SlideShare a Scribd company logo

Cobit5 owerwiev and implementation proposal

Download as PPTX, PDF
Emilio Gratton
Emilio Gratton

introductory presentation on major key functions of COBIT5. if interested I can send the PPTX original file fully animated

TechnologyBusiness
1 of 28
Presented by Emilio Gratton ISACA Member n. 630629
2 1. COBIT 5 A. THE FRAMEWORK (A BIT OF HISTORY) B. PRINCIPLES C. ENABLING PROCESSES D. COVERAGE E. IMPLEMENTATION APPROACH 2. WAY-AHEAD OUTLINE
Governance of Enterprise IT COBIT 5 IT Governance COBIT4.0/4.1 Management COBIT3 Control COBIT2 An business framework from ISACA, at www.isaca.org/cobit Audit COBIT1 COBIT 5: Now One Complete Business Framework for 2005/720001998 Evolutionofscope 1996 2012 Val IT 2.0 (2008) Risk IT (2009) 4 © 2012 ISACA® All rights reserved.
5 COBIT 5 Product Family and framework Source: COBIT® 5, figure 11. © 2012 ISACA® All rights reserved.
The Five COBIT 5 Principles 7 ISO 38500 principles: 1. RESPONSABILITY 2. STRATEGY 3. ACQUISITION 4. PERFORMANCE 5. CONFORMANCE 6. HUMAN BEHAVIOUR
1. Meeting Stakeholder Needs Principle 1. Meeting Stakeholder Needs  Enterprises exist to create value for their stakeholders. 8 Source: COBIT® 5, figure 3. © 2012 ISACA® All rights reserved.
1. Meeting Stakeholder Needs (cont.) Principle 1. Meeting Stakeholder Needs:  Stakeholder needs have to be transformed into an enterprise’s actionable strategy.  The COBIT 5 goals cascade translates stakeholder needs into specific, actionable and customised goals within the context of the enterprise, IT-related goals and enabler goals. 9 Source: COBIT® 5, figure 4. © 2012 ISACA® All rights reserved. Cascades to Cascades to Cascades to Enterprise Goals IT-related Goals Enabler Goals
2. Covering the Enterprise End-to-end Key components of a governance system 10
. 11 3. Applying a Single Integrated Framework
4. Enabling a Holistic Approach (cont.) Principle 4. Enabling a Holistic Approach 12Source: COBIT® 5, figure 12. © 2012 ISACA® All rights reserved.
4. Enabling a Holistic Approach (cont). COBIT 5 Enabler Dimensions: 13 Source: COBIT® 5, figure 13. © 2012 ISACA® All rights reserved.
5. Separating Governance From Management (cont.) Principle 5. Separating Governance From Management: COBIT 5 is not prescriptive, but it advocates that organisations implement governance and management processes such that the key areas are covered, as shown. 14 Source: COBIT® 5, figure 15. © 2012 ISACA® All rights reserved.
COBIT 5: Enabling Processes 16 Source: COBIT® 5, figure 29. © 2012 ISACA® All rights reserved.
COBIT 5: Enabling Processes (cont.) 17
COBIT 5: COVERAGE 19 Evaluate, Direct and Monitor Align, Plan and Organise Build Acquire and Implement Delivery Service and Support Monitor, Evaluate and Asses ISO/IEC 38500 ISO/IEC 31000 TOGAF PRINCE2/PMBOK CMMI ITIL V3 2011 AND ISO/IEC 20000 ISO/IEC 27000
COBIT 5 Implementation 21 • Programme management (outer ring) • Change enablement (middle ring) • Continual improvement Life Cycle (inner ring) PROFESSIONAL GUIDE FOR A LIFE CYCLE PROGRAMME
1ST STEP: CREATING THE APPROPRIATE ENVIRONMENT 22 ROLES BOARD & EXECUTIVES Set direction for the programme, ensure alignment with enterprisewide governance and risk management, approve key programme roles and define responsibilities, and give visible support and commitment. Sponsor, communicate and promote the agreed-on initiative. Business management Provide appropriate stakeholders and champions to drive commitment and to support the programme. Nominate key programme roles and define and assign responsibilities. IT management Ensure that the business and executives understand and appreciate the high- level IT-related issues and objectives. Nominate key programme roles and define and assign responsibilities. Nominate a person to drive the programme in agreement with the business Internal audit Agree on the role and reporting arrangements for audit participation. Ensure that an adequate level of audit participation is provided through the duration of the programme Risk, compliance and legal Ensure an adequate level of participation through the duration of the programme.
1ST STEP: CREATING THE APPROPRIATE ENVIRONMENT 23 Board ITExecutiveCom m ittee CIO BusinessExecutive ITM anagersITProcessOw ners ITAudit Riskand Com pliance Program m eSteering SET DIRECTION FOR THE PROGRAMME. A R R C C I C C C PROVIDE PROGRAMME MANAGEMENT RESOURCES. C A R R C C R R I ESTABLISH AND MAINTAIN DIRECTION AND OVERSIGHT STRUCTURES AND PROCESSES. C A C I I I I I R ESTABLISH AND MAINTAIN PROGRAMME. I A R C C I I I R ALIGN APPROACHES WITH ENTERPRISE APPROACHES. I A R C C I C C R
COBIT5 IMPLEMENTATION STEP-AHEAD 25 SPIRAL APPROACH TO ENLARGE • SCOPE • COVERAGE • TOOLS ADOPTIONS
COBIT5 IMPLEMENTATION STEP-AHEAD 26 SCOPE Continual Improvement Life Cycle Program Plan CIO endorse Change Enablement
COBIT5 IMPLEMENTATION STEP-AHEAD 27 COVERAGE Teams (matrix procedures) Groups Main Boards Teams (single procedures)
COBIT5 IMPLEMENTATION STEP-AHEAD 28 TOOLS Enterprise Projects Test-bed or Proof-of-concept Pilot Project PMO aggregation

