Quick Reference Guide COBIT 5 Framework
|
|
- Thomas Bond
- 7 years ago
- Views:
Transcription
1 Quick Reference Guide COBIT 5 Framework WP0144 April 2014 Russel Jones This quick reference guide serves as a supplement to our library of whitepapers and other guidance on and IT Governance. COBIT 5 is arguably the most widely used and well known IT governance and management best practice framework developed by ISACA. This framework incorporates the older versions of COBIT, Risk IT and Val IT, and ISO/IEC Russel Jones Russel Jones is an Orbus consultant with more than seven years experience in business and IT architectures, design and planning. He has broad industry and region experience spanning financial services, natural resources and retail. His Education and Certifications include: COBIT 5, TOGAF 8/ 9, ITIL 2011, Prince 2, ArchiMate 2 and B.Com Economics COBIT 5 provides a comprehensive framework that assists enterprises in achieving their objectives for the governance and management of enterprise information and technology assets (IT). It enables IT to be governed and managed in a holistic manner for the entire enterprise, taking in the full end-to-end business and IT functional areas of responsibility, considering the IT-related interests of internal and external stakeholders. The COBIT 5 framework is generic and useful for enterprises of all sizes, whether commercial, not-for-profit or in the public sector. Simply stated, it helps enterprises create optimal value from IT by maintaining a balance between realizing benefits and optimizing risk levels and resource use. Access our free, extensive library at
2 Table of Contents Summary 1 List of Figures 2 Introducing 3 Defining IT Governance 3 What is 3 The Product Family 3 Framework in Detail 4 Principle 1: Meeting Stakeholder Needs 4 Principle 2: Covering the Enterprise End-to-end 4 Principle 3: Applying a Single Integrated Framework 4 Principle 4: Enabling a Holistic Approach 5 Principle 5: Separating Governance from Management 6 Conclusion 6 List of Figures Figure 1 - COBIT 5 Product Family 3 Figure 2 - COBIT 5 Governance Objectives 4 Figure 3 - COBIT 5 End-to-end enterprise coverage 4 Figure 4 - COBIT 5 Framework Integrator 5 Figure 5 - COBIT 5 Enterprise Enablers 5 Figure 6 - COBIT 5 Enabler Dimensions 5 Figure 7 - COBIT 5 High Level Process Reference Model 6 2
3 Introducing Defining IT Governance ISACA define IT governance as The processes and relationships that lead to reasoned decision-making in the use of IT. Governance ensures efficient execution, guidance and oversight for continued business transformation and compliance activities and is achieved through the correct organizational structures, transparent processes and information management by defining the relevant controls, boundaries, authorities, responsibilities and tasks necessary to achieve and sustain the organization s objectives and strategy. Differentiating between governance and management is crucial to understanding the COBIT concepts and perspective. Most business, nowadays, is highly integrated with technology. Because so many business processes are completely dependent on Information Technology, it is inevitable that any consideration of business governance will extend into the IT realm. Good governance supports the delivery of an organization s strategic objectives and sustains the organization s strategy. What is COBIT is an IT governance and management framework that allows managers to bridge the gap between control requirements, technical issues and business risks. COBIT enables clear policy development and good practice for IT control throughout organizations. COBIT emphasizes regulatory compliance, helps the enterprise increase the value attained from IT, enables alignment and simplifies implementation of the COBIT framework. The latest version of this framework released is COBIT version 5, which consolidates and integrates the COBIT 4.1, Val IT 2.0 and Risk IT frameworks, and also draws significantly from the Business Model for Information Security (BMIS) and ITAF. COBIT 5 recognizes that delivering stakeholder value requires good governance and management of information and technology (IT) assets and that enterprise boards, executives and management have to embrace IT like any other significant part of the business. External legal, regulatory and contractual compliance requirements related to enterprise use of information and technology are increasing, threatening value if breached, and must therefore be governed and managed effectively. COBIT 5 provides a comprehensive framework that assists enterprises to achieve their goals and deliver value through effective governance and management of enterprise IT. COBIT 5 assists enterprises and their executives as they endeavour to maintain quality information to support business decisions and generate business value from IT-enabled investments, i.e., achieve strategic goals and realise business benefits through effective and innovative use of IT. COBIT 5 helps enterprises create optimal value from IT by maintaining a balance between realizing benefits and optimizing risk levels and resource use. It enables information and related technology to be governed and managed in a holistic manner for the entire enterprise, taking in the full end-to-end business and functional areas of responsibility, considering the ITrelated interests of internal and external stakeholders. The Product Family. The COBIT 5 product family consists of the base framework and a number of detailed extension modules. COBIT 5 Enabler Guides : Enabling Processes COBIT 5 Professional Guides Implementation Figure 1 - COBIT 5 Product Family ( ISACA 2012) COBIT 5 is the base framework for the governance and management of enterprise IT. This contains the core principles and concepts and introduces the best practice framework. for Information Security : Enabling Information for Assurance for Risk COBIT 5 Online Collaborative Environment Other Enabler Guides Other Professional Guides 3
