Download pptx - Introducing cobit 5-may2012_v1.0

Slide HeadingIntroducing COBIT® 5

Bob Frelinger, CGEITMay 18, 2012

Learning Objectives

Appreciate the Background Behind COBIT® 5

Understand the Five COBIT® 5 Principles

Understand the Seven COBIT® 5 Enablers

Know How to Navigate the “COBIT® 5” framework document

Know How to Navigate “COBIT® 5: Enabling Processes”

What’s Behind COBIT® 5

Some History…


References and Influencers…

Existing ISACA/ITGI Material:COBIT 4.1

Val ITRisk ITBMIS

IT Assurance FrameworkBoard Briefing on IT Governance

ISO Standards:IT Service Management

Quality ManagementRisk Management

Information Security Risk ManagementCorporate Governance of Information Technology

Process AssessmentBritish Standards:

Business Continuity Management

COBIT 5 Product Family

APM Introduction to Programme Management (UK)

Federal Enterprise Architecture (FEA) (USA)

The [European] Commission Enterprise IT Architecture

Framework (CEAF) (Belgium)

TOGAF® 9PMBOK2®

OGC (UK) Best Management Practice PortfolioManaging Successful Programmes (MSP)PRINCE2®

Information Technology Infrastructure Library (ITIL®),

Leading Change by John Kotter

King Code of Governance Principles (King III) (South Africa)

OECD Principles of Corporate Governance

(France)

Combined Code on Corporate Governance’ (UK)

BABOK® Guide

Balanced Scorecard

COSO


Global Expertise and Collaboration…

• Overseen by the ISACA/ITGI Framework Committee (FC)

• Research results were quality-controlled throughout the development process.

• Preliminary research involved several COBIT development groups based around the world.

• Before being issued, the draft documents were distributed to more than 100 subject matter experts around the world to obtain their professional review comments.

• Once ready, draft versions of COBIT 5 and COBIT 5: Enabling Processes were made available to the general public. Thousands of comments were received.

Source: Global Status Report on the Governance of Enterprise IT (GEIT) – 2011. Rolling Meadows, IL: ISACA & ITGI, 2011.

Importance of IT to the Delivery

of Business Strategy and Vision

Importance of IT

Why & What is COBIT® 5

Enterprises, large and small, commercial, not-for-profit or public sector, must create optimal value from IT by maintaining a balance between realizing benefits and optimizing risk levels and resource use.

Information and related technology needs to:• Be governed and managed in a holistic manner for the entire

enterprise, • Take in the full end-to-end business and IT functional areas of

responsibility, • Consider the IT-related interests of internal and external

stakeholders

The Business Case…

A BUSINESS FRAMEWORK FOR THE GOVERNANCE AND MANAGEMENT OF ENTERPRISE IT

IT-Related Issues


Drivers for GEIT Activities


Enterprise Readiness for GEIT


What is COBIT® 5

The Product Family…

Source: COBIT® 5, figure 1. © 2012 ISACA® All rights reserved.

Making It Real – Just Try It

• Integrate best, good and common industry practices • Cascade goals and objectives• Measure both performance toward, and achievement of,

goals• Take the holistic approach; end-to-end view• Link inputs and outputs of key management practices• Enable success through integration and alignment of

seemingly disconnected governance and management activities

Embrace the Concepts Embedded in COBIT 5…

COBIT® 5 Principles


Based on five key principles for governance

and management of enterprise IT

COBIT® 5 – Principle 1

Principle 1. Meeting Stakeholder Needs


Enterprises exist to create value for

their stakeholders.


The COBIT 5 goals cascade translates stakeholder needs into specific, actionable and customized goals within the context of the:

• Enterprise goals,

• IT-related goals and

• Enabler goals.


Principle 1. Meeting Stakeholder Needs

COBIT® 5 – Goals Cascade

Generic Model – Based on Sound Global Research

Mapping Stakeholder Needs to COBIT 5 Enterprise Goals

Mapping COBIT 5 Enterprise Goals to IT-related Goals

Mapping COBIT 5 IT-related Goals to Processes

Appendix B

Appendix D

Appendix C

Process Goals and Suggested MetricsCOBIT 5: Enabling Processes


Principle 2. Covering the Enterprise End-to-end

Source: COBIT® 5, figure 8 & 9 combined. © 2012 ISACA® All rights reserved.

• Enterprisewide, end-to-end perspective

• Information and related technology wherever that information is being processed

• NOT just the IT function

Governance System

Key Components


Principle 3. Applying a Single Integrated Framework

• Aligns with other standards and frameworks

• Complete in enterprise coverage

• Simple architecture for: • structuring guidance

materials• producing a consistent

product set

• Integrates all knowledge previously dispersed over different ISACA/ITGI frameworks



Principle 4. Enabling a Holistic Approach

• Driven by the goals cascade – goals define what enablers should achieve

• To achieve enterprise objectives consider an interconnected set of enablers

• Some enablers are the enterprise resources




1. The vehicles to translate the desired behavior into practical guidance for day-to-day management




2. Describe an organized set of practices and activities to achieve certain objectives and produce a set of outputs in support of achieving overall IT-related goals




3. Are the key decision-making entities in an enterprise. They can be the traditional vertical structures or horizontal (or lateral structures).