Recommended

COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise ITCOBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise ITMark Constable
 
cobit 2019 presentation.pdf
cobit 2019 presentation.pdfcobit 2019 presentation.pdf
cobit 2019 presentation.pdfmohammed539963
 
Implement cobit in your organization
Implement cobit in your organizationImplement cobit in your organization
Implement cobit in your organizationCheikh Hamallah DJIBA
 
Auditing SOX ITGC Compliance
Auditing SOX ITGC ComplianceAuditing SOX ITGC Compliance
Auditing SOX ITGC Complianceseanpizzy
 
Cobit 2019 framework by ISACA
Cobit 2019 framework by ISACACobit 2019 framework by ISACA
Cobit 2019 framework by ISACAMDFazlaRabbiAbir
 
IT Governance
IT GovernanceIT Governance
IT GovernanceCarlos Chalico
 
Cobit 5 - An Overview
Cobit 5 - An OverviewCobit 5 - An Overview
Cobit 5 - An OverviewAnurag Purohit
 
COBIT5 Introduction
COBIT5 IntroductionCOBIT5 Introduction
COBIT5 IntroductionMohammad Reda Katby
 

Recommended

COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise ITCOBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise ITMark Constable
 
cobit 2019 presentation.pdf
cobit 2019 presentation.pdfcobit 2019 presentation.pdf
cobit 2019 presentation.pdfmohammed539963
 
Implement cobit in your organization
Implement cobit in your organizationImplement cobit in your organization
Implement cobit in your organizationCheikh Hamallah DJIBA
 
Auditing SOX ITGC Compliance
Auditing SOX ITGC ComplianceAuditing SOX ITGC Compliance
Auditing SOX ITGC Complianceseanpizzy
 
Cobit 2019 framework by ISACA
Cobit 2019 framework by ISACACobit 2019 framework by ISACA
Cobit 2019 framework by ISACAMDFazlaRabbiAbir
 
IT Governance
IT GovernanceIT Governance
IT GovernanceCarlos Chalico
 
Cobit 5 - An Overview
Cobit 5 - An OverviewCobit 5 - An Overview
Cobit 5 - An OverviewAnurag Purohit
 
