Scribd Logo
Upload

Welcome to Scribd!

  • Diagram Process COBIT 5 PDF

    Uploaded by

    Devi Rahmawati
    215 views4 pages

    Original Title

    Diagram Process COBIT 5.pdf

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    215 views4 pages

    Diagram Process COBIT 5 PDF

    Uploaded by

    Devi Rahmawati

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 4

    : Enabling Processes

    COBIT 5 Enabler: Processes

    Stakeholders Goals Life Cycle Good Practices


    Enabler Dimension

    Internal Intrinsic Quality Plan Process Practices,


    Stakeholders Contextual Quality Design Activities, Detailed
    External (Relevance, Build/Acquire/ Activities
    Stakeholders Effectiveness) Create/Implement Work Products
    Accessibility and Use/Operate (Inputs/Outputs)
    Security Evaluate/Monitor
    Update/Dispose

    Generic Practices for


    Processes
    Enabler Performance

    Are Stakeholder Are Enabler Is Life Cycle Are Good Practices


    Management

    Needs Addressed? Goals Achieved? Managed? Applied?

    Metrics for Achievement of Goals Metrics for Application of Practice


    (Lag Indicators) (Lead Indicators)

    Source: COBIT 5: Enabling Processes, figure 8

    COBIT 5 Governance and Management Key Areas

    Business Needs

    Governance
    Evaluate

    Direct Management Feedback Monitor

    Management

    Plan Build Run Monitor


    (APO) (BAI) (DSS) (MEA)

    Source: COBIT 5: Enabling Processes, figure 9

    2013 ISACA. A l l r i g h t s r e s e r v e d .
    COBIT 5 Process Reference Model

    Processes for Governance of Enterprise IT


    Evaluate, Direct and Monitor

    EDM01 Ensure
    Governance EDM02 Ensure EDM03 Ensure EDM04 Ensure EDM05 Ensure
    Framework Setting Benefits Delivery Risk Optimisation Resource Stakeholder
    and Maintenance Optimisation Transparency

    Align, Plan and Organise Monitor, Evaluate


    and Assess
    APO01 Manage APO02 Manage APO03 Manage APO06 Manage APO07 Manage
    the IT Management Enterprise APO04 Manage APO05 Manage
    Strategy Innovation Portfolio Budget and Costs Human Resources
    Framework Architecture

    MEA01 Monitor,
    Evaluate and Assess
    APO09 Manage Performance and
    APO08 Manage APO10 Manage APO11 Manage APO12 Manage APO13 Manage Conformance
    Service Risk Security
    Relationships Agreements Suppliers Quality
    : Enabling Processes

    2013 ISACA. A
    Build, Acquire and Implement

    l l
    BAI03 Manage BAI04 Manage BAI05 Manage BAI07 Manage
    BAI01 Manage BAI02 Manage Solutions Organisational Change
    Programmes and Requirements Availability BAI06 Manage
    Identification and Capacity Change Changes Acceptance and MEA02 Monitor,
    Projects Definition and Build Enablement Transitioning Evaluate and Assess

    r i g h t s
    the System of Internal
    Control

    BAI08 Manage BAI09 Manage BAI10 Manage


    Knowledge Assets Configuration

    r e s e r v e d
    .
    Deliver, Service and Support
    MEA03 Monitor,
    DSS02 Manage DSS05 Manage DSS06 Manage Evaluate and Assess
    DSS01 Manage DSS03 Manage DSS04 Manage Compliance With
    Operations Service Requests Security Business
    and Incidents Problems Continuity Services Process Controls External Requirements

    Processes for Management of Enterprise IT

    Source: COBIT 5: Enabling Processes, figure 10


    : Enabling Processes

    Outputs
    Outputs to all Processes
    From Key
    Practice Output Description Destination
    APO13.02 Information security risk treatment plan All EDM; All APO; All BAI; All DSS; All MEA
    Outputs to all Governance Processes
    From Key
    Practice Output Description Destination
    EDM01.01 Enterprise governance guiding principles All EDM
    EDM01.01 Decision-making model All EDM
    EDM01.01 Authority levels All EDM
    EDM01.02 Enterprise governance communications All EDM
    EDM01.03 Feedback on governance effectiveness and performance All EDM
    Outputs to all Management Processes
    From Key
    Practice Output Description Destination
    APO01.01 Communication ground rules All APO; All BAI; All DSS; All MEA
    APO01.03 IT-related policies All APO; All BAI; All DSS; All MEA
    APO01.04 Communications on IT objectives All APO; All BAI; All DSS; All MEA
    APO01.07 Process improvement opportunities All APO; All BAI; All DSS; All MEA
    APO02.06 Communications package All APO; All BAI; All DSS; All MEA
    APO11.02 Quality management standards All APO; All BAI; All DSS; All MEA
    APO11.04 Process quality of service goals and metrics All APO; All BAI; All DSS; All MEA
    APO11.06 Communications on continual improvement and good practices All APO; All BAI; All DSS; All MEA
    APO11.06 Examples of good practice to be shared All APO; All BAI; All DSS; All MEA
    APO11.06 Quality review benchmark results All APO; All BAI; All DSS; All MEA
    MEA01.02 Monitoring targets All APO; All BAI; All DSS; All MEA
    MEA01.04 Performance reports All APO; All BAI; All DSS; All MEA
    MEA01.05 Remedial actions and assignments All APO; All BAI; All DSS; All MEA
    MEA02.01 Results of internal control monitoring and reviews All APO; All BAI; All DSS; All MEA
    MEA02.01 Results of benchmarking and other evaluations All APO; All BAI; All DSS; All MEA
    MEA02.03 Self-assessment plans and criteria All APO; All BAI; All DSS; All MEA
    MEA02.03 Results of reviews of self-assessments All APO; All BAI; All DSS; All MEA
    MEA02.04 Control deficiencies All APO; All BAI; All DSS; All MEA
    MEA02.04 Remedial actions All APO; All BAI; All DSS; All MEA
    MEA02.06 Assurance plans All APO; All BAI; All DSS; All MEA
    MEA02.08 Refined scope All APO; All BAI; All DSS; All MEA
    MEA02.08 Assurance review results All APO; All BAI; All DSS; All MEA
    MEA02.08 Assurance review report All APO; All BAI; All DSS; All MEA
    MEA03.02 Communications of changed compliance requirements All APO; All BAI; All DSS; All MEA
    Source: COBIT 5: Enabling Processes, figure 11

    2013 ISACA. A l l r i g h t s r e s e r v e d .
    ISACA Frameworks Included in COBIT 5

    COBIT 4.1 Map to


    Control Objectives

    COBIT 5
    Val IT 2.0 Governance and
    Key Management Map to
    Management
    Practices Practices
    Risk IT
    Management Map to
    Practices
    Source: COBIT 5: Enabling Processes, figure 13

    Note: COBIT 5: Enabling Processes Appendix A. Mapping Between COBIT 5 and Legacy ISACA Frameworks,
    figures 14, 15 and 16, contain the mapping of COBIT 4.1, Val IT and Risk IT components to COBIT 5.

    3701 Algonquin Road, Suite 1010 Rolling Meadows, IL 60008 USA


    Phone: +1.847.253.1545 Fax: +1.847.253.1443 Email: info@isaca.org
    Web site: www.isaca.org
    2013 ISACA. A l l r i g h t s r e s e r v e d .

    You might also like