4 The enabling process enabler guide contains further detail on the governance and management processes. There are five levels of processes down to activities. Also included in this enabler guide are RACI matrices, process inputs and outputs, detailed process purpose statements, and process goals with measures. The enabling information enabler guide provides more detail on the information required and created as part of the governance and management of enterprise IT. The COBIT 5 professional guides help the various user groups adopt and use COBIT 5 in their functional domains, such as information security, assurance and risk. Principle 2: Covering the Enterprise End-to-end This principle explains how COBIT 5 integrates the governance of enterprise IT into enterprise governance by covering all functions and processes within the enterprise. The below diagram illustrates the key component of the COBIT 5 governance system. Governance Objective: Value Creation Benefits Realisation Risk Resource Framework in Detail Principle 1: Meeting Stakeholder Needs Governance Enablers Governance Scope This principle introduces the COBIT 5 goals cascade. The enterprise goals for IT are used to formalize and structure the stakeholder needs. Enterprise goals can be linked to IT-related goals, and these IT-related goals can be achieved through the optimal use and execution of all enablers, including processes. This set of connecting goals is called the COBIT 5 goals cascade. The chapter also provides examples of typical governance and management questions that stakeholders may have about enterprise IT. Stakeholder Needs Drive Governance Objective: Value Creation Benefits Realisation Risk Resource Figure 3 - COBIT 5 End-to-end enterprise coverage Principle 3: Applying a Single Integrated Framework Principle 3 describes the COBIT 5 architecture that achieves the integration identified and suggested by the COBIT 5 framework. The past versions of COBIT, other ISACA and governance guidance and best practice are included in the knowledge base, which will be maintained and updated. The COBIT enablers reference this knowledge base in order to effectively govern and manage enterprise IT operations. Roles, Activities and Relationships ( ISACA 2012) Figure 2 - COBIT 5 Governance Objectives ( ISACA 2012) The primary governance objective of COBIT 5 is value creation for the enterprise and stakeholders. This objective is decomposed into benefits realization, risk optimization, and resource optimization. 4
5 Existing ISACA Guidance (COBIT, Val IT, Risk IT, BMIS, ) New ISACA Guidance Materials COBIT 5 Knowledge Base Current guidance and contents Structure for future contents Other Standards and Frameworks COBIT 5 Enablers Principle 4: Enabling a Holistic Approach This principle introduces enablers and a common way of looking at how enablers are presented: the generic enabler model. Each enabler has a number of enabler dimensions which include stakeholders, enabler goals, lifecycle and good practices. Enabler performance management ensures each of these dimensions are measured and monitored. Performance lag indicators refer to those measures that report performance after the fact, and lead indicators refer to indicators that can be measured and reported on before the enabler s outcome. Content Filter for Knowledge Base 2. Processes 3. Organisational Structures 4. Culture, Ethics and Behaviour COBIT 5 Product Family COBIT 5 1. Principles, Policies and Frameworks COBIT 5 Enabler Guides COBIT 5 Professional Guides COBIT 5 Online Collaborative Environment 5. Information 6. Services, Infrastructure and Applications Resources 7. People, Skills and Competencies Figure 4 - COBIT 5 Framework Integrator ( ISACA 2012) Figure 5 - COBIT 5 Enterprise Enablers ( ISACA 2012) Enabler Dimension Stakeholders Goals Life Cycle Good Practices Internal Stakeholders External Stakeholders Intrinsic Quality Contextual Quality (Relevance, Effectiveness) Accessibility and Security Plan Design Build/Acquire/Create/ Implement Use/Operate Evaluate/Monitor Update/Dispose Practices Work Products (Inputs/Outputs) Enabler Performance Management Are Stakeholder Needs Addressed? Are Enabler Goals Achieved? Metrics for Achievement of Goals (Lag Indicators) Is Life Cycle Managed? Are Good Practices Applied? Metrics for Application of Practice (Lead Indicators) 5 Figure 6 - COBIT 5 Enabler Dimensions ( ISACA 2012)
6 Principle 5: Separating Governance from Management This principle discusses the difference between management and governance, and how they interrelate. The high-level COBIT 5 process reference model illustrates how stakeholder needs drive all governance and management functions. Governance Management Plan (APO) Direct COBIT 5 also contains a an additional four lower levels of process drilling down to activity level details on the best practice for the governance and management of enterprise IT. Associated with these processes are the IT-related goals and Enabler goals, and details such as inputs and outputs and RACI matrices. Conclusion Build (BAI) Governance is a mechanism necessary to achieve and sustain an organization s objectives and strategy. It does this by ensuring efficient execution, guidance and oversight for continued business transformation and compliance activities. Business Needs Evaluate