COBIT5 Introduction
COBIT5 IntroductionCOBIT5 Introduction
COBIT5 IntroductionMohammad Reda Katby
 
IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5Eryk Budi Pratama
 
NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101 NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101 Erick Kish, U.S. Commercial Service
 
IT Governance - COBIT Perspective
IT Governance - COBIT PerspectiveIT Governance - COBIT Perspective
IT Governance - COBIT PerspectiveSayyed Zakir Ali Rizwe
 
Introduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT managementIntroduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT managementChristian F. Nissen
 
An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019Gregor Polančič
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032PECB
 
Cobit
CobitCobit
Cobitifourkhushbooshah
 
It audit methodologies
It audit methodologiesIt audit methodologies
It audit methodologiesSalih Islam
 
IT Control Objectives for SOX
IT Control Objectives for SOXIT Control Objectives for SOX
IT Control Objectives for SOXMahesh Patwardhan
 
NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA
 
Introduction to it auditing
Introduction to it auditingIntroduction to it auditing
Introduction to it auditingDamilola Mosaku
 
How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?PECB
 
IT Governance - COBIT 5 Capability Assessment
IT Governance - COBIT 5 Capability AssessmentIT Governance - COBIT 5 Capability Assessment
IT Governance - COBIT 5 Capability AssessmentEryk Budi Pratama
 
ISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxDr Madhu Aman Sharma
 
SOX- IT Perspective
SOX- IT PerspectiveSOX- IT Perspective
SOX- IT PerspectiveNeelabh Srivastava
 
COBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdfCOBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdfMartinPatrici
 
Iso 27001 2013
Iso 27001 2013Iso 27001 2013
Iso 27001 2013Magda CHELLY, Ph.D, S-CISO, CISSP®
 
Presentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMPresentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMShantanu Rai
 
COBIT 5 Basic Concepts
COBIT 5 Basic ConceptsCOBIT 5 Basic Concepts
COBIT 5 Basic ConceptsSpyros Ktenas
 
ISO_ 27001:2022 Controls & Clauses.pptx
ISO_ 27001:2022 Controls & Clauses.pptxISO_ 27001:2022 Controls & Clauses.pptx
ISO_ 27001:2022 Controls & Clauses.pptxforam74
 
Cobit5 introduction
Cobit5 introductionCobit5 introduction
Cobit5 introductionTatto Sugiopranoto
 
Cobit® 5 Comparação com Cobit® 4
Cobit® 5 Comparação com Cobit® 4Cobit® 5 Comparação com Cobit® 4
Cobit® 5 Comparação com Cobit® 4brunise
 

More Related Content

What's hot

IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5Eryk Budi Pratama
 
Introduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT managementIntroduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT managementChristian F. Nissen
 
An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019Gregor Polančič
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032PECB
 
It audit methodologies
It audit methodologiesIt audit methodologies
It audit methodologiesSalih Islam
 
IT Control Objectives for SOX
IT Control Objectives for SOXIT Control Objectives for SOX
IT Control Objectives for SOXMahesh Patwardhan
 
NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA
 
Introduction to it auditing
Introduction to it auditingIntroduction to it auditing
Introduction to it auditingDamilola Mosaku
 
How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?PECB
 
IT Governance - COBIT 5 Capability Assessment
IT Governance - COBIT 5 Capability AssessmentIT Governance - COBIT 5 Capability Assessment
IT Governance - COBIT 5 Capability AssessmentEryk Budi Pratama
 
ISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxDr Madhu Aman Sharma
 
COBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdfCOBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdfMartinPatrici
 
Presentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMPresentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMShantanu Rai
 
COBIT 5 Basic Concepts
COBIT 5 Basic ConceptsCOBIT 5 Basic Concepts
COBIT 5 Basic ConceptsSpyros Ktenas
 
ISO_ 27001:2022 Controls & Clauses.pptx
ISO_ 27001:2022 Controls & Clauses.pptxISO_ 27001:2022 Controls & Clauses.pptx
ISO_ 27001:2022 Controls & Clauses.pptxforam74
 

What's hot (20)

IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5
 
NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101 NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101
 
IT Governance - COBIT Perspective
IT Governance - COBIT PerspectiveIT Governance - COBIT Perspective
IT Governance - COBIT Perspective
 
Introduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT managementIntroduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT management
 
An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032
 
Cobit
CobitCobit
Cobit
 
It audit methodologies
It audit methodologiesIt audit methodologies
It audit methodologies
 
IT Control Objectives for SOX
IT Control Objectives for SOXIT Control Objectives for SOX
IT Control Objectives for SOX
 
NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation Guide
 
Introduction to it auditing
Introduction to it auditingIntroduction to it auditing
Introduction to it auditing
 
How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?
 
