SlideShare a Scribd company logo

Cobit 5 introduction plgr

Pedro Garcia Repetto
Pedro Garcia Repetto

Cobit 5 Introduction ISACA

Technology
1 of 61
Download to read offline
Jordan, 5-8 April 2015 The author (prepetto@hotmail.com) has permission of ISACA to use the ISACA © Material
PLGR. 2 Agenda Framework Principles Enabling processes Implementation Product family
PLGR. 3 Information! Information is a key resource for all enterprises. ¿What is its Life cycle? Created Used Retained Disclosed Destroyed
© 2014 ISACA. All rights reserved. Used by permission. Information!  Does Technology play a key role in the actions of the information life cycle? 4  Is Technology becoming pervasive in all aspects of business and personal life?  What benefits do information and technology bring to enterprises?
© 2014 ISACA. All rights reserved. Used by permission. Enterprise Benefits Enterprises and their executives strive to:  Maintain quality information to support business decisions.  Generate business value from IT-enabled investments, i.e., achieve strategic goals and realise business benefits through effective and innovative use of IT.  Achieve operational excellence through reliable and efficient application of technology.  Maintain IT-related risk at an acceptable level.  Optimise the cost of IT services and technology. 5 How can these benefits be realised to create enterprise stakeholder value?
PLGR. Governance of Enterprise IT COBIT 5 IT Governance COBIT4.0/4.1 Management COBIT3 Control COBIT2 An business framework from ISACA, at www.isaca.org/cobit Audit COBIT1 COBIT 5: Now One Complete Business Framework for 2005/720001998 Evolutionofscope 1996 2012 Val IT 2.0 (2008) Risk IT (2009) 6 © 2012 ISACA® All rights reserved.
PLGR. 7 Stakeholder Who or what is an “Stakeholder”? - Exercise 01 Presidents, directors, managers, Business process owners Internal audit, IT users Privacy officers, IT managers, Business managers, Risk managers A person, group or organization that has interest or concern in an organization Are the stakeholders internal o external? Both Business partners, Suppliers Shareholders Regulators/government External users, Customers Standardisation organisations External auditors, Consultants Examples? Internal External
© 2014 ISACA. All rights reserved. Used by permission. Governance and Management  Governance ensures that enterprise objectives are achieved by evaluating stakeholder needs, conditions and options; setting direction through prioritisation and decision making; and monitoring performance, compliance and progress against agreed-on direction and objectives (EDM). 8 Evalu- ate Direct Moni- tor
© 2014 ISACA. All rights reserved. Used by permission. Governance and Management  Management plans, builds, runs and monitors activities in alignment with the direction set by the governance body to achieve the enterprise objectives (PBRM). 9 Plan Build Run Moni- tor
© 2014 ISACA. All rights reserved. Used by permission. COBIT 5 Framework 10
© 2014 ISACA. All rights reserved. Used by permission. COBIT 5 Framework  The main, overarching COBIT 5 product  Contains the executive summary and the full description of all of the COBIT 5 framework components:  The five COBIT 5 principles  The seven COBIT 5 enablers plus  An introduction to the implementation guidance provided by ISACA (COBIT 5 Implementation)  An introduction to the COBIT Assessment Programme (not specific to COBIT 5) and the process capability approach being adopted by ISACA for COBIT 11
© 2014 ISACA. All rights reserved. Used by permission. 12 COBIT 5 Product Family Source: COBIT® 5, figure 11. © 2012 ISACA® All rights reserved. www.isaca.org ProcessesInformation
© 2014 ISACA. All rights reserved. Used by permission. In Summary … COBIT 5 brings together the five principles that allow the enterprise to build an effective governance and management framework based on a holistic set of seven enablers that optimises information and technology investment and use for the benefit of stakeholders. 14
PLGR. 15 Five COBIT 5 Principles COBIT 5 Principle 5 Principle 4 Principle 3 Principle 2 Principle 1
© 2014 ISACA. All rights reserved. Used by permission. Five COBIT 5 Principles 16 1-Meeting Stakeholder Needs 2-Covering the Enterprise End-to-end 3-Applying a Single Integrated Framework 4- Enabling a Holistic Approach 5-Separating Governance From Management
PLGR. 17 1. Meeting Stakeholder Needs Who or what is an “Stakeholder”? - Exercise 01 (Repetition) Presidents, directors, managers, Business process owners Internal audit, IT users Privacy officers, IT managers, Business managers, Risk managers A person, group or organization that has interest or concern in an organization Are the stakeholders internal o external? Both Business partners, Suppliers Shareholders Regulators/government External users, Customers Standardisation organisations External auditors, Consultants Examples? Internal External
© 2014 ISACA. All rights reserved. Used by permission. 1. Meeting Stakeholder Needs Principle 1. Meeting Stakeholder Needs  Enterprises exist to create value for their stakeholders. 18 Source: COBIT® 5, figure 3. © 2012 ISACA® All rights reserved.
© 2014 ISACA. All rights reserved. Used by permission. 1. Meeting Stakeholder Needs (cont.) Principle 1. Meeting Stakeholder Needs:  Enterprises have many stakeholders, and „creating value‟ means different—and sometimes conflicting—things to each of them.  Governance is about negotiating and deciding amongst different stakeholders’ value interests.  The governance system should consider all stakeholders when making benefit, resource and risk assessment decisions.  For each decision, the following can and should be asked: - Who receives the benefits? - Who bears the risk? - What resources are required? 19
© 2014 ISACA. All rights reserved. Used by permission. 1. Meeting Stakeholder Needs (cont.) Chief executive officer (CEO) How do I get value from the use of IT? Are end users satisfied with the quality of the IT service? Chief information officer (CIO) How do I best build and structure my IT department? Am I running an efficient and resilient IT operation? Business executives What critical business processes are dependent on IT, and what are the requirements of business processes External users How do I know the enterprise is compliant with applicable rules and regulations? 20 Page 22
PLGR. 21 1. Meeting Stakeholder Needs (cont.) Principle 1. Meeting Stakeholder Needs:  Stakeholder needs have to be transformed into an enterprise’s practical strategy.  The COBIT 5 goals cascade translates stakeholder needs into specific, practical and customised goals within the context of the enterprise, IT-related goals and enabler goals. Source: COBIT® 5, figure 4. © 2012 ISACA® All rights reserved.
PLGR. 22 1. Meeting Stakeholder Needs (cont.) Chief information officer (CIO) Am I running an efficient and resilient IT operation? 7. Business service continuity and availability 10. Security of information, processing infraestructure and applications APO12 Manage Risk APO13 Manage Security DSS05 Manage Security/Service
PLGR. 1. Meeting Stakeholder Needs (cont.) Page 22 Page 55-56 Page 19 Page 19 Page 50 Page 52-53
PLGR. 24 1. Meeting Stakeholder Needs (Exercise 2) The CIO of an internet sales enterprise is worried about the assurance over IT. Using Cobit 5 cascade, ¿in which IT goals must the CIO focus? How do I get assurance over IT? 4. Compliance with external laws and regulations 02 IT compliance & support for business compliance with external laws and regulations 15. Compliance with internal policies 10 Security of information, processing infrastructure and applications 15 5 IT compliance with internal policies Page 50 Page 55-56
PLGR. 25 1. Meeting Stakeholder Needs (Exercise 3) An internet sales enterprise has defined for itself a number of strategic goals, of which improving customer satisfaction through service continuity is the most important. From there, it wants to know where it needs to improve in all things related to IT 7. Business service continuity and availability 04 Managed IT-related business risk 14 Availability of reliable and useful information for decision making 10 Security of information, processing infrastructure and applications Page 50
© 2014 ISACA. All rights reserved. Used by permission. 2. Covering the Enterprise End-to-end Principle 2. Covering the Enterprise End-to-end:  COBIT 5 addresses the governance and management of information and related technology from an enterprisewide, end-to-end perspective.  This means that COBIT 5:  Integrates governance of enterprise IT into enterprise governance, i.e., the governance system for enterprise IT proposed by COBIT 5 integrates seamlessly in any governance system because COBIT 5 aligns with the latest views on governance.  Covers all functions and processes within the enterprise; COBIT 5 does not focus only on the „IT function‟, but treats information and related technologies as assets that need to be dealt with just like any other asset by everyone in the enterprise. 26
© 2014 ISACA. All rights reserved. Used by permission. 2. Covering the Enterprise End-to-end (cont.) Principle 2. Covering the Enterprise End-to-end Key components of a governance system 27Source: COBIT® 5, figure 8. © 2012 ISACA® All rights reserved.
© 2014 ISACA. All rights reserved. Used by permission. 2. Covering the Enterprise End-to-end (cont.) Principle 2. Covering the Enterprise End-to-end 28 Source: COBIT® 5, figure 9. © 2012 ISACA® All rights reserved. Key components of a governance system
© 2014 ISACA. All rights reserved. Used by permission. 3. Applying a Single Integrated Framework Principle 3. Applying a Single Integrated Framework:  COBIT 5 aligns with the latest relevant other standards and frameworks used by enterprises:  Enterprise: COSO, COSO ERM, ISO/IEC 9000, ISO/IEC 31000, ISO/IEC 19011, ISO/IEC 15504  IT-related: ISO/IEC 38500, ITIL, ISO/IEC 27000 series, TOGAF, PMBOK/PRINCE2, CMMI  This allows the enterprise to use COBIT 5 as the overarching governance and management framework integrator. 29
© 2014 ISACA. All rights reserved. Used by permission. 4. Enabling a Holistic Approach Principle 4. Enabling a Holistic Approach COBIT 5 enablers are:  Factors that, individually and collectively, influence whether something will work—in the case of COBIT, governance and management over enterprise IT  Driven by the goals cascade, i.e., higher-level IT-related goals define what the different enablers should achieve  Described by the COBIT 5 framework in seven categories 30
