Uploaded byssusercf2d3e
81 views

COBITlaminate_online_RD3 introduction overview

The document provides an overview of the updated COBIT 2019 framework, aimed at enhancing enterprise governance of information and technology. It discusses governance and management objectives, design factors, and implementation guidance to tailor solutions for various enterprise needs. Additionally, it emphasizes the importance of aligning IT strategies with business goals and ensuring compliance and risk management across stakeholders.

Embed presentation

Download to read offline
2019 • Enterprise strategy • Enterprise goals • Enterprise size • Role of IT • Sourcing model for IT • Compliance requirements • Etc. • SME • Security • Risk • DevOps • Etc. ➢ Priority governance and management objectives ➢ Specific guidance from focus areas ➢ Target capability and performance management guidance Design Factors COBIT 5 Inputs to COBIT 2019 COBIT 2019 Community Contribution Standards, Frameworks, Regulations COBIT Core Publications Focus Area Tailored Enterprise Governance System for Information and Technology COBIT Core Reference Model of Governance and Management Objectives COBIT® 2019 Framework: Introduction and Methodology COBIT® 2019 Framework: Governance and Management Objectives COBIT® 2019 Design Guide: Designing an Information and Technology Governance Solution COBIT® 2019 Implementation Guide: Implementing and Optimizing an Information and Technology Governance Solution EDM01—Ensured Governance Framework Setting and Maintenance APO01—Managed I&T Management Framework APO08—Managed Relationships APO02—Managed Strategy APO09—Managed Service Agreements APO03—Managed Enterprise Architecture APO10—Managed Vendors APO04—Managed Innovation APO11—Managed Quality APO05—Managed Portfolio APO12—Managed Risk APO06—Managed Budget and Costs APO07—Managed Human Resources APO014—Managed Data MEA01—Managed Performance and Conformance Monitoring MEA02—Managed System of Internal Control MEA03—Managed Compliance with External Requirements MEA04—Managed Assurance APO13—Managed Security DSS01—Managed Operations DSS02—Managed Service Requests and Incidents DSS03—Managed Problems DSS04—Managed Continuity DSS05—Managed Security Services DSS06—Managed Business Process Controls BAI01—Managed Programs BAI08—Managed Knowledge BAI02—Managed Requirements Definition BAI09—Managed Assets BAI03—Manage Solutions Identification and Build BAI10—Managed Configuration BAI04—Managed Availability and Capacity BAI11—Managed Projects BAI05—Managed Organizational Change BAI06—Managed IT Changes BAI07—Managed IT Change Acceptance and Transitioning EDM02—Ensured Benefits Delivery EDM03—Ensured Risk Optimization EDM04—Ensured Resource Optimization EDM05—Ensured Stakeholder Engagement Figure 4.1 COBIT Overview © 2018 ISACA. All Rights Reserved.
1. Provide Stakeholder Value 2. Holistic Approach 3. Dynamic Governance System 4. Governance Distinct From Management 5. Tailored to Enterprise Needs 6. End-to-End Governance System Figure 2.1 COBIT Stakeholders Figure 3.1 Governance System Principles Figure 3.2 Governance Framework Principles Stakeholder Benefit of COBIT Internal Stakeholders Boards Provides insights on how to get value from the use of I&T and explains relevant board responsibilities Executive Management Provides guidance on how to organize and monitor performance of I&T across the enterprise Business Managers Helps to understand how to obtain the I&T solutions enterprises require and how best to exploit new technology for new strategic opportunities IT Managers Provides guidance on how best to build and structure the IT department, manage performance of IT, run an efficient and effective IT operation, control IT costs, align IT strategy to business priorities, etc. Assurance Providers Helps manage dependency on external service providers, get assurance over IT, and ensure the existence of an effective and efficient system of interal controls Risk Management Helps to ensure the identitication and management of all IT-related risk External Stakeholders Regulators Helps to ensure the enterprise is compliant with applicable rules and regulations and has the right governance system in place to manage and sustain compliance Business Partners Helps to ensure that a business partner’s operations are secure, reliable and compliant with applicable rules and regulations IT Vendors Helps to ensure that an IT vendor’s operations are secure, relaible and compliant with applicable rules and regulations 1. Based on Conceptual Model 2. Open and Flexible 3. Aligned to Major Standards © 2018 ISACA. All Rights Reserved.