Management Feedback Build (BAI) Figure 7 - COBIT 5 High Level Process Reference Model ( ISACA 2012) Monitor Governance is achieved through the correct Monitor (MEA) organizational structures, transparent processes and information management by defining the relevant controls, boundaries, authorities, responsibilities and tasks and should deliver support for: Provision of strategic direction Ensuring that objectives are achieved Ascertaining that risks are managed appropriately Verifying that the enterprise s resources are used responsibly Adopting COBIT 5 into an organization can be a daunting task, with thousands of processes and goals, and many more performance measures prescribed as the best practice. The iserver IT Governance Solution, which contains the COBIT 5 base framework and the Enabling Process enabler guide, provides a support and collaboration platform for ensuring compliance with COBIT 5 best practice. The solution provides a number of mechanisms and tools to benchmark and report on enterprise compliance and IT governance maturity. Good governance is characterized by discipline, transparency, independence, accountability, responsibility, fairness and social responsibility. Governance helps organizations in evaluating options, direction setting and monitoring performance (COBIT 5). Established governance will help organizations address a wide range of business-related issues including regulatory compliance, risk and resource management and IT value management. References ISACA 2012 : A Business Framework for the Governance and Management of IT USA: ISACA Copyright 2014 Orbus Software. All rights reserved. No part of this publication may be reproduced, resold, stored in a retrieval system, or distributed in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior permission of the copyright owner. Such requests for permission or any other comments relating to the material contained in this document may be submitted to: marketing@orbussoftware.com Orbus Software 3rd Floor 111 Buckingham Palace Road London SW1W 0SR United Kingdom +44 (0) enquiries@orbussoftware.com
Roles, Activities and Relationships
and in COBIT 5 Objective: Value Creation Benefits Realisation Risk Resource Enablers Scope Roles, Activities and Relationships Source: COBIT 5, figure 8 Key Roles, Activities and Relationships Roles, Activities
More informationWhite Paper What Solutions Architects Should Know About The TOGAF ADM
White Paper What Solutions Architects Should Know About The TOGAF ADM WP0015 October 2011 The Open Group Architecture Framework 1 (TOGAF) is the most widely referenced architecture framework currently
More informationPresented by. Denis Darveau CISM, CISA, CRISC, CISSP
Presented by Denis Darveau CISM, CISA, CRISC, CISSP Las Vegas ISACA Chapter, February 19, 2013 2 COBIT Definition Control Objectives for Information and Related Technology (COBIT) is an IT governance framework
More informationCOBIT 5 Introduction. 28 February 2012
COBIT 5 Introduction 28 February 2012 COBIT 5 Executive Summary 2012 ISACA. All rights reserved. 2 Information! Information is a key resource for all enterprises. Information is created, used, retained,
More informationINFORMATION TECHNOLOGY FLASH REPORT
INFORMATION TECHNOLOGY FLASH REPORT ISACA Releases COBIT 5: Updated Framework for the Governance and Management of IT May 18, 2012 In April, ISACA released COBIT 5 as a replacement for its current globally
More informationRevised October 2013
Revised October 2013 Version 3.0 (Live) Page 0 Owner: Chief Examiner CONTENTS: 1. Introduction..2 2. Foundation Certificate 2 2.1 The Purpose of the COBIT 5 Foundation Certificate.2 2.2 The Target Audience
More informationGeoff Harmer PhD, CEng, FBCS, CITP, CGEIT Maat Consulting Reading, UK www.maatconsulting.com
COBIT 5 All together now! Geoff Harmer PhD, CEng, FBCS, CITP, CGEIT Maat Consulting Reading, UK www.maatconsulting.com 1 Copyright Notice COBIT is 1996, 1998, 2000, 2005 2012 ISACA and IT Governance Institute.
More informationCOBIT 5 For Cyber Security Governance and Management. Nasser El-Hout Managing Director Service Management Centre of Excellence (SMCE)
COBIT 5 For Cyber Security Governance and Management Nasser El-Hout Managing Director Service Management Centre of Excellence (SMCE) Cybersecurity Governance using COBIT5 Cyber Defence Summit Riyadh, KSA
More informationUnderstanding COBIT 5. based on ISACA Materials www.isaca.org/cobit. Prepared by: Deb Mallette, CGEIT, CISA, CSSBB, IMG BSMS EPDM, Process Consultant
Prepared by: Deb Mallette, CGEIT, CISA, CSSBB, IMG BSMS EPDM, Process Consultant Understanding COBIT 5 based on ISACA Materials www.isaca.org/cobit ISACA Silicon Valley Chapter Spring 1 Why COBIT is important
More informationCOBIT Helps Organizations Meet Performance and Compliance Requirements
DISCUSS THIS ARTICLE COBIT Helps Organizations Meet Performance and Compliance Requirements By Sreechith Radhakrishnan, COBIT Certified Assessor, ISO/IEC 20000 LA, ISO/IEC 27001 LA, ISO22301 LA, ITIL Expert,
More informationCOBIT 5: A New Governance Framework for Managing & Auditing the Technology Environment CS 6-7: Tuesday, July 7 3:30-4:30
COBIT 5: A New Governance Framework for Managing & Auditing the Technology Environment CS 6-7: Tuesday, July 7 3:30-4:30 Presented by: Nelson Gibbs CIA, CRMA, CISA, CISM, CGEIT, CRISC, CISSP ngibbs@pacbell.net
More informationChayuth Singtongthumrongkul
IT is complicated. IT Governance doesn t have to be. Chayuth Singtongthumrongkul CISSP, CISA, ITIL Intermediate, PMP, IRCA ISMS (ISO/IEC 27001) Director of International Academic Alliance, ACIS Professional
More informationWhite Paper. COBIT 5 & BiSL
