SlideShare a Scribd company logo

COBIT 2019 Executive Summary_v1.1 .pdf

D
DiegoIvanAlvaradoVel

Guía COBIT

Leadership & Management
1 of 19
Download to read offline
© 2018 ISACA. All rights reserved. INTRODUCING Executive Summary November 2018
© 2018 ISACA. All rights reserved. COBIT® 2019 The globally recognized COBIT Framework, which helps ensure effective enterprise governance of information and technology, has been updated with new information and guidance, facilitating easier, tailored implementation— strengthening COBIT’s continuing role as an important driver of innovation and business transformation. This document sets the scene for the upcoming release of COBIT® 2019 guidance.
© 2018 ISACA. All rights reserved. Remembering John Lainhart • In dedication to John Lainhart, who was there from COBIT day -1 in 1995 until his passing in September 2018. • John was the relentless support behind many COBIT related projects, including COBIT 2019 . • ISACA is extremely grateful for John and his vision, and COBIT 2019 (and its progeny) are his legacy. Picture provided courtesy of Dirk Steuperaert
© 2018 ISACA. All rights reserved. COBIT 2019 DRIVERS AND BENEFITS
© 2018 ISACA. All rights reserved. COBIT 2019 UPDATE DRIVERS COBIT 2019 Optimizing I&T Governance Staying relevant in a changed environment Building on COBIT strengths and identifying opportunities Addressing COBIT 5 limitations
© 2018 ISACA. All rights reserved. COBIT 2019 OPTIMIZING I&T GOVERNANCE Enterprise Governance of I&T Business/IT Alignment Value Creation IT - used to refer to the organizational department with main responsibility for technology – versus I&T – all the information the enterprise generates, processes and uses to achieve its goals, as well as the technology to support that throughout the enterprise. COBIT 2019 Optimizing I&T Governance Staying relevant in a changed environment Building on COBIT strengths and identifying opportunities Addressing COBIT5 imperfections
© 2018 ISACA. All rights reserved. COBIT 2019 STAYING RELEVANT IN A CHANGED ENVIRONMENT • COBIT 5 was published in 2012, making it almost 7 years old • New technology and business trends in the use of IT (e.g. digitization) have not been incorporated into COBIT, requiring re-alignment • The need for the integration of new insights from practitioners, science and academia in the domain of I&T governance creation • Other standards have evolved, resulting in a different standards/frameworks landscape, requiring a re-alignment • More fluid and frequent updates of COBIT required COBIT 2019 Optimizing I&T Governance Staying relevant in a changed environment Building on COBIT strengths and identifying opportunities Addressing COBIT5 imperfections
© 2018 ISACA. All rights reserved. COBIT 2019 STAYING RELEVANT IN A CHANGED ENVIRONMENT COBIT 2019 Optimizing I&T Governance Staying relevant in a changed environment Building on COBIT strengths and identifying opportunities Addressing COBIT5 imperfections • US National Institute of Standards and Technology (NIST) standards: –NIST Cybersecurity Framework v1.1 –NIST SP 800 53 Rev 5 –NIST SP 800 37 Rev 2 (Risk Management Framework) • ISO/IEC 20000 • ISO/IEC 27000 family: –ISO/IEC 27001 –ISO/IEC 27002 –ISO/IEC 27004 –ISO/IEC 27005 • ISO/IEC 31000:2018 • ISO/IEC 38500 • ISO/IEC 38502 • A Guide to the Project Management Book of Knowledge: PMBOK® Guide, Sixth Edition, 2017 • The TOGAF® Standard, The Open Group • The Open Group IT4IT™ Reference Architecture, version 2.0 • CIS ® Critical Security Controls, Center for Internet Security • King IV Report on Corporate Governance™, 2016 • Scaled Agile Framework (SAFe®) • Cloud standards and good practices: • Amazon Web Services (AWS®) • Security Considerations for Cloud Computing, ISACA • Controls and Assurance in the Cloud: Using COBIT ® 5, ISACA • Enterprise Risk Management (ERM)— Integrated Framework, Committee of Sponsoring Organizations of the Treadway Commission (COSO), June 2017 • The TBM Taxonomy, The TBM Council • “Options for Transforming the IT Function Using Bimodal IT,” MIS Quarterly Executive (white paper) • ITIL V3 • HITRUST ® Common Security Framework, version 9, September 2017 • Change Management Methodology, Prosci • Skills Framework for the Information Age (SFIA® ) V6 • The Standard of Good Practice for Information Security, Information Security Forum (ISF), 2016 • CMMI V2.0 • The CMMI Cybermaturity Platform, 2018 • The Data Management Maturity Model, CMMI Institute, 2014 The COBIT 2019 development team looked at following standards/frameworks to align COBIT 2019 with:
© 2018 ISACA. All rights reserved. STRENGTHS • COBIT is a unique overarching IT Governance framework • COBIT process guidance has matured and has reached its best quality level yet • COBIT’s business perspective on IT brings a unique opportunity to further expand its impact OPPORTUNITIES • The current (target) audience for COBIT is still very much IT- and Assurance oriented • There is an opportunity to re-discover or re-launch some of COBIT hidden gems • More prescriptive implementation guidance such as incorporating specific design factors COBIT 2019 BUILDING ON COBIT STRENGTHS AND IDENTIFYING OPPORTUNITIES COBIT 2019 Optimizing I&T Governance Staying relevant in a changed environment Buildng on COBIT strengths and identifying opportunities Addressing COBIT5 imperfections
© 2018 ISACA. All rights reserved. • COBIT users find it hard to locate relevant contents for their needs • Perceived as complex and challenging to apply in practice • The enabler model is incomplete in terms of development and guidance, and thus often ignored • A challenging process capability model and general lack of support of performance management for other enablers • The perceived reputation of IT Governance itself as an inhibitor of change and (administrative) overhead – not per se a COBIT weakness but an IT Governance problem at large COBIT 2019 ADDRESSING COBIT 5 LIMITATIONS COBIT 2019 Optimizing I&T Governance Staying relevant in a changed environment Building on COBIT strengths and identifying opportunities Addressing COBIT5 limitations
© 2018 ISACA. All rights reserved. INTRODUCTION ENTERPRISE GOVERNANCE OF INFORMATION & TECHNOLOGY (EGIT) AND THE NATURE OF COBIT
© 2018 ISACA. All rights reserved. In the light of digital transformation, information and technology (I&T) have become crucial in the support, sustainability and growth of enterprises. • Previously, governing boards and senior management could delegate, ignore or avoid I&T-related decisions • In most sectors and industries, such attitudes are now ill advised • Digitized enterprises are increasingly dependent on I&T for survival and growth • Stakeholder value creation is often driven by a high degree of digitization in new business models, efficient processes, successful innovation, etc. INTRODUCTION ENTERPRISE GOVERNANCE OF INFORMATION AND TECHNOLOGY (EGIT)
© 2018 ISACA. All rights reserved. Given the centrality of I&T for enterprise risk management and value generation, a specific focus on enterprise governance of information and technology (EGIT) has arisen over the last two decades. EGIT is an integral part of corporate governance • Exercised by the board that oversees the definition and implementation of processes, structures and relational mechanisms • Enables both business and IT people to execute their responsibilities in support of business/IT alignment • Enables creation of business value from I&T-enabled business investments INTRODUCTION ENTERPRISE GOVERNANCE OF INFORMATION AND TECHNOLOGY (EGIT)
© 2018 ISACA. All rights reserved. Fundamentally, EGIT is concerned with value delivery from digital transformation and the mitigation of business risk that results from digital transformation. More specifically, three main outcomes can be expected after successful adoption of EGIT. INTRODUCTION ENTERPRISE GOVERNANCE OF INFORMATION AND TECHNOLOGY (EGIT) Benefits Realization Risk Optimization Resource Optimization
© 2018 ISACA. All rights reserved. COBIT is a framework for the governance and management of enterprise information and technology, aimed at the whole enterprise. • Enterprise I&T means all the technology and information processing the enterprise puts in place to achieve its goals, regardless of where this happens in the enterprise • Enterprise I&T is not limited to the IT department of an organization, but certainly includes it INTRODUCTION COBIT AS AN INFORMATION & TECHNOLOGY (I&T) FRAMEWORK
© 2018 ISACA. All rights reserved. Governance (Board Level) Management (Executive Level) INTRODUCTION GOVERNANCE AND MANAGEMENT DEFINED • Plans, builds, runs and monitors activities, in alignment with the direction set by the governance body, to achieve the enterprise objectives • Ensure stakeholder needs, conditions and options are evaluated to determine enterprise objectives • Ensure direction is set through prioritization and decision making • Ensure performance and compliance are monitored against objectives
© 2018 ISACA. All rights reserved. INTRODUCTION WHAT IS COBIT AND WHAT IT IS NOT: SETTING THE RIGHT EXPECTATIONS COBIT IS • A framework for the governance and management of enterprise I&T • COBIT defines the components to build and sustain a governance system • COBIT defines the design factors that should be considered by the enterprise to build a best fit governance system • COBIT is flexible and allows guidance on new topics to be added COBIT IS NOT • A full description of the whole IT environment of an enterprise • A framework to organize business processes • An (IT-) technical framework to manage all technology • COBIT does not make or prescribe any IT-related decisions
© 2018 ISACA. All rights reserved. APPENDIX
© 2018 ISACA. All rights reserved. ABOUT ISACA Nearing its 50th year, ISACA® (isaca.org) is a global association helping individuals and enterprises achieve the positive potential of technology. Today’s world is powered by technology, and ISACA equips professionals with the knowledge, credentials, education and community to advance their careers and transform their organizations. ISACA leverages the expertise of its 450,000 engaged professionals in information and cyber security, governance, assurance, risk and innovation, as well as its enterprise performance subsidiary, CMMI® Institute, to help advance innovation through technology. ISACA has a presence in 188 countries, including 217 chapters worldwide and offices in both the United States and China.