Processes Services, Infrastructure and Applications Organizational Structures Culture, Ethics and Behavior Information People, Skills and Competencies Principles, Policies, Procedures Governance System Figure 4.3 COBIT Components of a Governance System Stakeholder Drivers and Needs Enterprise Goals Alignment Goals Governance and Management Objectives Cascade to Cascade to Cascade to Figure 4.16 COBIT Goals Cascade © 2018 ISACA. All Rights Reserved.
2019 INTERNATIONAL HE ADQUARTERS 1700 E. Golf Road | Suite 400 Schaumburg, IL 60173 | USA isaca.org © 2018 ISACA. All Rights Reserved. EDM01—Ensured Governance Framework Setting and Maintenance APO01—Managed I&T Management Framework APO08—Managed Relationships APO02—Managed Strategy APO09—Managed Service Agreements APO03—Managed Enterprise Architecture APO10—Managed Vendors APO04—Managed Innovation APO11—Managed Quality APO05—Managed Portfolio APO12—Managed Risk APO06—Managed Budget and Costs APO07—Managed Human Resources APO014—Managed Data MEA01—Managed Performance and Conformance Monitoring MEA02—Managed System of Internal Control MEA03—Managed Compliance With External Requirements MEA04—Managed Assurance APO13—Managed Security DSS01—Managed Operations DSS02—Managed Service Requests and Incidents DSS03—Managed Problems DSS04—Managed Continuity DSS05—Managed Security Services DSS06—Managed Business Process Controls BAI01—Managed Programs BAI08—Managed Knowledge BAI02—Managed Requirements Definition BAI09—Managed Assets BAI03—Managed Solutions Identification and Build BAI10—Managed Configuration BAI04—Managed Availability and Capacity BAI11—Managed Projects BAI05—Managed Organizational Change BAI06—Managed IT Changes BAI07—Managed IT Change Acceptance and Transitioning EDM02—Ensured Benefits Delivery EDM03—Ensured Risk Optimization EDM04—Ensured Resource Optimization EDM05—Ensured Stakeholder Engagement Figure 4.2 COBIT Core Model
1. Management Objective Priority and Target Capability Levels 3. Specific Focus Areas 2. Component Variations Design Factors’ Impact Future Factors Enterprise Strategy Enterprise Goals Risk Profile I&T-Related Issues Threat Landscape Compliance Requirements Role of IT Sourcing Model for IT IT Implementation Methods Technology Adoption Strategy Enterprise Size Figure 4.4 COBIT Design Factors Figure 7.1 Impact of Design Factors on a Governance and Management System © 2018 ISACA. All Rights Reserved. The globally recognized COBIT Framework, which helps ensure effective enterprise governance of infor- mation and technology, has been updated with new information and guidance, facilitating easier, tailored implementation—strengthening COBIT’s continuing role as an important driver of innovation and business transformation. This document provides an overview of the COBIT® 2019 guidance. This excerpt is available as a complimentary PDF at www.isaca.org/COBIT and for purchase in hard copy at www.isaca.org/bookstore. We encourage you to share this document with your enterprise leaders, team members, clients and/or consultants. Additional information is available at isaca.org/COBIT.
1. Understand the enterprise context and strategy. 2. Determine the initial scope of the governance system. 3. Refine the scope of the governance system. 4. Conclude the governance system design. • 1.1 Understand enterprise strategy. • 1.2 Understand enterprise goals. • 1.3 Understand the risk profile. • 1.4 Understand current I&T-related issues. • 2.1 Consider enterprise strategy. • 2.2 Consider enterprise goals and apply the COBIT goals cascade. • 2.3 Consider the risk profile of the enterprise. • 2.4 Consider current I&T-related issues. • 3.1 Consider the threat landscape. • 3.2 Consider compliance requirements. • 3.3 Consider the role of IT. • 3.4 Consider the sourcing model. • 3.5 Consider IT implementation methods. • 3.6 Consider the IT adoption strategy. • 3.7 Consider enterprise size. • 4.1 Resolve inherent priority conflicts. • 4.2 Conclude the governance system design. the momentum going? 7 How do we keep 6 D i d w e g e t t h e r e ? 5 H o w d o w e g e t there? 4 What needs to be done? 3 Wher e d o w e w a n t t o b e ? 2 W h e r e a r e w e n o w ? 1 What are the drivers? • Program management (outer ring) • Change enablement (middle ring) • Continual improvement life cycle (inner ring) Initiate program D e f i n e p r o b l e m s a n d o p p o r t u n i t i e s Defin e r o a d m a p Plan program E x e c u t e p lan R e a l i z e b e n e f i t s Review effectiveness O p e r a t e Identify role Com m u n i c a t e t e a m to change a n d u s e players o u t c o m e F o r m i m p l e m e n t a t i o n Establish desire E m b e d n e w Sustain a p p r o a c h e s I m p l e m ent improvements s t a t e A s s e s s Recognize Monitor O p e r a t e i m p r o v e m ents Build ta r g e t c u r r e n t need to and a n d De f i n e s t a t e act evaluate m e a s u r e Figure 7.2 Governance System Design Workflow Figure 8.1 COBIT Implementation Road Map © 2018 ISACA. All Rights Reserved.

