Professional Documents
Culture Documents
General Template
Document properties
Filter criteria:
Filter1
Component: RACI
Processes: PO1 | PO2 | PO3 | PO4 | PO5 | PO6 | PO7 | PO8 | PO9 | PO10 | AI1 | AI2
| AI3 | AI4 | AI5 | AI6 | AI7 | DS1 | DS2 | DS3 | DS4 | DS5 | DS6 | DS7 | DS8 | DS9
| DS10 | DS11 | DS12 | DS13 | ME1 | ME2 | ME3 | ME4
Processes: PO1 | PO2 | PO3 | PO4 | PO5 | PO6 | PO7 | PO8 | PO9 | PO10 | AI1 | AI2
| AI3 | AI4 | AI5 | AI6 | AI7 | DS1 | DS2 | DS3 | DS4 | DS5 | DS6 | DS7 | DS8 | DS9
| DS10 | DS11 | DS12 | DS13 | ME1 | ME2 | ME3 | ME4
MyCobit – General Template Produced by subscriber Sr. Carlos Alberto Hernandez Angel, CISA,CRISC, copyright restricted according to user terms and conditions
COBIT Online v4.1 - © 2007 ITGI (www.itgi.org) - Only Internal, non-commercial use permitted Page 2
MyCobit – General Template Produced by subscriber Sr. Carlos Alberto Hernandez Angel, CISA,CRISC, copyright restricted according to user terms and conditions
PO
COBIT Online v4.1 - © 2007 ITGI (www.itgi.org) - Only Internal, non-commercial use permitted Page 3
MyCobit – General Template Produced by subscriber Sr. Carlos Alberto Hernandez Angel, CISA,CRISC, copyright restricted according to user terms and conditions
COBIT Online v4.1 - © 2007 ITGI (www.itgi.org) - Only Internal, non-commercial use permitted Page 4
MyCobit – General Template Produced by subscriber Sr. Carlos Alberto Hernandez Angel, CISA,CRISC, copyright restricted according to user terms and conditions
RACI
A RACI Chart identifies who is Responsible, Accountable, Consulted, and/or Informed
Chief Architect C
Head Development C
Head IT Administration C
The project management office or function (PMO) R
Compliance, Audit, Risk and Security I
Analyse programme portfolios and manage project and service portfolios. RACI
Chief executive officer (CEO) C
Chief financial officer (CFO) I
Business Executive I
Chief information officer (CIO) A
Business Process Owner R
Head Operations R
Chief Architect C
Head Development R
Head IT Administration C
The project management office or function (PMO) C
Compliance, Audit, Risk and Security I
COBIT Online v4.1 - © 2007 ITGI (www.itgi.org) - Only Internal, non-commercial use permitted Page 6
PO2 Define the Information Architecture
RACI
A RACI Chart identifies who is Responsible, Accountable, Consulted, and/or Informed
Provide data owners with procedures and tools for classifying information systems. RACI
Chief executive officer (CEO) I
Chief financial officer (CFO) C
Business Executive A
Chief information officer (CIO) C
Business Process Owner C
Head Operations I
Chief Architect C
Head Development C
Compliance, Audit, Risk and Security R
Utilise the information model, data dictionary and classification scheme to plan RACI
optimised business systems.
Chief executive officer (CEO) C
Chief financial officer (CFO) C
Business Executive I
Chief information officer (CIO) A
Business Process Owner C
Chief Architect R
Head Development C
Compliance, Audit, Risk and Security I
PO3 Determine Technological Direction
RACI
A RACI Chart identifies who is Responsible, Accountable, Consulted, and/or Informed
Establish and implement IT roles and responsibilities, including supervision and RACI
segregation of duties.
Chief financial officer (CFO) I
Business Executive I
Chief information officer (CIO) A
Business Process Owner I
Head Operations C
Chief Architect C
Head Development C
Head IT Administration R
The project management office or function (PMO) C
Compliance, Audit, Risk and Security C
PO5 Manage the IT Investment
RACI
A RACI Chart identifies who is Responsible, Accountable, Consulted, and/or Informed
Identify, communicate and monitor IT investment, cost and value to the business. RACI
Chief executive officer (CEO) I
Chief financial officer (CFO) C
Business Executive C
Chief information officer (CIO) A/R
Head Operations C
Chief Architect C
Head Development C
Head IT Administration R
The project management office or function (PMO) C
Compliance, Audit, Risk and Security C
PO6 Communicate Management Aims and Direction
RACI
A RACI Chart identifies who is Responsible, Accountable, Consulted, and/or Informed
Identify IT skills, position descriptions, salary ranges and personal performance RACI
benchmarks.
Chief financial officer (CFO) C
Chief information officer (CIO) A
Head Operations C
Chief Architect C
Head Development C
Head IT Administration R
The project management office or function (PMO) C
Execute HR policies and procedures relevant to IT (recruit, hire, vet, compensate, RACI
train, appraise, promote and dismiss).
