More Related Content
Similar to Cobit5 laminate
Similar to Cobit5 laminate (20)
Cobit5 laminate
- 1. COBIT 5 Product Family
Source: COBIT 5, figure 11
COBIT®
5
COBIT 5 Online Collaborative Environment
COBIT 5 Enabler Guides
COBIT 5 Professional Guides
COBIT®
5 Implementation
COBIT®
5:
Enabling Information
COBIT®
5:
Enabling Processes
Other Enabler
Guides
COBIT®
5
for Assurance
COBIT® 5
for Information
Security
COBIT®
5
for Risk
Other Professional
Guides
COBIT 5 Principles
Source: COBIT 5, figure 2
1. Meeting
Stakeholder
Needs
5. Separating
Governance
From
Management
4. Enabling a
Holistic
Approach
3. Applying a
Single
Integrated
Framework
2. Covering the
Enterprise
End-to-end
COBIT 5
Principles
3701 Algonquin Road, Suite 1010 • Rolling Meadows, IL 60008 USA
Phone: +1.847.253.1545 • Fax: +1.847.253.1443 • Email: info@isaca.org
Web site: www.isaca.org
© 2 0 1 2 I S A C A . A l l r i g h t s r e s e r v e d . F o r u sa g e g u i d e l i n e s , s e e w w w . i s a c a . o r g / CO B I T u s e .
- 2. COBIT 5 Goals Cascade Overview
Source: COBIT 5, figure 4
Benefits
Realisation
Stakeholder Drivers
(Environment, Technology Evolution, …)
Enterprise Goals
IT-related Goals
Enabler Goals
Influence
Cascade to
Cascade to
Appendix B
Appendix C
Figure 5
Figure 6
Resource
Optimisation
Risk
Optimisation
Stakeholder Needs
Cascade to Appendix D
© 2 0 1 2 I S A C A . A l l r i g h t s r e s e r v e d . F o r u sa g e g u i d e l i n e s , s e e w w w . i s a c a . o r g / CO B I T u s e .
- 3. Governance and Management in COBIT 5
Source: COBIT 5, figure 8
Key Roles, Activities and Relationships
Source: COBIT 5, figure 9
Roles, Activities and Relationships
Owners and
Stakeholders
Governing
Body
Management
Operations
and
Execution
Instruct and
Align
Report
Set Direction
Monitor
Delegate
Accountable
Benefits
Realisation
Governance
Enablers
Roles, Activities and Relationships
Governance
Scope
Resource
Optimisation
Risk
Optimisation
Governance Objective: Value Creation
COBIT 5 Governance and Management Key Areas
Source: COBIT 5, figure 15
Governance
Management
Evaluate
Direct Monitor
Plan
(APO)
Build
(BAI)
Run
(DSS)
Monitor
(MEA)
Management Feedback
Business Needs
© 2 0 1 2 I S A C A . A l l r i g h t s r e s e r v e d . F o r u sa g e g u i d e l i n e s , s e e w w w . i s a c a . o r g / CO B I T u s e .
- 4. The Seven Phases of the Implementation Life Cycle
Source: COBIT 5, figure 17 and COBIT 5 Implementation, figure 6
7H
ow
do we keep the momentum going?
6Didwegetthere?
5Howdoweget
there?
4 What needs to be done?
3
Wher
edowewanttobe?
2Wherearewenow?
1 What are the drivers?
• Programme management
(outer ring)
• Change enablement
(middle ring)
• Continual improvement life cycle
(inner ring)
Initiate programme
Defineproblemsand
opportunitiesDefin
eroadmap
Plan programme
Executep
lan
Realisebenefits
Review
effectiveness
Operat
e
Identify role
Com
m
unicate
team
to change
andus
e
players
o
utcome
Formimplementation
Establish desire
Embednew
Sustain
approaches
Implem
ent
improvements
s
tateAssess
RecogniseMonitor
Operate
improvem
ents Build
ta
rgetcurrent
need toand
and
De
finestate
act
evaluate
measure
Summary of the COBIT 5 Process Capability Model
Source: COBIT 5, figure 19
Generic Process Capability Attributes
COBIT 5 Process Assessment
Model–Capability Indicators
COBIT 5 Process Assessment
Model—Performance Indicators
Base Practices
(Management/
Governance
Practices)
Process Outcomes
Work
Products
(Inputs/
Outputs)
Generic Practices Generic Resources Generic Work Products
Incomplete
Process
Performed
Process
Managed
Process
Established
Process
Predictable
Process
Optimising
Process
Performance
Attribute (PA) 1.1
Process
Performance
PA 2.1
Performance
Management
PA 2.2
Work
Product
Management
PA 3.1
Process
Definition
PA 3.2
Process
Deployment
PA 4.1
Process
Management
PA 4.2
Process
Control
PA 5.1
Process
Innovation
PA 5.2
Process
Optimisation
0 1 2 3 4 5
© 2 0 1 2 I S A C A . A l l r i g h t s r e s e r v e d . F o r u sa g e g u i d e l i n e s , s e e w w w . i s a c a . o r g / CO B I T u s e .