IT Governance - COBIT 5 Capability Assessment
IT Governance - COBIT 5 Capability AssessmentIT Governance - COBIT 5 Capability Assessment
IT Governance - COBIT 5 Capability Assessment
 
ISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptx
 
SOX- IT Perspective
SOX- IT PerspectiveSOX- IT Perspective
SOX- IT Perspective
 
COBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdfCOBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdf
 
Iso 27001 2013
Iso 27001 2013Iso 27001 2013
Iso 27001 2013
 
Presentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMPresentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCM
 
COBIT 5 Basic Concepts
COBIT 5 Basic ConceptsCOBIT 5 Basic Concepts
COBIT 5 Basic Concepts
 
ISO_ 27001:2022 Controls & Clauses.pptx
ISO_ 27001:2022 Controls & Clauses.pptxISO_ 27001:2022 Controls & Clauses.pptx
ISO_ 27001:2022 Controls & Clauses.pptx
 

Similar to Cobit5 owerwiev and implementation proposal

Cobit® 5 Comparação com Cobit® 4
Cobit® 5 Comparação com Cobit® 4Cobit® 5 Comparação com Cobit® 4
Cobit® 5 Comparação com Cobit® 4brunise
 
02. cobit5 introduction
02. cobit5 introduction02. cobit5 introduction
02. cobit5 introductionMulyadi Yusuf
 
PPT-UEU-Topik-dalam-IT-Resources-Management-13.pptx
PPT-UEU-Topik-dalam-IT-Resources-Management-13.pptxPPT-UEU-Topik-dalam-IT-Resources-Management-13.pptx
PPT-UEU-Topik-dalam-IT-Resources-Management-13.pptxssuserd1791e
 
Introduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT managementIntroduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT managementChristian F. Nissen
 
Comparación de CobiT 5 con CobiT 4.1
Comparación de CobiT 5 con CobiT 4.1Comparación de CobiT 5 con CobiT 4.1
Comparación de CobiT 5 con CobiT 4.1Slime Argentina
 
COBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an IntroductionCOBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an Introductionaqel aqel
 
Cobit5 introduction
Cobit5 introductionCobit5 introduction
Cobit5 introductionsuhaskokate
 
Cobit5 laminate
Cobit5 laminateCobit5 laminate
Cobit5 laminateclaudiocj7
 
Qecb#iia#cobit5 training en_announce#201208
Qecb#iia#cobit5 training en_announce#201208Qecb#iia#cobit5 training en_announce#201208
Qecb#iia#cobit5 training en_announce#201208Patrick Soenen
 
02-cobit5-introduction.ppt
02-cobit5-introduction.ppt02-cobit5-introduction.ppt
02-cobit5-introduction.pptElonMotta
 
Cobit5 introduction
Cobit5 introductionCobit5 introduction
Cobit5 introductionMarkus Yaldu
 

Similar to Cobit5 owerwiev and implementation proposal (20)

Cobit5 introduction
Cobit5 introductionCobit5 introduction
Cobit5 introduction
 
Cobit® 5 Comparação com Cobit® 4
Cobit® 5 Comparação com Cobit® 4Cobit® 5 Comparação com Cobit® 4
Cobit® 5 Comparação com Cobit® 4
 
Cobit5 compare-with-4.1
Cobit5 compare-with-4.1Cobit5 compare-with-4.1
Cobit5 compare-with-4.1
 
02. cobit5 introduction
02. cobit5 introduction02. cobit5 introduction
02. cobit5 introduction
 