White Paper COBIT 5 & BiSL This paper compares the scope and perspective of COBIT 5 and BiSL and shows how these two frameworks can be used in conjunction to assure that business information management
More informationCOBIT 5 Foundation Workshop. COBIT is a trademark of the Information Systems Audit and Control Association and the IT Governance Institute
COBIT 5 Foundation Workshop COBIT is a trademark of the Information Systems Audit and Control Association and the IT Governance Institute COBIT 5: A Business Framework for the Governance and Management
More informationIncreasing IT Value and Reducing Risk. More for Less with COBIT5. IT Governance and Strategy
Increasing IT Value and Reducing Risk More for Less with COBIT5 Copyright 2012 ITpreneurs. All rights reserved. 1 COBIT 5 the Next Evolution 2 COBIT 5 Released in April 2012 COBIT5 is the eagerly awaited
More informationWhite Paper BPMN 2.0 Task Types Explained
White Paper BPMN 2.0 Task Types Explained WP0093 August 2013 Tasks represent the most fundamental process elements, which define units of work in a process. In BPMN, a Task represents an atomic Activity
More informationCLOUD SECURITY THROUGH COBIT, ISO 27001 ISMS CONTROLS, ASSURANCE AND COMPLIANCE
CLOUD SECURITY THROUGH COBIT, ISO 27001 ISMS CONTROLS, ASSURANCE AND COMPLIANCE Indranil Mukherjee Singapore ISC Pte Ltd Session ID: CLD T02 Session Classification: Intermediate Cloud Computing from a
More informationCopyright protected. Use is for Single Users only via a VHP Approved License. For information and printed versions please see www.vanharen.
COBIT 5 A Management Guide Other publications by Van Haren Publishing Van Haren Publishing (VHP) specializes in titles on Best Practices, methods and standards within four domains: - IT and IT Management
More informationCOBIT 5 ISACA s new framework for IT Governance, Risk, Security and Auditing. An overview
COBIT 5 IACA s new framework for IT Governance, Risk, ecurity and Auditing An overview M. Garsoux COBIT 5 Licensed Training rovider Introduction rinciples rocesses Implementation upporting roducts Questions
More informationThe IT Infrastructure Library (ITIL)
IT service management is often equated with the Information Technology Infrastructure Library (ITIL), even though there are a variety of standards and frameworks contributing to the overall ITSM discipline.
More informationHOW COBIT CAN COMPLEMENT ITIL TO ACHIEVE BIT
HOW COBIT CAN COMPLEMENT ITIL TO ACHIEVE BIT 1, Narges Zeinolabedin *, 2, Soroush Afiati Mehrvarz 3, Neda Rahbar 1 Department of ITM, Islamic Azad University, Electronic Branch, Tehran, Iran 2 Department
More informationAn Enterprise Architecture and Data quality framework
An Enterprise Architecture and quality framework Jerome Capirossi - NATEA-Consulting jerome@capirossi.org http://capirossi.org, Pascal Rabier La Mutuelle Generale prabier@lamutuellegeneral.fr Abstract:
More informationAuditors Need to Know June 13th, 2012. ISACA COBIT 5 for Assurance
COBIT 5 What s New, What Auditors Need to Know June 13th, 2012 Anthony Noble Viacom Inc. ISACA COBIT 5 for Assurance Task Force Chair Special thanks to Derek Oliver & ISACA for supplying material for this
More informationEffectively Using CobiT in IT Service Management
Effectively Using CobiT in IT Service Management Crown copyright material is reproduced with the permission of the Controller of HMSO and Queen s Printer for Scotland. ITIL is a Registered Trade Mark of
More informationfor Information Security
for Information Security The following pages provide a preview of the information contained in COBIT 5 for Information Security. The publication provides guidance to help IT and Security professionals
More informationWhite Paper Business Process Modeling and Simulation
White Paper Business Process Modeling and Simulation WP0146 May 2014 Bhakti Stephan Onggo Bhakti Stephan Onggo is a lecturer at the Department of Management Science at the Lancaster University Management
More informationITIL Service Lifecycles and the Project Manager
1 ITIL Service Lifecycles and the Project Manager The intersection of IT Service and Project Delivery Presented to: Kansas City Mid-America PMI Chapter Mark Thomas January 17, 2011 1 Agenda 2 Introduction
More informationCOBIT 5 and the Process Capability Model. Improvements Provided for IT Governance Process
Proceedings of FIKUSZ 13 Symposium for Young Researchers, 2013, 67-76 pp The Author(s). Conference Proceedings compilation Obuda University Keleti Faculty of Business and Management 2013. Published by
More informationSomewhere Today, A Project is Failing
Aligning CobiT and ITIL - The Business Benefit 2007 ISACA All rights reserved www.isaca.org Page - 1 Somewhere Today, A Project is Failing Chapter 1, Peopleware 2nd edition Tom DeMarco 2007 ISACA All rights
More informationCOPYRIGHTED MATERIAL. Contents. Acknowledgments Introduction
Contents Acknowledgments Introduction 1. Governance Overview How Do We Do It? What Do We 1 Get Out of It? 1.1 What Is It? 1 1.2 Back to Basics 2 1.3 Origins of Governance 3 1.4 Governance Definition 5
More informationSound Transit Internal Audit Report - No. 2014-3
Sound Transit Internal Audit Report - No. 2014-3 IT Project Management Report Date: Dec. 26, 2014 Table of Contents Page Background 2 Audit Approach and Methodology 2 Summary of Results 4 Findings & Management
More informationTOGAF. TOGAF & Major IT Frameworks, Architecting the Family. by Danny Greefhorst, MSc., Director of ArchiXL. IT Governance and Strategy
TOGAF TOGAF & Major IT Frameworks, Architecting the Family by Danny Greefhorst, MSc., Director of ArchiXL TOGAF is a registered trademark of The Open Group. Copyright 2013 ITpreneurs. All rights reserved.
