assessment approach based on ISO standards replaces the previous CMM model.
This document provides definitions and summaries of key concepts related to control and audit information systems, including:
- Definitions of control, which is a managerial function, and audit, which is an independent examination of financial statements and records.
- Cobit is a framework for developing, implementing, monitoring and improving IT governance and management practices.
- COBIT 5 builds on previous versions of COBIT and other frameworks, providing updated guidance while allowing organizations to continue work from earlier versions. It focuses more on enablers, has a new process reference model, and new assessment approaches.
Control refers to managerial functions like planning, organizing, staffing and directing. An audit examines and evaluates an organization's financial statements to ensure they accurately represent transactions. COBIT is a framework for developing, implementing, monitoring and improving IT governance and management practices. The document discusses definitions of control, audit, and COBIT and provides an overview of how COBIT 5 builds on previous versions to improve guidance for IT governance.
The COBIT 5 framework describes seven categories of enablers
• Principles, policies and frameworks are the vehicle to translate the desired behaviour into practical guidance for
day-to-day management.
• Processes describe an organised set of practices and activities to achieve certain objectives and produce a set of
outputs in support of achieving overall IT-related goals.
• Organisational structures are the key decision-making entities in an enterprise.
• Culture, ethics and behaviour of individuals and of the enterprise are very often underestimated as a success factor
in governance and management activities.
• Information is pervasive throughout any organisation and includes all information produced and used by the
enterprise. Information is required for keeping the organisation running and well governed, but at the operational
level, information is very often the key product of the enterprise itself.
• Services, infrastructure and applications include the infrastructure, technology and applications that provide the
enterprise with information technology processing and services.
• People, skills and competencies are linked to people and are required for successful completion of all activities and
for making correct decisions and taking corrective actions.
COBIT 5 is a leading framework for governance and management of enterprise IT. It provides best practices for ensuring that IT supports business objectives. The framework focuses on creating value for stakeholders and considers their needs when assessing risks, benefits and resource allocation. COBIT 5 covers the entire enterprise from an end-to-end perspective and can be used by various roles such as auditors, compliance officers and IT operations.
The document summarizes the key changes between COBIT 5 and previous versions like COBIT 4.1. Some of the major changes discussed include:
1) COBIT 5 introduces new principles for governance of enterprise IT.
2) There is an increased focus on enablers in COBIT 5 like principles, policies and organizational structure.
3) COBIT 5 features a new process reference model with new and modified processes covering both business and IT activities end-to-end.
4) COBIT 5 integrates practices and activities from previous versions into a single framework and model.
5) COBIT 5 introduces a revised goals cascade and provides examples of goals and metrics.
Pré Lançamento: COBIT 5
Uma prévia do Manual COBIT® 5 framework está disponível!
“COBIT 5 fornece um quadro global que auxilia as empresas a atingir os seus objetivos para a governança corporativa e gestão de TI. Simplificando, isso ajuda as empresas a criar valor para a TI, mantendo um equilíbrio entre a realização dos benefícios e otimizando os níveis de risco e utilização de recursos.
Confira as novidades dessa versão em relação à versão anterior:
Veja mais informações em: brunise.com.br
The document discusses several frameworks for IT governance - COBIT, ITIL, and Val IT. It describes the key components and benefits of each framework. COBIT focuses on controls and metrics for IT processes, while ITIL provides guidance on service delivery and support. Using the frameworks together can provide a comprehensive approach to IT governance that establishes what should be done as well as how.
This document provides an overview of the COBIT 5 framework, which is an IT governance framework from ISACA. It discusses the 5 principles that COBIT 5 is based on: meeting stakeholder needs, covering the enterprise end-to-end, applying a single integrated framework, enabling a holistic approach, and separating governance from management. For each principle, it provides details on what each principle means and how it is implemented in COBIT 5. It also discusses the COBIT 5 product family and introduces some of the key components of the COBIT 5 framework like the goals cascade, enablers, and the distinction between governance and management.
This document provides information about a 2-day instructor-led training course on COBIT® 5 Foundation. COBIT® 5 is a framework for the governance and management of enterprise IT created by ISACA and ITGI. The training course covers the history, key features, principles, enablers, and implementation of COBIT® 5 to help students pass the COBIT® 5 Foundation exam. It is aimed at assurance, security, risk, and compliance professionals as well as business leaders involved in or affected by IT governance.
