01.2 Cobit

Information is a key resource for all enterprise
Information is created, used, retained,

disclosed and destroyed.
Technology plays a key role in these actions.
Technology is becoming pervasive in all
aspects of business and personal life.
Characteristics of Useful Information:
Effectiveness
Efficiency
Confidentiality
Integrity
Availability
Compliance
Reliability
COBIT 5 is the only business framework for the

governance and management of enterprise IT.
It integrates other major frameworks,

standards and resources.
Provide a renewed and authoritative

governance and management framework for
enterprise information and related technology
Integrates all other major ISACA frameworks
and guidance
Align with other major frameworks and
standards
A comprehensive information model

Guidance on how to use an established
governance and management framework
(COBIT 5) to address common information
governance and management issues
An understanding of the reasons information
needs to be managed and governed in an
appropriate way
High-quality information
Strategic goals and realize business benefits
Achieve operational excellence
Maintain IT-related risk at an acceptable level
Optimize the cost of IT services and technology
Support compliance with relevant laws,
regulations, contractual agreements and policies
Good governance and management of

information and technology (IT) assets.
IT as any other significant part of the business.
External legal, regulatory and contractual
compliance requirements
COBIT 5, a comprehensive framework that assists
enterprises to achieve their goals and deliver
value through effective governance and
management of enterprise IT of enterprise IT.
Board of directors and executive management

(CEO, CFO, COO)
Business process owners, business process
architects
Information architects, information solution
builders, information managers, IT architects, IT
developers
CIO and IT management, technology service
providers (internal and external), application
managers
IT operations
IT security, continuity professionals
Assurance professionals
External audit
Records management professionals,
knowledge managers
Data governance and management
professionals
Government and regulators

Education
Privacy professionals
Compliance and risk professionals
Data owners
8-13
Create optimal value from IT

Enables information and related technology to
be governed and managed
The COBIT 5 principles and enablers are
generic and useful for enterprises of all sizes,
whether commercial, not-for-profit or in the
public sector.
COBIT 5 Principles
Source: COBIT 5, figure 2. 2012 ISACA All rights reserved.
15
The following slides summarise the major changes

in COBIT 5 content and how they may impact
Governance of Enterprise Information
Technology (GEIT) implementation/
improvement:
1.
2.
3.
4.
5.
6.
7.
8.
9.
New GEIT Principles

Increased Focus on Enablers
New Process Reference Model
New and Modified Processes
Practices and Activities
Goals and Metrics
Inputs and Outputs
RACI Charts
Process Capability Maturity Models and Assessments
17
COBIT 5 Principles
18
Principle 1. Meeting
Stakeholder Needs:
19
Stakeholder needs can be related to a set of

generic enterprise goals.
These enterprise goals have been developed using
the Balanced Scorecard (BSC) dimensions.
The enterprise goals are a list of commonly used

goals that an enterprise has defined for itself.
Although this list is not exhaustive, most enterprisespecific goals can be easily mapped onto one or
more of the generic enterprise goals.
20
21
COBIT 5 Principles
23
COBIT 5 Principles
25
COBIT 5 aligns with the latest relevant other standards

and frameworks used by enterprises:
Enterprise: COSO, COSO ERM, ISO/IEC 9000, ISO/IEC 31000
IT-related: ISO/IEC 38500, ITIL, ISO/IEC 27000 series,
TOGAF, PMBOK/PRINCE2, CMMI
Etc.
COBIT 5 the overarching governance and management

framework integrator
ISACA plans a capability to facilitate COBIT user
mapping of practices and activities to third-party
references
COBIT 5 Principles
27
Factors that, individually and

collectively, influence whether
something will workin the
case of COBIT, governance and
management over enterprise IT
Driven by the goals cascade,
i.e., higher-level IT-related
goals define what the different
enablers should achieve
Described by the COBIT 5
framework in seven categories
COBIT 5 Principles
30
Principle 5: Separating Governance

from Management
Governance
Management
31
32

improvement:
1.
2.
3.
4.
5.
6.
7.
8.
9.
New GEIT Principles

Goals and Metrics
Inputs and Outputs
RACI Charts
33
34

improvement:
1.
2.
3.
4.
5.
6.
7.
8.
9.
New GEIT Principles

Goals and Metrics
Inputs and Outputs
RACI Charts
35
36
Source:
COBIT 5,
figure 16. 2012
ISACA
All rights reserved.