Recommended

Cobit 2019 foundation study material
Cobit 2019 foundation study materialCobit 2019 foundation study material
Cobit 2019 foundation study materialAnees Shaikh
 
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise ITCOBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise ITMark Constable
 
COBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdfCOBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdfMartinPatrici
 
An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019Gregor Polančič
 
Soc 2 attestation or ISO 27001 certification - Which is better for organization
Soc 2 attestation or ISO 27001 certification - Which is better for organizationSoc 2 attestation or ISO 27001 certification - Which is better for organization
Soc 2 attestation or ISO 27001 certification - Which is better for organizationVISTA InfoSec
 
IT Governance Vs IT Management Presentation V0.1
IT Governance Vs IT Management Presentation V0.1IT Governance Vs IT Management Presentation V0.1
IT Governance Vs IT Management Presentation V0.1Richard Willis
 
Cobit 2019 framework by ISACA
Cobit 2019 framework by ISACACobit 2019 framework by ISACA
Cobit 2019 framework by ISACAMDFazlaRabbiAbir
 
Introduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT managementIntroduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT managementChristian F. Nissen
 

Recommended

Cobit 2019 foundation study material
Cobit 2019 foundation study materialCobit 2019 foundation study material
Cobit 2019 foundation study materialAnees Shaikh
 