- 5. COBIT 5 Enterprise Enablers
Source: COBIT 5, figure 12
2. Processes
3. Organisational
Structures
1. Principles, Policies and Frameworks
6. Services,
Infrastructure
and Applications
7. People,
Skills and
Competencies
Resources
5. Information
4. Culture, Ethics
and Behaviour
COBIT 5 Enablers: Generic
Source: COBIT 5, figure 13
EnablerDimension
Stakeholders Goals Life Cycle Good Practices
• Internal
Stakeholders
• External
Stakeholders
• Practices
• Work Products
(Inputs/Outputs)
• Intrinsic Quality
• Contextual Quality
(Relevance,
Effectiveness)
• Accessibility and
Security
• Plan
• Design
• Build/Acquire/
Create/Implement
• Use/Operate
• Evaluate/Monitor
• Update/Dispose
EnablerPerformance
Management
Are Stakeholders
Needs Addressed?
Are Enabler
Goals Achieved?
Metrics for Achievement of Goals
(Lag Indicators)
Metrics for Application of Practice
(Lead Indicators)
Is Life Cycle
Managed?
Are Good Practices
Applied?
© 2 0 1 2 I S A C A . A l l r i g h t s r e s e r v e d . F o r u sa g e g u i d e l i n e s , s e e w w w . i s a c a . o r g / CO B I T u s e .
- 6. ProcessesforManagementofEnterpriseIT
Evaluate,DirectandMonitor
ProcessesforGovernanceofEnterpriseIT
Align,PlanandOrganiseMonitor,Evaluate
andAssess
Build,AcquireandImplement
Deliver,ServiceandSupport
EDM01Ensure
Governance
FrameworkSetting
andMaintenance
APO01Manage
theITManagement
Framework
APO08Manage
Relationships
APO02Manage
Strategy
APO09Manage
Service
Agreements
APO03Manage
Enterprise
Architecture
APO10Manage
Suppliers
APO04Manage
Innovation
APO11Manage
Quality
APO05Manage
Portfolio
APO12Manage
Risk
APO06Manage
BudgetandCosts
APO07Manage
HumanResources
MEA01Monitor,
EvaluateandAssess
Performanceand
Conformance
MEA02Monitor,
EvaluateandAssess
theSystemofInternal
Control
MEA03Monitor,
EvaluateandAssess
ComplianceWith
ExternalRequirements
APO13Manage
Security
DSS01Manage
Operations
DSS02Manage
ServiceRequests
andIncidents
DSS03Manage
Problems
DSS04Manage
Continuity
DSS05Manage
Security
Services
DSS06Manage
Business
ProcessControls
BAI01Manage
Programmesand
Projects
BAI08Manage
Knowledge
BAI02Manage
Requirements
Definition
BAI09Manage
Assets
BAI03Manage
Solutions
Identification
andBuild
BAI010Manage
Configuration
BAI04Manage
Availability
andCapacity
BAI05Manage
Organisational
Change
Enablement
BAI06Manage
Changes
BAI07Manage
Change
Acceptanceand
Transitioning
EDM02Ensure
BenefitsDelivery
EDM03Ensure
RiskOptimisation
EDM04Ensure
Resource
Optimisation
EDM05Ensure
Stakeholder
Transparency
COBIT5ProcessReferenceModel
Source:COBIT5,figure16
© 2 0 1 2 I S A C A . A l l r i g h t s r e s e r v e d . F o r u sa g e g u i d e l i n e s , s e e w w w . i s a c a . o r g / CO B I T u s e .