COBIT 5 is a comprehensive framework that helps enterprises govern and manage IT to create business value. It provides principles, practices and enablers to balance benefits, risks and resource use. Industry professionals were involved in reviewing COBIT 5 to ensure high quality. Training and additional guides are being developed to help professionals use COBIT 5 for tasks like assurance.
This is a summary of Control Objectives for Information and related Technology audit framework. Anyone can understand COBIT-19 framework within few slides. COBIT was published by ITGI, a nonprofit research entity created by ISACA
The document discusses cybersecurity risk management and the Framework for Improving Critical Infrastructure Cybersecurity. It addresses that cybersecurity requires managing risk through balancing business needs and protecting assets. It also discusses determining critical assets and prioritizing their protection, taking a layered security approach. The framework provides functions and categories to manage cybersecurity risks and align efforts with business strategies through application of technology, policies, training, and oversight.
This document provides information on a 5-day ISO 27001:2013 Lead Auditor training course. The course aims to provide an in-depth understanding of ISO 27001 requirements and principles for performing effective information security management system audits. Participants will gain auditing skills through classroom training, role-playing, workshops, and discussions. The course covers topics like understanding ISO 27001 clauses, auditing processes, risk assessments, and audit techniques. It does not require any IT technical skills. Successful completion involves an online exam with a passing score of 60% required to receive certification.
This document provides information on a 5-day ISO 27001:2013 Lead Auditor training course. The course aims to provide an in-depth understanding of ISO 27001 requirements and principles for performing effective information security management system audits. Participants will gain auditing skills through classroom training, role-playing, workshops, and discussions. The course covers topics like understanding ISO 27001 clauses, auditing processes, risk assessments, and audit techniques. It does not require any IT technical skills. Successful completion involves an online exam with a passing score of 60% required to receive certification.
The document provides an overview of digital marketing and content marketing strategies. It discusses key concepts like defining goals and metrics, identifying target audiences, creating different types of content, and measuring performance. Content marketing tactics include focusing on quality content, addressing pain points, optimizing content for mobile, and using various content formats and channels for distribution. Copywriting strategies involve crafting headlines, bullet points, and body copy that highlight problems and solutions to attract and persuade prospective customers."
This document outlines the agenda for a two-day workshop on customer service and communications. Day one will cover modules on communication, including effective listening techniques, prohibited phrases, questioning skills, and communication tools. Module three will discuss active listening and listening skills. Module four will cover the structure of telephone calls, including skills like answering, putting callers on hold, monogramming calls, and leaving a positive impression. The aim is to provide opportunities to practice excellent customer service and communications in various scenarios.
This document contains a trainer profile and outlines for workshop modules on excellent customer service and communications.
The trainer profile lists Leo Lourdes' qualifications, which include numerous IT and project management certifications, as well as experience as a certified trainer, auditor, and manager of service desks and IT service management.
The workshop aims to provide opportunities to practice customer service in various scenarios. Module 1 introduces world-class customer experiences and the importance of internal customer service. Module 2 focuses on developing customer service professional competencies like engaging the customer and understanding their needs. Activities emphasize treating both internal and external customers well through maintaining a positive attitude.
The document provides information about Leo Lourdes and his foundation in cyber security. Leo Lourdes has extensive training and certifications in IT management, information security, project management and other related fields. The objective of his foundation is to prevent harm to computer networks, applications, devices and data through security awareness training, vulnerability assessments, penetration testing and other methods.
The document provides information about Leo Lourdes and his foundation in cyber security. Leo Lourdes has extensive training and certifications in IT management, project management, information security and service management. The objective of his cyber security foundation is to prevent harm to computer networks, applications, devices and data. The training covers topics such as the CIA triad, security governance, risk management and cyber threats.
This document provides an overview of digital marketing and content marketing strategies. It discusses the shift from traditional to digital marketing, key digital marketing tactics like SEO, social media marketing, and email marketing. It also covers buyer personas, measuring customer lifetime value, copywriting strategies, and content marketing tactics. The goal of digital and content marketing is to educate potential customers and drive brand awareness, traffic, leads, and revenue through online content and campaigns.
