SlideShare a Scribd company logo

IT Governance - COBIT 5 Capability Assessment

Eryk Budi Pratama
Eryk Budi Pratama

Capability assessment of IT Governance using COBIT 4 Process Assessment Model (PAM). Presented for Information System Department, Universitas Bakrie - Indonesia

Technology
1 of 24
IT Governance Maturity Assessment using COBIT 5 PAM Eryk Budi Pratama Senior Consultant - PwC Presented for Information System Faculty– Universitas Bakrie
Objectives IT Governance Governance of Enterprise IT Domain, Product Family, Coverage COBIT 5 Framework PAM using COBIT 5 Process Assessment Model (PAM) Self Assessment Guide using COBIT 5 Self Assessment Methodology for IT Governance Engagement Engagement Delivery Approach
IT Governance Governance of Enterprise IT
IT Governance Old Way COBIT 4.1 Val ITRisk IT
Corporate Governance of IT Based on ISO 38500 Source: http://www.qaiglobalservices.com/wp-content/uploads/2016/05/Fig-4.jpg
Governance of Enterprise IT COBIT 5 - Principles and Area Risk Management Focus Area
COBIT 5 Framework
COBIT 5 Domain  Evaluate, Direct, Monitor (EDM)  Align, Plan, Organize (APO)  Build, Acquire, Implement (BAI)  Deliver, Service Support (DSS) A Business Framework for the Governance and Management of Enterprise IT
COBIT 5 COBIT 5 Product Family
COBIT 5 COBIT 5 Coverage of Other Standards and Frameworks Standard Description ISO 38500 Governance of IT for the organization ISO 31000 Enterprise Risk Management ISO 27000 Information Security Management ISO 20000 IT Service Management Framework Description TOGAF Enterprise Architecture by OpenGroup PMBOK Project Management by PMI PRINCE2 Project Management by APMG ITIL IT Service Management by AXELOS CMMI Capability Maturity Model Integration
Process Assessment Model (PAM)
COBIT 5 PAM COBIT Process Assessment Model (PAM) Workflow Source: This figure is reproduced from ISO/IEC 15504-2, with the permission of ISO/IEC at www.iso.org. Copyright remains with ISO/IEC.
COBIT 5 PAM COBIT Process Assessment Model (PAM) Workflow
COBIT 5 PAM Process Capability Level and Attributes Rating Levels Levels and Necessary Ratings
COBIT 5 PAM Assessment Process
Self Assessment
Self Assessment Step 1 – Scoping (Process Step) Identify relevant business drivers for the assessment of IT processes •On the basis of these business drivers, define the objective of the assessment. •The prioritisation and selection of one or more COBIT 5 processes for inclusion in the process assessment should be based on the business drivers for the assessment. Identify and prioritise the enterprise’s IT processes that should be included within the scope of the assessment •Utilise the business drivers and assessment objectives identified previously, along with, as appropriate, the COBIT 5 process mappings contained in the scoping tool kit. •For example, if the objective of the assessment is to assist IT management in identifying and prioritising improvement initiatives related to one or more specified goals identified, the COBIT process mappings may be useful to identify the processes most closely related to those IT goals. Perform a preliminary scoping selection of target processes for inclusion in the assessment, based on the previous prioritisation •Ensure that they will satisfy the identified business drivers and meet the objectives of the assessment. Confirm the preliminary selection of target COBIT 5 processes with the project sponsor and key stakeholders of the process assessment Finalise the COBIT 5 processes to be included in the assessment
Self Assessment Step 1 – Scoping (Process Step) Enterprise Goal Hierarchy IT-related Goals Hierarchy Self-Diagnostic Mapping of COBIT 5 Processes to IT Goals to Business Goals to IT Balanced Scorecard Mapping COBIT 5 Processes to IT Goals (subset of information contained in item above) Self-diagnostic Tool
Self Assessment Step 2 – Perform Self Assessment
Self Assessment Step 2 – Perform Self Assessment
Engagement Delivery Approach
Engagement Delivery Approach General Delivery Approach Process mapping of current IT process to COBIT 5 Working Group & Discussion Report Assessment IT Capabilities Operational Effectiveness & Workshop IT Goals, IT Framework risk IT Issues, and Remediation Roadmap based on COBIT 5 Maturity Level based on COBIT 5 Strategy and recommendation report for IT process improvement Output
Engagement Delivery Approach General Delivery Approach Working Group & Discussion Report Assessment IT Capabilities Operational Effectiveness & Workshop ▪ Determine the organizational structure and the members involved in the project as well as the duties and responsibiliti es of each party ▪ Create detailed work plans and activities to be performed ▪ Determine communication methods and information paths ▪ Defines a list of required infor mation ▪ Conducting a Kick-Off meeting with all related parties to assign key business process owner over 37 sub-areas of COBIT 5 ▪ Determining the target and the schedule of the interview ▪ Collect data / documents and information on current state of existing IT processes based on 37 major sub-areas in COBIT 5 ▪ Review relevant documents and information ▪ Discuss with key parties in the IT process ▪ Determine the level of IT capabilities with COBIT 5 tools ▪ Determine the level of IT capability for 37 major sub areas of COBIT 5 in the client ▪ Discussions with client’s mana gement are related to IT capability level reports that have been assessed by consultant ▪ Provide monitoring tools related to improvements that will be done by the client ▪ Organize workshop schedules to report the result of IT governance capability level assessments ▪ Describes the review methodology used ▪ Displays observations regarding existing IT processes and gaps based on COBIT 5 ▪ Exposure to the results of Operational Effectiveness i mplementation ▪ Presentation of recommendations for improvement of client’s IT process
Thank you