More Related Content

PPTX
Introduction to COBIT 2019 and IT management
byChristian F. Nissen
 
PDF
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
byMark Constable
 
PPTX
Cobit 2019 framework by ISACA
byMDFazlaRabbiAbir
 
PPTX
Introduction to COBIT 5 and IT management
byChristian F. Nissen
 
PDF
COBIT 2019 Overview_v1.1.pdf
byMartinPatrici
 
PDF
cobit-2019 introduction overview for student
byssusercf2d3e
 
PPTX
COBIT stands for (Control Objectives for Information and Related Technology
byMahmoudElmahdy23
 
PDF
Qap cobit2019-20181111
byPatrick Soenen
 
Introduction to COBIT 2019 and IT management
byChristian F. Nissen
 
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
byMark Constable
 
Cobit 2019 framework by ISACA
byMDFazlaRabbiAbir
 
Introduction to COBIT 5 and IT management
byChristian F. Nissen
 
COBIT 2019 Overview_v1.1.pdf
byMartinPatrici
 
cobit-2019 introduction overview for student
byssusercf2d3e
 
COBIT stands for (Control Objectives for Information and Related Technology
byMahmoudElmahdy23
 
Qap cobit2019-20181111
byPatrick Soenen
 

Similar to COBITlaminate_online_RD3 introduction overview

PPTX
Cobit5
byISACA-Istanbul
 
PPTX
COBIT 2019 - DIGITAL TRUST FRAMEWORK
byMaganathin Veeraragaloo
 
PDF
COBIT 2019 Executive Summary -COBIT 2019
byssusercf2d3e
 
PDF
COBIT 2019 Executive Summary_v1.1 .pdf
byDiegoIvanAlvaradoVel
 
PPT
This one cobit_introduction cobit notes.ppt
bykong100
 
PDF
Struktur Komponen, Area Fokus, Faktor Desain.pdf
byDhata Praditya
 
PDF
An Introduction to IT Management with COBIT 2019
byGregor Polančič
 
PPSX
IT Governance - COBIT Perspective
bySayyed Zakir Ali Rizwe
 
PDF
cobit 2019 -current-user - ISACA Publication
byThilak Pathirage -Senior IT Gov and Risk Consultant
 
PDF
Cobit_5_Checklist.pdf
byAmeur BENTOUTA
 
PDF
It governance & cobit 5
byLaddawan Rattanaruang
 
DOCX
ITS 833 – INFORMATION GOVERNANCEChapter 10 - Information Go.docx
bydonnajames55
 
