• Save
Cobit 5  Business Framework -Governance and Management of Enterprise IT
Upcoming SlideShare
Loading in...5

Cobit 5 Business Framework -Governance and Management of Enterprise IT



ISACA's Premier Product -COBIT Framework

ISACA's Premier Product -COBIT Framework



Total Views
Views on SlideShare
Embed Views



0 Embeds 0

No embeds



Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

Cobit 5  Business Framework -Governance and Management of Enterprise IT Cobit 5 Business Framework -Governance and Management of Enterprise IT Presentation Transcript

  • COBIT® 5.0 A Business Framework for Governance and Management of Enterprise IT Presented By Balasubramanian.C, B.E, ITIL®V3,PRINCE2®,COBIT®5.0 I.T.Project Manager – Supply Chain & EAM COBIT® is a Registered Trademark of ISACA® registered in United States of America and other countries. www.isaca.org
  • Reference: This presentation is excerpted and modified from ISACA’s COBIT and all related 10/23/2013 documents. 2
  • 1) Appreciate Background of COBIT ®5 2) COBIT 5 Product Family 3) Information & Enterprise Benefits 4) Stakeholder Value 5) COBIT® 5 Framework 6) COBIT® 5 [5 Priniciples] 7) COBIT® 5 [7 Enablers] 8) Governance & Management Process Domains 9) Goals Cascade using Balanced Score Card 10) Implementation Guidance 10/23/2013 3
  • 10/23/2013 4
  • 10/23/2013 5
  • 10/23/2013 6
  • 10/23/2013 7
  • 10/23/2013 8
  • 10/23/2013 9
  • IT is Complicated . IT Governance doesn’t have to be. 10/23/2013 10
  • 10/23/2013 11
  • 1) Appreciate Background of COBIT®5 COBIT®5: One Complete Business Framework for A Business Framework for Governance and Management of Enterprise 12 IT 10/23/2013
  • 2) COBIT®5 Product Family Source:COBIT®5 Implementation, figure 1. © 2012 ISACA®All rights reserved 10/23/2013 13
  • COBIT®5 Product Family - includes Implementation Guidance Documents have been Officially released COBIT®5 Framework COBIT®5 Enabling Process COBIT®5 Implementation 10/23/2013 14
  • COBIT®5 Product Family -A Set of Resources to help U Implement COBIT®5 effectively in your enterprise Documents have been Officially released COBIT®5 Information Security COBIT®5 for Risk COBIT®5 Process Assessment Programme COBIT®5 for Assurance 10/23/2013 15
  • COBIT®5 Product Family Documents under Development COBIT®5 Enabling Information COBIT 5 Translation COBIT 5 Online COBIT 5 Toolkit and materials Readily available for download 10/23/2013 16
  • 3) Information & Enterprise Benefits • Information is a key resource for all enterprises. • Information is created, used, retained, disclosed and destroyed. • Technology plays a key role in these actions. • Technology is becoming pervasive in all aspects of business and personal life. So what benefits do information and technology bring to enterprises? Enterprise and their executives strive to: 1. Maintain Quality Information to support Business decisions 2. Generate Business Value from IT-enabled investments, i.e., to achieve strategic goals and realise business benefits through effective and innovative use of IT. 3. Achieve operational excellence through reliable and efficient application of technology. 4. Maintain and Optimize IT related risk and Cost at acceptable level 10/23/2013 17
  • 4) Stakeholder Value How can above benefits be realised to create enterprise Stakeholder Value? A. Delivering enterprise stakeholder value requires good governance and management of information and technology (IT) assets. B. Enterprise boards, executives and management have to embrace IT like any other significant part of the business. C. External legal, regulatory and contractual compliance requirements related to enterprise use of information and technology are increasing, threatening value if breached. COBIT 5 provides a comprehensive framework that assists enterprises to achieve their goals and deliver value through effective GOVERNANCE and MANAGEMENT of ENTERPRISE IT 10/23/2013 18
  • 5) COBIT 5 Framework Simply Stated, COBIT 5 helps Enterprises create optimal value from IT by maintaining balance between realising benefits and optimizing risk levels and resource usage. COBIT 5 enables Information and Technology to be governed and managed in a holistic manner for the entire enterprise, taking in the full end-to end business and functional areas of responsibility, considering IT – related interests of Internal and External Stakeholders. COBIT 5 PRINCIPLES and ENABLERS are generic and useful for enterprises of all sizes, whether commercial, notfor-profit or in the public sector. 10/23/2013 19
  • 6) COBIT 5 [5 Priniciples] Source: COBIT® 5, figure 2. © 2012 ISACA® All rights reserved. 10/23/2013 20
  • 7) COBIT 5 [7 Enablers] Source: COBIT® 5, figure 12. © 2012 ISACA® All rights reserved. 10/23/2013 21