The document discusses operational security, incident response, and disaster recovery. It provides overviews of security operations, the incident response process and roles, evaluation and analysis of incidents, response and mitigation, recovery and remediation, reporting, and lessons learned. The document also discusses disaster recovery planning, strategies, priority levels, roles and responsibilities, testing plans, communication with stakeholders, and the restoration process after a disaster.
The document discusses various topics related to asset management and data security in an IT environment. It covers:
- The importance of having policies for classifying, retaining, and destroying assets like data, hardware, software and documentation.
- Defining roles for data owners, custodians, system owners and administrators.
- Methods for securely storing, transmitting and destroying sensitive data.
- Vulnerabilities that can affect web-based systems and ways to assess security risks through scanning and testing.
The document discusses network security and provides recommendations for securing various network components and protocols. It covers securing routers, endpoints, physical network devices, and wireless networks. It also describes common network attack vectors and vulnerabilities in protocols like TCP/IP, DNS, and SMB. Recommendations include using encryption, patching systems, firewalls, hardening devices, and disabling unneeded services.
Security threats and controls were discussed, including cryptography and access control. An expert trainer profile was provided, detailing qualifications and experience in IT security management and implementation of standards such as ISO 27001, COBIT 5, and ITIL. Key security concepts such as the CIA triad of confidentiality, integrity and availability were explained.
Artificial intelligence (AI) is the intelligence exhibited by machines and their ability to mimic human behavior. There are three stages of AI development: artificial narrow intelligence, artificial general intelligence, and artificial super intelligence. Machine learning is a key application of AI that allows systems to automatically learn and improve from experience by recognizing patterns in data. Deep learning uses artificial neural networks for machine learning and has driven many new AI applications. AI impacts society positively by enhancing efficiency, adding jobs, strengthening the economy, and improving quality of life.
The document contains questions and answers related to AWS services. It covers topics like Amazon S3 storage classes, EBS volumes vs EFS file systems, DynamoDB vs RDS, AWS Well-Architected Framework pillars, Trusted Advisor categories, CloudWatch features, and load balancer types available with Elastic Load Balancing.
The document contains questions and multiple choice answers about AWS Identity and Access Management (IAM), Virtual Private Clouds (VPCs), Amazon EC2 instance types, Amazon EC2 purchasing options, and containerized application deployment. It covers topics like IAM policies, roles, and permissions; VPC and subnet configuration best practices; EC2 instance types for different workloads; Reserved Instance purchasing benefits; and using Amazon EKS for container management.
Here are the key steps to secure a new AWS account:
1. Create an AWS account and enable multi-factor authentication (MFA) for the root user. MFA adds an extra layer of protection on top of just a password.
2. Create individual IAM users for each person who will access the account rather than sharing credentials. Assign each user a unique set of permissions for their job function.
3. Enable IAM password policy and MFA authentication for IAM users. Strong password policies and MFA make it harder for unauthorized parties to access accounts if credentials are compromised.
4. Apply least privilege access. Only grant users and services the minimum permissions needed to perform their duties. Deny all other
This document provides a trainer profile for Leo Lourdes. It lists Leo's qualifications and certifications in areas such as IT management, ISO standards, project management, IT service management, information security, cloud computing, and call center training. It also lists Leo's experience in roles such as an ISO 20000-1:2011 management representative, IT service management manager, security and compliance manager, and certified trainer. Leo's contact information is provided at the bottom.
The document outlines steps to build a digital marketing plan and emerging digital marketing trends. It discusses 6 steps to create a digital marketing plan: 1) SWOT analysis, 2) identifying key variables, 3) setting goals, 4) developing a strategy, 5) selecting tactics, and 6) measuring results. It then covers emerging trends like using QR codes, chatbots, TikTok, Clubhouse, Waze, video marketing, podcasts, and more to engage customers.
This document discusses using data to optimize marketing strategies through understanding customer journeys. It emphasizes identifying the right marketing data from platforms like Facebook, Instagram, and email to understand customer demographics, psychographics, behaviors, and pain points. This allows segmentation of customers to create accurate personas and calculate customer lifetime value. The document also outlines inbound marketing tactics like content to move leads through the stages of awareness, interest, consideration, and action. The goal is to attract, engage, and delight customers at each stage of their journey with the brand.
