COBIT 5 Goals Cascade Overview

Stakeholder Drivers
(Environment, Technology Evolution, …)

Influence

Stakeholder Needs
Benefits Risk Resource
Realisation Optimisation Optimisation

Cascade to Appendix D

Enterprise Goals Figure 5

Cascade to Appendix B

IT-related Goals Figure 6

Cascade to Appendix C

Enabler Goals

Source: COBIT 5, figure 4

Selected Guidance From the COBIT 5 Family

These charts and figures are elements of COBIT 5 and its supporting guides. This excerpt is available as a complimentary
PDF (www.isaca.org/cobit) and for purchase in hard copy (www.isaca.org/bookstore). It provides an overview of the
COBIT 5 guidance, its five principles and seven enablers. We encourage you to share this document with your enterprise
leaders, team members, clients and/or consultants.

COBIT enables enterprises to maximize the value and minimize the risk related to information, which has become the
currency of the 21st century. COBIT 5 is a comprehensive framework of globally accepted principles, practices, analytical
tools and models that can help any enterprise effectively address critical business issues related to the governance and
management of information and technology. Additional information is available at www.isaca.org/cobit.
 Governance and Management in COBIT 5

Governance Objective: Value Creation

Benefits Risk Resource

Realisation Optimisation Optimisation

Governance Governance
Enablers Scope

Roles, Activities and Relationships

Source: COBIT 5, figure 8

Key Roles, Activities and Relationships

Roles, Activities and Relationships

Instruct and
Delegate Set Direction
Owners and Align Operations
Governing Management and
Stakeholders Body
Accountable Monitor Report Execution

Source: COBIT 5, figure 9

COBIT 5 Governance and Management Key Areas

Business Needs

Governance
Evaluate

Direct Management Feedback Monitor

Management

Plan Build Run Monitor

(APO) (BAI) (DSS) (MEA)

Source: COBIT 5, figure 15

 COBIT 5 Process Reference Model

Processes for Governance of Enterprise IT

Evaluate, Direct and Monitor

EDM01 Ensure
Governance EDM02 Ensure EDM03 Ensure EDM04 Ensure EDM05 Ensure
Framework Setting Benefits Delivery Risk Optimisation Resource Stakeholder
and Maintenance Optimisation Transparency

Align, Plan and Organise Monitor, Evaluate

and Assess
APO01 Manage APO02 Manage APO03 Manage APO06 Manage APO07 Manage
the IT Management Enterprise APO04 Manage APO05 Manage
Strategy Innovation Portfolio Budget and Costs Human Resources
Framework Architecture

MEA01 Monitor,
Evaluate and Assess
APO09 Manage Performance and
APO08 Manage APO10 Manage APO11 Manage APO12 Manage APO13 Manage Conformance
Service Risk Security
Relationships Agreements Suppliers Quality

Build, Acquire and Implement

BAI03 Manage BAI04 Manage BAI05 Manage BAI07 Manage
BAI01 Manage BAI02 Manage Solutions Organisational Change
Programmes and Requirements Availability BAI06 Manage
Identification and Capacity Change Changes Acceptance and MEA02 Monitor,
Projects Definition and Build Enablement Transitioning Evaluate and Assess
the System of Internal
Control

BAI08 Manage BAI09 Manage BAI10 Manage

Knowledge Assets Configuration

Deliver, Service and Support

MEA03 Monitor,
DSS02 Manage DSS05 Manage DSS06 Manage Evaluate and Assess
DSS01 Manage DSS03 Manage DSS04 Manage Compliance With
Operations Service Requests Security Business
and Incidents Problems Continuity Services Process Controls External Requirements