  • 8) Governance & Management Process Domains Governance Ensures that enterprise objectives achieved by EVALUATING stakeholder needs, conditions and options; setting DIRECTION through priortisation and decision making; and MONITORING performance, compliance and progress against agreed-on direction and objectives (EDM). Management PLANS, BIULDS, RUN, and MONITOR’s activities in alignment with the direction set by the governance body to achieve the enterprise objectives (PBRM). Exercising governance and management effectively in practice requires appropriately using all enablers. The COBIT process reference model allows us to focus easily on the relevant enterprise 22 activities. 10/23/2013
  • COBIT 5 is not prescriptive, but it advocates that enterprises implement governance and management processes such that key areas are covered as shown in above figure 15. Source: COBIT® 5, figure 15. © 2012 ISACA® All rights reserved. 10/23/2013 23
  • 10/23/2013 Source: COBIT® 5, © 2012 ISACA® All rights reserved. 24
  • Governance Domain (EDM) = 5 Processes Ensure, Direct and Monitor (EDM) Management Domain (PBRM) = 32 Processes Align, Plan and Organise (APO) Build, Acquire and Implement (BAI) Deliver, Service and Support (DSS) Monitor, Evaluate and Assess (MEA) 10/23/2013 25
  • 9) Goals Cascade using Balanced Score Card The COBIT5 goals cascade translates stakeholder needs into specific, practical and customized goals within the context of Enterprise, IT-related goals and Enabler Goals. Source: COBIT® 5, © 2012 ISACA® All rights reserved. 10/23/2013 26
  • 17 Generic Enterprise Goals mapped to 17 Generic IT Related Goals using BSC approach 10/23/2013 27
  • 17 Generic IT Related Goals mapped to IT Generic IT Related Process using BSC approach 10/23/2013 28
  • Stakeholder Needs – Internal Stakeholders & External Stakeholders 10/23/2013 29
  • Internal Stakeholders Board,CEO, chieffinancialofficer(CFO), chiefinformationofficer(CIO), businessexecutives, businessprocessowners, businessmanagers, riskmanagers,security managers, servicemanagers,HRmanagers, internalaudit,privacyofficers, ITusers,ITmanagers, etc. External Stakeholders Businesspartners, suppliers, shareholders, regulators/government externalusers, customers, standardisation organisations, externalauditors, consultants, etc. 10/23/2013 30
  • Internal Stakeholder Needs •How do I get value from IT? •How do I manage performance of IT? •How can I best exploit new technology for new strategic •opportunities? •How do I know whether I’m compliant with all applicable •regulations? •How do I best build and structure my IT department? •What are(control) requirements for Information? •Did I address all IT‐related risks? •Am I running an efficient and resilient IT operation? •How do I control cost of IT? 10/23/2013 31
  • External Stakeholder Needs •How do I know my business partner’s operations are secure and reliable? •How do I know the organisation is compliant with applicable rules and regulations? •How do I know the enterprise is maintaining an effective system of internal control? 10/23/2013 32
  • Enterprise Goals Mapped to Governance objectives using Balanced Scorecard approach 10/23/2013 33
  • IT Related Goals Mapped using Balanced Scorecard approach 10/23/2013 34
  • Stakeholder Need’s Mapped to Enterprise Goals Mapped using Balanced Scorecard approach 10/23/2013 35
  • COBIT 5 Implementation •The improvement of the governance of enterprise IT (GEIT) is widely recognised by top management as an essential part of enterprise governance. •Information and the pervasiveness of information technology are increasingly part of every aspect of business and public life. •The need to drive more value from IT investments and manage an increasing array of IT-related risk has never been greater. •Increasing regulation and legislation over business use of information is also driving heightened awareness of the importance of a well-governed and managed IT environment. •ISACA has developed the COBIT 5 framework to help enterprises implement sound governance enablers. Indeed, implementing good GEIT is almost impossible without engaging an effective governance framework. Best practices and standards are also available to underpin COBIT 5. 10/23/2013 36
  • COBIT 5 Implementation - Contd. • • • Frameworks, best practices and standards are useful only if they are adopted and adapted effectively. There are challenges that need to be overcome and issues that need to be addressed if GEIT is to be implemented successfully. COBIT 5: Implementation provides guidance on how to do this. COBIT 5: Implementation covers the following subjects: • Positioning GEIT within an enterprise • Taking the first steps towards improving GEIT • Implementation challenges and success factors • Enabling GEIT-related organisational and behavioural change • Implementing continual improvement that includes change enablement and programme management • Using COBIT 5 and its components 10/23/2013 37
  • COBIT 5 Implementation - Contd. 10/23/2013 Source: COBIT® 5, © 2012 ISACA® All rights reserved. 38
  • Questions 10/23/2013 39
  • Thank You Balasubramanian.C, B.E, ITIL®V3,PRINCE2®,COBIT®5 10/23/2013 40