improvement:
1.
2.
3.
4.
5.
6.
7.
8.
9.
New GEIT Principles

Goals and Metrics
Inputs and Outputs
RACI Charts
37
38
39

improvement:
1.
2.
3.
4.
5.
6.
7.
8.
9.
New GEIT Principles

Goals and Metrics
Inputs and Outputs
RACI Charts
40

improvement:
1.
2.
3.
4.
5.
6.
7.
8.
9.
New GEIT Principles

Goals and Metrics
Inputs and Outputs
RACI Charts
41

improvement:
1.
2.
3.
4.
5.
6.
7.
8.
9.
New GEIT Principles

Goals and Metrics
Inputs and Outputs
RACI Charts
42

improvement:
1.
2.
3.
4.
5.
6.
7.
8.
9.
New GEIT Principles

Goals and Metrics
Inputs and Outputs
RACI Charts (Responsibility Charting)
43
Source: COBIT 4.1, page 39. 2007 IT Governance Institute All rights reserved.
Source: COBIT 5: Enabling Processes, page 31. 2012 ISACA All rights reserved.
44

improvement:
1.
2.
3.
4.
5.
6.
7.
8.
9.
New GEIT Principles

Goals and Metrics
Inputs and Outputs
RACI Charts
45
COBIT 4.1/5
2012 ISACA All rights reserved.
46
What materials support the COBIT Assessment Programme

approach?
COBIT Process Assessment Model (PAM): Using COBIT

4.1Serves as a base reference document for the
performance of a capability assessment of an
organisations current IT processes against COBIT 4.1
COBIT Assessor Guide: Using COBIT 4.1Provides details
on how to undertake a full ISO-compliant assessment
COBIT Self-assessment Guide: Using COBIT 4.1Provides
guidance on how to perform a basic self-assessment of
an organisations current IT process capability levels
against COBIT 4.1 processes
The above materials exist to support COBIT 4.1-based assessments

now; versions will be produced to support COBIT 5-based
assessments.
47
COBIT 4.1, Val IT and Risk IT users wishing

to move to the new COBIT Assessment
Programme approach will need to
realign their previous ratings, adopt and
learn the new method, and initiate a
new set of assessments in order to gain
the benefits of the new approach.
Although some of the information
gathered from previous assessments
may be reusable, care will be needed in
migrating this information forward
because there are significant
differences in requirements.
48
COBIT 4.1, Val IT and Risk IT users

wishing to continue with the CMMbased approach, either as an
interim or ongoing approach, can
use the COBIT 5 guidance, but must
use the COBIT 4.1 generic attribute
table without the high-level maturity
models.
49

01.2 Cobit

Enviado por

Dados do documento

Título original

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

01.2 Cobit

Enviado por

Direitos autorais:

Formatos disponíveis

Information is a key resource for all enterprise

Information is created, used, retained,

Characteristics of Useful Information:

COBIT 5 is the only business framework for the

It integrates other major frameworks,

Provide a renewed and authoritative

A comprehensive information model

Good governance and management of

Board of directors and executive management

Government and regulators

Create optimal value from IT

Source: COBIT 5, figure 2. 2012 ISACA All rights reserved.

The following slides summarise the major changes

New GEIT Principles

Source: COBIT 5, figure 2. 2012 ISACA All rights reserved.

Source: COBIT 5, figure 4. 2012 ISACA All rights reserved.

Stakeholder needs can be related to a set of

The enterprise goals are a list of commonly used

Source: COBIT 5, figure 5. 2012 ISACA All rights reserved.

Source: COBIT 5, figure 2. 2012 ISACA All rights reserved.

Source: COBIT 5, figure 2. 2012 ISACA All rights reserved.

COBIT 5 aligns with the latest relevant other standards

COBIT 5 the overarching governance and management

Source: COBIT 5, figure 2. 2012 ISACA All rights reserved.

Factors that, individually and

Source: COBIT 5, figure 2. 2012 ISACA All rights reserved.

Principle 5: Separating Governance

Source: COBIT 5, figure 15. 2012 ISACA All rights reserved.

The following slides summarise the major changes

New GEIT Principles

Source: COBIT 5, figure 12. 2012 ISACA All rights reserved.

The following slides summarise the major changes

New GEIT Principles

figure 16. 2012

All rights reserved.

The following slides summarise the major changes

New GEIT Principles

The following slides summarise the major changes

New GEIT Principles

The following slides summarise the major changes

New GEIT Principles

The following slides summarise the major changes

New GEIT Principles

The following slides summarise the major changes

New GEIT Principles

The following slides summarise the major changes

New GEIT Principles

2012 ISACA All rights reserved.

What materials support the COBIT Assessment Programme

COBIT Process Assessment Model (PAM): Using COBIT

The above materials exist to support COBIT 4.1-based assessments

COBIT 4.1, Val IT and Risk IT users wishing

COBIT 4.1, Val IT and Risk IT users

Você também pode gostar