Processes for Management of Enterprise IT

Source: COBIT 5, figure 16

 COBIT 5 Enterprise Enablers

3. Organisational 4. Culture, Ethics

2. Processes Structures and Behaviour

1. Principles, Policies and Frameworks

6. Services, 7. People,
5. Information Infrastructure Skills and
and Applications Competencies

Resources

Source: COBIT 5, figure 12

COBIT 5 Enablers: Generic

Stakeholders Goals Life Cycle Good Practices

Enabler Dimension

• Internal • Intrinsic Quality • Plan • Practices

Stakeholders • Contextual Quality • Design • Work Products
• External (Relevance, • Build/Acquire/ (Inputs/Outputs)
Stakeholders Effectiveness) Create/Implement
• Accessibility and • Use/Operate
Security • Evaluate/Monitor
• Update/Dispose
Enabler Performance

Are Stakeholder Are Enabler Is Life Cycle Are Good Practices

Management

Needs Addressed? Goals Achieved? Managed? Applied?

Metrics for Achievement of Goals Metrics for Application of Practice

(Lag Indicators) (Lead Indicators)

Source: COBIT 5, figure 13

 The Seven Phases of the Implementation Life Cycle

mentu
m going? 1 What a
the mo re th
ed
eep rive
ek Initiat rs?
viewness
w e pr
do Re ogr
ow ive am
fect me
7H

ef
Establ
is
stai
n to ch h des
Su ang ire

2W
e

Def opport
re?

efits
6 Did we get the

ine
Recog

here a
r
nito

Fo
Mo and need nise

rm team
• Programme management

probleities
Realise ben

ate act to
approach ew

alu
es

re we now?
impl
ev
Embed n

(outer ring)

un
ementation
Operate

Asseent
e

curr te

ms and
measur

• Change enablement
sta
and

ss
(middle ring)
I m p o ve m

rg n e

• Continual improvement life cycle

imp

De
ta e t
fi
le m
r

e ta
te

en n t

m e te
s (inner ring)
ts B u il d co c a
O p d us

i m pro
ut u ni
ve m e nts
an
er

ap
e
m

m
at
E xe

e?
e Co o

dm
5H

to b
cu

I d e n tif y r o l e
oa
ow

te

ant
la
er
pla ye rs
n fi n
p
do

De ew
we

ow
ge

th e
ed

er
t

re ? P la n p ro g ra m m e Wh
3
4 W hat n eeds to be d one?
Source: COBIT 5, figure 17 and COBIT 5 Implementation, figure 6

Summary of the COBIT 5 Process Capability Model

Generic Process Capability Attributes

Performance PA 2.1 PA 2.2 PA 3.1 PA 3.2 PA 4.1 PA 4.2 PA 5.1 PA 5.2

Attribute (PA) 1.1 Performance Work Process Process Process Process Process Process
Process Management Product Definition Deployment Measurement Control Innovation Optimisation
Performance Management

Incomplete Performed Managed Established Predictable Optimising

Process Process Process Process Process Process
0 1 2 3 4 5

COBIT 5 Process Assessment COBIT 5 Process Assessment

Model—Performance Indicators Model–Capability Indicators
Process Outcomes

Base Practices Work

(Management/ Products Generic Practices Generic Resources Generic Work Products
Governance (Inputs/
Practices) Outputs)

Source: COBIT 5, figure 19

 COBIT 5 Product Family

COBIT® 5
COBIT 5 Enabler Guides
COBIT® 5: COBIT® 5: Other Enabler
Enabling Processes Enabling Information Guides

COBIT 5 Professional Guides

COBIT® 5 COBIT® 5 COBIT® 5 Other Professional
COBIT® 5 Implementation for Information for Assurance for Risk Guides
Security

COBIT 5 Online Collaborative Environment

Source: COBIT 5, figure 11

COBIT 5 Principles

1. Meeting
Stakeholder
Needs

5. Separating 2. Covering the

Governance Enterprise
From End-to-end
Management
COBIT 5
Principles

4. Enabling a 3. Applying a
Holistic Single
Approach Integrated
Framework

Source: COBIT 5, figure 2

1700 E Golf Rd #400 • Schaumburg, IL 60173 USA

Phone: +1.847.253.1545 • Fax: +1.847.253.1443
www.isaca.org

© 2013 ISACA. ALL RIGHTS RESERVED.