This document provides an overview of the COBIT 5 framework for governance and management of enterprise IT. It describes the five principles of COBIT 5: meeting stakeholder needs, covering the enterprise end-to-end, applying a single integrated framework, enabling a holistic approach, and separating governance from management. It also outlines the seven enablers of COBIT 5 and explains how COBIT 5 distinguishes between governance and management activities. The document positions COBIT 5 as a comprehensive framework that can help enterprises optimize value from IT investments through effective governance and management.
Governance of IT
COBIT Background
COBIT and Other frameworks
COBIT Principles
COBIT Goals
COBIT Objectives
COBIT Components
COBIT Design factors
COBIT Focus areas
COBIT Performance management
Designing and implementing a governance system
Based on Enablers COBIT 5 provides a holistic and systemic view on governance and management of enterprise IT, these Enablers are enterprisewide and end-to-end covering.
COBIT 5 as a standard in the Jordanian banking systemMark Constable
Balancing performance and conformance in in an enterprise can be a daunting task.
Adding up the various regulatory, compliance and conformance needs of any organization can have a major effect on enterprise performance if not governed and managed effectively.
In the country of Jordan, the Central Bank has mandated that all banks become “COBIT Compliant,” which has caused a flurry of activity amongst boards and executive management across the banks throughout the country.
In this presentation and accompanying case study, we will explore the emerging importance of a solid Governance of Enterprise IT (GEIT) program and how leveraging the COBIT5 framework products can greatly enhance not only compliance but can also be a positive move towards enhancing the overall governance posture.
Learning Objectives:
- Gain an understanding of the importance of balancing performance and conformance with a GEIT program.
- Appreciate the value of the various COBIT and training products (Foundation, Implementation and Assessment) in the Jordanian Banking system mandate.
- Learn about the positive aspects and lessons learned of the COBIT 5 process capability assessments.
Presenters
Mark Thomas - Escoute Consulting
As an internationally known governance, risk, and compliance expert in the areas of Cybersecurity, IT Service Management, Assurance and Audit, and IT Controls, Mark’s background spans leadership roles from CIO to Management and IT Consulting in several Federal and State Agencies, Private Firms, and Fortune 500 Companies.
Dr Ramzi Sunna - ScanWave CTS
Dr. Ramzi has been in the IT security field for 15 years leading several enterprise and international security projects. He is an InfoSec advisor and world-class security expert.
In the IT Governance field, Dr. Ramzi is one of the pioneers in Jordan and the region who led the establishment of COBIT 5 framework in the financial sector as per the Central Bank of Jordan regulations. A unique advisory program was established by ISACA and ScanWave to accomplish this mission.
This webinar is presented in partnership with ISACA.
Watch recording here: https://apmg-international.com/events/case-study-cobit-5-standard-jordanian-banking-system
The COBIT 5 framework describes seven categories of enablers
• Principles, policies and frameworks are the vehicle to translate the desired behaviour into practical guidance for
day-to-day management.
• Processes describe an organised set of practices and activities to achieve certain objectives and produce a set of
outputs in support of achieving overall IT-related goals.
• Organisational structures are the key decision-making entities in an enterprise.
• Culture, ethics and behaviour of individuals and of the enterprise are very often underestimated as a success factor
in governance and management activities.
• Information is pervasive throughout any organisation and includes all information produced and used by the
enterprise. Information is required for keeping the organisation running and well governed, but at the operational
level, information is very often the key product of the enterprise itself.
• Services, infrastructure and applications include the infrastructure, technology and applications that provide the
enterprise with information technology processing and services.
• People, skills and competencies are linked to people and are required for successful completion of all activities and
for making correct decisions and taking corrective actions.
