Professional Documents
Culture Documents
Cobit 2019 Use Cases Tailoring Governance of Your Enterprise IT
Cobit 2019 Use Cases Tailoring Governance of Your Enterprise IT
apmg-international.com 1
© The APMG Group Ltd. 2018. All rights reserved.
Before We Get Started…
mark.constable@apmg-
international.com.
apmg-international.com 2
© The APMG Group Ltd. 2018. All rights reserved.
Your Presenter
Mark Thomas (CRISC, CGEIT)
President, Escoute Consulting
apmg-international.com 3
© The APMG Group Ltd. 2018. All rights reserved.
Background
• Frameworks assist enterprises in creating
repeatable processes that can help in
value creation, but sometimes it is difficult
to thumb through a framework publication
and completely understand how to use it.
apmg-international.com 4
© The APMG Group Ltd. 2018. All rights reserved.
Learning Objectives
• Understand the key elements of the
COBIT 2019 framework and where to
find them in the publications.
apmg-international.com 5
© The APMG Group Ltd. 2018. All rights reserved.
Agenda
Enterprise Governance of Information and Technology
Tips to Adoption
apmg-international.com 6
© The APMG Group Ltd. 2018. All rights reserved.
Enterprise Governance of Information
and Technology
In the light of digital transformation, information and technology (I&T)
have become crucial in the support, sustainability and growth of
enterprises. EGIT is concerned with value delivery with three main
outcomes:
apmg-international.com 7
© The APMG Group Ltd. 2018. All rights reserved.
Agenda
Enterprise Governance of Information and Technology
Tips to Adoption
apmg-international.com 8
© The APMG Group Ltd. 2018. All rights reserved.
What COBIT 2019 is and is not
• COBIT is a framework for the governance and management of • COBIT is not a full
enterprise information and technology. description of the whole IT
environment of an
• COBIT is aimed at the whole enterprise. enterprise.
• COBIT makes a clear distinction between governance and • COBIT is not a framework
management. to organize business
processes.
• COBIT defines the components to build and sustain a governance
system. • COBIT is not a technical
framework to manage all
• COBIT defines the design factors that should be considered by the
technology.
enterprise to build a best-fit governance system.
• COBIT does not make or
• COBIT addresses governance issues by grouping relevant governance
prescribe any IT-related
components into governance and management objectives that can be
decisions.
managed to the required capability levels.
apmg-international.com 9
© The APMG Group Ltd. 2018. All rights reserved.
Major differences with COBIT5
• Modified COBIT principles
• Governance components
apmg-international.com 10
© The APMG Group Ltd. 2018. All rights reserved.
Intended Audience
Boards
Regulators
Risk Executive
Management Management
External
Stakeholders
Internal
Stakeholders
Business
Partners
Assurance Business
Providers Managers
IT Vendors
IT Managers
apmg-international.com 11
© The APMG Group Ltd. 2018. All rights reserved.
Overview and Product Architecture
apmg-international.com 12
© The APMG Group Ltd. 2018. All rights reserved.
COBIT 2019 Publications
“Framework Guide” “Objectives Guide” “Design Guide” “Implementation Guide”
Explains the overall structure Includes 40 governance and Introduces focus areas and Updated from the COBIT5
and parts of the framework management objectives design factors Implementation Guide
organized into five domains
Refreshes key governance Includes a design workflow Used in conjunction with the
(Gov/Mgt)
terms, concepts and that facilitates the creation of Design Guide
principles Each objective is related to a tailored governance
Provides a continual
one process system
Introduces the governance improvement lifecycle
system, components, and For each objective, provides Used in conjunction with the approach
governance/management guidance related to each of Implementation Guide
Includes seven phases with
objectives the governance components
Comes with a downloadable three perspectives
Describes the updated tool to assist in creating a
performance management tailored governance system
(maturity/capability)
apmg-international.com 13
© The APMG Group Ltd. 2018. All rights reserved.
COBIT 2019 Key points
Governance
Principles components Focus areas Design factors
We also have the addition of governance and management objectives – covered on the next slides.
apmg-international.com 14
© The APMG Group Ltd. 2018. All rights reserved.
Governance and Management Objectives
Governance and management objectives are organized into five
domains. One governance domain and four management domains.
apmg-international.com 15
© The APMG Group Ltd. 2018. All rights reserved.
Governance and Management Objectives
Governance and management objectives……..
apmg-international.com 16
© The APMG Group Ltd. 2018. All rights reserved.
COBIT Goals Cascade
The goals cascade supports prioritization of management objectives
based on prioritization of enterprise goals.
apmg-international.com 17
© The APMG Group Ltd. 2018. All rights reserved.
