Roles, Activities and Relationships



Similar documents
Revised October 2013

for Information Security

Geoff Harmer PhD, CEng, FBCS, CITP, CGEIT Maat Consulting Reading, UK

ISACA Roundtable. Cobit and 7 september 2015

Presented by. Denis Darveau CISM, CISA, CRISC, CISSP

COBIT 5 For Cyber Security Governance and Management. Nasser El-Hout Managing Director Service Management Centre of Excellence (SMCE)

COBIT 5 Introduction. 28 February 2012

COBIT Helps Organizations Meet Performance and Compliance Requirements

INFORMATION TECHNOLOGY FLASH REPORT

Governance. as a tool for Architects. Tuesday, 6 November, 12

Copyright protected. Use is for Single Users only via a VHP Approved License. For information and printed versions please see

COBIT 5: A New Governance Framework for Managing & Auditing the Technology Environment CS 6-7: Tuesday, July 7 3:30-4:30

How To Use Risk It

Enabling Information PREVIEW VERSION

CLOUD SECURITY THROUGH COBIT, ISO ISMS CONTROLS, ASSURANCE AND COMPLIANCE

Chayuth Singtongthumrongkul

Understanding COBIT 5. based on ISACA Materials Prepared by: Deb Mallette, CGEIT, CISA, CSSBB, IMG BSMS EPDM, Process Consultant

COBIT 5 Foundation Workshop. COBIT is a trademark of the Information Systems Audit and Control Association and the IT Governance Institute

Was muss ein Unternehmen im Griff haben, wenn es IT einsetzt? Jimmy Heschl

COBIT 5 ISACA s new framework for IT Governance, Risk, Security and Auditing. An overview

Sound Transit Internal Audit Report - No

Setting goals and measuring the value of Enterprise IT Architecture using COBIT 5 framework

COBIT 5 IMPLEMENTATION SYLLABUS

COBIT 5 for Risk. CS 3-7: Monday, July 6 4:00-5:00. Presented by: Nelson Gibbs CIA, CRMA, CISA, CISM, CGEIT, CRISC, CISSP ngibbs@pacbell.

WEST COAST DISTRICT MUNICIPALITY IT GOVERNANCE FRAMEWORK IT CHARTER

Auditors Need to Know June 13th, ISACA COBIT 5 for Assurance

CONCEPTUAL MODEL OF IT GOVERNANCE FOR HIGHER EDUCATION BASED ON COBIT 5 FRAMEWORK

CobiT Strategy and Long Term Vision

S11 - Implementing IT Governance An Introduction Debra Mallette

IS Audit and Assurance Guideline 2202 Risk Assessment in Planning

Founda'onal IT Governance A Founda'onal Framework for Governing Enterprise IT Adapted from the ISACA COBIT 5 Framework

Increasing IT Value and Reducing Risk. More for Less with COBIT5. IT Governance and Strategy

AN APPROACH TO DESIGN SERVICES KEY PERFORMANCE INDICATOR USING COBIT5 AND ITIL V3

Information Security and Risk Management

WHITE PAPER IT SERVICE MANAGEMENT IT SERVICE DESIGN 101

ESKITP Implement procedures and standards relating to metrics for IT service delivery

COBIT 5 Process Assessment Method (PAM) Debra Mallette, CGEIT, CISA, CSSBB Governance Risk and Compliance -G22

White Paper. COBIT 5 & BiSL

Position Description

IS Audit and Assurance Guideline 2402 Follow-up Activities

JOE MOROLONG LOCAL MUNICIPALITY IT GOVERNANCE FRAMEWORK

Intelligent Customer Function (ICF)

Roles & Grades Rate Cards and Applicable SFIA Skills

ESKITP Manage IT service delivery performance metrics

SITA Service Management Strategy Implementation. Presented by: SITA Service Management Centre

TITOLO V - Capitolo 9 - LA CONTINUITÀ OPERATIVA Accountable: Board

Gobierno de TI Enfrentando al Reto. IT Governance Facing the Challenge. Everett C. Johnson, CPA International President ISACA and ITGI

Agile Governance. Appropriate oversight for the Agile organisation. Chris Davies AXA Personal Lines Insurance. Andrew Craddock Partner - nlighten

Criticism of Implementation of ITSM & ISO20000 in IT Banking Industry. Presented by: Agus Sutiawan, MIT, CISA, CISM, ITIL, BSMR3

ISO 21500: Did we need it? A Consultant's Point of View after a first experience. Session EM13TLD04

ow to use CobiT to assess the security & reliability of Digital Preservation

Introduction to ISACA and ITGI By Georges Ataya, International Vice President, ISACA

Chief Information Security Officer

Role Description Service Catalogue Specialist

This article describes how these seven enablers have contributed towards better information security management at HDFC Bank.