© 2014 ISACA. All rights reserved. Used by permission. 4. Enabling a Holistic Approach (cont.) Principle 4. Enabling a Holistic Approach 31 Source: COBIT® 5, figure 12. © 2012 ISACA® All rights reserved.
PLGR. 32 4. Enabling a Holistic Approach (cont.) 1. Principles, policies and frameworks—Are the vehicles to translate the desired behaviour into practical guidance for day-to-day management Exercise 4 An enterprise is considering how to deal with the fast-rising use of social media and pressure from its staff to have full access Until now, the organisation has been conservative or restrictive in granting access to this kind of service for security reasons What actions can the organization develops? Define a policy on the use of social media
PLGR. 33 4. Enabling a Holistic Approach (cont.) 1. Principles, policies and frameworks Exercise 4 (Cont.) Define a policy on the use of social media Communication is developed to explain the reasons for the new policy ¿Impact on others enablers? Staff members need to learn how to deal with the new media. They need to learn the appropriate behaviour. Processes with regard to security need to be changed.
PLGR. 34 4. Enabling a Holistic Approach (cont.) 2. Processes—Describe an organised set of practices and activities to achieve certain objectives and produce a set of outputs in support of achieving overall IT-related goals ProcessINPUTS OUPUTS
PLGR. 35 4. Enabling a Holistic Approach (cont.) 3. Organisational structures—Are the key decision- making entities in an organisation Exercise 5 Board Directors CEO , CIO, CFO, CRO, COO, CSO, CISO DPO, PMO BCM, ISM Audit and compliance IT Arquitecture, IT develops, IT operations … What “Roles and Organisational Structures” do you know?
PLGR. 36 4. Enabling a Holistic Approach (cont.) 4. Culture, ethics and behaviour—Of individuals and of the organisation; very often underestimated as a success factor in governance and management activities Communication Example behaviour exercised by senior management Incentives to encourage desired behaviour Rules and norms, which provide more guidance Exercise 6: ¿Good practices for creating, encouraging and maintaining desired behaviour?
PLGR. 37 4. Enabling a Holistic Approach (cont.) 5. Information—Is pervasive throughout any organisation, i.e., deals with all information produced and used by the enterprise. Information is required for keeping the organisation running and well governed, but at the operational level, information is very often the key product of the enterprise itself. Exercise 7 ¿Do you think that there is an information cycle? ¿How do you organize the next concepts in the Information Cycle? BUSINESS PROCESESS DATA INFORMATION KNOWLEDGE VALUE
© 2014 ISACA. All rights reserved. Used by permission. 4. Enabling a Holistic Approach (cont.) Exercise 7 (Cont.) - Information Cycle 38
© 2014 ISACA. All rights reserved. Used by permission. 4. Enabling a Holistic Approach (cont.) 6. Services, infrastructure and applications—Include the infrastructure, technology and applications that provide the enterprise with information technology processing and services External frameworks (What Cobit principle is applied?) Principle 3. Applying a Single Integrated Framework TOGAF provides a Technical Reference Model and an Integrated Information Infrastructure Reference Model. ITIL provides comprehensive guidance on how to design and operate services. 39
© 2014 ISACA. All rights reserved. Used by permission. 4. Enabling a Holistic Approach (cont.) 7. People, skills and competencies - Are linked to people and are required for successful completion of all activities and for making correct decisions and taking corrective actions 40 Practices: Role Skill Requirements, Skill Levels, Skill Categories Quality: Education Qualifications Experience, Knowledge, Behavioural Skill, Availability, Turnover
© 2014 ISACA. All rights reserved. Used by permission. 4. Enabling a Holistic Approach (cont). Principle 4. Enabling a Holistic Approach:  Systemic governance and management through interconnected enablers—To achieve the main objectives of the enterprise, it must always consider an interconnected set of enablers, i.e., each enabler:  Needs the input of other enablers to be fully effective, e.g., processes need information, organisational structures need skills and behaviour  Delivers output to the benefit of other enablers, e.g., processes deliver information, skills and behaviour make processes efficient 41
PLGR. 42 4. Enabling a Holistic Approach (cont). Principle 4. Enabling a Holistic Approach:  Inputs and outputs of enablers Process I N P U T S O U P U T S I N P U T S = = = = = = Process O U P U T S
© 2014 ISACA. All rights reserved. Used by permission. 4. Enabling a Holistic Approach (cont.) Principle 4. Enabling a Holistic Approach 43 Source: COBIT® 5, figure 12. © 2012 ISACA® All rights reserved. Exercise 7 - Interactions and relations among enablers?
© 2014 ISACA. All rights reserved. Used by permission. 5. Separating Governance From Management Principle 5. Separating Governance From Management:  The COBIT 5 framework makes a clear distinction between governance and management.  These two disciplines:  Encompass different types of activities  Require different organisational structures  Serve different purposes  Governance—In most enterprises, governance is the responsibility of the board of directors under the leadership of the chairperson.  Management—In most enterprises, management is the responsibility of the executive management under the leadership of the CEO. 44
© 2014 ISACA. All rights reserved. Used by permission. 5. Separating Governance From Management (cont.) Principle 5. Separating Governance From Management: • Governance ensures that stakeholders needs, conditions and options are evaluated to determine balanced, agreed-on enterprise objectives to be achieved; setting direction through prioritisation and decision making; and monitoring performance and compliance against agreed-on direction and objectives (EDM). • Management plans, builds, runs and monitors activities in alignment with the direction set by the governance body to achieve the enterprise objectives (PBRM). 45
© 2014 ISACA. All rights reserved. Used by permission. 5. Separating Governance From Management (cont.) Principle 5. Separating Governance From Management: COBIT 5 is not prescriptive, but it advocates that organisations implement governance and management processes such that the key areas are covered, as shown. 46 Source: COBIT® 5, figure 15. © 2012 ISACA® All rights reserved.
© 2014 ISACA. All rights reserved. Used by permission. COBIT 5: Enabling Processes  COBIT 5: Enabling Processes complements COBIT 5 and contains a detailed reference guide to the processes that are defined in the COBIT 5 process reference model:  In Chapter 2, the COBIT 5 goals cascade is recapitulated and complemented with a set of example metrics for the enterprise goals and the IT-related goals.  In Chapter 3, the COBIT 5 process model is explained and its components defined.  Chapter 4 shows the diagram of this process reference model.  Chapter 5 contains the detailed process information for all 37 COBIT 5 processes in the process reference model. 48
PLGR. 49 COBIT 5: Enabling Processes (cont.) Source: COBIT® 5, figure 29. © 2012 ISACA® All rights reserved. Stakeholders Goals Practices-Activities Metrics
© 2014 ISACA. All rights reserved. Used by permission. COBIT 5: Enabling Processes (Cont.) COBIT 5: Enabling Processes: • The COBIT 5 process reference model subdivides the IT- related practices and activities of the enterprise into two main areas—governance and management— with management further divided into domains of processes: • The GOVERNANCE domain contains five governance processes; within each process, evaluate, direct and monitor (EDM) practices are defined. • The four MANAGEMENT domains are in line with the responsibility areas of plan, build, run and monitor (PBRM). 50
PLGR. 51 COBIT 5: Enabling Processes EMD01 • Governance, framework setting and Maintenance EMD02 • Benefits Delivery EMD03 • Risk optimization EMD04 • Resource optimization EDM05 • Stakeholders transparency Governance: 1 domain EDM – 5 process
PLGR. 52 COBIT 5: Enabling Processes APO • Align, Plan and Organise 13 BAI • Build, Acquire and Implement 10 DSS • Deliver, Service and Support 6 MEA • Monitor, Evaluate and Assess 3 Management: 4 domains – 32 processes
© 2014 ISACA. All rights reserved. Used by permission. COBIT 5: Enabling Processes (cont.) 53 Source: COBIT® 5, figure 16. © 2012 ISACA® All rights reserved.
PLGR. 54 COBIT 5: Enabling Processes – Exercise 8 Source: COBIT® 5, figure 16. © 2012 ISACA® All rights reserved. 02 IT compliance & support for business compliance with external laws and regulations Page 52-53 Our organization is concerned about the compliance with external laws and regulations. From an IT point of view, what Cobit Process would you implement? APO01 Manage the IT Management Framework APO12 Manage Risk APO13 Manage Security BAI10 Manage Configuration DSS05 Manage Security Services MEA02 Monitor, Evaluate and Assess the System of Internal Control MEA03 Monitor, Evaluate and Assess Compliance With External Requirements
PLGR. 56 COBIT 5 Implementation (cont.) Exercise 9 - From which factors depends your strategy implementation of your company?  Ethics and culture  Applicable laws, regulations and policies  Mission, vision and values  Governance policies and practices  Industry practices  Business plan and strategic intentions  Operating model and level of maturity  Management style  Risk appetite  Capabilities and available resources
PLGR. 57 COBIT 5 Implementation (cont.) Source: COBIT® 5, figure 17. © 2012 ISACA® All rights reserved. 1 What are the drivers 2 Where are we now? 3 Where do we want to be? 4 What needs to be done? 5 How do we get there? 6 Did we get there? 7 How do we keep going?
© 2014 ISACA. All rights reserved. Used by permission. COBIT 5 Product Family 59 Source: COBIT® 5, figure 11. © 2012 ISACA® All rights reserved.
© 2014 ISACA. All rights reserved. Used by permission. COBIT 5 Supporting Products • A Business Framework for the Governance and Management of Enterprise IT • Professional Guides: • COBIT 5 Implementation • COBIT 5 for Information Security • COBIT 5 for Assurance, COBIT 5 for Risk • Enabler Guides: • COBIT 5: Enabling Processes • COBIT 5: Enabling Information • COBIT Assessment Programme: • Process Assessment Model (PAM): Using COBIT 5 • Assessor Guide: Using COBIT 5 • Self-assessment Guide: Using COBIT 5 60
Cobit 5 introduction plgr