More informationCOBIT 5 for Risk. CS 3-7: Monday, July 6 4:00-5:00. Presented by: Nelson Gibbs CIA, CRMA, CISA, CISM, CGEIT, CRISC, CISSP ngibbs@pacbell.
COBIT 5 for Risk CS 3-7: Monday, July 6 4:00-5:00 Presented by: Nelson Gibbs CIA, CRMA, CISA, CISM, CGEIT, CRISC, CISSP ngibbs@pacbell.net Disclaimer of Use and Association Note: It is understood that
More informationFounda'onal IT Governance A Founda'onal Framework for Governing Enterprise IT Adapted from the ISACA COBIT 5 Framework
Founda'onal IT Governance A Founda'onal Framework for Governing Enterprise IT Adapted from the ISACA COBIT 5 Framework Steven Hunt Enterprise IT Governance Strategist NASA Ames Research Center Michael
More informationSetting goals and measuring the value of Enterprise IT Architecture using COBIT 5 framework
Setting goals and measuring the value of Enterprise IT Architecture using COBIT 5 framework Karoline Westerlund, IT-strategist Umeå University, Sweden retirement Service Catalogue Defined framework Formalized
More informationIntroduction to ITIL for Project Managers
CSC NORTH AMERICAN PUBLIC SECTOR Introduction to ITIL for Project Managers May Chantilly Luncheon Linda Budiman, PMP ITILv2 & ITILv3 Process Architect ITIL Service Manager, CobiT certified 5/13/2008 8:08:45
More informationTOGAF TOGAF & Major IT Frameworks, Architecting the Family
Fall 08 TOGAF TOGAF & Major IT Frameworks, Architecting the Family Date: February 2013 Prepared by: Danny Greefhorst, MSc., Director of ArchiXL TOGAF is a registered trademark of The Open Group. TOGAF
More informationIT governance and business organization: some trends about the management of application portfolio
IT governance and business organization: some trends about the management of application portfolio Roberto Candiotto, Silvia Gandini 1 1 Dipartimento di Studi per l Economia e l Impresa (Università del
More informationITIL : the basics. Valerie Arraj, Compliance Process Partners LLC. White Paper July 2013
ITIL : the basics Valerie Arraj, Compliance Process Partners LLC White Paper July 2013 2 ITIL : the basics Contents 1 What is ITIL and what are its origins? 3 2 The service lifecycle 3 3 Why would an organization
More informationAn Implementation Roadmap
An Implementation Roadmap The 2nd Abu Dhabi IT s Forum P J Corum, CSQA, CSTE, ITSM Managing Director Quality Assurance Institute Middle East and Africa Dubai, UAE Quality Assurance Institute Middle East
More informationCONCEPTUAL MODEL OF IT GOVERNANCE FOR HIGHER EDUCATION BASED ON COBIT 5 FRAMEWORK
CONCEPTUAL MODEL OF IT GOVERNANCE FOR HIGHER EDUCATION BASED ON COBIT 5 FRAMEWORK HERU NUGROHO Telkom University, Telkom Applied Science School, Department of Information Technology, Bandung E-mail: herunugroho@telkomuniversity.ac.id,
More informationApplying Integrated Risk Management Scenarios for Improving Enterprise Governance
Applying Integrated Risk Management Scenarios for Improving Enterprise Governance János Ivanyos Trusted Business Partners Ltd, Budapest, Hungary, ivanyos@trusted.hu Abstract: The term of scenario is used
More informationBADM 590 IT Governance, Information Trust, and Risk Management
BADM 590 IT Governance, Information Trust, and Risk Management Information Technology Infrastructure Library (ITIL) Spring 2007 By Po-Kun (Dennis), Tseng Abstract: This report is focusing on ITIL framework,
More informationAN APPROACH TO DESIGN SERVICES KEY PERFORMANCE INDICATOR USING COBIT5 AND ITIL V3
AN APPROACH TO DESIGN SERVICES KEY PERFORMANCE INDICATOR USING COBIT5 AND ITIL V3 1 Retno Ayu Widiyaningrum, 2 Kudang B Sminar, 3 Husniteja Sukmana Department of Computer Science, Bogor Agricultural University,
More informationThe ITIL v.3 Foundation Examination
The ITIL v.3 Foundation Examination Sample Paper A, version 3.1 Multiple Choice Instructions 1. All 40 questions should be attempted. 2. There are no trick questions. 3. All answers are to be marked on
More informationIRCA Briefing note ISO/IEC 20000-1: 2011
IRCA Briefing note ISO/IEC 20000-1: 2011 How to apply for and maintain Training Organization Approval and Training Course Certification IRCA 3000 Contents Introduction 3 Summary of the changes within ISO/IEC
More informationCertified Information Security Manager (CISM)