Ensuring Governance in an Agile World

IT Charter and IT Governance Framework

Managing the Services Lifecycle SOA & BPM

ITIL Service Lifecycle Stream

Architecture Governance

Strategy, COBIT and Vision: HOW DO THEY RELATE? Ken Vander Wal, CISA, CPA, Past President, ISACA

ISEB MANAGER S CERTIFICATE IN ITIL INFRASTRUCTURE MANAGEMENT. Guidelines for candidates who are taking the ICT Infrastructure Examination

Integrating the Project Portfolio Management and Service Portfolio Management: The Governance of Enterprise IT Perspective

Role Description Metro Operations, Data Analyst

Risk Management Policy

Public Service Corporate Governance of Information and Communication Technology Policy Framework

IT Governance Implementation Workshop

COBIT 5 Implementation Certifi cate. Training Course & Exam

Role Description Enterprise Architect and Solutions Delivery Manager

individual performance management. implement and sustain a customised performance management system

ITIL. Lifecycle. ITIL Intermediate: Continual Service Improvement. Service Strategy. Service Design. Service Transition

What s New In ITIL V3?

The IT Infrastructure Library (ITIL)

Who is the RBA? The Certified Retail Banker (CRB) qualification is the only retail banking qualification programme of its kind in the world that:

Digital Marketing Specialist

Project Risk Management

HOW COBIT CAN COMPLEMENT ITIL TO ACHIEVE BIT

Introduction to ITIL for Project Managers

Procurement Services Strategic Plan

Role Description Director ICT Governance, Security and Risk

Enabling IT Performance & Value with Effective IT Governance Assessment & Improvement Practices. April 10, 2013

The New Model for IT Service Delivery

International Journal of Computer Theory and Engineering, Vol. 8, No. 2, April 2016

NOS for Network Support (903)

Career proposition for software developers and web operations engineers

1 What does the 'Service V model' represent? a) A strategy for the successful completion of all service management projects

Service Management. A framework for providing worlds class IT services

Company size matters: Perspectives on IT Governance

Attached is the business plan for Transport Services for consideration by OPCC. (Please see attached)

Project Manager (Renewable Energy) Terms of Reference

Somewhere Today, A Project is Failing

G13 USE OF RISK ASSESSMENT IN AUDIT PLANNING

Enterprise Architecture at Work

Role Reporting Information. Role Family Analyst (Why the family exists and how it adds value to EnergyAustralia)

PwC Luxembourg. Models for the governance of your investments with Portfolio Management September 2009

Analyst - EDI. healthalliance Purpose, Vision and Principles. Purpose Statement

INFORMATION MANAGEMENT STRATEGIC FRAMEWORK GENERAL NAT OVERVIEW

POSITION DESCRIPTION. Role Purpose. Key Challenges. Key Result Areas

Appendix A: Sample Interview Note-taking Booklet

Transcription:

and in COBIT 5 Objective: Value Creation Benefits Realisation Risk Resource Enablers Scope Roles, Activities and Relationships Source: COBIT 5, figure 8 Key Roles, Activities and Relationships Roles, Activities and Relationships Owners and Stakeholders Delegate Accountable Governing Body Set Direction Instruct and Align Report Operations and Execution Source: COBIT 5, figure 9 COBIT 5 and Key Areas Business Needs Evaluate Direct Feedback Plan (APO) Build (BAI) Run (DSS) (MEA) Source: COBIT 5, figure 15