PPT-UEU-Topik-dalam-IT-Resources-Management-13.pptx
PPT-UEU-Topik-dalam-IT-Resources-Management-13.pptxPPT-UEU-Topik-dalam-IT-Resources-Management-13.pptx
PPT-UEU-Topik-dalam-IT-Resources-Management-13.pptx
 
Introduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT managementIntroduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT management
 
Co5bit
Co5bitCo5bit
Co5bit
 
Comparación de CobiT 5 con CobiT 4.1
Comparación de CobiT 5 con CobiT 4.1Comparación de CobiT 5 con CobiT 4.1
Comparación de CobiT 5 con CobiT 4.1
 
COBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an IntroductionCOBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an Introduction
 
Cobit5 introduction
Cobit5 introductionCobit5 introduction
Cobit5 introduction
 
Cobit5 and-grc
Cobit5 and-grcCobit5 and-grc
Cobit5 and-grc
 
Cobit5 laminate
Cobit5 laminateCobit5 laminate
Cobit5 laminate
 
Qecb#iia#cobit5 training en_announce#201208
Qecb#iia#cobit5 training en_announce#201208Qecb#iia#cobit5 training en_announce#201208
Qecb#iia#cobit5 training en_announce#201208
 
COBIT 5 FAQ
COBIT 5 FAQCOBIT 5 FAQ
COBIT 5 FAQ
 
Cobit 5 introduction plgr
Cobit 5 introduction plgrCobit 5 introduction plgr
Cobit 5 introduction plgr
 
02-cobit5-introduction.ppt
02-cobit5-introduction.ppt02-cobit5-introduction.ppt
02-cobit5-introduction.ppt
 
COBIT®5 - Foundation
COBIT®5 - FoundationCOBIT®5 - Foundation
COBIT®5 - Foundation
 
COBIT5-IntroductionS
COBIT5-IntroductionSCOBIT5-IntroductionS
COBIT5-IntroductionS
 
Cobit5 introduction
Cobit5 introductionCobit5 introduction
Cobit5 introduction
 
COBIT
COBITCOBIT
COBIT
 

Recently uploaded

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 

Recently uploaded (20)

