References <ul><li>COBIT Student Book </li></ul><ul><li>www.isaca.org/cobit </li></ul><ul><li>Cobit Transforming Enterpris...
Why does IT need an IT control  framework? What does Cobit do? How does Cobit support the governance of IT? Who needs an I...
   2009 ISACA All Rights reserved.  Is my information technology organisation  doing the right things? Are we  doing them...
<ul><li>Enterprises are sacrificing  money, productivity and  competitive advantage by not  implementing effective IT  gov...
What does COBIT do? <ul><li>Improves IT efficiency and effectiveness </li></ul><ul><li>Helps IT understand the needs of th...
How does COBIT support the governance of IT? <ul><li>COBIT support IT governance by providing a framework to ensure that: ...
<ul><li>The benefits of implementing COBIT include: </li></ul><ul><li>A common language for executives, management and ITp...
<ul><li>Board and Executive </li></ul><ul><ul><li>To ensure management follows and implements the strategic direction for ...
<ul><li>Accepted globally as a set of tools that ensures IT is working effectively </li></ul><ul><li>Functions as an overa...
The C OBI T Framework <ul><li>The C OBI T framework explained: </li></ul><ul><ul><ul><ul><ul><li>Business focus </li></ul>...
<ul><li>Starts from the premise that IT needs to deliver the information that the enterprise needs to achieve its objectiv...
<ul><li>“ In order to provide the information that the organisation needs to achieve its objectives, IT resources need to ...
Upcoming SlideShare
Loading in …5
×

01 intro-cobit

490 views

Published on

Published in: Business, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
490
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
24
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • When we think about C OBI T and IT governance at the most fundamental level, there are four questions that every leader asks him or herself when it comes to IT initiatives: Is my IT organisation doing the right things? Are we doing them the right way? Are we getting them done well? Are we getting the benefits? Using the maturity models developed for each of C OBI T’s 34 IT processes, management can identify: • The actual performance of the enterprise—Where the enterprise is today • The current status of the industry—The comparison • The enterprise’s target for improvement—Where the enterprise wants to be • The required growth path between ‘as-is’ and ‘to-be’
  • IT governance goes a long way towards bridging the gap between corporate expectations and perceptions of the IT function. The need for top management direction and oversight regarding the value of IT and the management of IT-related risks are now understood as key elements of governance. Value, risk and control constitute the core of IT governance. IT governance consists of the leadership, organisational structures and processes that ensure that the enterprise’s IT sustains and extends the enterprise’s strategies and objectives. Governance is not the sole responsibility of the CIO; it is the responsibility of an enterprise’s top executives and board of directors. Successful enterprises understand the risks and exploit the benefits of IT and find ways to deal with: • Aligning IT strategy with the business strategy • Ensuring investors and stakeholders that a ‘standard of due care’ around mitigating IT risks is being met by the enterprise • Providing organisational structures that facilitate the implementation of strategy and goals • Measuring IT’s performance These are the benefits of sound IT governance.
  • The C OBI T mission is to research, continually update, publicise and promote an authoritative, internationally accepted IT governance control framework for adoption by enterprises and day-to-day use by business managers, IT professionals and assurance professionals. Now in its 4.1 release, the framework has been used successfully by IT organisations and business executives in many industries and of many sizes. C OBI T provides a common language to communicate goals, objectives and expected results. A common language benefits all levels of IT, including management and stakeholders.
  • 01 intro-cobit