COBIT 5 Reference Model es for of Enterprise IT Evaluate, Direct and EDM01 Ensure Framework Setting and Maintenance EDM02 Ensure Benefits Delivery EDM03 Ensure Risk EDM04 Ensure Resource EDM05 Ensure Stakeholder Transparency Align, Plan and Organise, Evaluate and Assess APO01 Manage the IT Framework APO02 Manage Strategy APO03 Manage Enterprise Architecture APO04 Manage Innovation APO05 Manage Portfolio APO06 Manage Budget and Costs APO07 Manage Human Resources APO08 Manage Relationships APO09 Manage Service Agreements APO10 Manage Suppliers APO11 Manage Quality APO12 Manage Risk APO13 Manage MEA01, Evaluate and Assess Performance and Conformance Build, Acquire and Implement BAI01 Manage Programmes and Projects BAI02 Manage Requirements Definition BAI03 Manage Solutions Identification and Build BAI04 Manage Availability and Capacity BAI05 Manage Organisational Change Enablement BAI06 Manage Changes BAI07 Manage Change Acceptance and Transitioning MEA02, Evaluate and Assess the System of Internal Control BAI08 Manage Knowledge BAI09 Manage Assets BAI10 Manage Configuration Deliver, Service and Support DSS01 Manage Operations DSS02 Manage Service Requests and Incidents DSS03 Manage Problems DSS04 Manage Continuity DSS05 Manage Services DSS06 Manage Business Controls MEA03, Evaluate and Assess Compliance With External Requirements es for of Enterprise IT Source: COBIT 5, figure 16

COBIT 5 Enterprise Enablers 2. es 3. Organisational Structures 4. Culture, Ethics and Behaviour 1. Principles, Policies and Frameworks 5. Information 6. Services, Infrastructure and Applications Resources 7. People, Skills and Competencies Source: COBIT 5, figure 12 COBIT 5 Enablers: Generic Enabler Dimension Stakeholders Goals Life Cycle Good Practices Internal Stakeholders External Stakeholders Intrinsic Quality Contextual Quality (Relevance, Effectiveness) Accessibility and Plan Design Build/Acquire/ Create/Implement Use/Operate Evaluate/ Update/Dispose Practices Work Products (Inputs/Outputs) Enabler Performance Are Stakeholders Needs Addressed? Are Enabler Goals Achieved? Metrics for Achievement of Goals (Lag Indicators) Is Life Cycle Managed? Are Good Practices Applied? Metrics for Application of Practice (Lead Indicators) Source: COBIT 5, figure 13

The Seven Phases of the Implementation Life Cycle Review 7 How do we keep the momentum going? effectiveness 1 What are the drivers? Initiate programme 6 Did we get there? Realise benefits Execute plan 5 How do we get there? Embed new approaches Operate and use Operate Sustain and measure Implement improvements and evaluate Build improvements Identify role players Establish desire to change Recognise need to act Plan programme target state 4 What needs to be done? state Define Assess current Form implementation team outcome Communicate Define problems and opportunities Define road map 3 Where do we want to be? 2 Where are we now? Programme management (outer ring) Change enablement (middle ring) Continual improvement life cycle (inner ring) Source: COBIT 5, figure 17 and COBIT 5 Implementation, figure 6 Summary of the COBIT 5 Capability Model Generic Capability Attributes Performance Attribute (PA) 1.1 Performance PA 2.1 PA 2.2 Performance Work Product PA 3.1 Definition PA 3.2 Deployment PA 4.1 PA 4.2 Control PA 5.1 Innovation PA 5.2 Incomplete Performed Managed Established Predictable Optimising 0 1 2 3 4 5 COBIT 5 Assessment Model Performance Indicators Outcomes COBIT 5 Assessment Model Capability Indicators Base Practices (/ Practices) Work Products (Inputs/ Outputs) Generic Practices Generic Resources Generic Work Products Source: COBIT 5, figure 19

COBIT 5 Product Family COBIT 5 Enabler Guides : Enabling es : Enabling Information Other Enabler Guides COBIT 5 Professional Guides Implementation for Information for Assurance for Risk Other Professional Guides COBIT 5 Online Collaborative Environment Source: COBIT 5, figure 11 COBIT 5 Principles 1. Meeting Stakeholder Needs 5. Separating From COBIT 5 Principles 2. Covering the Enterprise End-to-end 4. Enabling a Holistic Approach 3. Applying a Single Integrated Framework Source: COBIT 5, figure 2 3701 Algonquin Road, Suite 1010 Rolling Meadows, IL 60008 USA Phone: +1.847.253.1545 Fax: +1.847.253.1443 Email: info@isaca.org Web site: www.isaca.org 2 0 1 2 I S A C A. A l l r i g h t s r e s e r v e d.

COBIT 5 Goals Cascade Overview Stakeholder Drivers (Environment, Technology Evolution, ) Stakeholder Needs Influence Benefits Realisation Risk Resource Cascade to Appendix D Enterprise Goals Figure 5 Cascade to Appendix B IT-related Goals Figure 6 Cascade to Appendix C Enabler Goals Source: COBIT 5, figure 4 2012 ISACA. All Rights reserved.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information