COBIT 5 - Principal 3 Applying A Single Integrated FrameworkMohammad Reda Katby
COBIT 5 is a single and integrated framework because: It aligns with other latest relevant standards and frameworks, and thus allows the enterprise to use COBIT 5 as the
overarching governance and management framework integrator
COBIT 5 - Principal 5 Separating Governance From ManagementMohammad Reda Katby
Governance and Management
These two disciplines encompasses different types of
Activities
Requires difference Organizational Structure
Serve different purposes
So, COBIT 5 framework makes a clear distinction between them
Abdelfattah Habib
Project Manager /
Senior IT Advisor
How To Pass COBIT 5 Foundation Exam
Agenda
What & Why COBIT5
Golden Plan
Proposed Study Schedule
Register For the Exam
Study Iterations 2 & 3
Exam
• COBIT 2019 story
Gift
Why IT Service Managemement implementations sometimes fail in real lifeChristian F. Nissen
A best practice such as ITIL may be approached in various ways. The traditional approach is to plan, design and implement practices based on a notion that we can control reality. However, experience tells us that this approach often fails. Another more agile approach is to adopt and adapt ITIL through small incremental improvements based on the insights from among other Lean IT. A third approach is to let processes emerge in a setting that encourages the preferred behaviour and inhibits undesirable behaviour. We will gain insight into the three perspectives through examples and discuss the different approaches for successfully adopting and adapting ITIL in various settings.
This is a summary of Control Objectives for Information and related Technology audit framework. Anyone can understand COBIT-19 framework within few slides. COBIT was published by ITGI, a nonprofit research entity created by ISACA
Thinking of COBIT implementation – Where to start?Vyom Labs
Executives today are increasingly under pressure to manage IT risk and to transform the way business value can be generated from IT.In this Webinar you will learn how to apply COBIT to specific business problems, pain points, trigger events and risk scenarios within the organization.Also how to effectively use it for client initiatives.
Governance of IT
COBIT Background
COBIT and Other frameworks
COBIT Principles
COBIT Goals
COBIT Objectives
COBIT Components
COBIT Design factors
COBIT Focus areas
COBIT Performance management
Designing and implementing a governance system
Based on Enablers COBIT 5 provides a holistic and systemic view on governance and management of enterprise IT, these Enablers are enterprisewide and end-to-end covering.
COBIT 5 as a standard in the Jordanian banking systemMark Constable
Balancing performance and conformance in in an enterprise can be a daunting task.
Adding up the various regulatory, compliance and conformance needs of any organization can have a major effect on enterprise performance if not governed and managed effectively.
In the country of Jordan, the Central Bank has mandated that all banks become “COBIT Compliant,” which has caused a flurry of activity amongst boards and executive management across the banks throughout the country.
In this presentation and accompanying case study, we will explore the emerging importance of a solid Governance of Enterprise IT (GEIT) program and how leveraging the COBIT5 framework products can greatly enhance not only compliance but can also be a positive move towards enhancing the overall governance posture.
Learning Objectives:
- Gain an understanding of the importance of balancing performance and conformance with a GEIT program.
- Appreciate the value of the various COBIT and training products (Foundation, Implementation and Assessment) in the Jordanian Banking system mandate.
- Learn about the positive aspects and lessons learned of the COBIT 5 process capability assessments.
Presenters
Mark Thomas - Escoute Consulting
As an internationally known governance, risk, and compliance expert in the areas of Cybersecurity, IT Service Management, Assurance and Audit, and IT Controls, Mark’s background spans leadership roles from CIO to Management and IT Consulting in several Federal and State Agencies, Private Firms, and Fortune 500 Companies.
Dr Ramzi Sunna - ScanWave CTS
Dr. Ramzi has been in the IT security field for 15 years leading several enterprise and international security projects. He is an InfoSec advisor and world-class security expert.
In the IT Governance field, Dr. Ramzi is one of the pioneers in Jordan and the region who led the establishment of COBIT 5 framework in the financial sector as per the Central Bank of Jordan regulations. A unique advisory program was established by ISACA and ScanWave to accomplish this mission.
This webinar is presented in partnership with ISACA.
Watch recording here: https://apmg-international.com/events/case-study-cobit-5-standard-jordanian-banking-system
The COBIT 5 framework describes seven categories of enablers
• Principles, policies and frameworks are the vehicle to translate the desired behaviour into practical guidance for
day-to-day management.
• Processes describe an organised set of practices and activities to achieve certain objectives and produce a set of
outputs in support of achieving overall IT-related goals.
