WHAT IS COBIT 5 FRAMEWORK ? & its Uses

Beschreibung

Introduction to COBIT 5 framework, What is it for? Who uses it? When to use? Where is it usually applicable? How to use it?
Nur Syamsina
Mindmap von Nur Syamsina, aktualisiert more than 1 year ago
Nur Syamsina
Erstellt von Nur Syamsina vor etwa 6 Jahre
40
0

Zusammenfassung der Ressource

WHAT IS COBIT 5 FRAMEWORK ? & its Uses
  1. FOR WHOM?
    1. COBIT 5 is generic and useful for enterprises of all sizes, whether commercial, not-for-profit or in public sector.
      1. Used globally by those who have the primary responsibility for business processes and technology, depend on technology for relevant and reliable information, and provide quality, reliability and control of information and related technology.
        1. users include enterprise executives and consultants in the following areas: Audit and Assurance Compliance IT Operations Governance Security and Risk Management
        2. WHY IS IT USED ?
          1. New user demands, industry-specific regulations and risk scenarios emerge every day. Maximizing the value of intellectual property, managing risk and security and assuring compliance through effective IT governance and management has never been more important.
            1. No other framework focused on enterprise IT offers the breadth or benefits of COBIT. It helps enterprises of all sizes.
              1. 1)Maintain high-quality information to support business decisions 2)Achieve strategic goals through the effective and innovative use of IT 3) Achieve operational excellence through reliable, efficient application of technology 4) Maintain IT-related risk at an acceptable level Optimize the cost of IT services and technology 5)Support compliance with relevant laws, regulations, contractual agreements and policies
              2. WHEN SHOULD BE USED?
                1. NOW! this is the latest concept after COBIT 4.1.
                  1. As a framework/guidance replacing COBIT 4.1. COBIT 5 incorporates the latest thinking in enterprise governance and management techniques, and provides globally accepted principles, practices, analytical tools and models to help increase the trust in, and value from, information systems.
                    1. COBIT 5 builds and expands on COBIT 4.1 by integrating other major frameworks, standards and resources, including ISACA's Val IT and Risk IT, Information Technology Infrastructure Library (ITIL®) and related standards from the International Organization for Standardization (ISO).
                2. HOW TO APPLY IT ?
                  1. 1) Focus on enterprise goals. Forego the process outlined in COBIT 5 Implementation and instead use the cascading mechanism, starting with figure 5 in the COBIT 5 framework, to focus with laser-like precision on those processes that support the most significant enterprise goals. Doing so offers strategic alignment, resource optimization and ultimately delivers value, which, in due course, satisfies stakeholders.
                    1. Meet regulatory requirements. Perhaps an organization thinks its overall governance framework is decent, but wishes to ensure legal compliance. Use figure 45 in appendix A of COBIT 5 Implementation to learn how to focus attention on processes EDM03 and MEA03. Additionally, use figure 46 in appendix B to determine who is accountable and who is responsible.
                      1. Focus on pain points. An organization has a big fat problem that will not go away. Again, stakeholders could use figure 45 to focus on processes for the pain points referenced there.
                        1. Ensure process orientation. Slogging away on processes helps an organization become more capable, more proactive and less reactive. Forget the framework and COBIT 5 Implementation and just start doing the things in COBIT 5: Enabling Processes. When the organization has control over processes, it is able to maintain better control during periods of rapid change and organizational crisis. The organization becomes more resilient and less fragile.
                          1. Define a common language. Often the absence of a common vocabulary leads to a breakdown in communication that can result in mistrust. A client once asked me to find a configuration manager, so I searched high and low and found a suitable candidate. The client rejected the candidate out-of-hand and, upon reconsidering their requirements, we agreed they really wanted a release-and-deploy manager. The client and I lost time and resources because we assumed we had a common understanding of configur.ation manager. So should an organization do nothing else, it should promote and utilize the COBIT 5 framework nontechnical business terminology in appendix H within the organization
                    2. Based on the 5 PRINCIPLES
                      1. Meeting stakeholder needs. Covering the enterprise end to end. Applying a single integrated framework. Enabling a holistic approach. Separating governance from management.
                    3. WHAT ?
                      1. According to ISACA, the only business framework for the governance and management of enterprise IT
                        1. Control Objectives for Information Related Technologies
                          1. Often the solution to address the concerns regarding some management & governance issues on IT & related technologies (existed in a company)
                            1. COBIT 5 incorporates the latest thinking in enterprise governance and management techniques, and provides globally accepted principles, practices, analytical tools and models to help increase the trust in, and value from, information systems.
                            Zusammenfassung anzeigen Zusammenfassung ausblenden

                            ähnlicher Inhalt

                            CISA Exam 2016 Domains
                            Dylan Somers
                            Guía de Implantación
                            woke programmer
                            CISM Quiz
                            Martin Covill
                            CISA Exam 2016 Domains
                            Adam Rubenstein
                            CISA Exam 2016 Domains
                            Sandip Thorat
                            COBIT
                            Kenia Moya
                            IKA-Theoriefragen Serie 19 (15 Fragen)
                            IKA ON ICT GmbH