This document provides information on social media marketing. It begins with definitions of social media and examples of popular social media platforms. It then discusses types of social media like social networks, media networks, discussion networks, and review networks. Popular social media marketing channels like Facebook, YouTube, WhatsApp, Facebook Messenger, and Instagram are explained. The document provides tips on choosing the right social media channel based on goals and audience. It also discusses best practices for creating and promoting content on social media.
The membership Module in the Odoo 17 ERPCeline George
Some business organizations give membership to their customers to ensure the long term relationship with those customers. If the customer is a member of the business then they get special offers and other benefits. The membership module in odoo 17 is helpful to manage everything related to the membership of multiple customers.
Split Shifts From Gantt View in the Odoo 17Celine George
Odoo allows users to split long shifts into multiple segments directly from the Gantt view.Each segment retains details of the original shift, such as employee assignment, start time, end time, and specific tasks or descriptions.
No, it's not a robot: prompt writing for investigative journalismPaul Bradshaw
How to use generative AI tools like ChatGPT and Gemini to generate story ideas for investigations, identify potential sources, and help with coding and writing.
A talk from the Centre for Investigative Journalism Summer School, July 2024
Front Desk Management in the Odoo 17 ERPCeline George
Front desk officers are responsible for taking care of guests and customers. Their work mainly involves interacting with customers and business partners, either in person or through phone calls.
Join educators from the US and worldwide at this year’s conference, themed “Strategies for Proficiency & Acquisition,” to learn from top experts in world language teaching.
Credit limit improvement system in odoo 17Celine George
In Odoo 17, confirmed and uninvoiced sales orders are now factored into a partner's total receivables. As a result, the credit limit warning system now considers this updated calculation, leading to more accurate and effective credit management.
AI Risk Management: ISO/IEC 42001, the EU AI Act, and ISO/IEC 23894PECB
As artificial intelligence continues to evolve, understanding the complexities and regulations regarding AI risk management is more crucial than ever.
Amongst others, the webinar covers:
• ISO/IEC 42001 standard, which provides guidelines for establishing, implementing, maintaining, and continually improving AI management systems within organizations
• insights into the European Union's landmark legislative proposal aimed at regulating AI
• framework and methodologies prescribed by ISO/IEC 23894 for identifying, assessing, and mitigating risks associated with AI systems
Presenters:
Miriama Podskubova - Attorney at Law
Miriama is a seasoned lawyer with over a decade of experience. She specializes in commercial law, focusing on transactions, venture capital investments, IT, digital law, and cybersecurity, areas she was drawn to through her legal practice. Alongside preparing contract and project documentation, she ensures the correct interpretation and application of European legal regulations in these fields. Beyond client projects, she frequently speaks at conferences on cybersecurity, online privacy protection, and the increasingly pertinent topic of AI regulation. As a registered advocate of Slovak bar, certified data privacy professional in the European Union (CIPP/e) and a member of the international association ELA, she helps both tech-focused startups and entrepreneurs, as well as international chains, to properly set up their business operations.
Callum Wright - Founder and Lead Consultant Founder and Lead Consultant
Callum Wright is a seasoned cybersecurity, privacy and AI governance expert. With over a decade of experience, he has dedicated his career to protecting digital assets, ensuring data privacy, and establishing ethical AI governance frameworks. His diverse background includes significant roles in security architecture, AI governance, risk consulting, and privacy management across various industries, thorough testing, and successful implementation, he has consistently delivered exceptional results.
Throughout his career, he has taken on multifaceted roles, from leading technical project management teams to owning solutions that drive operational excellence. His conscientious and proactive approach is unwavering, whether he is working independently or collaboratively within a team. His ability to connect with colleagues on a personal level underscores his commitment to fostering a harmonious and productive workplace environment.
Date: June 26, 2024
Tags: ISO/IEC 42001, Artificial Intelligence, EU AI Act, ISO/IEC 23894
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: ISO/IEC 42001 Artificial Intelligence Management System - EN | PECB
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
-------------------------------------------------------------------------------
The Jewish Trinity : Sabbath,Shekinah and Sanctuary 4.pdfJackieSparrow3
we may assume that God created the cosmos to be his great temple, in which he rested after his creative work. Nevertheless, his special revelatory presence did not fill the entire earth yet, since it was his intention that his human vice-regent, whom he installed in the garden sanctuary, would extend worldwide the boundaries of that sanctuary and of God’s presence. Adam, of course, disobeyed this mandate, so that humanity no longer enjoyed God’s presence in the little localized garden. Consequently, the entire earth became infected with sin and idolatry in a way it had not been previously before the fall, while yet in its still imperfect newly created state. Therefore, the various expressions about God being unable to inhabit earthly structures are best understood, at least in part, by realizing that the old order and sanctuary have been tainted with sin and must be cleansed and recreated before God’s Shekinah presence, formerly limited to heaven and the holy of holies, can dwell universally throughout creation
How to Store Data on the Odoo 17 WebsiteCeline George
Here we are going to discuss how to store data in Odoo 17 Website.
