THE INSTITUTE OF INTERNAL AUDITORS SASKATCHEWAN CHAPTER COBIT 5 Foundation Certificate Exam Course Introduction – Your opportunity to . . . Understand how COBIT 5 enables IT to be governed and managed in a holistic manner for the entire enterprise. Understand the key concepts in a Process Capability Assessment and the key attributes of the COBIT 5 PAM (Process Assessment Model) Understand how the COBIT 5 processes and the Process Reference Model (PRM) help guide the creation of the 5 Principles and the 7 Governance and Management Enablers. Write the COBIT 5 Foundation exam at the end of day two. INSTRUCTOR: Peter T. Davis, CMA, CISA CISM CISSP Principal, Peter Davis+Associates DATES: Monday, June 3, 2013 Tuesday, June 4, 2013 LOCATION: Travelodge Hotel 4177 Albert St Regina, SK Calling…. IT/IS Auditors, Internal Auditors, Information Security and IT Practitioners, Business Management, Chief Executives, Consultants, IT/IS Management looking to gain an insight into Enterprise Governance of IT and looking to be certified as a COBIT Implementer or Assessor. Instructor Peter T. Davis, an expert in IT Governance, Security and Audit, past President and founder of the Toronto ISSA Chapter will instruct this course. REGISTER NOW – Click Here TIME: Registration: 8:00 Course: 8:30 – 4:30 Lunch will be provided each day. FEE: IIA Members: $800 Non-members: $900 (GST included) REGISTRATION DEADLINE: May 24, 2013 (no reimbursements after this date) COBIT 5 Foundation Certificate Exam Course The COBIT 5 Business Framework for the Governance and Management of Enterprise IT 2-day course introduces the candidate to the five basic principles covered in detail and includes extensive guidance on enablers for governance and management of enterprise IT. Also included is a supplementary guide outlining the foundation concepts of a process assessment model (PAM) based on the ISO 15504 approach which replaces the previous CMM (Capability Maturity Model). The purpose of the Foundation certificate is to confirm that a candidate has sufficient knowledge and understanding of the COBIT 5 guidance to be able to understand the enterprise Governance and Management of Enterprise IT, create awareness with their business executives and senior IT Management; assess the current state of their Enterprise IT with the objective of scoping what aspects of COBIT 5 would be appropriate to implement. The Foundation level training and certificate is also a pre-requisite for the following training and certificate courses: COBIT 5 Implementation Training & certificate COBIT 5 Assessor Training & certificate In this seminar, we will discuss: The major drivers for the development of a Framework The business benefits of using COBIT 5 The COBIT 5 Product Architecture. The IT management issues and challenges that affect enterprises. The 5 Key Principles of COBIT 5 for the governance and management of Enterprise IT You will leave the session with the tools to: Understand how COBIT 5 enables IT to be governed and managed in a holistic manner for the entire enterprise. Understand the key concepts in a Process Capability Assessment and the key attributes of the COBIT 5 PAM (Process Assessment Model) Understand how the COBIT 5 processes and the Process Reference Model (PRM) help guide the creation of the 5 Principles and the 7 Governance and Management Enablers. Target Audience Business Management, Chief Executives, IT /IS Auditors, Internal Auditors, Information Security and IT Practitioners; Consultants, IT/IS Management looking to gain an insight into the Enterprise Governance of IT and looking to be certified as a COBIT Implementer or Assessor. Prerequisites Participants should download and bring COBIT 5 Framework and Exam Syllabus. Exam Participants have the opportunity to write the COBIT 5 Foundation exam. Seminar Outline General Introduction Purpose of the training High level learning outcomes Structure of the material Exam requirements and preparation Overview & Key Features of COBIT 5 The Reasons for the Development of COBIT 5 The Evolution of COBIT The Drivers for developing a Framework The benefits of using COBIT 5 The COBIT 5 Format & product Architecture COBIT 5 and Other Frameworks The COBIT 5 Principles Principles model o Principle 1 – Meeting Stakeholder Needs o Principle 2 – Covering the Enterprise End-to-End o Principle 3 – Applying a Single Integrated Framework o Principle 4 – Enabling a Holistic Approach o Principle 5 – Separating Governance from Management The COBIT 5 Enablers Enabler 1 - Principles, Policies and Frameworks Enabler 2 - Processes Enabler 3 - Organizational Structures Enabler 4 - Culture, Ethics and Behaviour Enabler 5 - Information Enabler 6 - Services, Infrastructure and Applications Enabler 7 - People, Skills and Competencies Introduction to COBIT 5 Implementation The Life cycle Approach o Inter related components of the life cycle o Understanding the enterprise internal and external factors o Key success factors for implementation o The seven phases of the Life Cycle model explained o The seven Change Enablement characteristics used in the life cycle. o Change Enablement relationships to the Continual Improvement Life Cycle o Making the Business case Process Capability Assessment Model What is a process assessment What is the COBIT Assessment Programme The differences between a capability and maturity assessment Differences to the COBIT 4.1 CMM o Differences between the COBIT 4.1 and COBIT 5 PAMs’ Overview of the COBIT Capability Model & Assessments The Process Reference Model (PRM) o Important definitions o Application of ISO definitions to the COBIT 5 PRM o Application of ISO definitions to the COBIT 4.1 PRM The Process Assessment Model (PAM) o Scope o Indicators o Mapping o Capability Levels and Attributes Explained The Measurement Framework o The ISO 15504 approach and Risk-Based assessments Introduction to the Assessor Training Steps (Not being tested) o The 7 Steps to performing an assessment summarised Instructor Bio Peter T. Davis Peter Davis (CISA, CISSP, CMA, CMC, CWNA, CISM, COBIT FC, ITIL FC, PMP, SSGB, CGEIT, CFRA, ISTQB CTFL, PRINCE2 FC, ISO 27001 LI/LA, ISO 20000 FC, ISO 22301 FC, ISO 27005/31000 RM, ISO 9001 FC, ISO 28000 FC) is the Principal of Peter Davis+Associates (http://www.pdaconsulting.com), a management consulting firm specializing in IT Governance, Security, and Audit. Prior to founding PDA, Mr. Davis’ private sector experience included stints with two large Canadian banks and a manufacturing company. He was formerly a principal in the Information Systems Audit practice of Ernst & Young. In the public sector, Mr. Davis was Director of Information Systems Audit in the Office of the Provincial Auditor (Ontario). A 30-year information systems audit and security veteran, Mr. Davis’ career includes positions as security administrator, security planner, consultant, and information systems auditor. Mr. Davis also is the past President and founder of the Toronto ISSA chapter, past Recording Secretary of the ISSA’s International Board and past Computer Security Institute Advisory Committee member. In addition, he was a member of the international committee formed to develop Generally Accepted System Security Principles (GSSP). Mr. Davis has written or co-written 12 books including “Lean Six Sigma Secrets for the CIO,” “Hacking Wireless Networks for Dummies,” “Wireless Networks for Dummies,” “Computer Security for Dummies,” and “Securing and Controlling Cisco Routers.” Peter is listed in the International Who’s Who of Professionals. He is a past Editor of EDPACS, a monthly publication for security and audit professionals.