Scribd Logo
Upload

Welcome to Scribd!

  • COBIT Framework - Group 13

    Uploaded by

    Sivaji Paritala
    32 views15 pages

    Original Title

    COBIT Framework_Group 13

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    32 views15 pages

    COBIT Framework - Group 13

    Uploaded by

    Sivaji Paritala

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 15

    COBIT 5© ISACA

    COBIT: ISACA’s framework for IT Governance, Risk,


    Security and Auditing

    Presented By:
    Group 13
    What is COBIT
    • Control Objectives for Information and Related Technology (CobiT)
    • is a set of best practices for Information Technology management
    • developed by ISACA (Information Systems Audit & Control Association)
    • and IT Governance Institute
    • in 1996.

    ISACA develops and maintains the internationally recognized COBIT


    framework, helping IT professionals and enterprise leaders fulfil their IT
    Governance responsibilities while delivering value to the business.

    The latest ISACA’s globally accepted framework


    COBIT 5 is aimed to provide an end-to-end business
    view of the governance of enterprise IT that reflects
    the central role of IT in creating value for enterprises

    2
    Evolution of scope Governance of Enterprise IT

    IT Governance

    Val IT 2.0
    Management (2008)

    Control
    Risk IT
    (2009)
    Audit

    COBIT1 COBIT2 COBIT3 COBIT4.0/4.1 COBIT 5

    1996 1998 2000 2005/7 2012

    3
    Purpose
    • Information is a key resource for all enterprises.
    • Information is created, used, retained, disclosed
    and destroyed.
    • Technology plays a key role in these actions.
    • Technology is becoming pervasive in all aspects of
    business and personal life.

    What benefits does information and technology


    bring to enterprises?

    4
    COBIT Framework

    • COBIT is a comprehensive framework that helps enterprises to create optimal


    value from IT by maintaining a balance between realising benefits and
    optimising risk levels and resource use.
    • COBIT enables information and related technology to be governed and
    managed in a holistic manner for the whole enterprise, taking in the full end-
    to-end business and functional areas of responsibility, considering the IT-
    related interests of internal and external stakeholders.
    • The COBIT principles and enablers are generic and useful for enterprises of
    all sizes, whether commercial, not-for - profit or in the public sector.

    5
    Principles

    6
    Components

    Framework: Organizes IT governance objectives and good practices by IT domains and


    processes and links them to business requirements.

    Process descriptions: A reference process model and common language for everyone in an
    organization. The processes map to responsibility areas of plan, build, run, and monitor.

    Control objectives: Provides a complete set of high-level requirements to be considered by


    management for effective control of each IT process.

    Management guidelines: Helps assign responsibility, agree on objectives, measure


    performance, and illustrate interrelationship with other processes.

    Maturity models: Assesses maturity and capability per process and helps to address gaps.

    7
    Methodology

    8
    Implementation Challenges

    • Failed IT initiatives  Resource waste through duplication


    • Rising costs or overlap in IT initiatives
     Insufficient IT resources
    • Perception of low business value
     IT staff burnout / dissatisfaction
    for IT investments
     IT enabled changes frequently
    • Significant incidents related to IT
    failing to meet business needs (late
    risk (e.g. data loss)
    deliveries or budget overruns)
    • Service delivery problems  Multiple and complex IT assurance
    • Failure to meet regulatory or efforts
    contractual requirements  Board members or senior managers
    • Audit findings for poor IT that are reluctant to engage with IT
    performance or low service levels
    • Hidden and/or rogue IT spending

    9
    Advantages

    • Strategic Alignment
    • Governance
    • Size independent
    • Auditing
    • Industry Standards

    10
    Limitations

    • Complicated concepts and structure


    • Lack of implementation guidance and proven benefit
    • Grouping COBIT Control Objectives
    • Fitting into Balanced Scorecard

    11
    When to Use

    • Merger, acquisition or divestiture  An enterprise-wide governance focus


    • Shift in the market, economy or or project
    competitive position  A new CIO, CFO, COO or CEO
    • Change in business operating  External audit or consultant
    model or sourcing arrangements assessments
     A new business strategy or
    • New regulatory or compliance
    requirements priority
    • Significant technology change or
    paradigm shift

    12
    Enterprise benefits

    Enterprises and their executives strive to :

    • Maintain quality information to support business decisions.


    • Generate business value from IT-enabled investments, i.e., achieve
    strategic goals and realise business benefits through effective and
    innovative use of IT.
    • Achieve operational excellence through reliable and efficient
    application of technology.
    • Maintain IT-related risk at an acceptable level.
    • Optimise the cost of IT services and technology.

    1
    3
    Business Case

    14
    Thank You

    You might also like