Certified Information Security Manager (CISM) Course Introduction Course Introduction Domain 01 - Information Security Governance Lesson 1: Information Security Governance Overview Information Security
More informationIn the launch of this series, Information Security Management
Information Security Management Programs: Operational Assessments Lessons Learned and Best Practices Revealed JUSTIN SOMAINI AND ALAN HAZLETON As the authors explain, a comprehensive assessment process
More informationCOBIT 5 Process Assessment Method (PAM) Debra Mallette, CGEIT, CISA, CSSBB Governance Risk and Compliance -G22
COBIT 5 Process Assessment Method (PAM) Debra Mallette, CGEIT, CISA, CSSBB Governance Risk and Compliance -G22 Session Objectives Why Assess Process Capability COBIT 5 Process Assessment Model Relationship
More informationGovernance. as a tool for Architects. Tuesday, 6 November, 12
Governance as a tool for Architects Governance is the act of governing. It relates to decisions that define expectations, grant power, or verify performance. It consists of either a separate process or
More informationBridging the IT Business Gap The Role of an Enterprise Architect
Whitepaper Bridging the IT Business Gap The Role of an Enterprise Architect Today s enterprises understand the value that Information Technology (IT) can bring to their business. IT supports day-to-day
More informationDeveloping Business Architecture with TOGAF
Developing Business Architecture with TOGAF Building Business Capability 2013 Las Vegas, NV Armstrong Process Group, Inc. www.aprocessgroup.com Objectives Introduce The Open Group Architecture Framework
More informationPhil Marshall Black Duck Software. 2012 ISACA Webinar Program. 2012 ISACA. All rights reserved.
Open Source Component Governance and Management Using COBIT Phil Marshall Black Duck Software 2012 ISACA Webinar Program. 2012 ISACA. All rights reserved. Welcome Type in questions using the Ask A Question
More informationMaximize the synergies between ITIL and DevOps
BEST PRACTICES WHITE PAPER Maximize the synergies between ITIL and DevOps By Anthony Orr, Director of Service Management, Office of the CTO, BMC Software TABLE OF CONTENTS EXECUTIVE SUMMARY...............................................
More informationfor Oil & Gas Industry
Wipro s Upstream Storage Solution for Oil & Gas Industry 1 www.wipro.com/industryresearch TABLE OF CONTENTS Executive summary 3 Business Appreciation of Upstream Storage Challenges...4 Wipro s Upstream
More informationSuccessful Enterprise Architecture. Aligning Business and IT
Successful Enterprise Architecture Aligning Business and IT 1 Business process SOLUTIONS WHITE PAPER Executive Summary...3 An Integrated Business & IT Infrastructure...3 Benefits to Business and IT Go
More informationITIL AND COBIT EXPLAINED
ITIL AND COBIT EXPLAINED 1 AGENDA Overview of Frameworks Similarities and Differences Details on COBIT Framework (based on version 4.1) Details on ITIL Framework, focused mainly on version.2. Comparison
More informationIntroduction to the ITIL Service Management Framework
Introduction to the ITIL Service Management Framework ITIL is a registered trade mark of the Cabinet Office. The Swirl logo is a trade mark of the Cabinet Office. IT Infrastructure Library is a registered
More informationINTERMEDIATE QUALIFICATION
PROFESSIONAL QUALIFICATION SCHEME INTERMEDIATE QUALIFICATION SERVICE LIFECYCLE CONTINUAL SERVICE IMPROVEMENT CERTIFICATE SYLLABUS Page 2 of 18 Document owner The Official ITIL Accreditor Contents CONTINUAL
More informationEnabling IT Performance & Value with Effective IT Governance Assessment & Improvement Practices. April 10, 2013
Enabling IT Performance & Value with Effective IT Governance Assessment & Improvement Practices April 10, 2013 Today's Agenda: Key Topics Defining IT Governance IT Governance Elements & Responsibilities
More informationBenchmark of controls over IT activities. 2011 Report. ABC Ltd
www.pwc.com/cy Benchmark of controls over IT activities 2011 Report ABC Ltd... 2012 Scope and approach We wish to provide you with our IT Benchmarking report over IT activities at ABC Ltd (the Company)
More informationCOBIT 4.1 TABLE OF CONTENTS
COBIT 4.1 TABLE OF CONTENTS Executive Overview....................................................................... 5 COBIT Framework.........................................................................