    1. 2. References <ul><li>COBIT Student Book </li></ul><ul><li>www.isaca.org/cobit </li></ul><ul><li>Cobit Transforming Enterprise IT by ISACA, 2009 </li></ul>
    2. 3. Why does IT need an IT control framework? What does Cobit do? How does Cobit support the governance of IT? Who needs an IT control framework? What are the benefits of implementing Cobit?
    3. 4.  2009 ISACA All Rights reserved. Is my information technology organisation doing the right things? Are we doing them the right way? Are we getting them done well? Are we getting the benefits? * * Based on the “Four Ares” as described by John Thorp in his book The Information Paradox, written jointly with Fujitsu, first published in 1998 and revised in 2003 COBIT answers Key Business Questions
    4. 5. <ul><li>Enterprises are sacrificing money, productivity and competitive advantage by not implementing effective IT governance </li></ul><ul><li>Executives need a better way to: </li></ul><ul><ul><li>Direct IT for optimal advantage </li></ul></ul><ul><ul><li>Measure the value provided by IT </li></ul></ul><ul><ul><li>Manage IT-related risks </li></ul></ul> 2009 ISACA All Rights reserved. Why does IT need a control framework ? IT Governance Is the Key Issue
    5. 6. What does COBIT do? <ul><li>Improves IT efficiency and effectiveness </li></ul><ul><li>Helps IT understand the needs of the business </li></ul><ul><li>Puts practices in place to meet the business needs as efficiently as possible </li></ul><ul><li>Ensure alignment of business an IT </li></ul><ul><li>Helps executives understand and manage IT investments throughout their life cycle </li></ul>
    6. 7. How does COBIT support the governance of IT? <ul><li>COBIT support IT governance by providing a framework to ensure that: </li></ul><ul><li>IT is aligned with the business </li></ul><ul><li>IT enables the business and maximizes benefits </li></ul><ul><li>IT resources are used responsibly </li></ul><ul><li>IT risks are managed appropriately </li></ul>
    7. 8. <ul><li>The benefits of implementing COBIT include: </li></ul><ul><li>A common language for executives, management and ITprofessionals </li></ul><ul><li>A better understanding of how the business and IT can work together for successful delivery of IT initiatives </li></ul><ul><li>Improved efficiency and optimization of cost </li></ul><ul><li>Reduced operational risk </li></ul><ul><li>Clear policy development </li></ul><ul><li>More efficient and successful audits </li></ul><ul><li>Clear ownership and responsibilites, based on process orientation </li></ul>What are the benefits of implementing COBIT?
    8. 9. <ul><li>Board and Executive </li></ul><ul><ul><li>To ensure management follows and implements the strategic direction for IT </li></ul></ul><ul><li>Management </li></ul><ul><ul><li>To make IT investment decisions </li></ul></ul><ul><ul><li>To balance risk and control investment </li></ul></ul><ul><ul><li>To benchmark existing and future IT environment </li></ul></ul><ul><li>Users </li></ul><ul><ul><li>To obtain assurance on security and control of products and services they acquire internally or externally </li></ul></ul><ul><li>Auditors </li></ul><ul><ul><li>To substantiate opinions to management on internal controls </li></ul></ul><ul><ul><li>To advise on what minimum controls are necessary </li></ul></ul>Who needs a control framework?
    9. 10. <ul><li>Accepted globally as a set of tools that ensures IT is working effectively </li></ul><ul><li>Functions as an overarching framework </li></ul><ul><li>Provides common language to communicate goals, objectives and expected results to all stakeholders </li></ul><ul><li>Based on, and integrates, industry standards and good practices in: </li></ul><ul><ul><li>Strategic alignment of IT with business goals </li></ul></ul><ul><ul><li>Value delivery of services and new projects </li></ul></ul><ul><ul><li>Risk management </li></ul></ul><ul><ul><li>Resource management </li></ul></ul><ul><ul><li>Performance measurement </li></ul></ul> 2009 ISACA All Rights reserved. COBIT is a Road Map to Good IT Governance
    10. 11. The C OBI T Framework <ul><li>The C OBI T framework explained: </li></ul><ul><ul><ul><ul><ul><li>Business focus </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>Process orientation </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>IT resources </li></ul></ul></ul></ul></ul>
    11. 12. <ul><li>Starts from the premise that IT needs to deliver the information that the enterprise needs to achieve its objectives </li></ul><ul><li>Promotes process focus and process ownership </li></ul><ul><li>Divides IT into 34 processes belonging to four domains and provides a high-level control objective for each </li></ul><ul><li>Considers fiduciary, quality and security needs of enterprises, providing seven information criteria that can be used to generically define what the business requires from IT </li></ul><ul><li>Is supported by a set of over 300 detailed control objectives </li></ul><ul><li>Effectiveness </li></ul><ul><li>Efficiency </li></ul><ul><li>Availability </li></ul><ul><li>Integrity </li></ul><ul><li>Confidentiality </li></ul><ul><li>Reliability </li></ul><ul><li>Compliance </li></ul><ul><li>Plan and Organise </li></ul><ul><li>Acquire and Implement </li></ul><ul><li>Deliver and Support </li></ul><ul><li>Monitor and Evaluate </li></ul>C OBI T: Of what does it consist?
    12. 13. <ul><li>“ In order to provide the information that the organisation needs to achieve its objectives, IT resources need to be managed by a set of naturally grouped processes.” </li></ul><ul><li>Relates to business requirements (expressed as information criteria) </li></ul><ul><li>Links to business processes </li></ul><ul><li>Empowers business owners </li></ul><ul><li>Decomposes IT into four domains and 34 processes </li></ul><ul><li>Domains: (plan-build-run) + monitor </li></ul><ul><li>Control, audit, implementation and performance management knowledge structured by process </li></ul>Business Process Business Orientation and Process Focus

    ×