Agenda
Enterprise Governance of Information and Technology
Tips to Adoption
apmg-international.com 18
© The APMG Group Ltd. 2018. All rights reserved.
Tailored governance system journey
apmg-international.com 19
© The APMG Group Ltd. 2018. All rights reserved.
COBIT Design and Implementation
The Design guide has the following workflow steps.
apmg-international.com 20
© The APMG Group Ltd. 2018. All rights reserved.
COBIT Design and Implementation
The implementation guide has the following workflow phases and
perspectives.
apmg-international.com 21
© The APMG Group Ltd. 2018. All rights reserved.
Intersecting design and implementation
apmg-international.com 22
© The APMG Group Ltd. 2018. All rights reserved.
Design Guide Tool Canvas
apmg-international.com 23
© The APMG Group Ltd. 2018. All rights reserved.
Agenda
Enterprise Governance of Information and Technology
Tips to Adoption
apmg-international.com 24
© The APMG Group Ltd. 2018. All rights reserved.
Common Questions
“My enterprise uses multiple frameworks,
how does COBIT fit?”
apmg-international.com 25
© The APMG Group Ltd. 2018. All rights reserved.
COBIT Use Cases
Use cases describe how an actor interacts with a solution to accomplish
one or more of that actor’s goals, or respond to an event.
apmg-international.com 26
© The APMG Group Ltd. 2018. All rights reserved.
Use Cases
1. My enterprise uses multiple frameworks, 2. I am a launching a new IT Governance group
how does COBIT fit? at our company, where does COBIT say I should
start?
3. Our company uses previous versions of COBIT 3. With the increase in security compromises we
how do we move to COBIT 2019? are seeing in this industry, I’d like to leverage
COBIT to help me. How do I do this?
UC Understand the key differences between UC Select the appropriate COBIT measures to
3.1 COBIT5 and COBIT 2019 4.1 ensure proper information protection
apmg-international.com 27
© The APMG Group Ltd. 2018. All rights reserved.
Use Case 2.2: Use COBIT to create a tailored governance system
Pre conditions Success Scenario COBIT 2019 References
• No (or weak) overarching
1 Understand principles •COBIT 2019 Framework guide, Ch. 3
framework for the
• Determine your governance system principles
governance and
• Determine your governance framework principles
management of I&T
• Management supports
the integration of a single
integrated framework 2 Conduct a goals cascade •COBIT 2019 Framework guide, Ch. 4
• Understand stakeholder drivers and needs •COBIT 2019 Design guide, Mapping
• Map enterprise goals, alignment goals and Appendix
governance and management objectives
•COBIT 2019 Objectives guide, Ch. 4
3 Determine design factors and focus areas •COBIT 2019 Framework guide, Ch. 4
• Select design factors and focus areas •COBIT 2019 Design guide, Ch 2, 3
Post conditions • Understand your relationship with each design
factor
• End to end governance
system
• Provides stakeholder 4 Analyze design factors and focus areas •COBIT 2019 Toolkit (Excel tool)
value • Conduct a tool analysis using the design tool kit to •COBIT 2019 Design guide, Ch. 4
• Holistic approach select governance and management objectives
•COBIT 2019 Framework guide, Ch. 6
• Determine target capability levels
• Dynamic governance
system
• Governance distinct from 5 Document governance components •COBIT 2019 Framework guide, Ch. 4
management • Understand the governance components for each •COBIT 2019 Objectives guide, Ch. 4
• Tailored to meet governance or management objective selected
•Refer to the related guidance section for
enterprise needs • Modify the tailored governance system as required
each governance or management objective
apmg-international.com 28
© The APMG Group Ltd. 2018. All rights reserved.
Agenda
Enterprise Governance of Information and Technology
Tips to Adoption
apmg-international.com 29
© The APMG Group Ltd. 2018. All rights reserved.
Download the COBIT 2019 publications (and Use COBIT 2019 as a framework to govern and
design guide tool) manage frameworks and the governance system
apmg-international.com 30
© The APMG Group Ltd. 2018. All rights reserved.
Agenda
Enterprise Governance of Information and Technology
Tips to Adoption
apmg-international.com 31
© The APMG Group Ltd. 2018. All rights reserved.
Closing
• Understand the key elements of the COBIT
2019 framework and where to find them in the
publications.
apmg-international.com 32
© The APMG Group Ltd. 2018. All rights reserved.
Get in touch….
https://apmg-international.com/product/cobit-2019
apmg-international.com 33
© The APMG Group Ltd. 2018. All rights reserved.
If you have any questions or feedback, please do not hesitate to contact me:
Mark.Constable@apmg-international.com / +44 (0)1494 836131
apmg-international.com 34
© The APMG Group Ltd. 2018. All rights reserved.