Recommended

Governance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 FrameworkGovernance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 FrameworkGoutama Bachtiar
 
Business IT Management - Intro to CobiT & ITIL
Business IT Management - Intro to CobiT & ITILBusiness IT Management - Intro to CobiT & ITIL
Business IT Management - Intro to CobiT & ITILAhmad Hafeezi
 
COBIT 5 as an IT Management Best Practices Framework - by Goh Boon Nam
COBIT 5 as an IT Management Best Practices Framework - by Goh Boon NamCOBIT 5 as an IT Management Best Practices Framework - by Goh Boon Nam
COBIT 5 as an IT Management Best Practices Framework - by Goh Boon NamNUS-ISS
 
Cobit 5 - An Overview
Cobit 5 - An OverviewCobit 5 - An Overview
Cobit 5 - An OverviewAnurag Purohit
 
Comparación de CobiT 5 con CobiT 4.1
Comparación de CobiT 5 con CobiT 4.1Comparación de CobiT 5 con CobiT 4.1
Comparación de CobiT 5 con CobiT 4.1Slime Argentina
 
Cobit5
Cobit5Cobit5
Cobit5ISACA-Istanbul
 
Cobit5 introduction
Cobit5 introductionCobit5 introduction
Cobit5 introductionMarkus Yaldu
 
What is Cobit
What is CobitWhat is Cobit
What is CobitBen Kalland
 

Recommended

Governance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 FrameworkGovernance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 FrameworkGoutama Bachtiar
 
Business IT Management - Intro to CobiT & ITIL
Business IT Management - Intro to CobiT & ITILBusiness IT Management - Intro to CobiT & ITIL
Business IT Management - Intro to CobiT & ITILAhmad Hafeezi
 
COBIT 5 as an IT Management Best Practices Framework - by Goh Boon Nam
COBIT 5 as an IT Management Best Practices Framework - by Goh Boon NamCOBIT 5 as an IT Management Best Practices Framework - by Goh Boon Nam
COBIT 5 as an IT Management Best Practices Framework - by Goh Boon NamNUS-ISS
 
Cobit 5 - An Overview
Cobit 5 - An OverviewCobit 5 - An Overview
Cobit 5 - An OverviewAnurag Purohit
 
Comparación de CobiT 5 con CobiT 4.1
Comparación de CobiT 5 con CobiT 4.1Comparación de CobiT 5 con CobiT 4.1
Comparación de CobiT 5 con CobiT 4.1Slime Argentina
 
Cobit5
Cobit5Cobit5
Cobit5ISACA-Istanbul
 
Cobit5 introduction
Cobit5 introductionCobit5 introduction
Cobit5 introductionMarkus Yaldu
 
What is Cobit
What is CobitWhat is Cobit
What is CobitBen Kalland
 
Business and ITSM on the same page at last! ITIL, TOGAF and COBIT working to...
Business and ITSM on the same page at last! ITIL, TOGAF and COBIT working to...Business and ITSM on the same page at last! ITIL, TOGAF and COBIT working to...
Business and ITSM on the same page at last! ITIL, TOGAF and COBIT working to...CTE Solutions Inc.
 
Cobit 5 used in an information security review
Cobit 5 used in an information security reviewCobit 5 used in an information security review
Cobit 5 used in an information security reviewJohnbarchie
 
COBIT 5 Basic Concepts
COBIT 5 Basic ConceptsCOBIT 5 Basic Concepts
COBIT 5 Basic ConceptsSpyros Ktenas
 
Study Notes - COBIT 5 Foundation Certification
Study Notes - COBIT 5 Foundation CertificationStudy Notes - COBIT 5 Foundation Certification
Study Notes - COBIT 5 Foundation CertificationWAJAHAT IQBAL
 
CobiT Foundation Free Training
CobiT Foundation Free TrainingCobiT Foundation Free Training
CobiT Foundation Free TrainingEnterpriseGRC Solutions, Inc.
 