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise ITCOBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise ITMark Constable
 
COBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdfCOBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdfMartinPatrici
 
An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019Gregor Polančič
 
Soc 2 attestation or ISO 27001 certification - Which is better for organization
Soc 2 attestation or ISO 27001 certification - Which is better for organizationSoc 2 attestation or ISO 27001 certification - Which is better for organization
Soc 2 attestation or ISO 27001 certification - Which is better for organizationVISTA InfoSec
 
IT Governance Vs IT Management Presentation V0.1
IT Governance Vs IT Management Presentation V0.1IT Governance Vs IT Management Presentation V0.1
IT Governance Vs IT Management Presentation V0.1Richard Willis
 
Cobit 2019 framework by ISACA
Cobit 2019 framework by ISACACobit 2019 framework by ISACA
Cobit 2019 framework by ISACAMDFazlaRabbiAbir
 
Introduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT managementIntroduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT managementChristian F. Nissen
 
IT General Controls Presentation at IIA Vadodara Audit Club
IT General Controls Presentation at IIA Vadodara Audit ClubIT General Controls Presentation at IIA Vadodara Audit Club
IT General Controls Presentation at IIA Vadodara Audit ClubKaushal Trivedi
 
COBIT® Presentation Package.ppt
COBIT® Presentation Package.pptCOBIT® Presentation Package.ppt
COBIT® Presentation Package.pptEmmacuet
 
cobit 2019 presentation.pdf
cobit 2019 presentation.pdfcobit 2019 presentation.pdf
cobit 2019 presentation.pdfmohammed539963
 
Itil,cobit and ıso27001
Itil,cobit and ıso27001Itil,cobit and ıso27001
Itil,cobit and ıso27001Burcu Pelin TELLİ
 
How MITRE ATT&CK helps security operations
How MITRE ATT&CK helps security operationsHow MITRE ATT&CK helps security operations
How MITRE ATT&CK helps security operationsSergey Soldatov
 
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...PECB
 
Use COBIT for IT SAVINGS
Use COBIT for IT SAVINGSUse COBIT for IT SAVINGS
Use COBIT for IT SAVINGSSanjiv Arora
 
IT Governance - COBIT 5 Capability Assessment
IT Governance - COBIT 5 Capability AssessmentIT Governance - COBIT 5 Capability Assessment
IT Governance - COBIT 5 Capability AssessmentEryk Budi Pratama
 
Cybersecurity Maturity Model Certification
Cybersecurity Maturity Model CertificationCybersecurity Maturity Model Certification
Cybersecurity Maturity Model CertificationMurray Security Services
 
Introduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT managementIntroduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT managementChristian F. Nissen
 
IT Governance - COBIT Perspective
IT Governance - COBIT PerspectiveIT Governance - COBIT Perspective
IT Governance - COBIT PerspectiveSayyed Zakir Ali Rizwe
 
COBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an IntroductionCOBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an Introductionaqel aqel
 
Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Yokogawa1
 
Cybersecurity Capability Maturity Model (C2M2)
Cybersecurity Capability Maturity Model (C2M2)Cybersecurity Capability Maturity Model (C2M2)
Cybersecurity Capability Maturity Model (C2M2)Maganathin Veeraragaloo
 
ИБ АСУ ТП NON-STOP. Серия 4. Практика проведения аудитов информационной безоп...
ИБ АСУ ТП NON-STOP. Серия 4. Практика проведения аудитов информационной безоп...ИБ АСУ ТП NON-STOP. Серия 4. Практика проведения аудитов информационной безоп...
ИБ АСУ ТП NON-STOP. Серия 4. Практика проведения аудитов информационной безоп...Компания УЦСБ
 
ISO 27001:2022 What has changed.pdf
ISO 27001:2022 What has changed.pdfISO 27001:2022 What has changed.pdf
ISO 27001:2022 What has changed.pdfAndrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5Eryk Budi Pratama
 
ISO 27005:2022 Overview 221028.pdf
ISO 27005:2022 Overview 221028.pdfISO 27005:2022 Overview 221028.pdf
ISO 27005:2022 Overview 221028.pdfAndrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
Évolution des bonnes pratiques en sécurité de l’information
Évolution des bonnes pratiques en sécurité de l’information Évolution des bonnes pratiques en sécurité de l’information
Évolution des bonnes pratiques en sécurité de l’information ISACA Chapitre de Québec
 
COBIT5 Introduction
COBIT5 IntroductionCOBIT5 Introduction
COBIT5 IntroductionMohammad Reda Katby
 
COBIT-2019-Executive-Summary_v1.0.pptx
COBIT-2019-Executive-Summary_v1.0.pptxCOBIT-2019-Executive-Summary_v1.0.pptx
COBIT-2019-Executive-Summary_v1.0.pptxtonydwisusanto2
 
Cobi t 4.1-brochure
Cobi t 4.1-brochureCobi t 4.1-brochure
Cobi t 4.1-brochureDeloitte
 

More Related Content

What's hot

IT General Controls Presentation at IIA Vadodara Audit Club
IT General Controls Presentation at IIA Vadodara Audit ClubIT General Controls Presentation at IIA Vadodara Audit Club
IT General Controls Presentation at IIA Vadodara Audit ClubKaushal Trivedi
 
COBIT® Presentation Package.ppt
COBIT® Presentation Package.pptCOBIT® Presentation Package.ppt
COBIT® Presentation Package.pptEmmacuet
 
cobit 2019 presentation.pdf
cobit 2019 presentation.pdfcobit 2019 presentation.pdf
cobit 2019 presentation.pdfmohammed539963
 
