Professional Documents
Culture Documents
An overview
M. Garsoux
COBIT 5 Licensed Training Provider
COBIT 5© ISACA
Introduction
Principles
Processes
Implementation
Supporting Products
Questions
2
COBIT 5© ISACA
3
COBIT 5© ISACA
IT Governance
Val IT 2.0
Management (2008)
Control
Risk IT
(2009)
Audit
4
COBIT 5© ISACA
What is CobiT?
• Control Objectives for Information and Related Technology (CobiT)
• is a set of best practices for Information Technology management
• developed by ISACA (Information Systems Audit & Control Association)
• and IT Governance Institute
• in 1996.
5
COBIT 5© ISACA
6
COBIT 5© ISACA
Helps enterprises:
7
COBIT 5© ISACA
8
COBIT 5© ISACA
9
COBIT 5© ISACA
10
COBIT 5© ISACA
11
COBIT 5© ISACA
12
COBIT 5© ISACA
Stakeholder Value
• Delivering enterprise stakeholder value requires good governance
and management of information and technology (IT) assets.
• Enterprise boards, executives and management have to embrace
IT like any other significant part of the business.
• External legal, regulatory and contractual compliance
requirements related to enterprise use of information and
technology are increasing, threatening value if breached.
• COBIT 5 provides a comprehensive framework that assists
enterprises to achieve their goals and deliver value through
effective governance and management of enterprise IT.
13
COBIT 5© ISACA
Goals cascade
14
COBIT 5© ISACA
Enterprise Goal
Stakeholder Value of Customer - oriented Optimisation of business Skilled and
Business investments service culture process functionality motivated peole
1 6 11 16
IT -Related Goal Financial Customer Internal Learning and Growth
Alignment of IT and
Financial 1 P P P S
business strategy
Delivery of IT services
Customer 7 in line with business P P P S
requirements
Internal 9 IT agility S S P S
Competent and
Learning
16 motivated business S S P
and Growth
and IT personnel
17
COBIT 5© ISACA
IT - Related Goal
Evaluate,
EDM02 Benefits
Delivery
P P P
Direct and
Ensure Risk
Monitor EDM03
Optimisation S S S
Ensure
EDM0
4
Ressource
Optimisation
S S P S
Ensure
EDM05 Stakeholder
Transparency
S P S
18
COBIT 5© ISACA
Key components of a
governance system
19
COBIT 5© ISACA
20
COBIT 5© ISACA
21
COBIT 5© ISACA
2 4
3
6
5 7
22
COBIT 5© ISACA
1. Principles, policies and frameworks—Are the vehicle to translate the desired behaviour
into practical guidance for day-to-day management
2. Processes—Describe an organised set of practices and activities to achieve certain
objectives and produce a set of outputs in support of achieving overall IT related goals
3. Organisational structures—Are the key decision-making entities in an organisation
4. Culture, ethics and behaviour—Of individuals and of the organisation; very often
underestimated as a success factor in governance and management activities
5. Information—Is pervasive throughout any organisation, i.e., deals with all information
produced and used by the enterprise. Information is required for keeping the
organisation running and well governed, but at the operational level, information is very
often the key product of the enterprise itself.
6. Services, infrastructure and applications—Include the infrastructure, technology and
applications that provide the enterprise with information technology processing and
services
7. People, skills and competencies—Are linked to people and are required for successful
completion of all activities and for making correct decisions and taking corrective
actions
23
COBIT 5© ISACA
24
COBIT 5© ISACA
25
COBIT 5© ISACA
26
COBIT 5© ISACA
27
COBIT 5© ISACA
28
COBIT 5© ISACA
29
COBIT 5© ISACA
30
COBIT 5© ISACA
31
COBIT 5© ISACA
32
COBIT 5© ISACA
33
COBIT 5© ISACA
34
COBIT 5© ISACA
35
COBIT 5© ISACA
36
COBIT 5© ISACA
37
COBIT 5© ISACA
38
COBIT 5© ISACA
39