DOCX
ITS 833 – INFORMATION GOVERNANCEChapter 10 - Information Go.docx
byvrickens
 
PDF
Syllabus-COBIT-2019-Foundation-EN.pdf training
byssusercf2d3e
 
PDF
Cobit5 laminate
byclaudiocj7
 
PPTX
Cobit 5 Business Framework -Governance and Management of Enterprise IT
byBalasubramanian.C PMP®,ITIL®,PRINCE2®,COBIT®5
 
PPTX
COBIT-2019-Executive-Summary_v1.0.pptx
bytonydwisusanto2
 
PPT
D3a_Cobit_Presentation_use_in_class.pptenterprise information technology reso...
byPhaneendraSai3
 
PPTX
COBIT Intor.pptx
bycassimjuma08
 
PPTX
COBIT Approach to Maintain Healthy Cyber Security Status Using NIST - CSF
byaqel aqel
 
Cobit5
byISACA-Istanbul
 
COBIT 2019 - DIGITAL TRUST FRAMEWORK
byMaganathin Veeraragaloo
 
COBIT 2019 Executive Summary -COBIT 2019
byssusercf2d3e
 
COBIT 2019 Executive Summary_v1.1 .pdf
byDiegoIvanAlvaradoVel
 
This one cobit_introduction cobit notes.ppt
bykong100
 
Struktur Komponen, Area Fokus, Faktor Desain.pdf
byDhata Praditya
 
An Introduction to IT Management with COBIT 2019
byGregor Polančič
 
IT Governance - COBIT Perspective
bySayyed Zakir Ali Rizwe
 
cobit 2019 -current-user - ISACA Publication
byThilak Pathirage -Senior IT Gov and Risk Consultant
 
Cobit_5_Checklist.pdf
byAmeur BENTOUTA
 
It governance & cobit 5
byLaddawan Rattanaruang
 
ITS 833 – INFORMATION GOVERNANCEChapter 10 - Information Go.docx
bydonnajames55
 
ITS 833 – INFORMATION GOVERNANCEChapter 10 - Information Go.docx
byvrickens
 
Syllabus-COBIT-2019-Foundation-EN.pdf training
byssusercf2d3e
 
Cobit5 laminate
byclaudiocj7
 
Cobit 5 Business Framework -Governance and Management of Enterprise IT
byBalasubramanian.C PMP®,ITIL®,PRINCE2®,COBIT®5
 
COBIT-2019-Executive-Summary_v1.0.pptx
bytonydwisusanto2
 
D3a_Cobit_Presentation_use_in_class.pptenterprise information technology reso...
byPhaneendraSai3
 
COBIT Intor.pptx
bycassimjuma08
 
COBIT Approach to Maintain Healthy Cyber Security Status Using NIST - CSF
byaqel aqel
 

Recently uploaded

PDF
Using-pension-savings-to-support-home-ownership.pdf
byHenry Tapper
 
PPTX
Exterior Front Entry Door Design Trends, 2025–2026
bydoornmore
 
PDF
9 Best Sites to Buy Old Gmail Accounts (PVA & Aged).pdf
byhttps://propvaservice.com/product/buy-old-gmail-accounts/
 
PDF
Equinox Gold - January Investor Presentation.pdf
byEquinox Gold Corp.
 
DOCX
Why Should I Buy Old Gmail Accounts_losangeless _______________.docx
byjoshuabellc7
 
PDF
Where to Buy Gmail Accounts Online: A 2026 Guide
byusaseoshops
 
DOCX
How to Buy EDU Email Accounts in 2026.docx
byDigital Marketing in the USA
 
PDF
Kirill Klip GEM Royalty TNR Gold Copper Presentation
byKirill Klip
 
DOCX
_18 Buying USA LinkedIn Accounts Can Boost Your Social.docx
bytimofeyzhuravlev1
 
PDF
Camil Institutional Presentation_Jan26.pdf
byCAMILRI
 
PPTX
Yurii Chaika: Бізнес-цінність ПМО в різних типах бізнесу та моделях компанії ...
byLviv Startup Club
 
DOCX
Buy Verified PayPal Accounts for Secure Online Use docx
bymugdhobiswas17
 
PDF
_The Ultimate Guide to Buying Twitter Accounts Safely.pdf
byp7u0tz3g7favwxkjrlwm
 