Cobit, itil and cmmi - a tutorial
Cobit, itil and cmmi - a tutorialCobit, itil and cmmi - a tutorial
Cobit, itil and cmmi - a tutorialseveman
 
Cobit 5 Business Framework -Governance and Management of Enterprise IT
Cobit 5 Business Framework -Governance and Management of Enterprise ITCobit 5 Business Framework -Governance and Management of Enterprise IT
Cobit 5 Business Framework -Governance and Management of Enterprise ITBalasubramanian.C PMP®,ITIL®,PRINCE2®,COBIT®5
 
Introduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT managementIntroduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT managementChristian F. Nissen
 
COBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an IntroductionCOBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an Introductionaqel aqel
 
Cobit 5 principle 1
Cobit 5 principle 1Cobit 5 principle 1
Cobit 5 principle 1Thomson Reuters
 
COBIT5 Introduction
COBIT5 IntroductionCOBIT5 Introduction
COBIT5 IntroductionMohammad Reda Katby
 
COBIT 5 - Principal 3 Applying A Single Integrated Framework
COBIT 5 - Principal 3 Applying A Single Integrated FrameworkCOBIT 5 - Principal 3 Applying A Single Integrated Framework
COBIT 5 - Principal 3 Applying A Single Integrated FrameworkMohammad Reda Katby
 
Cobit as IT Management Best Practice Framework
Cobit as IT Management Best Practice FrameworkCobit as IT Management Best Practice Framework
Cobit as IT Management Best Practice Frameworkjg20001234
 
Cobit5 owerwiev and implementation proposal
Cobit5 owerwiev and implementation proposalCobit5 owerwiev and implementation proposal
Cobit5 owerwiev and implementation proposalEmilio Gratton
 
Cobit Foundation Training
Cobit Foundation TrainingCobit Foundation Training
Cobit Foundation Trainingvyomlabs
 
CObIT
CObITCObIT
CObITSophia Abigayle
 
Itil,cobit and ıso27001
Itil,cobit and ıso27001Itil,cobit and ıso27001
Itil,cobit and ıso27001Burcu Pelin TELLİ
 
Cobit Training course
Cobit Training courseCobit Training course
Cobit Training courseIman Baradari
 
Governance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 FrameworkGovernance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 FrameworkGoutama Bachtiar
 
COBIT 5 as a standard in the Jordanian banking system
COBIT 5 as a standard in the Jordanian banking systemCOBIT 5 as a standard in the Jordanian banking system
COBIT 5 as a standard in the Jordanian banking systemMark Constable
 
AI00 Presentación Auditoria Informatica
AI00 Presentación Auditoria InformaticaAI00 Presentación Auditoria Informatica
AI00 Presentación Auditoria InformaticaPedro Garcia Repetto
 
Isaca Belgium Architecture frameworks
Isaca Belgium Architecture frameworksIsaca Belgium Architecture frameworks
Isaca Belgium Architecture frameworksIsaca_Belgium
 

More Related Content

What's hot

Business and ITSM on the same page at last! ITIL, TOGAF and COBIT working to...
Business and ITSM on the same page at last! ITIL, TOGAF and COBIT working to...Business and ITSM on the same page at last! ITIL, TOGAF and COBIT working to...
Business and ITSM on the same page at last! ITIL, TOGAF and COBIT working to...CTE Solutions Inc.
 
Cobit 5 used in an information security review
Cobit 5 used in an information security reviewCobit 5 used in an information security review
Cobit 5 used in an information security reviewJohnbarchie
 
COBIT 5 Basic Concepts
COBIT 5 Basic ConceptsCOBIT 5 Basic Concepts
COBIT 5 Basic ConceptsSpyros Ktenas
 
Study Notes - COBIT 5 Foundation Certification
Study Notes - COBIT 5 Foundation CertificationStudy Notes - COBIT 5 Foundation Certification
Study Notes - COBIT 5 Foundation CertificationWAJAHAT IQBAL
 
Cobit, itil and cmmi - a tutorial
Cobit, itil and cmmi - a tutorialCobit, itil and cmmi - a tutorial
Cobit, itil and cmmi - a tutorialseveman
 
Introduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT managementIntroduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT managementChristian F. Nissen
 
COBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an IntroductionCOBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an Introductionaqel aqel
 
COBIT 5 - Principal 3 Applying A Single Integrated Framework
COBIT 5 - Principal 3 Applying A Single Integrated FrameworkCOBIT 5 - Principal 3 Applying A Single Integrated Framework
COBIT 5 - Principal 3 Applying A Single Integrated FrameworkMohammad Reda Katby
 
Cobit as IT Management Best Practice Framework
Cobit as IT Management Best Practice FrameworkCobit as IT Management Best Practice Framework
Cobit as IT Management Best Practice Frameworkjg20001234
 
Cobit5 owerwiev and implementation proposal
Cobit5 owerwiev and implementation proposalCobit5 owerwiev and implementation proposal
Cobit5 owerwiev and implementation proposalEmilio Gratton
 
Cobit Foundation Training
Cobit Foundation TrainingCobit Foundation Training
Cobit Foundation Trainingvyomlabs
 
Cobit Training course
Cobit Training courseCobit Training course
Cobit Training courseIman Baradari
 
Governance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 FrameworkGovernance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 FrameworkGoutama Bachtiar
 
COBIT 5 as a standard in the Jordanian banking system
COBIT 5 as a standard in the Jordanian banking systemCOBIT 5 as a standard in the Jordanian banking system
COBIT 5 as a standard in the Jordanian banking systemMark Constable
 

What's hot (20)

Business and ITSM on the same page at last! ITIL, TOGAF and COBIT working to...
Business and ITSM on the same page at last! ITIL, TOGAF and COBIT working to...Business and ITSM on the same page at last! ITIL, TOGAF and COBIT working to...
Business and ITSM on the same page at last! ITIL, TOGAF and COBIT working to...
 
Cobit 5 used in an information security review
Cobit 5 used in an information security reviewCobit 5 used in an information security review
Cobit 5 used in an information security review
 
COBIT 5 Basic Concepts
COBIT 5 Basic ConceptsCOBIT 5 Basic Concepts
COBIT 5 Basic Concepts
 
Study Notes - COBIT 5 Foundation Certification
Study Notes - COBIT 5 Foundation CertificationStudy Notes - COBIT 5 Foundation Certification
Study Notes - COBIT 5 Foundation Certification
 
CobiT Foundation Free Training
CobiT Foundation Free TrainingCobiT Foundation Free Training
CobiT Foundation Free Training
 
Cobit, itil and cmmi - a tutorial
Cobit, itil and cmmi - a tutorialCobit, itil and cmmi - a tutorial
Cobit, itil and cmmi - a tutorial
 
Cobit 5 Business Framework -Governance and Management of Enterprise IT
Cobit 5 Business Framework -Governance and Management of Enterprise ITCobit 5 Business Framework -Governance and Management of Enterprise IT
Cobit 5 Business Framework -Governance and Management of Enterprise IT
 
Introduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT managementIntroduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT management
 
COBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an IntroductionCOBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an Introduction
 
Cobit 5 principle 1
Cobit 5 principle 1Cobit 5 principle 1
Cobit 5 principle 1
 
COBIT5 Introduction
COBIT5 IntroductionCOBIT5 Introduction
COBIT5 Introduction
 
COBIT 5 - Principal 3 Applying A Single Integrated Framework
COBIT 5 - Principal 3 Applying A Single Integrated FrameworkCOBIT 5 - Principal 3 Applying A Single Integrated Framework
COBIT 5 - Principal 3 Applying A Single Integrated Framework
 
Cobit as IT Management Best Practice Framework
Cobit as IT Management Best Practice FrameworkCobit as IT Management Best Practice Framework
Cobit as IT Management Best Practice Framework
 
Cobit5 owerwiev and implementation proposal
Cobit5 owerwiev and implementation proposalCobit5 owerwiev and implementation proposal
Cobit5 owerwiev and implementation proposal
 
Cobit Foundation Training
Cobit Foundation TrainingCobit Foundation Training
Cobit Foundation Training
 
CObIT
CObITCObIT
CObIT
 
Itil,cobit and ıso27001
Itil,cobit and ıso27001Itil,cobit and ıso27001
Itil,cobit and ıso27001
 
Cobit Training course
Cobit Training courseCobit Training course
Cobit Training course
 
Governance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 FrameworkGovernance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 Framework
 
COBIT 5 as a standard in the Jordanian banking system
COBIT 5 as a standard in the Jordanian banking systemCOBIT 5 as a standard in the Jordanian banking system
COBIT 5 as a standard in the Jordanian banking system
 