How MITRE ATT&CK helps security operations
How MITRE ATT&CK helps security operationsHow MITRE ATT&CK helps security operations
How MITRE ATT&CK helps security operationsSergey Soldatov
 
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...PECB
 
Use COBIT for IT SAVINGS
Use COBIT for IT SAVINGSUse COBIT for IT SAVINGS
Use COBIT for IT SAVINGSSanjiv Arora
 
IT Governance - COBIT 5 Capability Assessment
IT Governance - COBIT 5 Capability AssessmentIT Governance - COBIT 5 Capability Assessment
IT Governance - COBIT 5 Capability AssessmentEryk Budi Pratama
 
Cybersecurity Maturity Model Certification
Cybersecurity Maturity Model CertificationCybersecurity Maturity Model Certification
Cybersecurity Maturity Model CertificationMurray Security Services
 
Introduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT managementIntroduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT managementChristian F. Nissen
 
COBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an IntroductionCOBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an Introductionaqel aqel
 
Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Yokogawa1
 
Cybersecurity Capability Maturity Model (C2M2)
Cybersecurity Capability Maturity Model (C2M2)Cybersecurity Capability Maturity Model (C2M2)
Cybersecurity Capability Maturity Model (C2M2)Maganathin Veeraragaloo
 
ИБ АСУ ТП NON-STOP. Серия 4. Практика проведения аудитов информационной безоп...
ИБ АСУ ТП NON-STOP. Серия 4. Практика проведения аудитов информационной безоп...ИБ АСУ ТП NON-STOP. Серия 4. Практика проведения аудитов информационной безоп...
ИБ АСУ ТП NON-STOP. Серия 4. Практика проведения аудитов информационной безоп...Компания УЦСБ
 
IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5Eryk Budi Pratama
 
Évolution des bonnes pratiques en sécurité de l’information
Évolution des bonnes pratiques en sécurité de l’information Évolution des bonnes pratiques en sécurité de l’information
Évolution des bonnes pratiques en sécurité de l’information ISACA Chapitre de Québec
 

What's hot (20)

IT General Controls Presentation at IIA Vadodara Audit Club
IT General Controls Presentation at IIA Vadodara Audit ClubIT General Controls Presentation at IIA Vadodara Audit Club
IT General Controls Presentation at IIA Vadodara Audit Club
 
COBIT® Presentation Package.ppt
COBIT® Presentation Package.pptCOBIT® Presentation Package.ppt
COBIT® Presentation Package.ppt
 
cobit 2019 presentation.pdf
cobit 2019 presentation.pdfcobit 2019 presentation.pdf
cobit 2019 presentation.pdf
 
Itil,cobit and ıso27001
Itil,cobit and ıso27001Itil,cobit and ıso27001
Itil,cobit and ıso27001
 
How MITRE ATT&CK helps security operations
How MITRE ATT&CK helps security operationsHow MITRE ATT&CK helps security operations
How MITRE ATT&CK helps security operations
 
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
 
Use COBIT for IT SAVINGS
Use COBIT for IT SAVINGSUse COBIT for IT SAVINGS
Use COBIT for IT SAVINGS
 
IT Governance - COBIT 5 Capability Assessment
IT Governance - COBIT 5 Capability AssessmentIT Governance - COBIT 5 Capability Assessment
IT Governance - COBIT 5 Capability Assessment
 
Cybersecurity Maturity Model Certification
Cybersecurity Maturity Model CertificationCybersecurity Maturity Model Certification
Cybersecurity Maturity Model Certification
 
Introduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT managementIntroduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT management
 
IT Governance - COBIT Perspective
IT Governance - COBIT PerspectiveIT Governance - COBIT Perspective
IT Governance - COBIT Perspective
 
COBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an IntroductionCOBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an Introduction
 
Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443
 
Cybersecurity Capability Maturity Model (C2M2)
Cybersecurity Capability Maturity Model (C2M2)Cybersecurity Capability Maturity Model (C2M2)
Cybersecurity Capability Maturity Model (C2M2)
 
ИБ АСУ ТП NON-STOP. Серия 4. Практика проведения аудитов информационной безоп...
ИБ АСУ ТП NON-STOP. Серия 4. Практика проведения аудитов информационной безоп...ИБ АСУ ТП NON-STOP. Серия 4. Практика проведения аудитов информационной безоп...
ИБ АСУ ТП NON-STOP. Серия 4. Практика проведения аудитов информационной безоп...
 
ISO 27001:2022 What has changed.pdf
ISO 27001:2022 What has changed.pdfISO 27001:2022 What has changed.pdf
ISO 27001:2022 What has changed.pdf
 
IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5
 
ISO 27005:2022 Overview 221028.pdf
ISO 27005:2022 Overview 221028.pdfISO 27005:2022 Overview 221028.pdf
ISO 27005:2022 Overview 221028.pdf
 
Évolution des bonnes pratiques en sécurité de l’information
Évolution des bonnes pratiques en sécurité de l’information Évolution des bonnes pratiques en sécurité de l’information
Évolution des bonnes pratiques en sécurité de l’information
 
COBIT5 Introduction
COBIT5 IntroductionCOBIT5 Introduction
COBIT5 Introduction
 

Similar to COBIT 2019 Executive Summary_v1.1 .pdf

COBIT-2019-Executive-Summary_v1.0.pptx
COBIT-2019-Executive-Summary_v1.0.pptxCOBIT-2019-Executive-Summary_v1.0.pptx
COBIT-2019-Executive-Summary_v1.0.pptxtonydwisusanto2
 
Cobi t 4.1-brochure
Cobi t 4.1-brochureCobi t 4.1-brochure
Cobi t 4.1-brochureDeloitte
 