It includes defining a model with few fields in it. Add demo data into the model using data directory. Also using a controller, pass the values into the template while rendering it and display the values in the website.
Webinar Innovative assessments for SOcial Emotional SkillsEduSkills OECD
Presentations by Adriano Linzarini and Daniel Catarino da Silva of the OECD Rethinking Assessment of Social and Emotional Skills project from the OECD webinar "Innovations in measuring social and emotional skills and what AI will bring next" on 5 July 2024
How to Create Sequence Numbers in Odoo 17Celine George
Sequence numbers are mainly used to identify or differentiate each record in a module. Sequences are customizable and can be configured in a specific pattern such as suffix, prefix or a particular numbering scheme. This slide will show how to create sequence numbers in odoo 17.
2. TRAINER PROFILE
LEO LOURDES
(MBA IT Management, BoM Hons. HRM)
Certified in ITIL IT Service Management
Certified in Coaching and Calibration Skills for Call Center
Certified in Delivering Learning / Teaching by City & Guilds, United
Kingdom
Implementer of ISO 20000-1:2011
Certified in COBIT® 5
Certified in ISO 9001 Auditor (PECB)
Certified in PRINCE2® in Project Management
Certified in ITIL® Practitioner
Certified in ITIL® Intermediate Certificate in IT Service Operation
Certified in ITIL Information Security based on ISO/IEC 27002
Certified in ITIL for Cloud Computing
leo@thinkleosolutions.com
+6016-349 1793
Experience:
Certified Trainer
Certified IT Auditor & Consultant
Head of Service Desk
Call Quality Monitoring Expert
Senior CRM Delivery Analyst
Management Representative (MR) ISO 20000-1: 2011
IT Service Management (Incident, Problem, Change) Manager
Security, Compliance & Risk Management
3. Main case study
You are the Chief Architect entrusted with setting up the IT Operations
with governance and controls to cater to ever changing business
requirements.
You are from a team of Consulting providers who work with clients and
manage their services.
Throughout the next 2 days you will use COBIT to define and implement
controls for better governance in your organization
4. Benefits of COBIT 5
COBIT 5 helps enterprises create optimal value from IT by maintaining a
balance between realizing benefits and optimizing risk levels and resource use:
1. It is a business framework with top down view of business needs that create
goal cascade.
2. Enables IT to be governed and managed in holistic end to end manner for
entire enterprise.
3. Is generic and useful for all enterprises of any size and type.
4. Provides common language for the enterprise governance and management
of IT.
5. Is consistent with generally accepted corporate governance standards thus
help meet regulatory requirements.
5. Why COBIT 5?
1. ISACA Board of Directors direction: “Tie together and reinforce all
ISACA knowledge assets with COBIT.
2. Provide a renewed and authoritative governance and management
framework for enterprise information and related technology.
3. Integrate all major ISACA frameworks and guidance.
4. Align with other major frameworks and standards.
15. The Need of Goal Cascade
• Enterprise have many stakeholders.
• ‘Creating Value’ has different, sometimes conflicting, meanings for each.
• Governance is about:-
• Negotiating
• Deciding among different stakeholders value interests.
• Considering all stakeholders during decision making.
• For each decision, ask:-
• For whom are the benefits?
• Who bears the risk?
• What resources required?
• Stakeholder needs must be transformed into actionable strategy.
16. COBIT 5 Goal Cascade
Stakeholder Drivers
Stakeholder Needs
Enterprise Goals
Benefit
Realisation
Risk
Optimisation
Resource
Optimisation
Governance Objective: Value Creation
Example, strategy changes, changing business, new technologies
and etc.
IT Related Goals
Enabler Goals
Influences
Cascades To
Cascades To
Cascades To
Stakeholder needs can be related to a set of generic enterprise
goals.