Viewers also liked

AI00 Presentación Auditoria Informatica
AI00 Presentación Auditoria InformaticaAI00 Presentación Auditoria Informatica
AI00 Presentación Auditoria InformaticaPedro Garcia Repetto
 
Isaca Belgium Architecture frameworks
Isaca Belgium Architecture frameworksIsaca Belgium Architecture frameworks
Isaca Belgium Architecture frameworksIsaca_Belgium
 
The MILES Series - IT - Bringing Everything Together
The MILES Series - IT - Bringing Everything TogetherThe MILES Series - IT - Bringing Everything Together
The MILES Series - IT - Bringing Everything TogetherAnurag Purohit
 
e-government summit - may 2013 - Riyadh - Saudi Arabia - opening note by aqel...
e-government summit - may 2013 - Riyadh - Saudi Arabia - opening note by aqel...e-government summit - may 2013 - Riyadh - Saudi Arabia - opening note by aqel...
e-government summit - may 2013 - Riyadh - Saudi Arabia - opening note by aqel...aqel aqel
 
3rd kingdom cyber security forum it gov in saudi arabia- aqel
3rd kingdom cyber security forum it gov in saudi arabia- aqel3rd kingdom cyber security forum it gov in saudi arabia- aqel
3rd kingdom cyber security forum it gov in saudi arabia- aqelaqel aqel
 
Managing human resources at data centers 1.0
Managing human resources at data centers 1.0Managing human resources at data centers 1.0
Managing human resources at data centers 1.0aqel aqel
 
2015 ISACA NACACS - Audit as Controls Factory
2015 ISACA NACACS - Audit as Controls Factory2015 ISACA NACACS - Audit as Controls Factory
2015 ISACA NACACS - Audit as Controls FactoryNathan Anderson
 
Resume Ejecutivo Marco de Riesgos de Ti 18 10-2013
Resume Ejecutivo Marco de Riesgos de Ti 18 10-2013Resume Ejecutivo Marco de Riesgos de Ti 18 10-2013
Resume Ejecutivo Marco de Riesgos de Ti 18 10-2013Ciro Bonilla
 
Toward an organizational E-readiness Model
Toward an organizational E-readiness ModelToward an organizational E-readiness Model
Toward an organizational E-readiness Modelaqel aqel
 
AI01 Introducción Auditoria Informatica
AI01 Introducción Auditoria InformaticaAI01 Introducción Auditoria Informatica
AI01 Introducción Auditoria InformaticaPedro Garcia Repetto
 
Auditoria Informatica - Tema AI10 ISACA
Auditoria Informatica - Tema AI10 ISACAAuditoria Informatica - Tema AI10 ISACA
Auditoria Informatica - Tema AI10 ISACAPedro Garcia Repetto
 
Organizational Change management: an Introduction (Arabic) المؤمقدمة في إدار...
Organizational Change management: an Introduction (Arabic) المؤمقدمة في إدار...Organizational Change management: an Introduction (Arabic) المؤمقدمة في إدار...
Organizational Change management: an Introduction (Arabic) المؤمقدمة في إدار...aqel aqel
 
Introduction to IT Governance using Cobit 5 مقدمة في حوكمة تقنية المعلومات - ...
Introduction to IT Governance using Cobit 5 مقدمة في حوكمة تقنية المعلومات - ...Introduction to IT Governance using Cobit 5 مقدمة في حوكمة تقنية المعلومات - ...
Introduction to IT Governance using Cobit 5 مقدمة في حوكمة تقنية المعلومات - ...aqel aqel
 
Cobit 5 for information security
Cobit 5 for information securityCobit 5 for information security
Cobit 5 for information securityElkanouni Mohamed
 
Strategic Account Management Presentation
Strategic Account Management PresentationStrategic Account Management Presentation
Strategic Account Management Presentationmalleway
 

Viewers also liked (20)

AI00 Presentación Auditoria Informatica
AI00 Presentación Auditoria InformaticaAI00 Presentación Auditoria Informatica
AI00 Presentación Auditoria Informatica
 
Isaca Belgium Architecture frameworks
Isaca Belgium Architecture frameworksIsaca Belgium Architecture frameworks
Isaca Belgium Architecture frameworks
 
The MILES Series - IT - Bringing Everything Together
The MILES Series - IT - Bringing Everything TogetherThe MILES Series - IT - Bringing Everything Together
The MILES Series - IT - Bringing Everything Together
 
e-government summit - may 2013 - Riyadh - Saudi Arabia - opening note by aqel...
e-government summit - may 2013 - Riyadh - Saudi Arabia - opening note by aqel...e-government summit - may 2013 - Riyadh - Saudi Arabia - opening note by aqel...
e-government summit - may 2013 - Riyadh - Saudi Arabia - opening note by aqel...
 
AI03 Analis y gestion de riesgos
AI03 Analis y gestion de riesgosAI03 Analis y gestion de riesgos
AI03 Analis y gestion de riesgos
 
3rd kingdom cyber security forum it gov in saudi arabia- aqel
3rd kingdom cyber security forum it gov in saudi arabia- aqel3rd kingdom cyber security forum it gov in saudi arabia- aqel
3rd kingdom cyber security forum it gov in saudi arabia- aqel
 
Managing human resources at data centers 1.0
Managing human resources at data centers 1.0Managing human resources at data centers 1.0
Managing human resources at data centers 1.0
 
2015 ISACA NACACS - Audit as Controls Factory
2015 ISACA NACACS - Audit as Controls Factory2015 ISACA NACACS - Audit as Controls Factory
2015 ISACA NACACS - Audit as Controls Factory
 
Resume Ejecutivo Marco de Riesgos de Ti 18 10-2013
Resume Ejecutivo Marco de Riesgos de Ti 18 10-2013Resume Ejecutivo Marco de Riesgos de Ti 18 10-2013
Resume Ejecutivo Marco de Riesgos de Ti 18 10-2013
 
AI02 Proceso de auditoría
AI02 Proceso de auditoríaAI02 Proceso de auditoría
AI02 Proceso de auditoría
 
Toward an organizational E-readiness Model
Toward an organizational E-readiness ModelToward an organizational E-readiness Model
Toward an organizational E-readiness Model
 
AI01 Introducción Auditoria Informatica
AI01 Introducción Auditoria InformaticaAI01 Introducción Auditoria Informatica
AI01 Introducción Auditoria Informatica
 
Bcp drp
Bcp drpBcp drp
Bcp drp
 
Auditoria Informatica - Tema AI10 ISACA
Auditoria Informatica - Tema AI10 ISACAAuditoria Informatica - Tema AI10 ISACA
Auditoria Informatica - Tema AI10 ISACA
 
Organizational Change management: an Introduction (Arabic) المؤمقدمة في إدار...
Organizational Change management: an Introduction (Arabic) المؤمقدمة في إدار...Organizational Change management: an Introduction (Arabic) المؤمقدمة في إدار...
Organizational Change management: an Introduction (Arabic) المؤمقدمة في إدار...
 
AI08 Auditoria producto software
AI08 Auditoria producto softwareAI08 Auditoria producto software
AI08 Auditoria producto software
 
Introduction to IT Governance using Cobit 5 مقدمة في حوكمة تقنية المعلومات - ...
Introduction to IT Governance using Cobit 5 مقدمة في حوكمة تقنية المعلومات - ...Introduction to IT Governance using Cobit 5 مقدمة في حوكمة تقنية المعلومات - ...
Introduction to IT Governance using Cobit 5 مقدمة في حوكمة تقنية المعلومات - ...
 