Comparación de CobiT 5 con CobiT 4.1
Comparación de CobiT 5 con CobiT 4.1Comparación de CobiT 5 con CobiT 4.1
Comparación de CobiT 5 con CobiT 4.1Slime Argentina
 
Frameworks to drive value from your investment in Information Technology
Frameworks to drive value from your investment in Information TechnologyFrameworks to drive value from your investment in Information Technology
Frameworks to drive value from your investment in Information TechnologyJohn Halliday
 
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500PECB
 
IT Governance Framework
IT Governance FrameworkIT Governance Framework
IT Governance FrameworkSherri Booher
 
Cobit 4.1 ivooktavianti
Cobit 4.1 ivooktaviantiCobit 4.1 ivooktavianti
Cobit 4.1 ivooktaviantiIvo Oktavianti
 
IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing world IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing worldPECB
 
Cobit5 introduction
Cobit5 introductionCobit5 introduction
Cobit5 introductionsuhaskokate
 

Similar to COBIT 2019 Executive Summary_v1.1 .pdf (20)

COBIT-2019-Executive-Summary_v1.0.pptx
COBIT-2019-Executive-Summary_v1.0.pptxCOBIT-2019-Executive-Summary_v1.0.pptx
COBIT-2019-Executive-Summary_v1.0.pptx
 
Cobi t 4.1-brochure
Cobi t 4.1-brochureCobi t 4.1-brochure
Cobi t 4.1-brochure
 
Comparación de CobiT 5 con CobiT 4.1
Comparación de CobiT 5 con CobiT 4.1Comparación de CobiT 5 con CobiT 4.1
Comparación de CobiT 5 con CobiT 4.1
 
COBIT 5 FAQ
COBIT 5 FAQCOBIT 5 FAQ
COBIT 5 FAQ
 
Frameworks to drive value from your investment in Information Technology
Frameworks to drive value from your investment in Information TechnologyFrameworks to drive value from your investment in Information Technology
Frameworks to drive value from your investment in Information Technology
 
Cobit overview
Cobit overviewCobit overview
Cobit overview
 
Cobit 4.1 indri
Cobit 4.1 indriCobit 4.1 indri
Cobit 4.1 indri
 
COBIT Intor.pptx
COBIT Intor.pptxCOBIT Intor.pptx
COBIT Intor.pptx
 
Darmin ritonga 11353205418
Darmin ritonga 11353205418Darmin ritonga 11353205418
Darmin ritonga 11353205418
 
cobit 2019 -current-user - ISACA Publication
cobit 2019 -current-user - ISACA Publicationcobit 2019 -current-user - ISACA Publication
cobit 2019 -current-user - ISACA Publication
 
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500
 
IT Governance Framework
IT Governance FrameworkIT Governance Framework
IT Governance Framework
 
Lailatul izzati
Lailatul izzatiLailatul izzati
Lailatul izzati
 
CobiT Foundation Free Training
CobiT Foundation Free TrainingCobiT Foundation Free Training
CobiT Foundation Free Training
 
Cobit5 introduction
Cobit5 introductionCobit5 introduction
Cobit5 introduction
 
Cobit 4.1 ivo oktavianti
Cobit 4.1 ivo oktaviantiCobit 4.1 ivo oktavianti
Cobit 4.1 ivo oktavianti
 
Cobit 4.1 ivooktavianti
Cobit 4.1 ivooktaviantiCobit 4.1 ivooktavianti
Cobit 4.1 ivooktavianti
 
Cobit 4.1 ivo oktavianti
Cobit 4.1 ivo oktaviantiCobit 4.1 ivo oktavianti
Cobit 4.1 ivo oktavianti
 
IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing world IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing world
 
Cobit5 introduction
Cobit5 introductionCobit5 introduction
Cobit5 introduction
 

Recently uploaded

Day 0- Bootcamp Roadmap for PLC Bootcamp
Day 0- Bootcamp Roadmap for PLC BootcampDay 0- Bootcamp Roadmap for PLC Bootcamp
Day 0- Bootcamp Roadmap for PLC BootcampPLCLeadershipDevelop
 
VIP 7001035870 Find & Meet Hyderabad Call Girls Ameerpet high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls Ameerpet high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls Ameerpet high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls Ameerpet high-profile Call Girladitipandeya
 
Board Diversity Initiaive Launch Presentation
Board Diversity Initiaive Launch PresentationBoard Diversity Initiaive Launch Presentation
Board Diversity Initiaive Launch Presentationcraig524401
 
Introduction to LPC - Facility Design And Re-Engineering
Introduction to LPC - Facility Design And Re-EngineeringIntroduction to LPC - Facility Design And Re-Engineering
Introduction to LPC - Facility Design And Re-Engineeringthomas851723
 
Risk management in surgery (bailey and love).pptx
Risk management in surgery (bailey and love).pptxRisk management in surgery (bailey and love).pptx
Risk management in surgery (bailey and love).pptxSaujanya Jung Pandey
 
LPC Warehouse Management System For Clients In The Business Sector
LPC Warehouse Management System For Clients In The Business SectorLPC Warehouse Management System For Clients In The Business Sector
LPC Warehouse Management System For Clients In The Business Sectorthomas851723
 
GENUINE Babe,Call Girls IN Badarpur Delhi | +91-8377087607
GENUINE Babe,Call Girls IN Badarpur Delhi | +91-8377087607GENUINE Babe,Call Girls IN Badarpur Delhi | +91-8377087607
GENUINE Babe,Call Girls IN Badarpur Delhi | +91-8377087607dollysharma2066
 