• Organisational structures are the key decision-making entities in an enterprise.
• Culture, ethics and behaviour of individuals and of the enterprise are very often underestimated as a success factor
in governance and management activities.
• Information is pervasive throughout any organisation and includes all information produced and used by the
enterprise. Information is required for keeping the organisation running and well governed, but at the operational
level, information is very often the key product of the enterprise itself.
• Services, infrastructure and applications include the infrastructure, technology and applications that provide the
enterprise with information technology processing and services.
• People, skills and competencies are linked to people and are required for successful completion of all activities and
for making correct decisions and taking corrective actions.
COBIT 5 - Principal 3 Applying A Single Integrated FrameworkMohammad Reda Katby
COBIT 5 is a single and integrated framework because: It aligns with other latest relevant standards and frameworks, and thus allows the enterprise to use COBIT 5 as the
overarching governance and management framework integrator
COBIT 5 - Principal 5 Separating Governance From ManagementMohammad Reda Katby
Governance and Management
These two disciplines encompasses different types of
Activities
Requires difference Organizational Structure
Serve different purposes
So, COBIT 5 framework makes a clear distinction between them
Abdelfattah Habib
Project Manager /
Senior IT Advisor
How To Pass COBIT 5 Foundation Exam
Agenda
What & Why COBIT5
Golden Plan
Proposed Study Schedule
Register For the Exam
Study Iterations 2 & 3
Exam
• COBIT 2019 story
Gift
Why IT Service Managemement implementations sometimes fail in real lifeChristian F. Nissen
A best practice such as ITIL may be approached in various ways. The traditional approach is to plan, design and implement practices based on a notion that we can control reality. However, experience tells us that this approach often fails. Another more agile approach is to adopt and adapt ITIL through small incremental improvements based on the insights from among other Lean IT. A third approach is to let processes emerge in a setting that encourages the preferred behaviour and inhibits undesirable behaviour. We will gain insight into the three perspectives through examples and discuss the different approaches for successfully adopting and adapting ITIL in various settings.
This is a summary of Control Objectives for Information and related Technology audit framework. Anyone can understand COBIT-19 framework within few slides. COBIT was published by ITGI, a nonprofit research entity created by ISACA
Thinking of COBIT implementation – Where to start?Vyom Labs
Executives today are increasingly under pressure to manage IT risk and to transform the way business value can be generated from IT.In this Webinar you will learn how to apply COBIT to specific business problems, pain points, trigger events and risk scenarios within the organization.Also how to effectively use it for client initiatives.
Personally designed (content + graphics design), officially accredited COBIT®5 Foundation courseware.
COBIT® is a trademark of ISACA® registered in the United States and other countries.
Trademarks are properties of the holders, who are not affiliated with courseware author.
Governance and Management of Enterprise IT with COBIT 5 FrameworkGoutama Bachtiar
This courseware was designed for the training entitled 'Governance and Management of Enterprise IT with COBIT 5 Framework' with the objective of understanding COBIT 5 Framework as well as achieving IT Governance effectiveness using the respective framework.
Pré Lançamento: COBIT 5
Uma prévia do Manual COBIT® 5 framework está disponível!
“COBIT 5 fornece um quadro global que auxilia as empresas a atingir os seus objetivos para a governança corporativa e gestão de TI. Simplificando, isso ajuda as empresas a criar valor para a TI, mantendo um equilíbrio entre a realização dos benefícios e otimizando os níveis de risco e utilização de recursos.
Confira as novidades dessa versão em relação à versão anterior:
Veja mais informações em: brunise.com.br
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500PECB
The webinar covers:
• Overview of description and principles of COBIT 5.0
• How COBIT is adopted by ISO/IEC 38500
• Complementary values that ISO 38500 and COBIT 5.0 bring to each other
• How companies can use this approach for maximum benefits
Presenter:
This webinar was presented by PECB Trainer Orlando Olumide Odejide, Chief Trainer for Training Heights Limited and an experienced Enterprise Architect.