Organizational Structure

Formal org structure supported by cross-org structures



4. Applies to both individuals and of the enterprise; very often underestimated as a success factor in governance and management activities




5. Pervasive throughout any organization and includes all the information produced and used by the enterprise.




6. The infrastructure, technology and applications that provide the enterprise with information technology processing and services




7. People, and their skills and competencies, are required for:

• successful completion of all activities and

• for making correct decisions and

• taking corrective actions




Enabler Dimensions

This common set of dimensions:

• Provides a common, simple and structured way to deal with enablers

• Allows an entity to manage its complex interactions

• Facilitates successful outcomes of the enablers


All enablers have a set of

common dimensions.




Enabler Performance Management

Actual Outcomes Actual Functioning


Principle 5. Separating Governance from Management

• Different activities and different responsibilities

• Interactions between them are facilitated through the Enablers


(EDM)

(PBRM)

Implementation Guidance


Process Capability Model


A Business Framework for the Governance and Management of Enterprise IT

• Executive Summary• Overview of COBIT 5• A chapter on each of the five principles• Implementation Guidance• The COBIT 5 Process Capability Model• Appendices:

– References– Goals Maps– Stakeholder Needs and Enterprise Goals– Mapping with the Most Relevant Related Standards and Frameworks– COBIT 5 Information Model and COBIT 4.1 Information Criteria– Detailed Description of seven COBIT 5 Enablers– Glossary

What is COBIT® 5 – TOC

The Framework document…breaking it down

2 pages

2 pages

17 pages; 2 to 6 pages each

5 pages – intro to the Guide

5 pages – intro to the Model

1 page

5 pages2 pages

5 pages

1 page

23 pages; 2 to 6 pages each5 pages

A detailed reference guide to the processes that are defined in the COBIT 5 process reference model.

• Introduction• Goals Cascade and Metrics• Process Model• Process Reference Model• Process Reference Guide Contents

– Detailed process-related content structure – Inputs and Outputs– Generic Guidance for Processes– Detailed process content for each process

• Appendices:– Mapping COBIT 5 with legacy ISACA Frameworks – Goals Maps

COBIT® 5: Enabling Processes

Enabling Processes Enabler Guide…breaking it down

A detailed reference guide to the processes that are defined in the COBIT 5 process reference model.

• Introduction• Goals Cascade and Metrics• Process Model• Process Reference Model• Process Reference Guide Contents

– Detailed process-related content structure – Inputs and Outputs– Generic Guidance for Processes– Detailed process content for each process

• Appendices:– Mapping COBIT 5 with legacy ISACA Frameworks – Goals Maps

What is COBIT® 5

Enabling Processes Enabler Guide…breaking it down

1 page

6 pages

3 pages2 pages

3 pages

8 pages

one link to the Process Capability Model

See slide 36 for structure

repeats & extends framework

Broad or universal inputs and outputs

5 pages; repeat of maps in the framework

186 pages; 3- 9 pages each

Enabling Processes

Enabler Dimensions – Processes

Source: COBIT® 5: Enabling Processes, figure 8. © 2012 ISACA® All rights reserved.

Goals driven by goals cascade

Each process is defined, created, operated, and adjusted / updated or retired.

Process Reference ModelRACI charts

Process Capability

Model

Process Capability

Assessments

Limited number of example metrics

Process Reference Model

• Process Identification• Process Description• Process Purpose Statement• Goal Cascade Information• Process Goals and Metrics• RACI Chart• Detailed Description of Process Practices

– Practice title and description– Practice inputs and outputs w/indication of origin & destination– Process activities further detailing the practices

• Related Guidance

Process Content

Enabling Processes: Content Structure for All Processes

but remember the broad or universal inputs

Process Identification, Process Description, Process Purpose Statement

An Example Process

APO05 – Manage Portfolio

Goal Cascade Information

An Example Process


Process Goals and Metrics

An Example Process


An Example Process

An Example Process

Detailed Description of Process PracticesAPO05 – Manage Portfolio

An Example Process

Detailed Description of Process PracticesAPO05 – Manage Portfolio

An Example Process

Related Guidance


Learning Objectives

Appreciate the Background Behind COBIT® 5

Understand the Five COBIT® 5 Principles

Understand the Seven COBIT® 5 Enablers

Know How to Navigate the “COBIT® 5” framework document

Know How to Navigate “COBIT® 5: Enabling Processes”

Implementation Challenges


Questions?

[email protected] [email protected]