Recommended

Introduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT managementIntroduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT managementChristian F. Nissen
 
An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019Gregor Polančič
 
Using ITIL 4 and IT4IT together
Using ITIL 4 and IT4IT togetherUsing ITIL 4 and IT4IT together
Using ITIL 4 and IT4IT togetherRob Akershoek
 
ITIL and ISO 20000: Fundamentals and necessary compliance Synergies
ITIL and ISO 20000: Fundamentals and necessary compliance SynergiesITIL and ISO 20000: Fundamentals and necessary compliance Synergies
ITIL and ISO 20000: Fundamentals and necessary compliance SynergiesPECB
 
It governance & cobit 5
It governance & cobit 5It governance & cobit 5
It governance & cobit 5Laddawan Rattanaruang
 
COBIT 5 as an IT Management Best Practices Framework - by Goh Boon Nam
COBIT 5 as an IT Management Best Practices Framework - by Goh Boon NamCOBIT 5 as an IT Management Best Practices Framework - by Goh Boon Nam
COBIT 5 as an IT Management Best Practices Framework - by Goh Boon NamNUS-ISS
 
Digital Operating Model & IT4IT
Digital Operating Model & IT4ITDigital Operating Model & IT4IT
Digital Operating Model & IT4ITDavid Favelle
 
cobit 2019 presentation.pdf
cobit 2019 presentation.pdfcobit 2019 presentation.pdf
cobit 2019 presentation.pdfmohammed539963
 

Recommended

Introduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT managementIntroduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT managementChristian F. Nissen
 
An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019Gregor Polančič
 
Using ITIL 4 and IT4IT together
Using ITIL 4 and IT4IT togetherUsing ITIL 4 and IT4IT together
Using ITIL 4 and IT4IT togetherRob Akershoek
 
ITIL and ISO 20000: Fundamentals and necessary compliance Synergies
ITIL and ISO 20000: Fundamentals and necessary compliance SynergiesITIL and ISO 20000: Fundamentals and necessary compliance Synergies
ITIL and ISO 20000: Fundamentals and necessary compliance SynergiesPECB
 
It governance & cobit 5
It governance & cobit 5It governance & cobit 5
It governance & cobit 5Laddawan Rattanaruang
 
COBIT 5 as an IT Management Best Practices Framework - by Goh Boon Nam
COBIT 5 as an IT Management Best Practices Framework - by Goh Boon NamCOBIT 5 as an IT Management Best Practices Framework - by Goh Boon Nam
COBIT 5 as an IT Management Best Practices Framework - by Goh Boon NamNUS-ISS
 
Digital Operating Model & IT4IT
Digital Operating Model & IT4ITDigital Operating Model & IT4IT
Digital Operating Model & IT4ITDavid Favelle
 
cobit 2019 presentation.pdf
cobit 2019 presentation.pdfcobit 2019 presentation.pdf
cobit 2019 presentation.pdfmohammed539963
 
COBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdfCOBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdfMartinPatrici
 
COBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an IntroductionCOBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an Introductionaqel aqel
 
IT4IT - The Full Story for Digital Transformation - Part 1
IT4IT - The Full Story for Digital Transformation - Part 1IT4IT - The Full Story for Digital Transformation - Part 1
IT4IT - The Full Story for Digital Transformation - Part 1Mohamed Zakarya Abdelgawad
 
IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5Eryk Budi Pratama
 
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise ITCOBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise ITMark Constable
 
IT Governance - COBIT Perspective
IT Governance - COBIT PerspectiveIT Governance - COBIT Perspective
IT Governance - COBIT PerspectiveSayyed Zakir Ali Rizwe
 
How to fulfil requirements of ISO 20000:2018 Documents?
How to fulfil requirements of ISO 20000:2018 Documents?How to fulfil requirements of ISO 20000:2018 Documents?
How to fulfil requirements of ISO 20000:2018 Documents?Global Manager Group
 
ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?PECB
 
ITIL,COBIT and IT4IT Mapping
ITIL,COBIT and IT4IT MappingITIL,COBIT and IT4IT Mapping
ITIL,COBIT and IT4IT MappingRob Akershoek
 
IT Governance - Governing IT: Do or Die?
IT Governance - Governing IT: Do or Die?IT Governance - Governing IT: Do or Die?
IT Governance - Governing IT: Do or Die?Eryk Budi Pratama
 
Introduction to ITIL 4 and IT service management
Introduction to ITIL 4 and IT service managementIntroduction to ITIL 4 and IT service management
Introduction to ITIL 4 and IT service managementChristian F. Nissen
 
Cobit 2019 foundation study material
Cobit 2019 foundation study materialCobit 2019 foundation study material
Cobit 2019 foundation study materialAnees Shaikh
 
CobiT, Val IT & Balanced Scorecards
CobiT, Val IT & Balanced ScorecardsCobiT, Val IT & Balanced Scorecards
CobiT, Val IT & Balanced ScorecardsMichael Sim
 
ITSM and Service Catalog Overview
ITSM and Service Catalog OverviewITSM and Service Catalog Overview
ITSM and Service Catalog OverviewChristopher Glennon
 
ISO 27001 2013 isms final overview
ISO 27001 2013 isms final overviewISO 27001 2013 isms final overview
ISO 27001 2013 isms final overviewNaresh Rao
 
IT Governance & ISO 38500
IT Governance & ISO 38500IT Governance & ISO 38500
IT Governance & ISO 38500Ramiro Cid
 
ISO 27002-2022.pdf
ISO 27002-2022.pdfISO 27002-2022.pdf
ISO 27002-2022.pdfChristianAquino52
 
IT4IT Overview (A new standard for IT management)
IT4IT Overview (A new standard for IT management)IT4IT Overview (A new standard for IT management)
IT4IT Overview (A new standard for IT management)Charles Betz
 
Review of Information Technology Function Critical Capability Models
Review of Information Technology Function Critical Capability ModelsReview of Information Technology Function Critical Capability Models
Review of Information Technology Function Critical Capability ModelsAlan McSweeney
 
IT4IT and DevOps Tools Landscape (2020).
IT4IT and DevOps Tools Landscape (2020).IT4IT and DevOps Tools Landscape (2020).
IT4IT and DevOps Tools Landscape (2020).Rob Akershoek
 
Roadmap methodology
Roadmap methodologyRoadmap methodology
Roadmap methodologyThomas Wieberneit
 
IT Process Strategy
IT Process StrategyIT Process Strategy
IT Process Strategylocell1
 

More Related Content

What's hot

COBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdfCOBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdfMartinPatrici
 
COBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an IntroductionCOBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an Introductionaqel aqel
 
IT4IT - The Full Story for Digital Transformation - Part 1
IT4IT - The Full Story for Digital Transformation - Part 1IT4IT - The Full Story for Digital Transformation - Part 1
IT4IT - The Full Story for Digital Transformation - Part 1Mohamed Zakarya Abdelgawad
 
IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5Eryk Budi Pratama
 
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise ITCOBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise ITMark Constable
 
