Scribd
Upload
284 views11 pages

Cobit Cobit 2019

Uploaded by

den sar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
284 views11 pages

Cobit Cobit 2019

Uploaded by

den sar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 11

lOMoARcPSD|39281341

Cobit Cobit 2019

Cobit (Universidad Ítaca)

Scan to open on Studocu

Studocu is not sponsored or endorsed by any college or university


Downloaded by Ali Gul (endmh@yahoo.com)
lOMoARcPSD|39281341

INTRODUCING

Executive Summary
November 2018

© 2018 ISACA. All rights reserved.

COBIT® 2019

The globally recognized COBIT Framework, which helps ensure effective


enterprise governance of information and technology, has been updated with new
information and guidance, facilitating easier, tailored implementation—
strengthening COBIT’s continuing role as an important driver of innovation and
business transformation. This document sets the scene for the upcoming release
of COBIT® 2019 guidance.

© 2018 ISACA. All rights reserved.

Downloaded by Ali Gul (endmh@yahoo.com)


lOMoARcPSD|39281341

Remembering John Lainhart

• In dedication to John Lainhart, who was


there from COBIT day -1 in 1995 until his
passing in September 2018.
• John was the relentless support behind
many COBIT related projects, including
COBIT 2019 .
• ISACA is extremely grateful for John and
his vision, and COBIT 2019 (and its
progeny) are his legacy.

Picture provided courtesy of Dirk Steuperaert

© 2018 ISACA. All rights reserved.

COBIT 2019
DRIVERS AND BENEFITS

© 2018 ISACA. All rights reserved.

Downloaded by Ali Gul (endmh@yahoo.com)


lOMoARcPSD|39281341

COBIT 2019
Building on
UPDATE DRIVERS Staying
COBIT
relevant in a
strengths and
changed
identifying
environment
opportunities

Addressing
Optimizing I&T
COBIT 5
Governance
limitations
COBIT
2019

© 2018 ISACA. All rights reserved.

Building on
Staying relevant COBIT

COBIT 2019 in a changed


environment
strengths and
identifying
opportunities

OPTIMIZING I&T GOVERNANCE


Addressing
Optimizing I&T
COBIT5
Governance
imperfections
COBIT
2019

/
s
/

IT - used to refer to the organizational department with main responsibility for


technology – versus I&T – all the information the enterprise generates, processes
and uses to achieve its goals, as well as the technology to support that throughout
the enterprise.

© 2018 ISACA. All rights reserved.

Downloaded by Ali Gul (endmh@yahoo.com)


lOMoARcPSD|39281341

Building on
Staying
COBIT
relevant in a
strengths and

COBIT 2019
changed
identifying
environment
opportunities

STAYING RELEVANT IN A CHANGED ENVIRONMENT Optimizing I&T


Governance
Addressing
COBIT5
imperfections
COBIT
2019

• COBIT 5 was published in 2012, making it almost 7 years old


• New technology and business trends in the use of IT (e.g. digitization) have not
been incorporated into COBIT, requiring re-alignment
• The need for the integration of new insights from practitioners, science and
academia in the domain of I&T governance creation
• Other standards have evolved, resulting in a different standards/frameworks
landscape, requiring a re-alignment
• More fluid and frequent updates of COBIT required

© 2018 ISACA. All rights reserved.