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 

Cobit5 owerwiev and implementation proposal

  • 2. 2 1. COBIT 5 A. THE FRAMEWORK (A BIT OF HISTORY) B. PRINCIPLES C. ENABLING PROCESSES D. COVERAGE E. IMPLEMENTATION APPROACH 2. WAY-AHEAD OUTLINE
  • 3.
  • 4. Governance of Enterprise IT COBIT 5 IT Governance COBIT4.0/4.1 Management COBIT3 Control COBIT2 An business framework from ISACA, at www.isaca.org/cobit Audit COBIT1 COBIT 5: Now One Complete Business Framework for 2005/720001998 Evolutionofscope 1996 2012 Val IT 2.0 (2008) Risk IT (2009) 4 © 2012 ISACA® All rights reserved.
  • 5. 5 COBIT 5 Product Family and framework Source: COBIT® 5, figure 11. © 2012 ISACA® All rights reserved.
  • 6.
  • 7. The Five COBIT 5 Principles 7 ISO 38500 principles: 1. RESPONSABILITY 2. STRATEGY 3. ACQUISITION 4. PERFORMANCE 5. CONFORMANCE 6. HUMAN BEHAVIOUR
  • 8. 1. Meeting Stakeholder Needs Principle 1. Meeting Stakeholder Needs  Enterprises exist to create value for their stakeholders. 8 Source: COBIT® 5, figure 3. © 2012 ISACA® All rights reserved.
  • 9. 1. Meeting Stakeholder Needs (cont.) Principle 1. Meeting Stakeholder Needs:  Stakeholder needs have to be transformed into an enterprise’s actionable strategy.  The COBIT 5 goals cascade translates stakeholder needs into specific, actionable and customised goals within the context of the enterprise, IT-related goals and enabler goals. 9 Source: COBIT® 5, figure 4. © 2012 ISACA® All rights reserved. Cascades to Cascades to Cascades to Enterprise Goals IT-related Goals Enabler Goals
  • 10. 2. Covering the Enterprise End-to-end Key components of a governance system 10
  • 11. . 11 3. Applying a Single Integrated Framework
  • 12. 4. Enabling a Holistic Approach (cont.) Principle 4. Enabling a Holistic Approach 12Source: COBIT® 5, figure 12. © 2012 ISACA® All rights reserved.
  • 13. 4. Enabling a Holistic Approach (cont). COBIT 5 Enabler Dimensions: 13 Source: COBIT® 5, figure 13. © 2012 ISACA® All rights reserved.
  • 14. 5. Separating Governance From Management (cont.) Principle 5. Separating Governance From Management: COBIT 5 is not prescriptive, but it advocates that organisations implement governance and management processes such that the key areas are covered, as shown. 14 Source: COBIT® 5, figure 15. © 2012 ISACA® All rights reserved.
  • 15.
  • 16. COBIT 5: Enabling Processes 16 Source: COBIT® 5, figure 29. © 2012 ISACA® All rights reserved.
  • 17. COBIT 5: Enabling Processes (cont.) 17
  • 18.
  • 19. COBIT 5: COVERAGE 19 Evaluate, Direct and Monitor Align, Plan and Organise Build Acquire and Implement Delivery Service and Support Monitor, Evaluate and Asses ISO/IEC 38500 ISO/IEC 31000 TOGAF PRINCE2/PMBOK CMMI ITIL V3 2011 AND ISO/IEC 20000 ISO/IEC 27000
  • 20.
  • 21. COBIT 5 Implementation 21 • Programme management (outer ring) • Change enablement (middle ring) • Continual improvement Life Cycle (inner ring) PROFESSIONAL GUIDE FOR A LIFE CYCLE PROGRAMME
  • 22. 1ST STEP: CREATING THE APPROPRIATE ENVIRONMENT 22 ROLES BOARD & EXECUTIVES Set direction for the programme, ensure alignment with enterprisewide governance and risk management, approve key programme roles and define responsibilities, and give visible support and commitment. Sponsor, communicate and promote the agreed-on initiative. Business management Provide appropriate stakeholders and champions to drive commitment and to support the programme. Nominate key programme roles and define and assign responsibilities. IT management Ensure that the business and executives understand and appreciate the high- level IT-related issues and objectives. Nominate key programme roles and define and assign responsibilities. Nominate a person to drive the programme in agreement with the business Internal audit Agree on the role and reporting arrangements for audit participation. Ensure that an adequate level of audit participation is provided through the duration of the programme Risk, compliance and legal Ensure an adequate level of participation through the duration of the programme.
  • 23. 1ST STEP: CREATING THE APPROPRIATE ENVIRONMENT 23 Board ITExecutiveCom m ittee CIO BusinessExecutive ITM anagersITProcessOw ners ITAudit Riskand Com pliance Program m eSteering SET DIRECTION FOR THE PROGRAMME. A R R C C I C C C PROVIDE PROGRAMME MANAGEMENT RESOURCES. C A R R C C R R I ESTABLISH AND MAINTAIN DIRECTION AND OVERSIGHT STRUCTURES AND PROCESSES. C A C I I I I I R ESTABLISH AND MAINTAIN PROGRAMME. I A R C C I I I R ALIGN APPROACHES WITH ENTERPRISE APPROACHES. I A R C C I C C R
  • 24.
  • 25. COBIT5 IMPLEMENTATION STEP-AHEAD 25 SPIRAL APPROACH TO ENLARGE • SCOPE • COVERAGE • TOOLS ADOPTIONS
  • 26. COBIT5 IMPLEMENTATION STEP-AHEAD 26 SCOPE Continual Improvement Life Cycle Program Plan CIO endorse Change Enablement
  • 27. COBIT5 IMPLEMENTATION STEP-AHEAD 27 COVERAGE Teams (matrix procedures) Groups Main Boards Teams (single procedures)
  • 28. COBIT5 IMPLEMENTATION STEP-AHEAD 28 TOOLS Enterprise Projects Test-bed or Proof-of-concept Pilot Project PMO aggregation

