Each implementation approach needs to address specific challenges, including managing changes to culture and behavior

1. COBIT 5
ImplementationGuidance
Eng. Mohammad Reda Katby
Solutions Architect

2. Introduction
 Each implementation approach needs to address specific
challenges, including managing changes to culture and behavior.
 The COBIT 5 Implementation publication and toolkit
contains the followings:
 Self-assessment, measurement and diagnostic tools
 Presentations aimed at various audiences
 Related articles and further explanations
Which in total comprise good practices and assist in creation of
successful outcomes

3. Introduction
Topics from COBIT 5 Implementation:
 Recognising typical pain points and trigger events
 Creating the appropriate environment for implementation
 Leveraging COBIT to identify gaps and guide the development of
enablers

4. Considering
the Enterprise
Context
Depending on the following enterprise’s specific internal and external
environment factors the road map or plan implementation is designed:
 Ethics and culture
 Applicable laws, regulations and policies
 Mission, vision and values
 Governance policies and practices
 Business plan and strategic intentions
 Operating model and level of maturity
 Management style
 Risk appetite
 Capabilities and available resources
 Industry practices

5. Considering
the Enterprise
Context
Key success factors for successful implementation include:
 Top management providing the direction and mandate for the initiative, as well as
visible ongoing commitment and support
 All parties supporting the governance and management processes to understand
the business and IT objectives
 Ensuring effective communication and enablement of the necessary changes
 Tailoring COBIT and other supporting good practices and standards to fit the
unique context of the enterprise
 Focusing on quick wins and prioritizing the most beneficial improvements that are
easiest to implement

6. Creating the
Appropriate
Environment
1
• Collect Requirement based on pain points and
drivers
2
• Obtain commitment
3
• Build resources to support the programme
4
• Establish Structures and Process
5
• ‘tone at the top’ from board and executives

7. Recognizing
Pain Points and
Trigger Events
Examples of some of the typical pain points as identified in COBIT 5
Implementation, are:
 Significant incidents related to IT risk, such as data loss or project failure
 Outsourcing service delivery problems, such as consistent failure to
meet agreed-on service levels
 Insufficient IT resources, staff with inadequate skills or staff
burnout/dissatisfaction
 IT-enabled changes failing to meet business needs and delivered late or
over budget

8. Enabling
Change
 Successful implementation depends on implementing the
 AppropriateChange (Governance and Management) in the
 AppropriateWay (Human, behavioral and cultural aspect) focus
must be on the second as deep as on the first.
 Possibility of ignorance and/or resistance to change needs to be
address through a structured and proactive approach.
 Communication plan must defines what will be communicated, in
what way, and by whom, throughout the various phases
 Human, behavioral and cultural barriers need to be overcome BY
 Gaining the commitment of the stakeholders (Invest in winning
hearts and minds, leaders' time, and communicating and responding
to workforce)
 Enforcing the compliance (Invest in processes to administer, monitor
and enforce)
TO
 Instil a will to adopt change
 Ensure the ability to adopt change

9. A LifeCycle
Approach
 Life cycle provides a way for enterprises to use COBIT to address
the complexity and challenges typically encountered during
implementations.
 The three interrelated components of the life cycle are the:
1. Core continual improvement life cycle—This is not a one-off
project.
2. Enablement of change—Addressing the behavioral and cultural
aspects
3. Management of the programme

10. A LifeCycle
Approach

11. A LifeCycle
Approach
1. What are the drivers?
Identifies current pain-points/triggers to create change at executive
management levels
2. Where are we now?
Uses Mapping Enterprise Goals to define the scope of implementation
(long less than 6-monthes)
3. Where do we want to be?
Identifies gaps and potential solutions, and Set improvement target.
4. What needs to be done?
Develops change plan for implementation, and Plan practical solutions

12. A LifeCycle
Approach
5. How do we get there?
Implements the proposed solutions into day-to-day practices,
measure, and monitor
6. Did we get there?
Focuses on sustainable operation, and monitor the achievement of
expected benefits
7. How do we keep the momentum going?
Reviews overall success of the initiative, Identifies emerged
requirements for the governance and/or management, and Reinforce
continual improvement
Over time, the life cycle should be followed iteratively while building
a sustainable approach to the governance and management of
enterprise IT.