Building on
Staying
COBIT
relevant in a
strengths and

COBIT 2019
changed
identifying
environment
opportunities

STAYING RELEVANT IN A CHANGED ENVIRONMENT Optimizing I&T


Governance
Addressing
COBIT5
imperfections
COBIT
2019

The COBIT 2019 development team looked at following standards/frameworks to


align COBIT 2019 with:
• US National Institute of Standards and • The Open Group IT4IT™ Reference • The TBM Taxonomy, The TBM Council
Technology (NIST) standards: Architecture, version 2.0 • “Options for Transforming the IT
–NIST Cybersecurity Framework v1.1 • CIS ® Critical Security Controls, Center Function Using Bimodal IT,” MIS
–NIST SP 800 53 Rev 5 for Internet Security Quarterly Executive (white paper)
–NIST SP 800 37 Rev 2 (Risk • King IV Report on Corporate • ITIL V3
Management Framework) Governance™, 2016 • HITRUST ® Common Security
• ISO/IEC 20000 • Scaled Agile Framework (SAFe®) Framework, version 9, September 2017
• ISO/IEC 27000 family: • Cloud standards and good practices: • Change Management Methodology,
–ISO/IEC 27001 • Amazon Web Services (AWS®) Prosci
–ISO/IEC 27002 • Security Considerations for Cloud • Skills Framework for the Information Age
–ISO/IEC 27004 Computing, ISACA (SFIA ® ) V6
–ISO/IEC 27005 • Controls and Assurance in the Cloud: • The Standard of Good Practice for
• ISO/IEC 31000:2018 Using COBIT ® 5, ISACA Information Security, Information
• ISO/IEC 38500 • Enterprise Risk Management (ERM)— Security Forum (ISF), 2016
• ISO/IEC 38502 Integrated Framework, Committee of • CMMI V2.0
• A Guide to the Project Management Sponsoring Organizations of the Treadway • The CMMI Cybermaturity Platform, 2018
Book of Knowledge: PMBOK® Guide, Commission (COSO), June 2017 • The Data Management Maturity Model,
Sixth Edition, 2017 CMMI Institute, 2014
• The TOGAF® Standard, The Open
Group
© 2018 ISACA. All rights reserved.

Downloaded by Ali Gul (endmh@yahoo.com)


lOMoARcPSD|39281341

Buildng on
Staying relevant COBIT
in a changed strengths and

COBIT 2019
environment identifying
opportunities

BUILDING ON COBIT STRENGTHS AND IDENTIFYING OPPORTUNITIES Optimizing I&T


Governance
Addressing
COBIT5
imperfections
COBIT
2019

STRENGTHS
• COBIT is a unique overarching IT Governance framework
• COBIT process guidance has matured and has reached its best quality level yet
• COBIT’s business perspective on IT brings a unique opportunity to further expand
its impact

OPPORTUNITIES
• The current (target) audience for COBIT is still very much IT- and Assurance
oriented
• There is an opportunity to re-discover or re-launch some of COBIT hidden gems
• More prescriptive implementation guidance such as incorporating specific design
factors

© 2018 ISACA. All rights reserved.

Building on
Staying relevant COBIT

COBIT 2019
in a changed strengths and
environment identifying
opportunities

ADDRESSING COBIT 5 LIMITATIONS


Addressing
Optimizing I&T
COBIT5
Governance
limitations
COBIT
2019

• COBIT users find it hard to locate relevant contents for their needs
• Perceived as complex and challenging to apply in practice
• The enabler model is incomplete in terms of development and guidance, and
thus often ignored
• A challenging process capability model and general lack of support of
performance management for other enablers
• The perceived reputation of IT Governance itself as an inhibitor of change and
(administrative) overhead – not per se a COBIT weakness but an IT Governance
problem at large

© 2018 ISACA. All rights reserved.

Downloaded by Ali Gul (endmh@yahoo.com)


lOMoARcPSD|39281341

INTRODUCTION
ENTERPRISE GOVERNANCE OF INFORMATION &
TECHNOLOGY (EGIT) AND THE NATURE OF COBIT

© 2018 ISACA. All rights reserved.

INTRODUCTION
ENTERPRISE GOVERNANCE OF INFORMATION AND TECHNOLOGY (EGIT)

In the light of digital transformation, information and technology (I&T)


have become crucial in the support, sustainability and growth of
enterprises.

• Previously, governing boards and senior management could delegate, ignore or


avoid I&T-related decisions
• In most sectors and industries, such attitudes are now ill advised
• Digitized enterprises are increasingly dependent on I&T for survival and growth
• Stakeholder value creation is often driven by a high degree of digitization in new
business models, efficient processes, successful innovation, etc.