Editor's Notes

  1. COBIT 5:The main, overarching COBIT 5 productContains the executive summary and the full description of all of the COBIT 5 framework components:The five COBIT 5 principlesThe seven COBIT 5 enablers plusAn introduction to the implementation guidance provided by ISACA (COBIT 5 Implementation)An introduction to the COBIT Assessment Programme (not specific to COBIT 5) and the process capability approach being adopted by ISACA for COBIT Future supporting products:Professional Guides:COBIT 5 for Information SecurityCOBIT 5 for AssuranceCOBIT 5 for RiskEnabler Guides:COBIT 5: Enabling InformationCOBIT Online ReplacementCOBIT Assessment Programme:Process Assessment Model (PAM): Using COBIT 5Assessor Guide: Using COBIT 5Self-assessment Guide: Using COBIT 5
  2. ISO 38500 principles mapping
  3. Principle 1. Meeting Stakeholder Needs:Enterprises have many stakeholders, and ‘creating value’ means different—and sometimes conflicting—things to each of them.Governance is about negotiating and deciding amongst different stakeholders’ value interests.The governance system should consider all stakeholders when making benefit, resource and risk assessment decisions.For each decision, the following can and should be asked: Who receives the benefits? Who bears the risk? What resources are required
  4. Principle 1. Meeting Stakeholder Needs:Stakeholder needs have to be transformed into an enterprise’s actionable strategy.The COBIT 5 goals cascade translates stakeholder needs into specific, actionable and customised goals within the context of the enterprise, IT-related goals and enabler goals.Benefits of the COBIT 5 goals cascade:It allows the definition of priorities for implementation, improvement and assurance of enterprise governance of IT based on (strategic) objectives of the enterprise and the related risk. In practice, the goals cascade:Defines relevant and tangible goals and objectives at various levels of responsibility.Filters the knowledge base of COBIT 5, based on enterprise goals to extract relevant guidance for inclusion in specific implementation, improvement or assurance projects.Clearly identifies and communicates how (sometimes very operational) enablers are important to achieve enterprise goals.
  5. Principle 2. Covering the Enterprise End-to-end:COBIT 5 addresses the governance and management of information and related technology from an enterprise wide, end-to-end perspective.This means that COBIT 5: Integrates governance of enterprise IT into enterprise governance, i.e., the governance system for enterprise IT proposed by COBIT 5 integrates seamlessly in any governance system because COBIT 5 aligns with the latest views on governance.Covers all functions and processes within the enterprise; COBIT 5 does not focus only on the ‘IT function’, but treats information and related technologies as assets that need to be dealt with just like any other asset by everyone in the enterprise
  6. Principle 3. Applying a Single Integrated Framework:COBIT 5 aligns with the latest relevant other standards and frameworks used by enterprises: Enterprise: COSO, COSO ERM, ISO/IEC 9000, ISO/IEC 31000IT-related: ISO/IEC 38500, ITIL, ISO/IEC 27000 series, TOGAF, PMBOK/PRINCE2, CMMIEtc.This allows the enterprise to use COBIT 5 as the overarching governance and management framework integrator.ISACA plans a capability to facilitate COBIT user mapping of practices and activities to third-party references
  7. Principle 4. Enabling a Holistic ApproachCOBIT 5 enablers are:Factors that, individually and collectively, influence whether something will work—in the case of COBIT, governance and management over enterprise IT Driven by the goals cascade, i.e., higher-level IT-related goals define what the different enablers should achieveDescribed by the COBIT 5 framework in seven categoriesProcesses—Describe an organised set of practices and activities to achieve certain objectives and produce a set of outputs in support of achieving overall IT-related goalsOrganisational structures—Are the key decision-making entities in an organisationCulture, ethics and behaviour—Of individuals and of the organisation; very often underestimated as a success factor in governance and management activitiesPrinciples, policies and frameworks—Are the vehicles to translate the desired behaviour into practical guidance for day-to-day managementInformation—Is pervasive throughout any organisation, i.e., deals with all information produced and used by the enterprise. Information is required for keeping the organisation running and well governed, but at the operational level, information is very often the key product of the enterprise itself.Services, infrastructure and applications—Include the infrastructure, technology and applications that provide the enterprise with information technology processing and servicesPeople, skills and competencies—Are linked to people and are required for successful completion of all activities and for making correct decisions and taking corrective actionsSystemic governance and management through interconnected enablers—To achieve the main objectives of the enterprise, it must always consider an interconnected set of enablers, i.e., each enabler:Needs the input of other enablers to be fully effective, e.g., processes need information, organisational structures need skills and behaviourDelivers output to the benefit of other enablers, e.g., processes deliver information, skills and behaviour make processes efficientThis is a KEY principle emerging from the ISACA development work around the Business Model for Information Security (BMIS).
