Beruflich Dokumente
Kultur Dokumente
AGENDA
Introductions
Quick COBIT Overview
Drivers of COBIT5 Increased focus on Enterprise
Governance
Benefits of COBIT5
Updated Process Model
Details of the Change
New - COBIT 5 Process Capability Model
Wrap Up
Page 2
Preview of COBIT5
COBIT - An Overview
CCobiT
OBIT
best practices
repository for
IT Processes
IT Management Processes
IT Governance Processes
Preview of COBIT5
Internationally accepted
good practices
Management-oriented
Supported by tools and
training
Freely available
Sharing knowledge and
leveraging expert volunteers
Continually evolving
Maintained by reputable notfor-profit organization
Maps strongly to all major
related standards
Is a reference, set of best
practices, not an off-theshelf cure
COBIT history
COBIT has evolved from an auditors tool to an IT
governance framework, used increasingly by IT
management
Governance
Management
Control
Audit
COBIT 1
1996
Page 5
COBIT 2
COBIT 3
COBIT 4
1998
2000
2005
Preview of COBIT5
Introduction to COBIT
Page 6
Preview of COBIT5
Waterfall model
The control of
IT Processes
that satisfy
Business
Requirements
is enabled by
Control
Statements
considering
Control
Practices
Page 7
Preview of COBIT5
Process orientation
Domains
Processes
Activities
or tasks
Page 8
Preview of COBIT5
Process Orientation
IT Domains
Plan and
Organize
Acquire and
Implement
Deliver and
Support
Monitor and
Evaluate
Natural grouping of
processes, often
matching an
organisational domain of
responsibility
Page 9
IT Processes
IT strategy
Computer operations
Incident handling
Acceptance testing
Change management
Contingency planning
Problem management
A series of joined
activities with natural
(control) breaks
Preview of COBIT5
Activities
COBIT processes
Planning and
Organizing
Acquire and
Implement
Page 10
PO1
PO2
PO3
PO4
PO5
PO6
PO7
PO8
PO9
PO10
AI1
AI2
AI3
AI4
AI5
AI6
AI7
COBIT processes
Deliver and
Support
Monitor and
Evaluate
Page 11
DS1
DS2
DS3
DS4
DS5
DS6
DS7
DS8
DS9
DS10
DS11
DS12
DS13
ME1
ME2
ME3
ME4
Preview of COBIT5
COBIT framework
Criteria
Business Objectives
IT Resources
Monitor and
Evaluate
Effectiveness
Efficiency
Confidentiality
Integrity
Availability
Compliance
Reliability
Data
Application Systems
Technology
Facilities
People
Plan and
Organise
Deliver and
Support
Page 12
Acquire and
Implement
Preview of COBIT5
COBIT IT processes
PO1
PO2
PO3
PO4
ME1
ME2
ME3
ME4
PO7
PO8
PO9
PO10
Monitor and
Evaluate
DS1
DS2
DS3
DS4
DS5
DS6
DS7
DS8
DS9
DS10
DS11
DS12
DS13
Page 13
PO5
PO6
Information
Deliver and
Support
Preview of COBIT5
Plan and
Organize
Acquire and
Implement
Page 14
Preview of COBIT5
Page 15
Preview of COBIT5
IT goals
Process goals
Key practices
Key metrics
IT governance
& IT resource
Page 16
Preview of COBIT5
2. Value Delivery
4. Resource Management
IT assets, knowledge, infrastructure
and partners.
5. Performance
Measurement
Preview of COBIT5
Are we getting
the benefits?
V
ic t D alu
g
eli e
te n
ve
ra me
t
ry
S ign
l
A
IT
ance t
orm
n
Perf sureme
Mea
3. Risk Management
Are we doing
the right
things?
Are we doing
them the right
way?
Governance
Domains
Resource
Management
R
Man isk
agem
ent
FOCUS AREAS
1. Strategic Alignment
Are we
getting them
done well?
Governance lifecycle
Page 18
Preview of COBIT5
COBIT5 Update
COBIT 5 initiative
Page 20
Preview of COBIT5
Major
Drivers for COBIT 5
News
Page 21
Preview of COBIT5
Page 22
and Objectives
Preview of COBIT5
Governance Objective
Page 23
Preview of COBIT5
Responding
Features from COBIT5
News
Page 24
Preview of COBIT5
Page 25
Preview of COBIT5
Processes
Service
Capabilities
Culture,
Ethics,
Behaviour
Skills &
Competencies
Principles &
Policies
Page 26
Preview of COBIT5
Organisational
Structures
Information
Page 27
Preview of COBIT5
Process
News Reference Model
Page 28
Preview of COBIT5
Page 29
Preview of COBIT5
Review
Newsof Process Changes
Page 30
Preview of COBIT5
Review
Newsof Process Changes
Page 31
Preview of COBIT5
Page 32
Preview of COBIT5
Process
News Reference Guide
Page 33
Preview of COBIT5
5
Most
important
differences
between
COBIT
News
and earlier versions.
Page 34
Preview of COBIT5
Architecture
Change Principles
News
Page 35
Preview of COBIT5
COBIT
News5 Architecture
Stakeholder
Needs
Governance
Objectives:
Value
Existing ISACA
Guidance
Other
Standards
and
Frameworks
COBIT 5
Enablers
Processes
Culture,
Ethics,
Behaviour
Service
Capabilities
Skills and
Competencies
Principles and
Policies
Organisational
Structures
Information
Knowledge Base
Content Filter
Other Enabler
Guidance
Other Practice
Guides
Page 36
Preview of COBIT5
Process
News Model Change Principles
Page 37
Preview of COBIT5
Framework
News Component Changes
The stakeholders for IT are now explicitly named, and there are
also some illustrative stakeholder issues included in the
guidance to show how the framework addresses them.
Page 38
Preview of COBIT5
News Goals
Enterprise
Page 39
Preview of COBIT5
ITNews
Related Goals
Page 40
Preview of COBIT5
NewsStakeholder Needs
Internal
Page 41
Preview of COBIT5
Page 42
Preview of COBIT5
Page 43
Preview of COBIT5
Process
News Capability Model Characteristics
Six levels of capability including incomplete
Each level can only be achieved only when the
level below is fully achieved
Level 1 is largely achieved and benefits realized
by the organization
Higher capabilities add differing attributes and
benefits
Page 44
Preview of COBIT5
Page 45
Page 46
Preview of COBIT5
Page 47
Preview of COBIT5
Major changes
Consolidation of frameworks
Adjustment of domains and processes
Page 48
4 to 5 domains
34 to 36 IT Processes
Preview of COBIT5
Page 49
Preview of COBIT5
COBIT 5 news
As the initiative progresses throughout 2011 and 2012
there will be periodic updates provided:
On the ISACA web site, www.isaca.org/COBIT5
In the COBIT Focus newsletter
In other ISACA membership communications, events,
marketing materials and PR activities
Watch these spaces for more news!
Page 50
Preview of COBIT5
Thank you
Contact details:
Ernst & Youngs
IT Risk Management Center of Excellence
Page 51
Preview of COBIT5