PDF
Content Intelligence Sample - Measuring Content Effectiveness
byContent Science
 
PPTX
PDYN Investor Presentation - January 2026.pptx
byPalladyne AI
 
PDF
IFS state pension.pdf From IFS and Oxford
byHenry Tapper
 
PPTX
Thermal Energy International - TMG - Q2 2026 Earnings Call
byMarketing847413
 
DOCX
Buy Verified PayPal Account Online_ A Comprehensive ....docx
byBusiness
 
DOCX
Top 10 Sites to Buy Aged Snapchat Accounts in 2026.docx
byBuyGmailAccounts10
 
DOCX
How To Buy LinkedIn Accounts – 100% PVA, Aged & Bulk..docx
byhttps://pvaallit.com/product/buy-old-gmail-accounts/
 
Using-pension-savings-to-support-home-ownership.pdf
byHenry Tapper
 
Exterior Front Entry Door Design Trends, 2025–2026
bydoornmore
 
9 Best Sites to Buy Old Gmail Accounts (PVA & Aged).pdf
byhttps://propvaservice.com/product/buy-old-gmail-accounts/
 
Equinox Gold - January Investor Presentation.pdf
byEquinox Gold Corp.
 
Why Should I Buy Old Gmail Accounts_losangeless _______________.docx
byjoshuabellc7
 
Where to Buy Gmail Accounts Online: A 2026 Guide
byusaseoshops
 
How to Buy EDU Email Accounts in 2026.docx
byDigital Marketing in the USA
 
Kirill Klip GEM Royalty TNR Gold Copper Presentation
byKirill Klip
 
_18 Buying USA LinkedIn Accounts Can Boost Your Social.docx
bytimofeyzhuravlev1
 
Camil Institutional Presentation_Jan26.pdf
byCAMILRI
 
Yurii Chaika: Бізнес-цінність ПМО в різних типах бізнесу та моделях компанії ...
byLviv Startup Club
 
Buy Verified PayPal Accounts for Secure Online Use docx
bymugdhobiswas17
 
_The Ultimate Guide to Buying Twitter Accounts Safely.pdf
byp7u0tz3g7favwxkjrlwm
 
Content Intelligence Sample - Measuring Content Effectiveness
byContent Science
 
PDYN Investor Presentation - January 2026.pptx
byPalladyne AI
 
IFS state pension.pdf From IFS and Oxford
byHenry Tapper
 
Thermal Energy International - TMG - Q2 2026 Earnings Call
byMarketing847413
 
Buy Verified PayPal Account Online_ A Comprehensive ....docx
byBusiness
 
Top 10 Sites to Buy Aged Snapchat Accounts in 2026.docx
byBuyGmailAccounts10
 
How To Buy LinkedIn Accounts – 100% PVA, Aged & Bulk..docx
byhttps://pvaallit.com/product/buy-old-gmail-accounts/
 