  8. All enablers have a set of common dimensions. This set of common dimensions:Provides a common, simple and structured way to deal with enablersAllows an entity to manage its complex interactions Facilitates successful outcomes of the enablers
  9. Principle 5. Separating Governance From Management:The COBIT 5 framework makes a clear distinction between governance and management. These two disciplines:Encompass different types of activitiesRequire different organisational structuresServe different purposesGovernance—In most enterprises, governance is the responsibility of the board of directors under the leadership of the chairperson.Management—In most enterprises, management is the responsibility of the executive management under the leadership of the CEO.Governance ensures that stakeholders needs, conditions and options are evaluated to determine balanced, agreed-on enterprise objectives to be achieved; setting direction through prioritisation and decision making; and monitoring performance and compliance against agreed-on direction and objectives (EDM).Management plans, builds, runs and monitors activities in alignment with the direction set by the governance body to achieve the enterprise objectives (PBRM).The COBIT 5 framework describes seven categories of enablers(Principle 4). Processes are one category.An enterprise can organise its processes as it sees fit, as long as all necessary governance and management objectives are covered. Smaller enterprises may have fewer processes; larger and more complex enterprises may have many processes, all to cover the same objectives.COBIT 5 includes a process reference model (PRM), which defines and describes in detail a number of governance and management processes. The details of this specific enabler model can be found in the COBIT 5: Enabling Processes volume.
  10. COBIT 5: Enabling Processes complements COBIT 5 and contains a detailed reference guide to the processes that are defined in the COBIT 5 process reference model:In Chapter 2, the COBIT 5 goals cascade is recapitulated and complemented with a set of example metrics for the enterprise goals and the IT-related goals.In Chapter 3, the COBIT 5 process model is explained and its components defined.Chapter 4 shows the diagram of this process reference model.Chapter 5 contains the detailed process information for all 37 COBIT 5 processes in the process reference model.
  11. COBIT 5: Enabling Processes:The COBIT 5 process reference model subdivides the IT-related practices and activities of the enterprise into two main areas—governance and management— with management further divided into domains of processes:The GOVERNANCE domain contains five governance processes; within each process, evaluate, direct and monitor (EDM) practices are defined.The four MANAGEMENT domainsare in line with the responsibility areas of plan, build, run and monitor (PBRM).
  12. The improvement of the governance of enterprise IT (GEIT) is widely recognised by top management as an essential part of enterprise governance.Information and the pervasiveness of information technology are increasingly part of every aspect of business and public life.The need to drive more value from IT investments and manage an increasing array of IT-related risk has never been greater.Increasing regulation and legislation over business use of information is also driving heightened awareness of the importance of a well-governed and managed IT environment.ISACA has developed the COBIT 5 framework to help enterprises implement sound governance enablers. Indeed, implementing good GEIT is almost impossible without engaging an effective governance framework. Best practices and standards are also available to underpin COBIT 5.Frameworks, best practices and standards are useful only if they are adopted and adapted effectively. There are challenges that need to be overcome and issues that need to be addressed if GEIT is to be implemented successfully.COBIT 5: Implementation provides guidance on how to do this.COBIT 5: Implementation covers the following subjects:Positioning GEITwithin an enterpriseTaking the first steps towards improvingGEIT Implementation challenges and success factorsEnablingGEIT-related organisational and behavioural change Implementing continual improvement that includes change enablement and programme managementUsing COBIT 5 and its components