Cobit 5 for information security
Cobit 5 for information securityCobit 5 for information security
Cobit 5 for information security
 
It governance & cobit 5
It governance & cobit 5It governance & cobit 5
It governance & cobit 5
 
Strategic Account Management Presentation
Strategic Account Management PresentationStrategic Account Management Presentation
Strategic Account Management Presentation
 

Similar to Cobit 5 introduction plgr

Cobit5 introduction
Cobit5 introductionCobit5 introduction
Cobit5 introductionsuhaskokate
 
02-cobit5-introduction.ppt
02-cobit5-introduction.ppt02-cobit5-introduction.ppt
02-cobit5-introduction.pptElonMotta
 
PPT-UEU-Topik-dalam-IT-Resources-Management-13.pptx
PPT-UEU-Topik-dalam-IT-Resources-Management-13.pptxPPT-UEU-Topik-dalam-IT-Resources-Management-13.pptx
PPT-UEU-Topik-dalam-IT-Resources-Management-13.pptxssuserd1791e
 
02. cobit5 introduction
02. cobit5 introduction02. cobit5 introduction
02. cobit5 introductionMulyadi Yusuf
 
Introduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT managementIntroduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT managementChristian F. Nissen
 
COBIT® Presentation Package.ppt
COBIT® Presentation Package.pptCOBIT® Presentation Package.ppt
COBIT® Presentation Package.pptEmmacuet
 
CoBIT 5 (A brief Description)
CoBIT 5 (A brief Description)CoBIT 5 (A brief Description)
CoBIT 5 (A brief Description)Sam Mandebvu
 
Principal 4 Enabling A Holistic Approach
Principal 4 Enabling A Holistic ApproachPrincipal 4 Enabling A Holistic Approach
Principal 4 Enabling A Holistic ApproachMohammad Reda Katby
 
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500PECB
 
Cobit® 5 Comparação com Cobit® 4
Cobit® 5 Comparação com Cobit® 4Cobit® 5 Comparação com Cobit® 4
Cobit® 5 Comparação com Cobit® 4brunise
 

Similar to Cobit 5 introduction plgr (20)

Cobit5 introduction
Cobit5 introductionCobit5 introduction
Cobit5 introduction
 
COBIT5-IntroductionS
COBIT5-IntroductionSCOBIT5-IntroductionS
COBIT5-IntroductionS
 
02-cobit5-introduction.ppt
02-cobit5-introduction.ppt02-cobit5-introduction.ppt
02-cobit5-introduction.ppt
 
Cobit5 introduction
Cobit5 introductionCobit5 introduction
Cobit5 introduction
 
PPT-UEU-Topik-dalam-IT-Resources-Management-13.pptx
PPT-UEU-Topik-dalam-IT-Resources-Management-13.pptxPPT-UEU-Topik-dalam-IT-Resources-Management-13.pptx
PPT-UEU-Topik-dalam-IT-Resources-Management-13.pptx
 
01-COBIT5-ExecSummary
01-COBIT5-ExecSummary01-COBIT5-ExecSummary
01-COBIT5-ExecSummary
 
COBIT
COBITCOBIT
COBIT
 
Cobit5
Cobit5Cobit5
Cobit5
 
02. cobit5 introduction
02. cobit5 introduction02. cobit5 introduction
02. cobit5 introduction
 
Introduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT managementIntroduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT management
 
COBIT 5 FAQ
COBIT 5 FAQCOBIT 5 FAQ
COBIT 5 FAQ
 
Cobit5 and-grc
Cobit5 and-grcCobit5 and-grc
Cobit5 and-grc
 
COBIT® Presentation Package.ppt
COBIT® Presentation Package.pptCOBIT® Presentation Package.ppt
COBIT® Presentation Package.ppt
 
CoBIT 5 (A brief Description)
CoBIT 5 (A brief Description)CoBIT 5 (A brief Description)
CoBIT 5 (A brief Description)
 
Principal 4 Enabling A Holistic Approach
Principal 4 Enabling A Holistic ApproachPrincipal 4 Enabling A Holistic Approach
Principal 4 Enabling A Holistic Approach
 
01 intro-cobit
01 intro-cobit01 intro-cobit
01 intro-cobit
 
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500
 
Lailatul izzati
Lailatul izzatiLailatul izzati
Lailatul izzati
 
Cobit5 compare-with-4.1
Cobit5 compare-with-4.1Cobit5 compare-with-4.1
Cobit5 compare-with-4.1
 
Cobit® 5 Comparação com Cobit® 4
Cobit® 5 Comparação com Cobit® 4Cobit® 5 Comparação com Cobit® 4
Cobit® 5 Comparação com Cobit® 4
 

Recently uploaded

"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfjimielynbastida
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfngoud9212
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 

Recently uploaded (20)

E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdf
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdf
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 