COBITlaminate_online_RD3 introduction overview

  • 1.
    2019 • Enterprise strategy •Enterprise goals • Enterprise size • Role of IT • Sourcing model for IT • Compliance requirements • Etc. • SME • Security • Risk • DevOps • Etc. ➢ Priority governance and management objectives ➢ Specific guidance from focus areas ➢ Target capability and performance management guidance Design Factors COBIT 5 Inputs to COBIT 2019 COBIT 2019 Community Contribution Standards, Frameworks, Regulations COBIT Core Publications Focus Area Tailored Enterprise Governance System for Information and Technology COBIT Core Reference Model of Governance and Management Objectives COBIT® 2019 Framework: Introduction and Methodology COBIT® 2019 Framework: Governance and Management Objectives COBIT® 2019 Design Guide: Designing an Information and Technology Governance Solution COBIT® 2019 Implementation Guide: Implementing and Optimizing an Information and Technology Governance Solution EDM01—Ensured Governance Framework Setting and Maintenance APO01—Managed I&T Management Framework APO08—Managed Relationships APO02—Managed Strategy APO09—Managed Service Agreements APO03—Managed Enterprise Architecture APO10—Managed Vendors APO04—Managed Innovation APO11—Managed Quality APO05—Managed Portfolio APO12—Managed Risk APO06—Managed Budget and Costs APO07—Managed Human Resources APO014—Managed Data MEA01—Managed Performance and Conformance Monitoring MEA02—Managed System of Internal Control MEA03—Managed Compliance with External Requirements MEA04—Managed Assurance APO13—Managed Security DSS01—Managed Operations DSS02—Managed Service Requests and Incidents DSS03—Managed Problems DSS04—Managed Continuity DSS05—Managed Security Services DSS06—Managed Business Process Controls BAI01—Managed Programs BAI08—Managed Knowledge BAI02—Managed Requirements Definition BAI09—Managed Assets BAI03—Manage Solutions Identification and Build BAI10—Managed Configuration BAI04—Managed Availability and Capacity BAI11—Managed Projects BAI05—Managed Organizational Change BAI06—Managed IT Changes BAI07—Managed IT Change Acceptance and Transitioning EDM02—Ensured Benefits Delivery EDM03—Ensured Risk Optimization EDM04—Ensured Resource Optimization EDM05—Ensured Stakeholder Engagement Figure 4.1 COBIT Overview © 2018 ISACA. All Rights Reserved.
  • 2.
    1. Provide Stakeholder Value 2. Holistic Approach 3.Dynamic Governance System 4. Governance Distinct From Management 5. Tailored to Enterprise Needs 6. End-to-End Governance System Figure 2.1 COBIT Stakeholders Figure 3.1 Governance System Principles Figure 3.2 Governance Framework Principles Stakeholder Benefit of COBIT Internal Stakeholders Boards Provides insights on how to get value from the use of I&T and explains relevant board responsibilities Executive Management Provides guidance on how to organize and monitor performance of I&T across the enterprise Business Managers Helps to understand how to obtain the I&T solutions enterprises require and how best to exploit new technology for new strategic opportunities IT Managers Provides guidance on how best to build and structure the IT department, manage performance of IT, run an efficient and effective IT operation, control IT costs, align IT strategy to business priorities, etc. Assurance Providers Helps manage dependency on external service providers, get assurance over IT, and ensure the existence of an effective and efficient system of interal controls Risk Management Helps to ensure the identitication and management of all IT-related risk External Stakeholders Regulators Helps to ensure the enterprise is compliant with applicable rules and regulations and has the right governance system in place to manage and sustain compliance Business Partners Helps to ensure that a business partner’s operations are secure, reliable and compliant with applicable rules and regulations IT Vendors Helps to ensure that an IT vendor’s operations are secure, relaible and compliant with applicable rules and regulations 1. Based on Conceptual Model 2. Open and Flexible 3. Aligned to Major Standards © 2018 ISACA. All Rights Reserved.
  • 3.
    Processes Services, Infrastructure and Applications Organizational Structures Culture, Ethics and Behavior Information People, Skills and Competencies Principles, Policies, Procedures Governance System Figure4.3 COBIT Components of a Governance System Stakeholder Drivers and Needs Enterprise Goals Alignment Goals Governance and Management Objectives Cascade to Cascade to Cascade to Figure 4.16 COBIT Goals Cascade © 2018 ISACA. All Rights Reserved.