How to fulfil requirements of ISO 20000:2018 Documents?
How to fulfil requirements of ISO 20000:2018 Documents?How to fulfil requirements of ISO 20000:2018 Documents?
How to fulfil requirements of ISO 20000:2018 Documents?Global Manager Group
 
ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?PECB
 
ITIL,COBIT and IT4IT Mapping
ITIL,COBIT and IT4IT MappingITIL,COBIT and IT4IT Mapping
ITIL,COBIT and IT4IT MappingRob Akershoek
 
IT Governance - Governing IT: Do or Die?
IT Governance - Governing IT: Do or Die?IT Governance - Governing IT: Do or Die?
IT Governance - Governing IT: Do or Die?Eryk Budi Pratama
 
Introduction to ITIL 4 and IT service management
Introduction to ITIL 4 and IT service managementIntroduction to ITIL 4 and IT service management
Introduction to ITIL 4 and IT service managementChristian F. Nissen
 
Cobit 2019 foundation study material
Cobit 2019 foundation study materialCobit 2019 foundation study material
Cobit 2019 foundation study materialAnees Shaikh
 
CobiT, Val IT & Balanced Scorecards
CobiT, Val IT & Balanced ScorecardsCobiT, Val IT & Balanced Scorecards
CobiT, Val IT & Balanced ScorecardsMichael Sim
 
ITSM and Service Catalog Overview
ITSM and Service Catalog OverviewITSM and Service Catalog Overview
ITSM and Service Catalog OverviewChristopher Glennon
 
ISO 27001 2013 isms final overview
ISO 27001 2013 isms final overviewISO 27001 2013 isms final overview
ISO 27001 2013 isms final overviewNaresh Rao
 
IT Governance & ISO 38500
IT Governance & ISO 38500IT Governance & ISO 38500
IT Governance & ISO 38500Ramiro Cid
 
IT4IT Overview (A new standard for IT management)
IT4IT Overview (A new standard for IT management)IT4IT Overview (A new standard for IT management)
IT4IT Overview (A new standard for IT management)Charles Betz
 
Review of Information Technology Function Critical Capability Models
Review of Information Technology Function Critical Capability ModelsReview of Information Technology Function Critical Capability Models
Review of Information Technology Function Critical Capability ModelsAlan McSweeney
 
IT4IT and DevOps Tools Landscape (2020).
IT4IT and DevOps Tools Landscape (2020).IT4IT and DevOps Tools Landscape (2020).
IT4IT and DevOps Tools Landscape (2020).Rob Akershoek
 

What's hot (20)

COBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdfCOBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdf
 
COBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an IntroductionCOBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an Introduction
 
IT4IT - The Full Story for Digital Transformation - Part 1
IT4IT - The Full Story for Digital Transformation - Part 1IT4IT - The Full Story for Digital Transformation - Part 1
IT4IT - The Full Story for Digital Transformation - Part 1
 
IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5
 
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise ITCOBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
 
IT Governance - COBIT Perspective
IT Governance - COBIT PerspectiveIT Governance - COBIT Perspective
IT Governance - COBIT Perspective
 
How to fulfil requirements of ISO 20000:2018 Documents?
How to fulfil requirements of ISO 20000:2018 Documents?How to fulfil requirements of ISO 20000:2018 Documents?
How to fulfil requirements of ISO 20000:2018 Documents?
 
ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?
 
ITIL,COBIT and IT4IT Mapping
ITIL,COBIT and IT4IT MappingITIL,COBIT and IT4IT Mapping
ITIL,COBIT and IT4IT Mapping
 
IT Governance - Governing IT: Do or Die?
IT Governance - Governing IT: Do or Die?IT Governance - Governing IT: Do or Die?
IT Governance - Governing IT: Do or Die?
 