Cobit 5 introduction plgr

  • 1. Jordan, 5-8 April 2015 The author (prepetto@hotmail.com) has permission of ISACA to use the ISACA © Material
  • 3. PLGR. 3 Information! Information is a key resource for all enterprises. ¿What is its Life cycle? Created Used Retained Disclosed Destroyed
  • 4. © 2014 ISACA. All rights reserved. Used by permission. Information!  Does Technology play a key role in the actions of the information life cycle? 4  Is Technology becoming pervasive in all aspects of business and personal life?  What benefits do information and technology bring to enterprises?
  • 5. © 2014 ISACA. All rights reserved. Used by permission. Enterprise Benefits Enterprises and their executives strive to:  Maintain quality information to support business decisions.  Generate business value from IT-enabled investments, i.e., achieve strategic goals and realise business benefits through effective and innovative use of IT.  Achieve operational excellence through reliable and efficient application of technology.  Maintain IT-related risk at an acceptable level.  Optimise the cost of IT services and technology. 5 How can these benefits be realised to create enterprise stakeholder value?
  • 6. PLGR. Governance of Enterprise IT COBIT 5 IT Governance COBIT4.0/4.1 Management COBIT3 Control COBIT2 An business framework from ISACA, at www.isaca.org/cobit Audit COBIT1 COBIT 5: Now One Complete Business Framework for 2005/720001998 Evolutionofscope 1996 2012 Val IT 2.0 (2008) Risk IT (2009) 6 © 2012 ISACA® All rights reserved.
  • 7. PLGR. 7 Stakeholder Who or what is an “Stakeholder”? - Exercise 01 Presidents, directors, managers, Business process owners Internal audit, IT users Privacy officers, IT managers, Business managers, Risk managers A person, group or organization that has interest or concern in an organization Are the stakeholders internal o external? Both Business partners, Suppliers Shareholders Regulators/government External users, Customers Standardisation organisations External auditors, Consultants Examples? Internal External
  • 8. © 2014 ISACA. All rights reserved. Used by permission. Governance and Management  Governance ensures that enterprise objectives are achieved by evaluating stakeholder needs, conditions and options; setting direction through prioritisation and decision making; and monitoring performance, compliance and progress against agreed-on direction and objectives (EDM). 8 Evalu- ate Direct Moni- tor
  • 9. © 2014 ISACA. All rights reserved. Used by permission. Governance and Management  Management plans, builds, runs and monitors activities in alignment with the direction set by the governance body to achieve the enterprise objectives (PBRM). 9 Plan Build Run Moni- tor
  • 10. © 2014 ISACA. All rights reserved. Used by permission. COBIT 5 Framework 10
  • 11. © 2014 ISACA. All rights reserved. Used by permission. COBIT 5 Framework  The main, overarching COBIT 5 product  Contains the executive summary and the full description of all of the COBIT 5 framework components:  The five COBIT 5 principles  The seven COBIT 5 enablers plus  An introduction to the implementation guidance provided by ISACA (COBIT 5 Implementation)  An introduction to the COBIT Assessment Programme (not specific to COBIT 5) and the process capability approach being adopted by ISACA for COBIT 11
  • 12. © 2014 ISACA. All rights reserved. Used by permission. 12 COBIT 5 Product Family Source: COBIT® 5, figure 11. © 2012 ISACA® All rights reserved. www.isaca.org ProcessesInformation
  • 13.
  • 14. © 2014 ISACA. All rights reserved. Used by permission. In Summary … COBIT 5 brings together the five principles that allow the enterprise to build an effective governance and management framework based on a holistic set of seven enablers that optimises information and technology investment and use for the benefit of stakeholders. 14
  • 15. PLGR. 15 Five COBIT 5 Principles COBIT 5 Principle 5 Principle 4 Principle 3 Principle 2 Principle 1
  • 16. © 2014 ISACA. All rights reserved. Used by permission. Five COBIT 5 Principles 16 1-Meeting Stakeholder Needs 2-Covering the Enterprise End-to-end 3-Applying a Single Integrated Framework 4- Enabling a Holistic Approach 5-Separating Governance From Management
  • 17. PLGR. 17 1. Meeting Stakeholder Needs Who or what is an “Stakeholder”? - Exercise 01 (Repetition) Presidents, directors, managers, Business process owners Internal audit, IT users Privacy officers, IT managers, Business managers, Risk managers A person, group or organization that has interest or concern in an organization Are the stakeholders internal o external? Both Business partners, Suppliers Shareholders Regulators/government External users, Customers Standardisation organisations External auditors, Consultants Examples? Internal External
  • 18. © 2014 ISACA. All rights reserved. Used by permission. 1. Meeting Stakeholder Needs Principle 1. Meeting Stakeholder Needs  Enterprises exist to create value for their stakeholders. 18 Source: COBIT® 5, figure 3. © 2012 ISACA® All rights reserved.
  • 19. © 2014 ISACA. All rights reserved. Used by permission. 1. Meeting Stakeholder Needs (cont.) Principle 1. Meeting Stakeholder Needs:  Enterprises have many stakeholders, and „creating value‟ means different—and sometimes conflicting—things to each of them.  Governance is about negotiating and deciding amongst different stakeholders’ value interests.  The governance system should consider all stakeholders when making benefit, resource and risk assessment decisions.  For each decision, the following can and should be asked: - Who receives the benefits? - Who bears the risk? - What resources are required? 19
  • 20. © 2014 ISACA. All rights reserved. Used by permission. 1. Meeting Stakeholder Needs (cont.) Chief executive officer (CEO) How do I get value from the use of IT? Are end users satisfied with the quality of the IT service? Chief information officer (CIO) How do I best build and structure my IT department? Am I running an efficient and resilient IT operation? Business executives What critical business processes are dependent on IT, and what are the requirements of business processes External users How do I know the enterprise is compliant with applicable rules and regulations? 20 Page 22
  • 21. PLGR. 21 1. Meeting Stakeholder Needs (cont.) Principle 1. Meeting Stakeholder Needs:  Stakeholder needs have to be transformed into an enterprise’s practical strategy.  The COBIT 5 goals cascade translates stakeholder needs into specific, practical and customised goals within the context of the enterprise, IT-related goals and enabler goals. Source: COBIT® 5, figure 4. © 2012 ISACA® All rights reserved.
  • 22. PLGR. 22 1. Meeting Stakeholder Needs (cont.) Chief information officer (CIO) Am I running an efficient and resilient IT operation? 7. Business service continuity and availability 10. Security of information, processing infraestructure and applications APO12 Manage Risk APO13 Manage Security DSS05 Manage Security/Service
  • 23. PLGR. 1. Meeting Stakeholder Needs (cont.) Page 22 Page 55-56 Page 19 Page 19 Page 50 Page 52-53
  • 24. PLGR. 24 1. Meeting Stakeholder Needs (Exercise 2) The CIO of an internet sales enterprise is worried about the assurance over IT. Using Cobit 5 cascade, ¿in which IT goals must the CIO focus? How do I get assurance over IT? 4. Compliance with external laws and regulations 02 IT compliance & support for business compliance with external laws and regulations 15. Compliance with internal policies 10 Security of information, processing infrastructure and applications 15 5 IT compliance with internal policies Page 50 Page 55-56
  • 25. PLGR. 25 1. Meeting Stakeholder Needs (Exercise 3) An internet sales enterprise has defined for itself a number of strategic goals, of which improving customer satisfaction through service continuity is the most important. From there, it wants to know where it needs to improve in all things related to IT 7. Business service continuity and availability 04 Managed IT-related business risk 14 Availability of reliable and useful information for decision making 10 Security of information, processing infrastructure and applications Page 50
  • 26. © 2014 ISACA. All rights reserved. Used by permission. 2. Covering the Enterprise End-to-end Principle 2. Covering the Enterprise End-to-end:  COBIT 5 addresses the governance and management of information and related technology from an enterprisewide, end-to-end perspective.  This means that COBIT 5:  Integrates governance of enterprise IT into enterprise governance, i.e., the governance system for enterprise IT proposed by COBIT 5 integrates seamlessly in any governance system because COBIT 5 aligns with the latest views on governance.  Covers all functions and processes within the enterprise; COBIT 5 does not focus only on the „IT function‟, but treats information and related technologies as assets that need to be dealt with just like any other asset by everyone in the enterprise. 26
  • 27. © 2014 ISACA. All rights reserved. Used by permission. 2. Covering the Enterprise End-to-end (cont.) Principle 2. Covering the Enterprise End-to-end Key components of a governance system 27Source: COBIT® 5, figure 8. © 2012 ISACA® All rights reserved.
  • 28. © 2014 ISACA. All rights reserved. Used by permission. 2. Covering the Enterprise End-to-end (cont.) Principle 2. Covering the Enterprise End-to-end 28 Source: COBIT® 5, figure 9. © 2012 ISACA® All rights reserved. Key components of a governance system
  • 29. © 2014 ISACA. All rights reserved. Used by permission. 3. Applying a Single Integrated Framework Principle 3. Applying a Single Integrated Framework:  COBIT 5 aligns with the latest relevant other standards and frameworks used by enterprises:  Enterprise: COSO, COSO ERM, ISO/IEC 9000, ISO/IEC 31000, ISO/IEC 19011, ISO/IEC 15504  IT-related: ISO/IEC 38500, ITIL, ISO/IEC 27000 series, TOGAF, PMBOK/PRINCE2, CMMI  This allows the enterprise to use COBIT 5 as the overarching governance and management framework integrator. 29
  • 30. © 2014 ISACA. All rights reserved. Used by permission. 4. Enabling a Holistic Approach Principle 4. Enabling a Holistic Approach COBIT 5 enablers are:  Factors that, individually and collectively, influence whether something will work—in the case of COBIT, governance and management over enterprise IT  Driven by the goals cascade, i.e., higher-level IT-related goals define what the different enablers should achieve  Described by the COBIT 5 framework in seven categories 30
  • 31. © 2014 ISACA. All rights reserved. Used by permission. 4. Enabling a Holistic Approach (cont.) Principle 4. Enabling a Holistic Approach 31 Source: COBIT® 5, figure 12. © 2012 ISACA® All rights reserved.