  • 4.
    2019 INTERNATIONAL HE ADQUARTERS 1700E. Golf Road | Suite 400 Schaumburg, IL 60173 | USA isaca.org © 2018 ISACA. All Rights Reserved. EDM01—Ensured Governance Framework Setting and Maintenance APO01—Managed I&T Management Framework APO08—Managed Relationships APO02—Managed Strategy APO09—Managed Service Agreements APO03—Managed Enterprise Architecture APO10—Managed Vendors APO04—Managed Innovation APO11—Managed Quality APO05—Managed Portfolio APO12—Managed Risk APO06—Managed Budget and Costs APO07—Managed Human Resources APO014—Managed Data MEA01—Managed Performance and Conformance Monitoring MEA02—Managed System of Internal Control MEA03—Managed Compliance With External Requirements MEA04—Managed Assurance APO13—Managed Security DSS01—Managed Operations DSS02—Managed Service Requests and Incidents DSS03—Managed Problems DSS04—Managed Continuity DSS05—Managed Security Services DSS06—Managed Business Process Controls BAI01—Managed Programs BAI08—Managed Knowledge BAI02—Managed Requirements Definition BAI09—Managed Assets BAI03—Managed Solutions Identification and Build BAI10—Managed Configuration BAI04—Managed Availability and Capacity BAI11—Managed Projects BAI05—Managed Organizational Change BAI06—Managed IT Changes BAI07—Managed IT Change Acceptance and Transitioning EDM02—Ensured Benefits Delivery EDM03—Ensured Risk Optimization EDM04—Ensured Resource Optimization EDM05—Ensured Stakeholder Engagement Figure 4.2 COBIT Core Model
  • 5.
    1. Management Objective Priority and Target Capability Levels 3.Specific Focus Areas 2. Component Variations Design Factors’ Impact Future Factors Enterprise Strategy Enterprise Goals Risk Profile I&T-Related Issues Threat Landscape Compliance Requirements Role of IT Sourcing Model for IT IT Implementation Methods Technology Adoption Strategy Enterprise Size Figure 4.4 COBIT Design Factors Figure 7.1 Impact of Design Factors on a Governance and Management System © 2018 ISACA. All Rights Reserved. The globally recognized COBIT Framework, which helps ensure effective enterprise governance of infor- mation and technology, has been updated with new information and guidance, facilitating easier, tailored implementation—strengthening COBIT’s continuing role as an important driver of innovation and business transformation. This document provides an overview of the COBIT® 2019 guidance. This excerpt is available as a complimentary PDF at www.isaca.org/COBIT and for purchase in hard copy at www.isaca.org/bookstore. We encourage you to share this document with your enterprise leaders, team members, clients and/or consultants. Additional information is available at isaca.org/COBIT.
  • 6.
    1. Understand the enterprise contextand strategy. 2. Determine the initial scope of the governance system. 3. Refine the scope of the governance system. 4. Conclude the governance system design. • 1.1 Understand enterprise strategy. • 1.2 Understand enterprise goals. • 1.3 Understand the risk profile. • 1.4 Understand current I&T-related issues. • 2.1 Consider enterprise strategy. • 2.2 Consider enterprise goals and apply the COBIT goals cascade. • 2.3 Consider the risk profile of the enterprise. • 2.4 Consider current I&T-related issues. • 3.1 Consider the threat landscape. • 3.2 Consider compliance requirements. • 3.3 Consider the role of IT. • 3.4 Consider the sourcing model. • 3.5 Consider IT implementation methods. • 3.6 Consider the IT adoption strategy. • 3.7 Consider enterprise size. • 4.1 Resolve inherent priority conflicts. • 4.2 Conclude the governance system design. the momentum going? 7 How do we keep 6 D i d w e g e t t h e r e ? 5 H o w d o w e g e t there? 4 What needs to be done? 3 Wher e d o w e w a n t t o b e ? 2 W h e r e a r e w e n o w ? 1 What are the drivers? • Program management (outer ring) • Change enablement (middle ring) • Continual improvement life cycle (inner ring) Initiate program D e f i n e p r o b l e m s a n d o p p o r t u n i t i e s Defin e r o a d m a p Plan program E x e c u t e p lan R e a l i z e b e n e f i t s Review effectiveness O p e r a t e Identify role Com m u n i c a t e t e a m to change a n d u s e players o u t c o m e F o r m i m p l e m e n t a t i o n Establish desire E m b e d n e w Sustain a p p r o a c h e s I m p l e m ent improvements s t a t e A s s e s s Recognize Monitor O p e r a t e i m p r o v e m ents Build ta r g e t c u r r e n t need to and a n d De f i n e s t a t e act evaluate m e a s u r e Figure 7.2 Governance System Design Workflow Figure 8.1 COBIT Implementation Road Map © 2018 ISACA. All Rights Reserved.