CEO of Google, Sunder Pichai's biography
CEO of Google, Sunder Pichai's biographyCEO of Google, Sunder Pichai's biography
CEO of Google, Sunder Pichai's biographyHafizMuhammadAbdulla5
 
Training Methods and Training Objectives
Training Methods and Training ObjectivesTraining Methods and Training Objectives
Training Methods and Training Objectivesmintusiprd
 
{ 9892124323 }} Call Girls & Escorts in Hotel JW Marriott juhu, Mumbai
{ 9892124323 }} Call Girls & Escorts in Hotel JW Marriott juhu, Mumbai{ 9892124323 }} Call Girls & Escorts in Hotel JW Marriott juhu, Mumbai
{ 9892124323 }} Call Girls & Escorts in Hotel JW Marriott juhu, MumbaiPooja Nehwal
 
Fifteenth Finance Commission Presentation
Fifteenth Finance Commission PresentationFifteenth Finance Commission Presentation
Fifteenth Finance Commission Presentationmintusiprd
 
CALL ON ➥8923113531 🔝Call Girls Charbagh Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Charbagh Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Charbagh Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Charbagh Lucknow best sexual serviceanilsa9823
 
VIP Kolkata Call Girl Rajarhat 👉 8250192130 Available With Room
VIP Kolkata Call Girl Rajarhat 👉 8250192130 Available With RoomVIP Kolkata Call Girl Rajarhat 👉 8250192130 Available With Room
VIP Kolkata Call Girl Rajarhat 👉 8250192130 Available With Roomdivyansh0kumar0
 
LPC User Requirements for Automated Storage System Presentation
LPC User Requirements for Automated Storage System PresentationLPC User Requirements for Automated Storage System Presentation
LPC User Requirements for Automated Storage System Presentationthomas851723
 
LPC Facility Design And Re-engineering Presentation
LPC Facility Design And Re-engineering PresentationLPC Facility Design And Re-engineering Presentation
LPC Facility Design And Re-engineering Presentationthomas851723
 
LPC Operations Review PowerPoint | Operations Review
LPC Operations Review PowerPoint | Operations ReviewLPC Operations Review PowerPoint | Operations Review
LPC Operations Review PowerPoint | Operations Reviewthomas851723
 
Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...
Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...
Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...Pooja Nehwal
 

Recently uploaded (20)

Day 0- Bootcamp Roadmap for PLC Bootcamp
Day 0- Bootcamp Roadmap for PLC BootcampDay 0- Bootcamp Roadmap for PLC Bootcamp
Day 0- Bootcamp Roadmap for PLC Bootcamp
 
VIP 7001035870 Find & Meet Hyderabad Call Girls Ameerpet high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls Ameerpet high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls Ameerpet high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls Ameerpet high-profile Call Girl
 
Board Diversity Initiaive Launch Presentation
Board Diversity Initiaive Launch PresentationBoard Diversity Initiaive Launch Presentation
Board Diversity Initiaive Launch Presentation
 
Introduction to LPC - Facility Design And Re-Engineering
Introduction to LPC - Facility Design And Re-EngineeringIntroduction to LPC - Facility Design And Re-Engineering
Introduction to LPC - Facility Design And Re-Engineering
 
Risk management in surgery (bailey and love).pptx
Risk management in surgery (bailey and love).pptxRisk management in surgery (bailey and love).pptx
Risk management in surgery (bailey and love).pptx
 
LPC Warehouse Management System For Clients In The Business Sector
LPC Warehouse Management System For Clients In The Business SectorLPC Warehouse Management System For Clients In The Business Sector
LPC Warehouse Management System For Clients In The Business Sector
 
GENUINE Babe,Call Girls IN Badarpur Delhi | +91-8377087607
GENUINE Babe,Call Girls IN Badarpur Delhi | +91-8377087607GENUINE Babe,Call Girls IN Badarpur Delhi | +91-8377087607
GENUINE Babe,Call Girls IN Badarpur Delhi | +91-8377087607
 
CEO of Google, Sunder Pichai's biography
CEO of Google, Sunder Pichai's biographyCEO of Google, Sunder Pichai's biography
CEO of Google, Sunder Pichai's biography
 
Becoming an Inclusive Leader - Bernadette Thompson
Becoming an Inclusive Leader - Bernadette ThompsonBecoming an Inclusive Leader - Bernadette Thompson
Becoming an Inclusive Leader - Bernadette Thompson
 
Training Methods and Training Objectives
Training Methods and Training ObjectivesTraining Methods and Training Objectives
Training Methods and Training Objectives
 
{ 9892124323 }} Call Girls & Escorts in Hotel JW Marriott juhu, Mumbai
{ 9892124323 }} Call Girls & Escorts in Hotel JW Marriott juhu, Mumbai{ 9892124323 }} Call Girls & Escorts in Hotel JW Marriott juhu, Mumbai
{ 9892124323 }} Call Girls & Escorts in Hotel JW Marriott juhu, Mumbai
 
Call Girls Service Tilak Nagar @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICE
Call Girls Service Tilak Nagar @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICECall Girls Service Tilak Nagar @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICE
Call Girls Service Tilak Nagar @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICE
 
Fifteenth Finance Commission Presentation
Fifteenth Finance Commission PresentationFifteenth Finance Commission Presentation
Fifteenth Finance Commission Presentation
 
CALL ON ➥8923113531 🔝Call Girls Charbagh Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Charbagh Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Charbagh Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Charbagh Lucknow best sexual service
 
VIP Kolkata Call Girl Rajarhat 👉 8250192130 Available With Room
VIP Kolkata Call Girl Rajarhat 👉 8250192130 Available With RoomVIP Kolkata Call Girl Rajarhat 👉 8250192130 Available With Room
VIP Kolkata Call Girl Rajarhat 👉 8250192130 Available With Room
 