© 2018 ISACA. All rights reserved.

Downloaded by Ali Gul (endmh@yahoo.com)


lOMoARcPSD|39281341

INTRODUCTION
ENTERPRISE GOVERNANCE OF INFORMATION AND TECHNOLOGY (EGIT)

Given the centrality of I&T for enterprise risk management and value
generation, a specific focus on enterprise governance of information
and technology (EGIT) has arisen over the last two decades.

EGIT is an integral part of corporate governance


• Exercised by the board that oversees the definition and implementation of
processes, structures and relational mechanisms
• Enables both business and IT people to execute their responsibilities in support
of business/IT alignment
• Enables creation of business value from I&T-enabled business investments

© 2018 ISACA. All rights reserved.

INTRODUCTION
ENTERPRISE GOVERNANCE OF INFORMATION AND TECHNOLOGY (EGIT)

Benefits
Fundamentally, EGIT is concerned with value Realization
delivery from digital transformation and the
mitigation of business risk that results from
digital transformation.
Risk
More specifically, three main outcomes can be Optimization
expected after successful adoption of EGIT.

Resource
Optimization

© 2018 ISACA. All rights reserved.

Downloaded by Ali Gul (endmh@yahoo.com)


lOMoARcPSD|39281341

INTRODUCTION
COBIT AS AN INFORMATION & TECHNOLOGY (I&T) FRAMEWORK

COBIT is a framework for the governance and management of


enterprise information and technology, aimed at the whole enterprise.

• Enterprise I&T means all the technology and information processing the
enterprise puts in place to achieve its goals, regardless of where this
happens in the enterprise
• Enterprise I&T is not limited to the IT department of an organization, but
certainly includes it

© 2018 ISACA. All rights reserved.

INTRODUCTION
GOVERNANCE AND MANAGEMENT DEFINED

• Ensure stakeholder needs, conditions


and options are evaluated to determine
enterprise objectives
• Ensure direction is set through
Governance prioritization and decision making
(Board Level)
• Ensure performance and compliance are
monitored against objectives

• Plans, builds, runs and monitors


activities, in alignment with the direction
Management set by the governance body, to achieve
(Executive Level) the enterprise objectives

© 2018 ISACA. All rights reserved.

Downloaded by Ali Gul (endmh@yahoo.com)


lOMoARcPSD|39281341

INTRODUCTION
WHAT IS COBIT AND WHAT IT IS NOT: SETTING THE RIGHT EXPECTATIONS

COBIT IS COBIT IS NOT


• A framework for the governance and • A full description of the whole IT
management of enterprise I&T environment of an enterprise
• COBIT defines the components to build • A framework to organize business
and sustain a governance system processes
• An (IT-) technical framework to manage
• COBIT defines the design factors that
all technology
should be considered by the enterprise
• COBIT does not make or prescribe any
to build a best fit governance system
IT-related decisions
• COBIT is flexible and allows guidance
on new topics to be added

© 2018 ISACA. All rights reserved.

APPENDIX

© 2018 ISACA. All rights reserved.

Downloaded by Ali Gul (endmh@yahoo.com)


lOMoARcPSD|39281341

ABOUT ISACA

Nearing its 50th year, ISACA® (isaca.org) is a global association helping individuals
and enterprises achieve the positive potential of technology. Today’s world is
powered by technology, and ISACA equips professionals with the knowledge,
credentials, education and community to advance their careers and transform their
organizations.

ISACA leverages the expertise of its 450,000 engaged professionals in information


and cyber security, governance, assurance, risk and innovation, as well as its
enterprise performance subsidiary, CMMI® Institute, to help advance innovation
through technology. ISACA has a presence in 188 countries, including 217 chapters
worldwide and offices in both the United States and China.

© 2018 ISACA. All rights reserved.

Downloaded by Ali Gul (endmh@yahoo.com)

You might also like