Chief information officer (CIO) A
Head Operations R
Chief Architect R
Head Development R
Head IT Administration R
The project management office or function (PMO) R
Compliance, Audit, Risk and Security C
PO8 Manage Quality
RACI
A RACI Chart identifies who is Responsible, Accountable, Consulted, and/or Informed
Build and manage the quality plan for continuous improvement. RACI
Chief information officer (CIO) A/R
Business Process Owner I
Head Operations C
Chief Architect C
Head Development C
Head IT Administration C
The project management office or function (PMO) C
Compliance, Audit, Risk and Security C
Measure, monitor and review compliance with the quality goals. RACI
Chief information officer (CIO) A/R
Business Process Owner I
Head Operations C
Chief Architect C
Head Development C
Head IT Administration C
The project management office or function (PMO) C
Compliance, Audit, Risk and Security C
PO9 Assess and Manage IT Risks
RACI
A RACI Chart identifies who is Responsible, Accountable, Consulted, and/or Informed
Identify events associated with objectives [some events are business-oriented RACI
(business is A); some are IT-oriented (IT is A, business is C)].
Chief executive officer (CEO) I
Chief information officer (CIO) A/C
Business Process Owner A
Head Operations R
Chief Architect R
Head Development R
Head IT Administration R
Compliance, Audit, Risk and Security C
Build project charters, schedules, quality plans, budgets, and communication and risk RACI
management plans.
Business Executive C
Chief information officer (CIO) C
Business Process Owner C
Head Operations C
Chief Architect C
Head Development C
Head IT Administration C
The project management office or function (PMO) A/R
Compliance, Audit, Risk and Security C
Develop technical support documentation for operations and support staff. RACI
Head Operations A/R
Head Development C
Compliance, Audit, Risk and Security C
Develop IT procurement policies and procedures aligned with procurement policies at RACI
the corporate level.
Chief executive officer (CEO) I
Chief financial officer (CFO) C
Chief information officer (CIO) A
Head Operations I
Chief Architect I
Head Development I
Head IT Administration R
Compliance, Audit, Risk and Security C
Evaluate and select suppliers through a request for proposal (RFP) process. RACI
Chief executive officer (CEO) C
Chief financial officer (CFO) C
Chief information officer (CIO) A
Head Operations R
Head Development R
Head IT Administration R
The project management office or function (PMO) R
Compliance, Audit, Risk and Security C
Develop and implement a process to consistently record, assess and prioritise change RACI
requests.
Chief information officer (CIO) A
Business Process Owner I
Head Operations R
Chief Architect C
Head Development R
Head IT Administration C
The project management office or function (PMO) C
Compliance, Audit, Risk and Security C
Assure that any emergency and critical change follows the approved process. RACI
Chief information officer (CIO) I
Business Process Owner I
Head Operations A/R
Chief Architect I
Head Development R
Compliance, Audit, Risk and Security C
Define and review a test strategy (entry and exit criteria) and an operational test plan RACI
methodology.
Business Executive C
Chief information officer (CIO) A
Business Process Owner C
Head Operations C
Chief Architect C
Head Development R
The project management office or function (PMO) C
Compliance, Audit, Risk and Security C
Build and maintain a business and technical requirements repository and test cases RACI
for accredited systems.
Chief information officer (CIO) A
Head Development R
Evaluate long-term goals of the service relationship for all stakeholders. RACI
Chief executive officer (CEO) C
Chief financial officer (CFO) C
Business Executive C
Chief information officer (CIO) A/R
Business Process Owner C
Head Operations C
Chief Architect C
Head Development C
Head IT Administration R
The project management office or function (PMO) C
Compliance, Audit, Risk and Security C
DS3 Manage Performance and Capacity
RACI
A RACI Chart identifies who is Responsible, Accountable, Consulted, and/or Informed
Establish a planning process for the review of performance and capacity of IT RACI
resources.
Chief information officer (CIO) A
Head Operations R
Chief Architect C
Head Development C
Head IT Administration C
The project management office or function (PMO) C
Continuously monitor and report the availability, performance and capacity of IT RACI
resources.
Chief information officer (CIO) I
Business Process Owner I
Head Operations A/R
Head Development I
Head IT Administration I
The project management office or function (PMO) I
Compliance, Audit, Risk and Security I
DS4 Ensure Continuous Service
RACI
A RACI Chart identifies who is Responsible, Accountable, Consulted, and/or Informed
Define and execute change control procedures to ensure IT continuity plan is current. RACI
Chief information officer (CIO) I
Head Operations A/R
Head Development R
Head IT Administration R
The project management office or function (PMO) R
Compliance, Audit, Risk and Security I
Periodically review and validate user access rights and privileges. RACI
Chief information officer (CIO) A
Business Process Owner I
Head Operations C
Compliance, Audit, Risk and Security R
Establish and maintain procedures for maintaining and safeguarding cryptographic RACI
keys.
Chief information officer (CIO) A
Head Operations R
Head IT Administration I
Compliance, Audit, Risk and Security C
Implement and maintain technical and procedural controls to protect information RACI
flows across networks.