More informationIntegrating the Project Portfolio Management and Service Portfolio Management: The Governance of Enterprise IT Perspective
Integrating the Project Portfolio and Portfolio : The Governance of Enterprise IT Perspective George Papoulias CGEIT. ITIL Expert, PRINCE2 Prac;;oner, CRISC, CISA Senior Project Manager CONTENTS TYPES
More informationISACA Roundtable. Cobit and Grab@Pizza 7 september 2015
1 ISACA Roundtable 7 september 2015 ISACA Roundtable Cobit and Grab@Pizza 7 september 2015 2015 KPN Corporate Market B.V. ISACA, is a registered trademark of the Information Systems Audit and Control Association
More informationISO 21500: Did we need it? A Consultant's Point of View after a first experience. Session EM13TLD04
ISO 21500: Did we need it? A Consultant's Point of View after a first experience Session EM13TLD04 Maria Cristina Barbero, MBA, PMI-ACP, PMP Nexen SPA PMI is a registered trade and service mark of the
More informationProcurement Programmes & Projects P3M3 v2.1 Self-Assessment Instructions and Questionnaire. P3M3 Project Management Self-Assessment
Procurement Programmes & Projects P3M3 v2.1 Self-Assessment Instructions and Questionnaire P3M3 Project Management Self-Assessment Contents Introduction 3 User Guidance 4 P3M3 Self-Assessment Questionnaire
More informationQuick Guide: Meeting ISO 55001 Requirements for Asset Management
Supplement to the IIMM 2011 Quick Guide: Meeting ISO 55001 Requirements for Asset Management Using the International Infrastructure Management Manual (IIMM) ISO 55001: What is required IIMM: How to get
More informationG13 USE OF RISK ASSESSMENT IN AUDIT PLANNING
IS AUDITING GUIDELINE G13 USE OF RISK ASSESSMENT IN AUDIT PLANNING The specialised nature of information systems (IS) auditing and the skills necessary to perform such audits require standards that apply
More informationITIL Introduction and Overview & ITIL Process Map
ITIL Introduction and Overview & ITIL Process Map Barbara Re 1 Where we are? IT organization has a long trouble to improve service level to their customers without adding cost, reducing quality or introducing
More informationEA vs ITSM. itsmf 15.4.2014
EA vs ITSM itsmf 15.4.2014 EA vs ITSM SH Needs Business Goals 2 GOVERNANCE EVALUATE PLANNING ITSM IMPROVING OPERATING Business Programs Projects DEVELOPING EA IMPLEMENTING What is an enterprise in the
More informationWhat s New In ITIL V3?
What s New In ITIL V3? George Spalding VP, Global Events Pink Elephant Pink Elephant Leading The Way In IT Management Best Practices The ITIL Books (V2) T h e B u s i n e s s Planning To Implement Service
More informationRecent Advances in Automatic Control, Information and Communications
Proposal of the improvement of actual ITIL version based on comparative IT Service Management methodologies and standards The implementation of IT Service Management frameworks and standards Anel Tanovic*,
More informationCertified Software Quality Assurance Professional VS-1085
Certified Software Quality Assurance Professional VS-1085 Certified Software Quality Assurance Professional Certified Software Quality Assurance Professional Certification Code VS-1085 Vskills certification
More informationHKIHRM HR PROFESSIONAL STANDARDS MODEL
HKIHRM HR PROFESSIONAL STANDARDS MODEL Creating Values For You and For Organisations Setting Standards Recognising s ABOUT HKIHRM The Hong Kong Institute of Human Resource Management (HKIHRM) is the leading
More informationITIL V3: Making Business Services Serve the Business
ITIL V3: Making Business Services Serve the Business An ENTERPRISE MANAGEMENT ASSOCIATES (EMA ) White Paper Prepared for ASG October 2008 IT Management Research, Industry Analysis, and Consulting Table
More informationService Strategy. Process orientation Terminology Inputs and outputs Activities Process flow / diagram Process Roles Challenges KPIs
ITIL V3 Over View ITIL V3 Structure Strategy ITIL V3 Overview Design Transition Operation Process orientation Terminology Inputs and outputs Activities Process flow / diagram Process Roles Challenges KPIs
More informationHARDWARE ACCELERATION IN FINANCIAL MARKETS. A step change in speed
HARDWARE ACCELERATION IN FINANCIAL MARKETS A step change in speed NAME OF REPORT SECTION 3 HARDWARE ACCELERATION IN FINANCIAL MARKETS A step change in speed Faster is more profitable in the front office
More informationPreparation Guide. EXIN IT Service Management Associate Bridge based on ISO/IEC 20000
Preparation Guide EXIN IT Service Management Associate Bridge based on ISO/IEC 20000 Edition January 2014 Copyright 2014 EXIN All rights reserved. No part of this publication may be published, reproduced,
More informationP3M3 Portfolio Management Self-Assessment
Procurement Programmes & Projects P3M3 v2.1 Self-Assessment Instructions and Questionnaire P3M3 Portfolio Management Self-Assessment P3M3 is a registered trade mark of AXELOS Limited Contents Introduction
More informationSupporting information technology risk management
IBM Global Technology Services Thought Leadership White Paper October 2011 Supporting information technology risk management It takes an entire organization 2 Supporting information technology risk management
More informationJob Description. Job Title Branch Business Group Reporting to Location. Purpose. Key Tasks
Job Description Job Title Branch Business Group Reporting to Location Enterprise Architect Knowledge, Information, Research and Technology Government Technology Services Chief Architect Wellington Salary