Introduction to ITIL 4 and IT service management
Introduction to ITIL 4 and IT service managementIntroduction to ITIL 4 and IT service management
Introduction to ITIL 4 and IT service management
 
Cobit 2019 foundation study material
Cobit 2019 foundation study materialCobit 2019 foundation study material
Cobit 2019 foundation study material
 
CobiT, Val IT & Balanced Scorecards
CobiT, Val IT & Balanced ScorecardsCobiT, Val IT & Balanced Scorecards
CobiT, Val IT & Balanced Scorecards
 
ITSM and Service Catalog Overview
ITSM and Service Catalog OverviewITSM and Service Catalog Overview
ITSM and Service Catalog Overview
 
ISO 27001 2013 isms final overview
ISO 27001 2013 isms final overviewISO 27001 2013 isms final overview
ISO 27001 2013 isms final overview
 
IT Governance & ISO 38500
IT Governance & ISO 38500IT Governance & ISO 38500
IT Governance & ISO 38500
 
ISO 27002-2022.pdf
ISO 27002-2022.pdfISO 27002-2022.pdf
ISO 27002-2022.pdf
 
IT4IT Overview (A new standard for IT management)
IT4IT Overview (A new standard for IT management)IT4IT Overview (A new standard for IT management)
IT4IT Overview (A new standard for IT management)
 
Review of Information Technology Function Critical Capability Models
Review of Information Technology Function Critical Capability ModelsReview of Information Technology Function Critical Capability Models
Review of Information Technology Function Critical Capability Models
 
IT4IT and DevOps Tools Landscape (2020).
IT4IT and DevOps Tools Landscape (2020).IT4IT and DevOps Tools Landscape (2020).
IT4IT and DevOps Tools Landscape (2020).
 

Similar to IT Governance - COBIT 5 Capability Assessment

IT Process Strategy
IT Process StrategyIT Process Strategy
IT Process Strategylocell1
 
SixSigma 【Continuous Study】
SixSigma 【Continuous Study】SixSigma 【Continuous Study】
SixSigma 【Continuous Study】Jerimi Soma
 
Pmi, Opm3 And Cmmi Assessment Overview
Pmi, Opm3 And Cmmi Assessment OverviewPmi, Opm3 And Cmmi Assessment Overview
Pmi, Opm3 And Cmmi Assessment OverviewAlan McSweeney
 
Frameworks For Predictability
Frameworks For PredictabilityFrameworks For Predictability
Frameworks For Predictabilitytlknecht
 
Training on ASAP Methodology.ppt
Training on ASAP Methodology.pptTraining on ASAP Methodology.ppt
Training on ASAP Methodology.pptAshwaniKumar207236
 
Course 1 Requirements Definition Overview.pptx
Course 1 Requirements Definition Overview.pptxCourse 1 Requirements Definition Overview.pptx
Course 1 Requirements Definition Overview.pptxadikesavulu
 
eCIO PPT Roles for a SAP and Systems Integration Project
eCIO PPT Roles for a SAP and Systems Integration ProjecteCIO PPT Roles for a SAP and Systems Integration Project
eCIO PPT Roles for a SAP and Systems Integration ProjectDavid Niles
 
Sabrion_Consulting_Overview CPG Retail Apparel.pdf
Sabrion_Consulting_Overview CPG Retail Apparel.pdfSabrion_Consulting_Overview CPG Retail Apparel.pdf
Sabrion_Consulting_Overview CPG Retail Apparel.pdfBrion Carroll (II)
 
Cobit 4.1 ivooktavianti
Cobit 4.1 ivooktaviantiCobit 4.1 ivooktavianti
Cobit 4.1 ivooktaviantiIvo Oktavianti
 
Project Portfolio Optimization and Governance
Project Portfolio Optimization and GovernanceProject Portfolio Optimization and Governance
Project Portfolio Optimization and GovernanceValue Amplify Consulting
 

Similar to IT Governance - COBIT 5 Capability Assessment (20)

Roadmap methodology
Roadmap methodologyRoadmap methodology
Roadmap methodology
 
IT Process Strategy
IT Process StrategyIT Process Strategy
IT Process Strategy
 
Darmin ritonga 11353205418
Darmin ritonga 11353205418Darmin ritonga 11353205418
Darmin ritonga 11353205418
 
SixSigma 【Continuous Study】
SixSigma 【Continuous Study】SixSigma 【Continuous Study】
SixSigma 【Continuous Study】
 
Cobit5 brochure
Cobit5 brochureCobit5 brochure
Cobit5 brochure
 
IT NPI Process
IT NPI ProcessIT NPI Process
IT NPI Process
 
Pmi, Opm3 And Cmmi Assessment Overview
Pmi, Opm3 And Cmmi Assessment OverviewPmi, Opm3 And Cmmi Assessment Overview
Pmi, Opm3 And Cmmi Assessment Overview
 