Achievement of enterprise goals requires a number of IT
related outcomes.
Achieving IT related goals requires the successful application and use
of enablers.
21. Quiz 3
What are IT-related outcomes, required to achieve enterprise goals,
represented by?
a) IT-related goals
b) Enabler goals
c) IT balanced scorecard
d) Processes
22. Quiz 4
What are (3) key elements of governance objective that creates value to
meet stakeholder needs?
24. Governance Approach
Benefit
Realisation
Risk Optimisation
Resource
Optimisation
Governance Objective: Value Creation
Governance
Enablers
Governance
Scope
Roles, Activities and Relationships
Key components of Governance System
Governance Enablers are
organizational resources; such
as frameworks, structures,
principles, processes and
practices. Also include
enterprise resources like
service capabilities, people
and information.
Governance Scope can
be applied to entire
enterprise, an entity,
tangible or intangible
asset.
Roles, Activities and Relationships defines who involved in the governance, how they are involved, what
they do, how they interact within the scope of the governance system.
27. Governance and Management Framework Integrator
COBIT 5:
• Aligns with latest relevant standards and frameworks thus allows enterprise use COBIT 5 as
the overarching governance and management framework integrator.
• Is complete in enterprise coverage providing a basis to integrate effectively with other
frameworks, and practices used.
• Provides simple architecture for structuring guidance materials and producing a consistent
product set.
• Integrates all knowledge previously dispersed over different ISACA frameworks (previously
known as Information Systems Audit and Control Association, now goes on with the ISACA
acronym.
28. COBIT 5 Single Integrated Framework
1. Bringing together the existing ISACA guidance (COBIT 4.1, Val IT 2.0, Risk IT,
BMIS) into this single framework.
2. Complementing this content with areas needing further elaboration and updates.
3. Aligning to other relevant standards and frameworks, such as ITIL, TOGAF and
ISO standards.
1. Populating a COBIT 5 knowledge base that contains all guidance and content
produced now and will provide a structure for additional future content.
2. Providing a sound and comprehensive reference base of good practices.
Defining a set of governance and management enablers, which
provide a structure for all guidance materials.
30. COBIT 5 Enablers
• Factors that individually and collectively, influence whether something will work.
�� Driven by goal cascade.
• Described by the COBIT 5 framework in seven categories.
• Support a comprehensive governance and management system for enterprise of
IT.
34. COBIT 5 Enablers Dimensions
All enablers have a set of common dimensions. This set of common dimensions
1. Provides a common, simple and structured way to deal with enablers
2. Allows an entity (enablers) to manage its complex interactions
3. Facilitates successful outcomes of the enablers
35. Dimensions 1: Stakeholders
1. Each enabler has stakeholders (parties who play an active role and/or have an
interest in the enabler).
2. For example, processes have different parties who execute process activities
and/or who have an interest in the process outcomes.
3. Stakeholders can be internal or external to the enterprise, all having their
own, sometimes conflicting, interests and needs.
4. Stakeholders’ needs translate to enterprise goals, which in turn translate to IT-
related goals for the enterprise. (COBIT 5 Goal Cascade)
36. Dimensions 2: Goals
1. Each enabler has a number of goals, and enablers provide value by the
achievement of these goals.
2. Goals can be defined in terms of:
Expected outcomes of the enabler
Application or operation of the enabler itself
3. The enabler goals are the final step in the COBIT 5 goals cascade.
37. Dimensions 2: Goals Characteristics
A. Intrinsic quality:
The extent to which enablers work accurately, objectively and provide
reputable results.
B. Contextual quality:
The extent to which enablers and their outcomes are fit for purpose,
relevant, complete, current, appropriate, consistent, understandable
and easy to use.
C. Access and security:
The extent to which enablers and their outcomes are accessible and
secured.
38. Dimensions 3: Lifecycle
1.Each enabler has a life cycle, from inception through an operational/useful life
until disposal.
2.The phases of the life cycle consist of:
• Plan (includes concepts development and concepts selection)
• Design
• Build/acquire/create/implement
• Use/operate
• Evaluate/monitor
• Update/dispose
39. Dimensions 4: Good Practices
1.For each of the enablers, good practices can be defined.
2.Good practices support the achievement of the enabler goals.