Link of the recorded session published on YouTube: https://www.youtube.com/watch?v=lnrji3A6C0I
Techniques to optimize the pagerank algorithm usually fall in two categories. One is to try reducing the work per iteration, and the other is to try reducing the number of iterations. These goals are often at odds with one another. Skipping computation on vertices which have already converged has the potential to save iteration time. Skipping in-identical vertices, with the same in-links, helps reduce duplicate computations and thus could help reduce iteration time. Road networks often have chains which can be short-circuited before pagerank computation to improve performance. Final ranks of chain nodes can be easily calculated. This could reduce both the iteration time, and the number of iterations. If a graph has no dangling nodes, pagerank of each strongly connected component can be computed in topological order. This could help reduce the iteration time, no. of iterations, and also enable multi-iteration concurrency in pagerank computation. The combination of all of the above methods is the STICD algorithm. [sticd] For dynamic graphs, unchanged components whose ranks are unaffected can be skipped altogether.
Opendatabay - Open Data Marketplace.pptxOpendatabay
Opendatabay.com unlocks the power of data for everyone. Open Data Marketplace fosters a collaborative hub for data enthusiasts to explore, share, and contribute to a vast collection of datasets.
First ever open hub for data enthusiasts to collaborate and innovate. A platform to explore, share, and contribute to a vast collection of datasets. Through robust quality control and innovative technologies like blockchain verification, opendatabay ensures the authenticity and reliability of datasets, empowering users to make data-driven decisions with confidence. Leverage cutting-edge AI technologies to enhance the data exploration, analysis, and discovery experience.
From intelligent search and recommendations to automated data productisation and quotation, Opendatabay AI-driven features streamline the data workflow. Finding the data you need shouldn't be a complex. Opendatabay simplifies the data acquisition process with an intuitive interface and robust search tools. Effortlessly explore, discover, and access the data you need, allowing you to focus on extracting valuable insights. Opendatabay breaks new ground with a dedicated, AI-generated, synthetic datasets.
Leverage these privacy-preserving datasets for training and testing AI models without compromising sensitive information. Opendatabay prioritizes transparency by providing detailed metadata, provenance information, and usage guidelines for each dataset, ensuring users have a comprehensive understanding of the data they're working with. By leveraging a powerful combination of distributed ledger technology and rigorous third-party audits Opendatabay ensures the authenticity and reliability of every dataset. Security is at the core of Opendatabay. Marketplace implements stringent security measures, including encryption, access controls, and regular vulnerability assessments, to safeguard your data and protect your privacy.
Data Centers - Striving Within A Narrow Range - Research Report - MCG - May 2...pchutichetpong
M Capital Group (“MCG”) expects to see demand and the changing evolution of supply, facilitated through institutional investment rotation out of offices and into work from home (“WFH”), while the ever-expanding need for data storage as global internet usage expands, with experts predicting 5.3 billion users by 2023. These market factors will be underpinned by technological changes, such as progressing cloud services and edge sites, allowing the industry to see strong expected annual growth of 13% over the next 4 years.
Whilst competitive headwinds remain, represented through the recent second bankruptcy filing of Sungard, which blames “COVID-19 and other macroeconomic trends including delayed customer spending decisions, insourcing and reductions in IT spending, energy inflation and reduction in demand for certain services”, the industry has seen key adjustments, where MCG believes that engineering cost management and technological innovation will be paramount to success.
MCG reports that the more favorable market conditions expected over the next few years, helped by the winding down of pandemic restrictions and a hybrid working environment will be driving market momentum forward. The continuous injection of capital by alternative investment firms, as well as the growing infrastructural investment from cloud service providers and social media companies, whose revenues are expected to grow over 3.6x larger by value in 2026, will likely help propel center provision and innovation. These factors paint a promising picture for the industry players that offset rising input costs and adapt to new technologies.
According to M Capital Group: “Specifically, the long-term cost-saving opportunities available from the rise of remote managing will likely aid value growth for the industry. Through margin optimization and further availability of capital for reinvestment, strong players will maintain their competitive foothold, while weaker players exit the market to balance supply and demand.”