  • 32. PLGR. 32 4. Enabling a Holistic Approach (cont.) 1. Principles, policies and frameworks—Are the vehicles to translate the desired behaviour into practical guidance for day-to-day management Exercise 4 An enterprise is considering how to deal with the fast-rising use of social media and pressure from its staff to have full access Until now, the organisation has been conservative or restrictive in granting access to this kind of service for security reasons What actions can the organization develops? Define a policy on the use of social media
  • 33. PLGR. 33 4. Enabling a Holistic Approach (cont.) 1. Principles, policies and frameworks Exercise 4 (Cont.) Define a policy on the use of social media Communication is developed to explain the reasons for the new policy ¿Impact on others enablers? Staff members need to learn how to deal with the new media. They need to learn the appropriate behaviour. Processes with regard to security need to be changed.
  • 34. PLGR. 34 4. Enabling a Holistic Approach (cont.) 2. Processes—Describe an organised set of practices and activities to achieve certain objectives and produce a set of outputs in support of achieving overall IT-related goals ProcessINPUTS OUPUTS
  • 35. PLGR. 35 4. Enabling a Holistic Approach (cont.) 3. Organisational structures—Are the key decision- making entities in an organisation Exercise 5 Board Directors CEO , CIO, CFO, CRO, COO, CSO, CISO DPO, PMO BCM, ISM Audit and compliance IT Arquitecture, IT develops, IT operations … What “Roles and Organisational Structures” do you know?
  • 36. PLGR. 36 4. Enabling a Holistic Approach (cont.) 4. Culture, ethics and behaviour—Of individuals and of the organisation; very often underestimated as a success factor in governance and management activities Communication Example behaviour exercised by senior management Incentives to encourage desired behaviour Rules and norms, which provide more guidance Exercise 6: ¿Good practices for creating, encouraging and maintaining desired behaviour?
  • 37. PLGR. 37 4. Enabling a Holistic Approach (cont.) 5. Information—Is pervasive throughout any organisation, i.e., deals with all information produced and used by the enterprise. Information is required for keeping the organisation running and well governed, but at the operational level, information is very often the key product of the enterprise itself. Exercise 7 ¿Do you think that there is an information cycle? ¿How do you organize the next concepts in the Information Cycle? BUSINESS PROCESESS DATA INFORMATION KNOWLEDGE VALUE
  • 38. © 2014 ISACA. All rights reserved. Used by permission. 4. Enabling a Holistic Approach (cont.) Exercise 7 (Cont.) - Information Cycle 38
  • 39. © 2014 ISACA. All rights reserved. Used by permission. 4. Enabling a Holistic Approach (cont.) 6. Services, infrastructure and applications—Include the infrastructure, technology and applications that provide the enterprise with information technology processing and services External frameworks (What Cobit principle is applied?) Principle 3. Applying a Single Integrated Framework TOGAF provides a Technical Reference Model and an Integrated Information Infrastructure Reference Model. ITIL provides comprehensive guidance on how to design and operate services. 39
  • 40. © 2014 ISACA. All rights reserved. Used by permission. 4. Enabling a Holistic Approach (cont.) 7. People, skills and competencies - Are linked to people and are required for successful completion of all activities and for making correct decisions and taking corrective actions 40 Practices: Role Skill Requirements, Skill Levels, Skill Categories Quality: Education Qualifications Experience, Knowledge, Behavioural Skill, Availability, Turnover
  • 41. © 2014 ISACA. All rights reserved. Used by permission. 4. Enabling a Holistic Approach (cont). Principle 4. Enabling a Holistic Approach:  Systemic governance and management through interconnected enablers—To achieve the main objectives of the enterprise, it must always consider an interconnected set of enablers, i.e., each enabler:  Needs the input of other enablers to be fully effective, e.g., processes need information, organisational structures need skills and behaviour  Delivers output to the benefit of other enablers, e.g., processes deliver information, skills and behaviour make processes efficient 41
  • 42. PLGR. 42 4. Enabling a Holistic Approach (cont). Principle 4. Enabling a Holistic Approach:  Inputs and outputs of enablers Process I N P U T S O U P U T S I N P U T S = = = = = = Process O U P U T S
  • 43. © 2014 ISACA. All rights reserved. Used by permission. 4. Enabling a Holistic Approach (cont.) Principle 4. Enabling a Holistic Approach 43 Source: COBIT® 5, figure 12. © 2012 ISACA® All rights reserved. Exercise 7 - Interactions and relations among enablers?
  • 44. © 2014 ISACA. All rights reserved. Used by permission. 5. Separating Governance From Management Principle 5. Separating Governance From Management:  The COBIT 5 framework makes a clear distinction between governance and management.  These two disciplines:  Encompass different types of activities  Require different organisational structures  Serve different purposes  Governance—In most enterprises, governance is the responsibility of the board of directors under the leadership of the chairperson.  Management—In most enterprises, management is the responsibility of the executive management under the leadership of the CEO. 44
  • 45. © 2014 ISACA. All rights reserved. Used by permission. 5. Separating Governance From Management (cont.) Principle 5. Separating Governance From Management: • Governance ensures that stakeholders needs, conditions and options are evaluated to determine balanced, agreed-on enterprise objectives to be achieved; setting direction through prioritisation and decision making; and monitoring performance and compliance against agreed-on direction and objectives (EDM). • Management plans, builds, runs and monitors activities in alignment with the direction set by the governance body to achieve the enterprise objectives (PBRM). 45
  • 46. © 2014 ISACA. All rights reserved. Used by permission. 5. Separating Governance From Management (cont.) Principle 5. Separating Governance From Management: COBIT 5 is not prescriptive, but it advocates that organisations implement governance and management processes such that the key areas are covered, as shown. 46 Source: COBIT® 5, figure 15. © 2012 ISACA® All rights reserved.
  • 47.
  • 48. © 2014 ISACA. All rights reserved. Used by permission. COBIT 5: Enabling Processes  COBIT 5: Enabling Processes complements COBIT 5 and contains a detailed reference guide to the processes that are defined in the COBIT 5 process reference model:  In Chapter 2, the COBIT 5 goals cascade is recapitulated and complemented with a set of example metrics for the enterprise goals and the IT-related goals.  In Chapter 3, the COBIT 5 process model is explained and its components defined.  Chapter 4 shows the diagram of this process reference model.  Chapter 5 contains the detailed process information for all 37 COBIT 5 processes in the process reference model. 48
  • 49. PLGR. 49 COBIT 5: Enabling Processes (cont.) Source: COBIT® 5, figure 29. © 2012 ISACA® All rights reserved. Stakeholders Goals Practices-Activities Metrics
  • 50. © 2014 ISACA. All rights reserved. Used by permission. COBIT 5: Enabling Processes (Cont.) COBIT 5: Enabling Processes: • The COBIT 5 process reference model subdivides the IT- related practices and activities of the enterprise into two main areas—governance and management— with management further divided into domains of processes: • The GOVERNANCE domain contains five governance processes; within each process, evaluate, direct and monitor (EDM) practices are defined. • The four MANAGEMENT domains are in line with the responsibility areas of plan, build, run and monitor (PBRM). 50
  • 51. PLGR. 51 COBIT 5: Enabling Processes EMD01 • Governance, framework setting and Maintenance EMD02 • Benefits Delivery EMD03 • Risk optimization EMD04 • Resource optimization EDM05 • Stakeholders transparency Governance: 1 domain EDM – 5 process
  • 52. PLGR. 52 COBIT 5: Enabling Processes APO • Align, Plan and Organise 13 BAI • Build, Acquire and Implement 10 DSS • Deliver, Service and Support 6 MEA • Monitor, Evaluate and Assess 3 Management: 4 domains – 32 processes
  • 53. © 2014 ISACA. All rights reserved. Used by permission. COBIT 5: Enabling Processes (cont.) 53 Source: COBIT® 5, figure 16. © 2012 ISACA® All rights reserved.
  • 54. PLGR. 54 COBIT 5: Enabling Processes – Exercise 8 Source: COBIT® 5, figure 16. © 2012 ISACA® All rights reserved. 02 IT compliance & support for business compliance with external laws and regulations Page 52-53 Our organization is concerned about the compliance with external laws and regulations. From an IT point of view, what Cobit Process would you implement? APO01 Manage the IT Management Framework APO12 Manage Risk APO13 Manage Security BAI10 Manage Configuration DSS05 Manage Security Services MEA02 Monitor, Evaluate and Assess the System of Internal Control MEA03 Monitor, Evaluate and Assess Compliance With External Requirements
  • 55.
  • 56. PLGR. 56 COBIT 5 Implementation (cont.) Exercise 9 - From which factors depends your strategy implementation of your company?  Ethics and culture  Applicable laws, regulations and policies  Mission, vision and values  Governance policies and practices  Industry practices  Business plan and strategic intentions  Operating model and level of maturity  Management style  Risk appetite  Capabilities and available resources
  • 57. PLGR. 57 COBIT 5 Implementation (cont.) Source: COBIT® 5, figure 17. © 2012 ISACA® All rights reserved. 1 What are the drivers 2 Where are we now? 3 Where do we want to be? 4 What needs to be done? 5 How do we get there? 6 Did we get there? 7 How do we keep going?
  • 58.
  • 59. © 2014 ISACA. All rights reserved. Used by permission. COBIT 5 Product Family 59 Source: COBIT® 5, figure 11. © 2012 ISACA® All rights reserved.
  • 60. © 2014 ISACA. All rights reserved. Used by permission. COBIT 5 Supporting Products • A Business Framework for the Governance and Management of Enterprise IT • Professional Guides: • COBIT 5 Implementation • COBIT 5 for Information Security • COBIT 5 for Assurance, COBIT 5 for Risk • Enabler Guides: • COBIT 5: Enabling Processes • COBIT 5: Enabling Information • COBIT Assessment Programme: • Process Assessment Model (PAM): Using COBIT 5 • Assessor Guide: Using COBIT 5 • Self-assessment Guide: Using COBIT 5 60