Chief information officer (CIO) A
Business Process Owner C
Head Operations C
Chief Architect R
Head Development R
Compliance, Audit, Risk and Security C
Identify all IT costs (e.g., people, technology) and map them to IT services on a unit RACI
cost basis.
Chief financial officer (CFO) C
Chief information officer (CIO) A
Head Operations C
Chief Architect C
Head Development C
Head IT Administration R
The project management office or function (PMO) C
Identify and evaluate best training delivery methods and tools. RACI
Business Executive I
Chief information officer (CIO) A/R
Business Process Owner R
Head Operations C
Chief Architect C
Head Development C
Head IT Administration C
The project management office or function (PMO) C
Compliance, Audit, Risk and Security C
Training Department R
DS8 Manage Service Desk and Incidents
RACI
A RACI Chart identifies who is Responsible, Accountable, Consulted, and/or Informed
Create classification (severity and impact) and escalation procedures (functional and RACI
hierarchical).
Chief information officer (CIO) C
Business Process Owner C
Head Operations C
Chief Architect C
Head Development C
Head IT Administration C
Compliance, Audit, Risk and Security C
Service Desk/Incident Manager A/R
Issue recommendations for improvement and create a related request for change. RACI
Business Process Owner I
Head Operations A
Chief Architect I
Head Development I
The project management office or function (PMO) I
Problem Manager R
Define, maintain and implement procedures for secure disposal of media and RACI
equipment.
Chief information officer (CIO) A
Business Process Owner C
Head Operations R
Head IT Administration I
Compliance, Audit, Risk and Security C
Select and commission the site (data center, office, etc.). RACI
Chief executive officer (CEO) I
Chief financial officer (CFO) C
Business Executive C
Chief information officer (CIO) C
Business Process Owner C
Head Operations A/R
Chief Architect C
Head IT Administration C
The project management office or function (PMO) C
Compliance, Audit, Risk and Security C
Define and implement procedures for physical access authorisation and maintenance. RACI
Chief information officer (CIO) C
Business Process Owner I
Head Operations A/R
Chief Architect I
Head Development I
Head IT Administration I
Compliance, Audit, Risk and Security C
DS13 Manage Operations
RACI
A RACI Chart identifies who is Responsible, Accountable, Consulted, and/or Informed
Identify and collect measureable objectives that support the business objectives. RACI
Chief executive officer (CEO) C
Chief financial officer (CFO) C
Business Executive C
Chief information officer (CIO) A
Business Process Owner R
Head Operations R
Head Development R
Monitor the process to obtain assurance over controls operated by third parties. RACI
Chief executive officer (CEO) I
Chief financial officer (CFO) I
Business Executive I
Chief information officer (CIO) A
Head Operations R
Head Development R
Head IT Administration R
Compliance, Audit, Risk and Security C
Define and execute a process to identify legal, contractual, policy and regulatory RACI
requirements.
Chief information officer (CIO) A/R
Business Process Owner C
Head Operations I
Chief Architect I
Head Development I
Head IT Administration C
The project management office or function (PMO) I
Compliance, Audit, Risk and Security R
Report positive assurance of compliance of IT activities with IT policies, plans and RACI
procedures.
Chief information officer (CIO) A/R
Business Process Owner C
Head Operations C
Chief Architect C
Head Development C
Head IT Administration C
The project management office or function (PMO) C
Compliance, Audit, Risk and Security R
Provide input to align IT policies, plans and procedures in response to compliance RACI
requirements.
Chief information officer (CIO) A/R
Business Process Owner C
Head Operations C
Chief Architect C
Head Development C
Head IT Administration C
Compliance, Audit, Risk and Security R
Integrate IT reporting on regulatory requirements with similar output from other RACI
business functions.
Chief information officer (CIO) A/R
Head Operations I
Chief Architect I
Head Development I
Head IT Administration R
The project management office or function (PMO) I
Compliance, Audit, Risk and Security R
ME4 Provide IT Governance
RACI
A RACI Chart identifies who is Responsible, Accountable, Consulted, and/or Informed
Establish executive and board oversight and facilitation over IT activities. RACI
Board A
Chief executive officer (CEO) R
Chief financial officer (CFO) C
Business Executive C
Chief information officer (CIO) C
Compliance, Audit, Risk and Security C
Review, endorse, align and communicate IT performance, IT strategy, and resource RACI
and risk management with business strategy.
Board A
Chief executive officer (CEO) R
Chief financial officer (CFO) I
Business Executive I
Chief information officer (CIO) R
Compliance, Audit, Risk and Security C
Obtain periodic independent assessment of performance and compliance with policies, RACI
plans and procedures.
Board A
Chief executive officer (CEO) R
Chief financial officer (CFO) C
Business Executive I
Chief information officer (CIO) C
Head Operations I
Chief Architect I
Head Development I
Head IT Administration I
The project management office or function (PMO) I
Compliance, Audit, Risk and Security R