Chatty Kathy - UNC Bootcamp Final Project Presentation - Final Version - 5.23...John Andrews
SlideShare Description for "Chatty Kathy - UNC Bootcamp Final Project Presentation"
Title: Chatty Kathy: Enhancing Physical Activity Among Older Adults
Description:
Discover how Chatty Kathy, an innovative project developed at the UNC Bootcamp, aims to tackle the challenge of low physical activity among older adults. Our AI-driven solution uses peer interaction to boost and sustain exercise levels, significantly improving health outcomes. This presentation covers our problem statement, the rationale behind Chatty Kathy, synthetic data and persona creation, model performance metrics, a visual demonstration of the project, and potential future developments. Join us for an insightful Q&A session to explore the potential of this groundbreaking project.
Project Team: Jay Requarth, Jana Avery, John Andrews, Dr. Dick Davis II, Nee Buntoum, Nam Yeongjin & Mat Nicholas
4. Information!
Information is a key resource for all enterprises.
Information is created, used, retained, disclosed and
destroyed.
Technology plays a key role in these actions.
Technology is becoming pervasive in all aspects of
business and personal life.
What benefits do information and technology bring to
enterprises?
4
5. Enterprise Benefits
Enterprises and their executives strive to:
Maintain quality information to support business
decisions.
Generate business value from IT-enabled investments,
i.e., achieve strategic goals and realise business benefits
through effective and innovative use of IT.
Achieve operational excellence through reliable and
efficient application of technology.
Maintain IT-related risk at an acceptable level.
Optimise the cost of IT services and technology.
How can these benefits be realised to create enterprise
stakeholder value?
5
6. Stakeholder Value
Delivering enterprise stakeholder value requires good
governance and management of information and
technology (IT) assets.
Enterprise boards, executives and management have to
embrace IT like any other significant part of the business.
External legal, regulatory and contractual compliance
requirements related to enterprise use of information and
technology are increasing, threatening value if breached.
COBIT 5 provides a comprehensive framework that
assists enterprises to achieve their goals and deliver
value through effective governance and management
of enterprise IT.
6
7. The COBIT 5 Framework
Simply stated, COBIT 5 helps enterprises create optimal
value from IT by maintaining a balance between
realising benefits and optimising risk levels and resource
use.
COBIT 5 enables information and related technology to
be governed and managed in a holistic manner for the
entire enterprise, taking in the full end-to-end business
and functional areas of responsibility, considering the
IT-related interests of internal and external stakeholders.
The COBIT 5 principles and enablers are generic and
useful for enterprises of all sizes, whether commercial,
not-for-profit or in the public sector.
7
10. Governance and Management
Governance ensures that enterprise objectives are
achieved by evaluating stakeholder needs, conditions
and options; setting direction through prioritisation and
decision making; and monitoring performance,
compliance and progress against agreed-on direction and
objectives (EDM).
Management plans, builds, runs and monitors
activities in alignment with the direction set by the
governance body to achieve the enterprise objectives
(PBRM).
10
11. In Summary …
COBIT 5 brings together the five principles that
allow the enterprise to build an effective
governance and management framework based
on a holistic set of seven enablers that optimises
information and technology investment and use
for the benefit of stakeholders.
11
14. COBIT 5 Framework
COBIT 5:
The main, overarching COBIT 5 product
Contains the executive summary and the full description of all
of the COBIT 5 framework components:
The five COBIT 5 principles
The seven COBIT 5 enablers plus
An introduction to the implementation guidance provided
by ISACA (COBIT 5 Implementation)
An introduction to the COBIT Assessment Programme (not
specific to COBIT 5) and the process capability approach
being adopted by ISACA for COBIT
14
16. Five COBIT 5 Principles
The five COBIT 5 principles:
1.Meeting Stakeholder Needs
2.Covering the Enterprise End-to-end
3.Applying a Single Integrated Framework
4.Enabling a Holistic Approach
5.Separating Governance From Management
16
18. 1. Meeting Stakeholder Needs (cont.)
Principle 1. Meeting Stakeholder Needs:
Enterprises have many stakeholders, and ‘creating value’
means different—and sometimes conflicting—things to
each of them.