LPC User Requirements for Automated Storage System Presentation
LPC User Requirements for Automated Storage System PresentationLPC User Requirements for Automated Storage System Presentation
LPC User Requirements for Automated Storage System Presentation
 
LPC Facility Design And Re-engineering Presentation
LPC Facility Design And Re-engineering PresentationLPC Facility Design And Re-engineering Presentation
LPC Facility Design And Re-engineering Presentation
 
LPC Operations Review PowerPoint | Operations Review
LPC Operations Review PowerPoint | Operations ReviewLPC Operations Review PowerPoint | Operations Review
LPC Operations Review PowerPoint | Operations Review
 
sauth delhi call girls in Defence Colony🔝 9953056974 🔝 escort Service
sauth delhi call girls in Defence Colony🔝 9953056974 🔝 escort Servicesauth delhi call girls in Defence Colony🔝 9953056974 🔝 escort Service
sauth delhi call girls in Defence Colony🔝 9953056974 🔝 escort Service
 
Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...
Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...
Call now : 9892124323 Nalasopara Beautiful Call Girls Vasai virar Best Call G...
 

COBIT 2019 Executive Summary_v1.1 .pdf

  • 1. © 2018 ISACA. All rights reserved. INTRODUCING Executive Summary November 2018
  • 2. © 2018 ISACA. All rights reserved. COBIT® 2019 The globally recognized COBIT Framework, which helps ensure effective enterprise governance of information and technology, has been updated with new information and guidance, facilitating easier, tailored implementation— strengthening COBIT’s continuing role as an important driver of innovation and business transformation. This document sets the scene for the upcoming release of COBIT® 2019 guidance.
  • 3. © 2018 ISACA. All rights reserved. Remembering John Lainhart • In dedication to John Lainhart, who was there from COBIT day -1 in 1995 until his passing in September 2018. • John was the relentless support behind many COBIT related projects, including COBIT 2019 . • ISACA is extremely grateful for John and his vision, and COBIT 2019 (and its progeny) are his legacy. Picture provided courtesy of Dirk Steuperaert
  • 4. © 2018 ISACA. All rights reserved. COBIT 2019 DRIVERS AND BENEFITS
  • 5. © 2018 ISACA. All rights reserved. COBIT 2019 UPDATE DRIVERS COBIT 2019 Optimizing I&T Governance Staying relevant in a changed environment Building on COBIT strengths and identifying opportunities Addressing COBIT 5 limitations
  • 6. © 2018 ISACA. All rights reserved. COBIT 2019 OPTIMIZING I&T GOVERNANCE Enterprise Governance of I&T Business/IT Alignment Value Creation IT - used to refer to the organizational department with main responsibility for technology – versus I&T – all the information the enterprise generates, processes and uses to achieve its goals, as well as the technology to support that throughout the enterprise. COBIT 2019 Optimizing I&T Governance Staying relevant in a changed environment Building on COBIT strengths and identifying opportunities Addressing COBIT5 imperfections
  • 7. © 2018 ISACA. All rights reserved. COBIT 2019 STAYING RELEVANT IN A CHANGED ENVIRONMENT • COBIT 5 was published in 2012, making it almost 7 years old • New technology and business trends in the use of IT (e.g. digitization) have not been incorporated into COBIT, requiring re-alignment • The need for the integration of new insights from practitioners, science and academia in the domain of I&T governance creation • Other standards have evolved, resulting in a different standards/frameworks landscape, requiring a re-alignment • More fluid and frequent updates of COBIT required COBIT 2019 Optimizing I&T Governance Staying relevant in a changed environment Building on COBIT strengths and identifying opportunities Addressing COBIT5 imperfections
  • 8. © 2018 ISACA. All rights reserved. COBIT 2019 STAYING RELEVANT IN A CHANGED ENVIRONMENT COBIT 2019 Optimizing I&T Governance Staying relevant in a changed environment Building on COBIT strengths and identifying opportunities Addressing COBIT5 imperfections • US National Institute of Standards and Technology (NIST) standards: –NIST Cybersecurity Framework v1.1 –NIST SP 800 53 Rev 5 –NIST SP 800 37 Rev 2 (Risk Management Framework) • ISO/IEC 20000 • ISO/IEC 27000 family: –ISO/IEC 27001 –ISO/IEC 27002 –ISO/IEC 27004 –ISO/IEC 27005 • ISO/IEC 31000:2018 • ISO/IEC 38500 • ISO/IEC 38502 • A Guide to the Project Management Book of Knowledge: PMBOK® Guide, Sixth Edition, 2017 • The TOGAF® Standard, The Open Group • The Open Group IT4IT™ Reference Architecture, version 2.0 • CIS ® Critical Security Controls, Center for Internet Security • King IV Report on Corporate Governance™, 2016 • Scaled Agile Framework (SAFe®) • Cloud standards and good practices: • Amazon Web Services (AWS®) • Security Considerations for Cloud Computing, ISACA • Controls and Assurance in the Cloud: Using COBIT ® 5, ISACA • Enterprise Risk Management (ERM)— Integrated Framework, Committee of Sponsoring Organizations of the Treadway Commission (COSO), June 2017 • The TBM Taxonomy, The TBM Council • “Options for Transforming the IT Function Using Bimodal IT,” MIS Quarterly Executive (white paper) • ITIL V3 • HITRUST ® Common Security Framework, version 9, September 2017 • Change Management Methodology, Prosci • Skills Framework for the Information Age (SFIA® ) V6 • The Standard of Good Practice for Information Security, Information Security Forum (ISF), 2016 • CMMI V2.0 • The CMMI Cybermaturity Platform, 2018 • The Data Management Maturity Model, CMMI Institute, 2014 The COBIT 2019 development team looked at following standards/frameworks to align COBIT 2019 with:
  • 9. © 2018 ISACA. All rights reserved. STRENGTHS • COBIT is a unique overarching IT Governance framework • COBIT process guidance has matured and has reached its best quality level yet • COBIT’s business perspective on IT brings a unique opportunity to further expand its impact OPPORTUNITIES • The current (target) audience for COBIT is still very much IT- and Assurance oriented • There is an opportunity to re-discover or re-launch some of COBIT hidden gems • More prescriptive implementation guidance such as incorporating specific design factors COBIT 2019 BUILDING ON COBIT STRENGTHS AND IDENTIFYING OPPORTUNITIES COBIT 2019 Optimizing I&T Governance Staying relevant in a changed environment Buildng on COBIT strengths and identifying opportunities Addressing COBIT5 imperfections
  • 10. © 2018 ISACA. All rights reserved. • COBIT users find it hard to locate relevant contents for their needs • Perceived as complex and challenging to apply in practice • The enabler model is incomplete in terms of development and guidance, and thus often ignored • A challenging process capability model and general lack of support of performance management for other enablers • The perceived reputation of IT Governance itself as an inhibitor of change and (administrative) overhead – not per se a COBIT weakness but an IT Governance problem at large COBIT 2019 ADDRESSING COBIT 5 LIMITATIONS COBIT 2019 Optimizing I&T Governance Staying relevant in a changed environment Building on COBIT strengths and identifying opportunities Addressing COBIT5 limitations
  • 11. © 2018 ISACA. All rights reserved. INTRODUCTION ENTERPRISE GOVERNANCE OF INFORMATION & TECHNOLOGY (EGIT) AND THE NATURE OF COBIT
  • 12. © 2018 ISACA. All rights reserved. In the light of digital transformation, information and technology (I&T) have become crucial in the support, sustainability and growth of enterprises. • Previously, governing boards and senior management could delegate, ignore or avoid I&T-related decisions • In most sectors and industries, such attitudes are now ill advised • Digitized enterprises are increasingly dependent on I&T for survival and growth • Stakeholder value creation is often driven by a high degree of digitization in new business models, efficient processes, successful innovation, etc. INTRODUCTION ENTERPRISE GOVERNANCE OF INFORMATION AND TECHNOLOGY (EGIT)
  • 13. © 2018 ISACA. All rights reserved. Given the centrality of I&T for enterprise risk management and value generation, a specific focus on enterprise governance of information and technology (EGIT) has arisen over the last two decades. EGIT is an integral part of corporate governance • Exercised by the board that oversees the definition and implementation of processes, structures and relational mechanisms • Enables both business and IT people to execute their responsibilities in support of business/IT alignment • Enables creation of business value from I&T-enabled business investments INTRODUCTION ENTERPRISE GOVERNANCE OF INFORMATION AND TECHNOLOGY (EGIT)
  • 14. © 2018 ISACA. All rights reserved. Fundamentally, EGIT is concerned with value delivery from digital transformation and the mitigation of business risk that results from digital transformation. More specifically, three main outcomes can be expected after successful adoption of EGIT. INTRODUCTION ENTERPRISE GOVERNANCE OF INFORMATION AND TECHNOLOGY (EGIT) Benefits Realization Risk Optimization Resource Optimization
  • 15. © 2018 ISACA. All rights reserved. COBIT is a framework for the governance and management of enterprise information and technology, aimed at the whole enterprise. • Enterprise I&T means all the technology and information processing the enterprise puts in place to achieve its goals, regardless of where this happens in the enterprise • Enterprise I&T is not limited to the IT department of an organization, but certainly includes it INTRODUCTION COBIT AS AN INFORMATION & TECHNOLOGY (I&T) FRAMEWORK
  • 16. © 2018 ISACA. All rights reserved. Governance (Board Level) Management (Executive Level) INTRODUCTION GOVERNANCE AND MANAGEMENT DEFINED • Plans, builds, runs and monitors activities, in alignment with the direction set by the governance body, to achieve the enterprise objectives • Ensure stakeholder needs, conditions and options are evaluated to determine enterprise objectives • Ensure direction is set through prioritization and decision making • Ensure performance and compliance are monitored against objectives
  • 17. © 2018 ISACA. All rights reserved. INTRODUCTION WHAT IS COBIT AND WHAT IT IS NOT: SETTING THE RIGHT EXPECTATIONS COBIT IS • A framework for the governance and management of enterprise I&T • COBIT defines the components to build and sustain a governance system • COBIT defines the design factors that should be considered by the enterprise to build a best fit governance system • COBIT is flexible and allows guidance on new topics to be added COBIT IS NOT • A full description of the whole IT environment of an enterprise • A framework to organize business processes • An (IT-) technical framework to manage all technology • COBIT does not make or prescribe any IT-related decisions
  • 18. © 2018 ISACA. All rights reserved. APPENDIX
  • 19. © 2018 ISACA. All rights reserved. ABOUT ISACA Nearing its 50th year, ISACA® (isaca.org) is a global association helping individuals and enterprises achieve the positive potential of technology. Today’s world is powered by technology, and ISACA equips professionals with the knowledge, credentials, education and community to advance their careers and transform their organizations. ISACA leverages the expertise of its 450,000 engaged professionals in information and cyber security, governance, assurance, risk and innovation, as well as its enterprise performance subsidiary, CMMI® Institute, to help advance innovation through technology. ISACA has a presence in 188 countries, including 217 chapters worldwide and offices in both the United States and China.