3.Good practices provide examples or suggestions on how best to implement the
enabler, and what work products or inputs and outputs are required.
40. COBIT 5 Enabler Performance Management
1. Enterprises expect positive outcomes from the application and use of enablers.
2. Lag indicators (Achievement of Goals)
- What extent the goals are achieved?
• Are stakeholder needs addressed?
• Are enabler goals achieved?
3. Lead indicators (Application of Practice)
- Actual functioning of the enabler itself.
• Is the enabler life cycle managed?
• Are good practices applied?
42. Governance and Management Defined
Governance ensures stakeholders needs, conditions and options are:
• Evaluated to determine balanced, agreed-on enterprise objectives to be achieved.
• Setting direction through prioritization and decision making.
• Monitoring performance and compliance against agreed-on direction and objectives.
Management plans, builds, runs and monitors activities in alignment with the direction set by
the governance body to achieve the enterprise objectives. (PBRM)
45. COBIT 5: Process Reference Model
1. Details of 37 processes across five domains.
2. Governance: One domain (EDM) with 5 processes aligned with key process
area of (practice defined) - evaluating, directing and monitoring (EDM).
3. Management: Four domains with 32 processes aligned with key process area of
(responsibility areas) - plan, build, run & monitor (PBRM):-
Plan: APO (Align, Plan & Organize) -> 13 processes
Build: BAI (Build, Acquire & Implement) -> 10 processes
Run: DSS (Deliver, Service & Support) -> 6 processes
Monitor: MEA (Monitor, Evaluate & Assess) -> 3 processes
48. Quiz 6
In Process Reference Model, what does EDM key process area stands for Governance?
a) Plan, Organize & Align
b) Evaluate, Design & Measure
c) Evaluate, Direct & Monitor
d) Build, Acquire & Implement
49. Quiz 7
In Process Reference Model, what does DSS domain stands for Management?
a) Plan, Organize & Align
b) Deliver, Service & Support
c) Evaluate, Direct & Monitor
d) Build, Acquire & Implement
50. Quiz 8
In Process Reference Model, what does MEA domain stands for Management?
a) Plan, Organize & Align
b) Deliver, Service & Support
c) Monitor, Evaluate & Assess
d) Build, Acquire & Implement
51. Quiz 9
In Process Reference Model, how many processes are aligned to (Build,
Acquire & Implement) BAI domain in Management?
a) 6 processes
b) 10 processes
c) 13 processes
d) 60 processes
52. Quiz 10
In Process Reference Model, what does PBRM key process area stands
for Management?
58. Process Reference Model: Mapping to Current ISO/IEC 20000 Process
Domains COBIT 5 Process Current ISO/IEC 20000 Process
Align, Plan & Organize
(APO)
APO06 Manage Budget & Costs IT Financial Management
APO08 Management Relationships Business Relationship Management
APO09 Manage Service Agreements Service Level Management
APO10 Manage Suppliers Vendor Management
APO11 Manage Quality Quality Management System
APO13 Manage Security Information Security Management
59. Process Reference Model: Mapping to Current ISO/IEC 20000 Process
Domains COBIT 5 Process Current ISO/IEC 20000 Process
Build, Acquire &
Implement (BAI)
BAI04 Manage Availability &
Capacity
Availability Management
Capacity Management
BAI06 Manage Changes Change Management
BAI07 Manage Change Acceptance
and Transitioning
Release & Deployment Management
BAI10 Manage Configuration Configuration Management
60. Process Reference Model: Mapping to Current ISO/IEC 20000 Process
Domains COBIT 5 Process Current ISO/IEC 20000 Process
Deliver, Support &
Service (DSS)
DSS02 Manage Service Requests &
Incidents
Incident & Service Request Management
DSS03 Manage Problems Problem Management
DSS04 Manage Continuity IT Service & Continuity Management
61. Process Reference Model: Mapping to Current ISO/IEC 20000 Process
Domains COBIT 5 Process Current ISO/IEC 20000 Process
Monitor, Evaluate and
Assess (MEA)
MEA01 Monitor, Evaluate and
Assess Performance and
Conformance
Service Reporting
MEA02 Monitor, Evaluate and
Assess the System of Internal
Control
Internal Audit
MEA03 Monitor, Evaluate and
Assess Compliance With External
Requirements
Legal, Regulatory, and Contractual
Requirements