Add to collection(s) Add to saved
  1. Business
  2. Management
  3. Project Management
Uploaded by congngt2

COBITlaminate online RD3

advertisement 
EDM01—Ensured
Governance
Framework Setting
and Maintenance
Community
Contribution
COBIT Core
Publications
DSS03—Managed
Problems
DSS02—Managed
Service Requests
and Incidents
DSS01—Managed
Operations
DSS04—Managed
Continuity
BAI11—Managed
Projects
DSS05—Managed
Security
Services
BAI05—Managed
Organizational
Change
APO12—Managed
Risk
APO05—Managed
Portfolio
DSS06—Managed
Business
Process Controls
BAI06—Managed
IT Changes
APO13—Managed
Security
APO06—Managed
Budget and Costs
EDM04—Ensured
Resource
Optimization
BAI07—Managed
IT Change
Acceptance and
Transitioning
APO014—Managed
Data
APO07—Managed
Human Resources
EDM05—Ensured
Stakeholder
Engagement
COBIT® 2019 Framework:
Governance and
Management Objectives
COBIT® 2019 Framework:
Introduction and Methodology
BAI10—Managed
Configuration
BAI09—Managed
Assets
BAI08—Managed
Knowledge
BAI04—Managed
Availability
and Capacity
BAI03—Manage
Solutions
Identification
and Build
BAI02—Managed
Requirements
Definition
APO10—Managed
Vendors
APO09—Managed
Service
Agreements
APO08—Managed
Relationships
BAI01—Managed
Programs
APO11—Managed
Quality
APO03—Managed
Enterprise
Architecture
APO02—Managed
Strategy
APO04—Managed
Innovation
EDM03—Ensured
Risk Optimization
APO01—Managed
I&T Management
Framework
EDM02—Ensured
Benefits Delivery
Reference Model of Governance
and Management Objectives
COBIT Core
COBIT 5
Standards,
Frameworks,
Regulations
COBIT 2019
Inputs to COBIT 2019
Figure 4.1
COBIT Overview
MEA04—Managed
Assurance
MEA03—Managed
Compliance with
External
Requirements
MEA02—Managed
System of Internal
Control
MEA01—Managed
Performance and
Conformance
Monitoring
• SME
• Security
• Risk
• DevOps
• Etc.
Focus Area
COBIT® 2019 Design Guide:
Designing an Information and Technology
Governance Solution
Design Factors
• Enterprise strategy
• Enterprise goals
• Enterprise size
• Role of IT
• Sourcing model for IT
• Compliance requirements
• Etc.
COBIT® 2019 Implementation Guide:
Implementing and Optimizing an
Information and Technology
Governance Solution
➢ Priority governance
and management
objectives
➢ Specific guidance
from focus areas
➢ Target capability
and performance
management
guidance
Tailored Enterprise
Governance
System for
Information and
Technology
2019
© 2018 ISACA. All Rights Reserved.
Figure 2.1
COBIT Stakeholders
Stakeholder
Benefit of COBIT
Internal Stakeholders
Boards
Provides insights on how to get value from the use of I&T and explains relevant board
responsibilities
Executive Management
Provides guidance on how to organize and monitor performance of I&T across the
enterprise
Business Managers
Helps to understand how to obtain the I&T solutions enterprises require and how best
to exploit new technology for new strategic opportunities
IT Managers
Provides guidance on how best to build and structure the IT department, manage
performance of IT, run an efficient and effective IT operation, control IT costs, align
IT strategy to business priorities, etc.
Assurance Providers
Helps manage dependency on external service providers, get assurance over IT, and
ensure the existence of an effective and efficient system of interal controls
Risk Management
Helps to ensure the identitication and management of all IT-related risk
External Stakeholders
Regulators
Helps to ensure the enterprise is compliant with applicable rules and regulations and has
the right governance system in place to manage and sustain compliance
Business Partners
Helps to ensure that a business partner’s operations are secure, reliable and compliant with
applicable rules and regulations
IT Vendors
Helps to ensure that an IT vendor’s operations are secure, relaible and compliant with
applicable rules and regulations
Figure 3.1
Governance System Principles
1. Provide
Stakeholder
Value
2. Holistic
Approach
4. Governance
Distinct From
Management
Figure 3.2
Governance Framework Principles
1. Based on
Conceptual
Model
3. Dynamic
Governance
System
5. Tailored to
Enterprise
Needs
6. End-to-End
Governance
System
2. Open and
Flexible
3. Aligned to
Major Standards
© 2018 ISACA. All Rights Reserved.
Figure 4.16
COBIT Goals Cascade
Stakeholder
Drivers and
Needs
Enterprise
Goals
Cascade to
Alignment
Goals
Cascade to
Governance
and
Management
Objectives
Cascade to
Figure 4.3
COBIT Components of a Governance System
Processes
Services,
Infrastructure
and
Applications
People, Skills
and
Competencies
Organizational
Structures
Governance
System
Culture, Ethics
and
Behavior
Principles,
Policies,
Procedures
Information
© 2018 ISACA. All Rights Reserved.