Frameworks For Predictability
Frameworks For PredictabilityFrameworks For Predictability
Frameworks For Predictability
 
Training on ASAP Methodology.ppt
Training on ASAP Methodology.pptTraining on ASAP Methodology.ppt
Training on ASAP Methodology.ppt
 
Course 1 Requirements Definition Overview.pptx
Course 1 Requirements Definition Overview.pptxCourse 1 Requirements Definition Overview.pptx
Course 1 Requirements Definition Overview.pptx
 
Cobit 4.1 indri
Cobit 4.1 indriCobit 4.1 indri
Cobit 4.1 indri
 
Donna Febriani
Donna FebrianiDonna Febriani
Donna Febriani
 
eCIO PPT Roles for a SAP and Systems Integration Project
eCIO PPT Roles for a SAP and Systems Integration ProjecteCIO PPT Roles for a SAP and Systems Integration Project
eCIO PPT Roles for a SAP and Systems Integration Project
 
Cobit5
Cobit5Cobit5
Cobit5
 
Sabrion_Consulting_Overview CPG Retail Apparel.pdf
Sabrion_Consulting_Overview CPG Retail Apparel.pdfSabrion_Consulting_Overview CPG Retail Apparel.pdf
Sabrion_Consulting_Overview CPG Retail Apparel.pdf
 
Cobit 4.1 ivo oktavianti
Cobit 4.1 ivo oktaviantiCobit 4.1 ivo oktavianti
Cobit 4.1 ivo oktavianti
 
Cobit 4.1 ivooktavianti
Cobit 4.1 ivooktaviantiCobit 4.1 ivooktavianti
Cobit 4.1 ivooktavianti
 
Cobit 4.1 ivo oktavianti
Cobit 4.1 ivo oktaviantiCobit 4.1 ivo oktavianti
Cobit 4.1 ivo oktavianti
 
Project Portfolio Optimization and Governance
Project Portfolio Optimization and GovernanceProject Portfolio Optimization and Governance
Project Portfolio Optimization and Governance
 
Co5bit
Co5bitCo5bit
Co5bit
 

More from Eryk Budi Pratama

Ringkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTI
Ringkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTIRingkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTI
Ringkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTIEryk Budi Pratama
 
Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...
Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...
Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...Eryk Budi Pratama
 
Privacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program ImplementationPrivacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program ImplementationEryk Budi Pratama
 
Cybersecurity 101 - Auditing Cyber Security
Cybersecurity 101 - Auditing Cyber SecurityCybersecurity 101 - Auditing Cyber Security
Cybersecurity 101 - Auditing Cyber SecurityEryk Budi Pratama
 
Personal Data Protection in Indonesia
Personal Data Protection in IndonesiaPersonal Data Protection in Indonesia
Personal Data Protection in IndonesiaEryk Budi Pratama
 
Urgensi RUU Perlindungan Data Pribadi
Urgensi RUU Perlindungan Data PribadiUrgensi RUU Perlindungan Data Pribadi
Urgensi RUU Perlindungan Data PribadiEryk Budi Pratama
 
Modern IT Service Management Transformation - ITIL Indonesia
Modern IT Service Management Transformation - ITIL IndonesiaModern IT Service Management Transformation - ITIL Indonesia
Modern IT Service Management Transformation - ITIL IndonesiaEryk Budi Pratama
 
Common Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementCommon Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementEryk Budi Pratama
 
The Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarThe Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarEryk Budi Pratama
 
Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_ErykData Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_ErykEryk Budi Pratama
 
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - ErykData Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - ErykEryk Budi Pratama
 
Cyber Resilience - Welcoming New Normal - Eryk
Cyber Resilience - Welcoming New Normal - ErykCyber Resilience - Welcoming New Normal - Eryk
Cyber Resilience - Welcoming New Normal - ErykEryk Budi Pratama
 
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEnabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEryk Budi Pratama
 
Enterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating ModelEnterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating ModelEryk Budi Pratama
 
Blockchain for Accounting & Assurance
Blockchain for Accounting & AssuranceBlockchain for Accounting & Assurance
Blockchain for Accounting & AssuranceEryk Budi Pratama
 
Guardians of Trust: Building Trust in Data & Analytics
Guardians of Trust: Building Trust in Data & AnalyticsGuardians of Trust: Building Trust in Data & Analytics
Guardians of Trust: Building Trust in Data & AnalyticsEryk Budi Pratama
 
The Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDThe Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDEryk Budi Pratama
 
Cybersecurity Skills in Industry 4.0
Cybersecurity Skills in Industry 4.0Cybersecurity Skills in Industry 4.0
Cybersecurity Skills in Industry 4.0Eryk Budi Pratama
 
Identity & Access Management for Securing DevOps
Identity & Access Management for Securing DevOpsIdentity & Access Management for Securing DevOps
Identity & Access Management for Securing DevOpsEryk Budi Pratama
 
Cybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas CompanyCybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas CompanyEryk Budi Pratama
 

More from Eryk Budi Pratama (20)

Ringkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTI
Ringkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTIRingkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTI
Ringkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTI
 
Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...
Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...
Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...
 
Privacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program ImplementationPrivacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program Implementation
 
Cybersecurity 101 - Auditing Cyber Security
Cybersecurity 101 - Auditing Cyber SecurityCybersecurity 101 - Auditing Cyber Security
Cybersecurity 101 - Auditing Cyber Security
 
Personal Data Protection in Indonesia
Personal Data Protection in IndonesiaPersonal Data Protection in Indonesia
Personal Data Protection in Indonesia
 
Urgensi RUU Perlindungan Data Pribadi
Urgensi RUU Perlindungan Data PribadiUrgensi RUU Perlindungan Data Pribadi
Urgensi RUU Perlindungan Data Pribadi
 
Modern IT Service Management Transformation - ITIL Indonesia
Modern IT Service Management Transformation - ITIL IndonesiaModern IT Service Management Transformation - ITIL Indonesia
Modern IT Service Management Transformation - ITIL Indonesia
 
Common Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementCommon Practice in Data Privacy Program Management
Common Practice in Data Privacy Program Management
 
The Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarThe Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI Webinar
 
Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_ErykData Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
 
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - ErykData Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
 
Cyber Resilience - Welcoming New Normal - Eryk
Cyber Resilience - Welcoming New Normal - ErykCyber Resilience - Welcoming New Normal - Eryk
Cyber Resilience - Welcoming New Normal - Eryk
 
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEnabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
 
Enterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating ModelEnterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating Model
 
Blockchain for Accounting & Assurance
Blockchain for Accounting & AssuranceBlockchain for Accounting & Assurance
Blockchain for Accounting & Assurance
 
Guardians of Trust: Building Trust in Data & Analytics
Guardians of Trust: Building Trust in Data & AnalyticsGuardians of Trust: Building Trust in Data & Analytics
Guardians of Trust: Building Trust in Data & Analytics
 
The Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDThe Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA ID
 
Cybersecurity Skills in Industry 4.0
Cybersecurity Skills in Industry 4.0Cybersecurity Skills in Industry 4.0
Cybersecurity Skills in Industry 4.0
 
Identity & Access Management for Securing DevOps
Identity & Access Management for Securing DevOpsIdentity & Access Management for Securing DevOps
Identity & Access Management for Securing DevOps
 
Cybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas CompanyCybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas Company
 