Governance is about negotiating and deciding amongst
different stakeholders’ value interests.
The governance system should consider all stakeholders
when making benefit, resource and risk assessment
decisions.
For each decision, the following can and should be asked:
Who
receives the benefits?
Who
bears the risk?
What
resources are required?
18
20. 1. Meeting Stakeholder Needs (cont.)
Principle 1. Meeting Stakeholder Needs:
Benefits of the COBIT 5 goals cascade:
It allows the definition of priorities for implementation,
improvement and assurance of enterprise governance of IT
based on (strategic) objectives of the enterprise and the
related risk.
In practice, the goals cascade:
Defines relevant and tangible goals and objectives at
various levels of responsibility.
Filters the knowledge base of COBIT 5, based on
enterprise goals to extract relevant guidance for inclusion
in specific implementation, improvement or assurance
projects.
Clearly identifies and communicates how (sometimes very
operational) enablers are important to achieve enterprise
goals.
20
21. 2. Covering the Enterprise End-to-end
Principle 2. Covering the Enterprise End-to-end:
COBIT 5 addresses the governance and management of
information and related technology from an enterprisewide,
end-to-end perspective.
This means that COBIT 5:
Integrates governance of enterprise IT into enterprise
governance, i.e., the governance system for enterprise IT
proposed by COBIT 5 integrates seamlessly in any
governance system because COBIT 5 aligns with the
latest views on governance.
Covers all functions and processes within the enterprise;
COBIT 5 does not focus only on the ‘IT function’, but
treats information and related technologies as assets that
need to be dealt with just like any other asset by everyone
in the enterprise.
21
23. 3. Applying a Single Integrated Framework
Principle 3. Applying a Single Integrated Framework:
COBIT 5 aligns with the latest relevant other standards and
frameworks used by enterprises:
Enterprise: COSO, COSO ERM, ISO/IEC 9000,
ISO/IEC 31000
IT-related: ISO/IEC 38500, ITIL, ISO/IEC 27000 series,
TOGAF, PMBOK/PRINCE2, CMMI
This allows the enterprise to use COBIT 5 as the
overarching governance and management framework
integrator.
ISACA plans a capability to facilitate COBIT user mapping
of practices and activities to third-party references.
23
24. 4. Enabling a Holistic Approach
Principle 4. Enabling a Holistic Approach
COBIT 5 enablers are:
Factors that, individually and collectively, influence
whether something will work—in the case of COBIT,
governance and management over enterprise IT
Driven by the goals cascade, i.e., higher-level IT-related
goals define what the different enablers should achieve
Described by the COBIT 5 framework in seven
categories
24
26. 4. Enabling a Holistic Approach (cont.)
Principle 4. Enabling a Holistic Approach:
1. Processes—Describe an organised set of practices and activities to achieve
certain objectives and produce a set of outputs in support of achieving overall
IT-related goals
2. Organisational structures—Are the key decision-making entities in an
organisation
3. Culture, ethics and behaviour—Of individuals and of the organisation; very
often underestimated as a success factor in governance and management
activities
4. Principles, policies and frameworks—Are the vehicles to translate the desired
behaviour into practical guidance for day-to-day management
5. Information—Is pervasive throughout any organisation, i.e., deals with all
information produced and used by the enterprise. Information is required for
keeping the organisation running and well governed, but at the operational level,
information is very often the key product of the enterprise itself.
6. Services, infrastructure and applications—Include the infrastructure,
technology and applications that provide the enterprise with information
technology processing and services
7. People, skills and competencies—Are linked to people and are required for
successful completion of all activities and for making correct decisions and
taking corrective actions
26
27. 4. Enabling a Holistic Approach (cont).
Principle 4. Enabling a Holistic Approach:
Systemic governance and management through
interconnected enablers—To achieve the main objectives of
the enterprise, it must always consider an interconnected set
of enablers, i.e., each enabler:
Needs the input of other enablers to be fully effective,
e.g., processes need information, organisational structures
need skills and behaviour
Delivers output to the benefit of other enablers, e.g.,
processes deliver information, skills and behaviour make
processes efficient
This is a KEY principle emerging from the ISACA
development work around the Business Model for
Information Security (BMIS).