BAI11—Managed
Projects
BAI10—Managed
Configuration
DSS03—Managed
Problems
BAI09—Managed
Assets
DSS02—Managed
Service Requests
and Incidents
BAI08—Managed
Knowledge
DSS01—Managed
Operations
DSS04—Managed
Continuity
BAI04—Managed
Availability
and Capacity
APO11—Managed
Quality
APO04—Managed
Innovation
BAI02—Managed
Requirements
Definition
APO10—Managed
Vendors
APO03—Managed
Enterprise
Architecture
EDM03—Ensured
Risk Optimization
BAI01—Managed
Programs
APO09—Managed
Service
Agreements
APO02—Managed
Strategy
EDM02—Ensured
Benefits Delivery
BAI03—Managed
Solutions
Identification
and Build
APO08—Managed
Relationships
APO01—Managed
I&T Management
Framework
EDM01—Ensured
Governance
Framework Setting
and Maintenance
Figure 4.2
COBIT Core Model
DSS05—Managed
Security
Services
BAI05—Managed
Organizational
Change
APO12—Managed
Risk
APO05—Managed
Portfolio
DSS06—Managed
Business
Process Controls
BAI06—Managed
IT Changes
APO13—Managed
Security
APO06—Managed
Budget and Costs
EDM04—Ensured
Resource
Optimization
BAI07—Managed
IT Change
Acceptance and
Transitioning
APO014—Managed
Data
APO07—Managed
Human Resources
EDM05—Ensured
Stakeholder
Engagement
MEA04—Managed
Assurance
MEA03—Managed
Compliance With
External
Requirements
MEA02—Managed
System of Internal
Control
MEA01—Managed
Performance and
Conformance
Monitoring
2019
I N T E R N AT I O N A L H E A D Q U A R T E R S
1700 E. Golf Road | Suite 400
Schaumburg, IL 60173 | USA
isaca.org
© 2018 ISACA. All Rights Reserved.
Figure 4.4
COBIT Design Factors
Enterprise
Strategy
Compliance
Requirements
Enterprise
Goals
Role of IT
Risk Profile
Sourcing
Model
for IT
I&T-Related
Issues
IT
Implementation
Methods
Threat
Landscape
Technology
Adoption
Strategy
Enterprise
Size
Future Factors
The globally recognized COBIT Framework, which
helps ensure effective enterprise governance of information and technology, has been updated with new
information and guidance, facilitating easier, tailored
implementation—strengthening COBIT’s
continuing role as an important driver of innovation
and business transformation. This document
provides an overview of the COBIT® 2019 guidance.
Figure 7.1
Impact of Design Factors on a
Governance and Management System
1. Management
Objective
Priority and
Target
Capability
Levels
This excerpt is available as a complimentary PDF at
www.isaca.org/COBIT and for purchase in hard copy
at www.isaca.org/bookstore. We encourage you to
share this document with your enterprise leaders,
team members, clients and/or consultants. Additional
information is available at isaca.org/COBIT.
Design
Factors’
Impact
3. Specific
Focus Areas
2. Component
Variations
© 2018 ISACA. All Rights Reserved.
Figure 7.2
Governance System Design Workflow
2. Determine
the initial
scope of the
governance
system.
• 2.1 Consider enterprise
strategy.
• 2.2 Consider enterprise
goals and apply the
COBIT goals cascade.
• 2.3 Consider the risk profile
of the enterprise.
• 2.4 Consider current
I&T-related issues.
ep
e ke
o w m going?
d
w
u
Ho ent
7e mom iew
s
v
th
Re enes
1 What a
re t
he
dri
ve
Initia
rs?
te p
rog
ram
ge
De
fin
?
Plan program
4 W h a t n e e d s to b e d o n e ?
• Change enablement
(middle ring)
• Continual improvement life cycle
(inner ring)
to b
e?
ap
m
Co o
dm
s
(outer ring)
a nt
fi
rg n e
ta et
te
Identify role
p l a ye r s
ta
t
e re
B u il d
i m p ro
ve m e n ts
• Program management
ew
Operate
and
measur
e
Embed n
approach ew
es
Realize ben
efit
s
6 Did we get th
ere?
we
th
De
we now?
re are
Whe
do
p
n
ss
Asseent
curr te
sta
le m
I m p ov e m
r
imp
at
er e
O p d us
an
te
ow
cu
5H
E xe
e
la
Recog
need nize
act to
Form ation
nt
leme
imp team
r
nito
Mo and
ate
u
l
a
ev
2
ms and
probleities
ine
un
Def opport
Establ
is
to ch h des
ang ire
e
in
sta
Su
ow
iv
ect
eff
e
en n t
ts
• 3.1 Consider the threat
• 4.1 Resolve inherent priority
landscape.
conflicts.
• 3.2 Consider compliance
• 4.2 Conclude the
requirements.
governance system
• 3.3 Consider the role of IT.
design.
• 3.4 Consider the sourcing
model.
• 3.5 Consider IT
implementation methods.
• 3.6 Consider the IT adoption
strategy.
• 3.7 Consider enterprise size.
er
oa
Figure 8.1
COBIT Implementation Road Map
4. Conclude the
governance
system design.
er
ed
• 1.1 Understand enterprise
strategy.
• 1.2 Understand enterprise
goals.
• 1.3 Understand the risk
profile.
• 1.4 Understand current
I&T-related issues.
3. Refine the
scope of the
governance
system.
m
ut u n i
co ca
me te
1. Understand
the enterprise
context and
strategy.
3
Wh
© 2018 ISACA. All Rights Reserved.
Related documents
v DESIGN IT GOVERNANCE FOR PLANNING AND ORGANIZING
v DESIGN IT GOVERNANCE FOR PLANNING AND ORGANIZING
Abstract by: Graciela Braga
Abstract by: Graciela Braga
COBIT 5 Exec. Summary
COBIT 5 Exec. Summary
New And Verified Isaca COBIT-2019 PDF Questions (2021)
New And Verified Isaca COBIT-2019 PDF Questions (2021)
COBIT 5 - Cheatsheet [v1.0, Minimarisk]
COBIT 5 - Cheatsheet [v1.0, Minimarisk]
COBIT 5 Executive Summary
COBIT 5 Executive Summary
How Do You Measure Up?: IT Metrics
How Do You Measure Up?: IT Metrics
Download
advertisement