More informationAN OVERVIEW OF INFORMATION SECURITY STANDARDS
AN OVERVIEW OF INFORMATION SECURITY STANDARDS February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced
More informationITIL. Lifecycle. www.alctraining.com.my. ITIL Intermediate: Continual Service Improvement. Service Strategy. Service Design. Service Transition
Take your ITIL skills to the next level ITIL Lifecycle ITIL Intermediate: Part of the complete ITIL Education Program Advance your career Add value to your organisation Gain credits towards ITIL Expert
More informationCompany size matters: Perspectives on IT Governance
www.pwc.com/ca/technology-consulting Company size matters: Perspectives on IT Governance versus large Canadian organizations and IT Governance PwC conducted research for the 4th edition of the IT Governance
More informationWhite Paper. PPP Governance
PPP Governance The Governance of Projects, Programs and Portfolios (PPP) (sometimes called project governance for convenience) is the sub-set of corporate and organisational governance 1 focused on assisting
More informationCriticism of Implementation of ITSM & ISO20000 in IT Banking Industry. Presented by: Agus Sutiawan, MIT, CISA, CISM, ITIL, BSMR3
Criticism of Implementation of ITSM & ISO20000 in IT Banking Industry Presented by: Agus Sutiawan, MIT, CISA, CISM, ITIL, BSMR3 Outline What is IT Service Management What is ISO 20000 Step by step implementation
More informationHow to bridge the gap between business, IT and networks
ericsson White paper Uen 284 23-3272 October 2015 How to bridge the gap between business, IT and networks APPLYING ENTERPRISE ARCHITECTURE PRINCIPLES TO ICT TRANSFORMATION A digital telco approach can
More informationThe role of Information Governance in an Enterprise Architecture Framework
The role of Information Governance in an Enterprise Architecture Framework Richard Jeffrey-Cook, MBCS, CITP, FIRMS Head of Information and Records Management In-Form Consult Ltd, Cardinal Point Park Road,
More informationMetrics 101: Implementing a Metrics Framework to Create Value through Continual Service Improvement
Metrics 101: Implementing a Metrics Framework to Create Value through Continual Service Improvement By David Smith It s often been said that you can t manage what you don t measure, which is true. Without
More informationITIL v3 Service Manager Bridge
ITIL v3 Service Manager Bridge Course Length: 5 Days Course Overview This 5 day hands on, certification training program enables ITIL Version 2 certified Service Managers to upgrade their Service Manager
More informationITIL Asset and Configuration. Management in the Cloud
ITIL Asset and Configuration Management in the Cloud An AWS Cloud Adoption Framework Addendum September 2015 A Joint Whitepaper with Minjar Cloud Solutions 2015, Amazon Web Services, Inc. or its affiliates.
More informationAPPLICATION OF INFORMATION TECHNOLOGY SERVICE MANAGEMENT WITHIN SELECTED LOGISTICS AND TRANSPORT SERVICES
Proceedings of the 13 th International Conference Reliability and Statistics in Transportation and Communication (RelStat 13), 16 19 October 2013, Riga, Latvia, p. 363 369. ISBN 978-9984-818-58-0 Transport
More informationState of Minnesota IT Governance Framework
State of Minnesota IT Governance Framework June 2012 Table of Contents Table of Contents... 2 Introduction... 4 IT Governance Overview... 4 Process for Developing the New Framework... 4 Management of the
More informationPCI Policy Compliance Using Information Security Policies Made Easy. PCI Policy Compliance Information Shield Page 1
PCI Policy Compliance Using Information Security Policies Made Easy PCI Policy Compliance Information Shield Page 1 PCI Policy Compliance Using Information Security Policies Made Easy By David J Lineman
More informationEnterprise Architecture at Work
Marc Lankhorst et al. Enterprise Architecture at Work Modelling, Communication and Analysis Third Edition 4y Springer Contents 1 Introduction to Enterprise Architecture 1 1.1 Architecture 1 1.2 Enterprise
More informationEmploying ITSM in Value Added Service Provisioning
RL Consulting People Process Technology Organization Integration Employing ITSM in Value Added Service Provisioning Prepared by: Rick Leopoldi January 31, 2015 BACKGROUND Service provisioning can oftentimes
More informationEnabling Information PREVIEW VERSION
Enabling Information These following pages provide a preview of the information contained in COBIT 5: Enabling Information. The main benefit of this publication is that it provides COBIT 5 users with a
More informationITIL CSI 2011 Vernon Lloyd
ITIL CSI 2011 Vernon Lloyd 12 th December 2011 Implementing or Improving? Vernon Lloyd International Client Director Fox IT Without change there is no innovation, creativity, or incentive for improvement
More informationITIL 2011 Service Design Certification Program - 3 Days
ITIL 2011 Service Design Certification Program - 3 Days Program Overview ITIL is a set of best practices guidance that has become a worldwide-adopted framework for Information Technology Services Management
More informationSERVICE RESCUE! An Implementation and Improvement Guide for Incident Management. Nicole Conboy Jan van Bon
SERVICE RESCUE! An Implementation and Improvement Guide for Incident Management Nicole Conboy Jan van Bon SERVICE RESCUE! An Implementation and Improvement Guide for Incident Management This book is dedicated
More information