27
29. 5. Separating Governance From Management
Principle 5. Separating Governance From Management:
The COBIT 5 framework makes a clear distinction
between governance and management.
These two disciplines:
Encompass different types of activities
Require different organisational structures
Serve different purposes
Governance—In most enterprises, governance is the
responsibility of the board of directors under the
leadership of the chairperson.
Management—In most enterprises, management is the
responsibility of the executive management under the
leadership of the CEO.
29
30. 5. Separating Governance From Management (cont.)
Principle 5. Separating Governance From
Management:
•Governance ensures that stakeholders needs, conditions
and options are evaluated to determine balanced, agreed-on
enterprise objectives to be achieved; setting direction
through prioritisation and decision making; and
monitoring performance and compliance against agreed-on
direction and objectives (EDM).
•Management plans, builds, runs and monitors
activities in alignment with the direction set by the
governance body to achieve the enterprise objectives
(PBRM).
30
32. 5. Separating Governance From Management (cont.)
Principle 5. Separating Governance from Management:
The COBIT 5 framework describes seven categories of
enablers (Principle 4). Processes are one category.
An enterprise can organise its processes as it sees fit, as
long as all necessary governance and management
objectives are covered. Smaller enterprises may have
fewer processes; larger and more complex enterprises
may have many processes, all to cover the same
objectives.
COBIT 5 includes a process reference model (PRM),
which defines and describes in detail a number of
governance and management processes. The details of
this specific enabler model can be found in the COBIT 5:
Enabling Processes volume.
32
33.
34. COBIT 5: Enabling Processes
COBIT 5: Enabling Processes complements COBIT 5
and contains a detailed reference guide to the processes
that are defined in the COBIT 5 process reference model:
In Chapter 2, the COBIT 5 goals cascade is
recapitulated and complemented with a set of example
metrics for the enterprise goals and the IT-related goals.
In Chapter 3, the COBIT 5 process model is explained
and its components defined.
Chapter 4 shows the diagram of this process reference
model.
Chapter 5 contains the detailed process information for
all 37 COBIT 5 processes in the process reference
model.
34
37. COBIT 5: Enabling Processes (Cont.)
COBIT 5: Enabling Processes:
• The COBIT 5 process reference model subdivides the IT-related
practices and activities of the enterprise into two
main areas—governance and management— with
management further divided into domains of processes:
• The GOVERNANCE domain contains five
governance processes; within each process, evaluate,
direct and monitor (EDM) practices are defined.
• The four MANAGEMENT domains are in line with
the responsibility areas of plan, build, run and monitor
(PBRM).
37
38.
39. COBIT 5 Implementation
• The improvement of the governance of enterprise IT
(GEIT) is widely recognised by top management as an
essential part of enterprise governance.
• Information and the pervasiveness of information
technology are increasingly part of every aspect of
business and public life.
• The need to drive more value from IT investments and
manage an increasing array of IT-related risk has never
been greater.
• Increasing regulation and legislation over business use of
information is also driving heightened awareness of the
importance of a well-governed and managed IT
environment.
39
40. COBIT 5 Implementation (cont.)
• ISACA has developed the COBIT 5 framework to help
enterprises implement sound governance enablers.
Indeed, implementing good GEIT is almost impossible
without engaging an effective governance framework.
Best practices and standards are also available to underpin
COBIT 5.
• Frameworks, best practices and standards are useful only
if they are adopted and adapted effectively. There are
challenges that need to be overcome and issues that need
to be addressed if GEIT is to be implemented
successfully.
• COBIT 5: Implementation provides guidance on how
to do this.
40
41. COBIT 5 Implementation (cont.)
• COBIT 5: Implementation covers the following subjects:
• Positioning GEIT within an enterprise
• Taking the first steps towards improving GEIT
• Implementation challenges and success factors
• Enabling GEIT-related organisational and behavioural
change
• Implementing continual improvement that includes
change enablement and programme management
• Using COBIT 5 and its components
41