Recently uploaded

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 

Recently uploaded (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 

IT Governance - COBIT 5 Capability Assessment

  • 1. IT Governance Maturity Assessment using COBIT 5 PAM Eryk Budi Pratama Senior Consultant - PwC Presented for Information System Faculty– Universitas Bakrie
  • 2. Objectives IT Governance Governance of Enterprise IT Domain, Product Family, Coverage COBIT 5 Framework PAM using COBIT 5 Process Assessment Model (PAM) Self Assessment Guide using COBIT 5 Self Assessment Methodology for IT Governance Engagement Engagement Delivery Approach
  • 4. IT Governance Old Way COBIT 4.1 Val ITRisk IT
  • 5. Corporate Governance of IT Based on ISO 38500 Source: http://www.qaiglobalservices.com/wp-content/uploads/2016/05/Fig-4.jpg
  • 6. Governance of Enterprise IT COBIT 5 - Principles and Area Risk Management Focus Area
  • 8. COBIT 5 Domain  Evaluate, Direct, Monitor (EDM)  Align, Plan, Organize (APO)  Build, Acquire, Implement (BAI)  Deliver, Service Support (DSS) A Business Framework for the Governance and Management of Enterprise IT
  • 9. COBIT 5 COBIT 5 Product Family
  • 10. COBIT 5 COBIT 5 Coverage of Other Standards and Frameworks Standard Description ISO 38500 Governance of IT for the organization ISO 31000 Enterprise Risk Management ISO 27000 Information Security Management ISO 20000 IT Service Management Framework Description TOGAF Enterprise Architecture by OpenGroup PMBOK Project Management by PMI PRINCE2 Project Management by APMG ITIL IT Service Management by AXELOS CMMI Capability Maturity Model Integration
  • 12. COBIT 5 PAM COBIT Process Assessment Model (PAM) Workflow Source: This figure is reproduced from ISO/IEC 15504-2, with the permission of ISO/IEC at www.iso.org. Copyright remains with ISO/IEC.
  • 13. COBIT 5 PAM COBIT Process Assessment Model (PAM) Workflow
  • 14. COBIT 5 PAM Process Capability Level and Attributes Rating Levels Levels and Necessary Ratings
  • 17. Self Assessment Step 1 – Scoping (Process Step) Identify relevant business drivers for the assessment of IT processes •On the basis of these business drivers, define the objective of the assessment. •The prioritisation and selection of one or more COBIT 5 processes for inclusion in the process assessment should be based on the business drivers for the assessment. Identify and prioritise the enterprise’s IT processes that should be included within the scope of the assessment •Utilise the business drivers and assessment objectives identified previously, along with, as appropriate, the COBIT 5 process mappings contained in the scoping tool kit. •For example, if the objective of the assessment is to assist IT management in identifying and prioritising improvement initiatives related to one or more specified goals identified, the COBIT process mappings may be useful to identify the processes most closely related to those IT goals. Perform a preliminary scoping selection of target processes for inclusion in the assessment, based on the previous prioritisation •Ensure that they will satisfy the identified business drivers and meet the objectives of the assessment. Confirm the preliminary selection of target COBIT 5 processes with the project sponsor and key stakeholders of the process assessment Finalise the COBIT 5 processes to be included in the assessment
  • 18. Self Assessment Step 1 – Scoping (Process Step) Enterprise Goal Hierarchy IT-related Goals Hierarchy Self-Diagnostic Mapping of COBIT 5 Processes to IT Goals to Business Goals to IT Balanced Scorecard Mapping COBIT 5 Processes to IT Goals (subset of information contained in item above) Self-diagnostic Tool
  • 19. Self Assessment Step 2 – Perform Self Assessment
  • 20. Self Assessment Step 2 – Perform Self Assessment
  • 22. Engagement Delivery Approach General Delivery Approach Process mapping of current IT process to COBIT 5 Working Group & Discussion Report Assessment IT Capabilities Operational Effectiveness & Workshop IT Goals, IT Framework risk IT Issues, and Remediation Roadmap based on COBIT 5 Maturity Level based on COBIT 5 Strategy and recommendation report for IT process improvement Output
  • 23. Engagement Delivery Approach General Delivery Approach Working Group & Discussion Report Assessment IT Capabilities Operational Effectiveness & Workshop ▪ Determine the organizational structure and the members involved in the project as well as the duties and responsibiliti es of each party ▪ Create detailed work plans and activities to be performed ▪ Determine communication methods and information paths ▪ Defines a list of required infor mation ▪ Conducting a Kick-Off meeting with all related parties to assign key business process owner over 37 sub-areas of COBIT 5 ▪ Determining the target and the schedule of the interview ▪ Collect data / documents and information on current state of existing IT processes based on 37 major sub-areas in COBIT 5 ▪ Review relevant documents and information ▪ Discuss with key parties in the IT process ▪ Determine the level of IT capabilities with COBIT 5 tools ▪ Determine the level of IT capability for 37 major sub areas of COBIT 5 in the client ▪ Discussions with client’s mana gement are related to IT capability level reports that have been assessed by consultant ▪ Provide monitoring tools related to improvements that will be done by the client ▪ Organize workshop schedules to report the result of IT governance capability level assessments ▪ Describes the review methodology used ▪ Displays observations regarding existing IT processes and gaps based on COBIT 5 ▪ Exposure to the results of Operational Effectiveness i mplementation ▪ Presentation of recommendations for improvement of client’s IT process