Glenfis AG ITIL V3 Seite 1 von 6

COBiT V4.1 Mapping Overview

ITIL V3 - Cobit 4th Mapping Service Service Service Service

Continual
Service
Strategy Design Transition Operation Improve-
ment

Service Asset & Configuration Mgmt

Service Measurement & Control

Transition Planning & Support

Return on Investment on CSI

Release & Deployment Mgmt

Service Validation & Testing

IT Service Continuity Mgmt

Information Security Mgmt

IT Financial Management

Service Catalogue Mgmt

Service Portfolio Mgmt

Incident Management
Strategy Generation

Service Level Mgmt

Request Fulfilment

Service Reporting
Availability Mgmt

Knowledge Mgmt
Capacity Mgmt

Supplier Mgmt

Problem Mgmt
Demand Mgmt

Change Mgmt

Access Mgmt
Event Mgmt
Evaluation
PO Plan & Organise
PO1 Define a Strategic IT Plan x x

PO2 Define the Information Architecture x x x x x

PO3 Determine Technological Direction x x x x

PO4 Define the IT Processes, Organisation and Relationships x x x x x x x x x x x x x

PO5 Manage the IT Investment x x x

PO6 Communicate Management Aims and Direction x x x x x

PO7 Manage IT Human Resources x

PO8 Manage Quality x x x x x x x x x x x x x x x x x x x x x x

PO9 Assess and Manage IT Risks x x x x x x x x x x x x x x x

PO10 Manage Projects x x x x x

AI Acquire & Implement

AI1 Identify Automated Solutions x x x x

AI2 Acquire and Maintain Application Software x x

AI3 Acquire and Maintain Technology Infrastructure x x x x

AI4 Enable Operation and Use x x x x x

AI5 Procure IT Resources x x

AI6 Manage Changes x x x

AI7 Install and Accredit Solutions and Changes x x x x

DS Deliver & Support

DS1 Define and Manage Service Levels x x x

DS2 Manage Third-Party Services x x

DS3 Manage Performance and Capacity x x

DS4 Ensure Continuous Service x

DS5 Ensure Systems Security x

DS6 Identify and Allocate Costs x

DS7 Educate and Train Users x x

DS8 Manage Service Desk and Incidents x x

DS9 Manage the Configuration x

DS10 Manage Problems x

DS11 Manage Data x

DS12 Manage Physical Environment x x x

DS13 Manage Operations x x x x

ME Monitor and Evaluate

ME1 Monitor and Evaluate IT Performance x x x x x x x x x x x x

ME2 Monitor and Evaluate Internal Control x x x x x x x x

ME3 Ensure Regulatory Compliance x x x x x x

ME4 Provide IT Governance x x x x x x x x x x x x

ITIL is a Registered Trade Mark, and a Registered Community Trade Mark of the Office of Government Commerce, and is Registered in the U.S. Patent and Trademark Office, and is used hereby
GLENFIS AG under licence from and with the permission of OGC.

COBIT is a trademark of the Information Systems Audit and Control Association and the IT Governance Institute

www.glenfis.ch
www.itil.org
(c) Glenfis AG www.ISO20000.ch V 2.0
Glenfis AG ITIL V3 Seite 2 von 6

COBiT V4.1 Mapping Overview

ITIL Service Management Process Lifecycle Stage Process Control Objective Description

1. Strategy Generation Service Strategy PO 1 PO 1.0 Define a Strategic IT Plan

Define the market P0 1 PO 1.1 IT Value Management
Develop the offerings PO 1 PO 1.3 Assessment of Current Capability and Performance
Develop strategic assets PO 4 PO 4.13 Key IT Personal
Prepare for execution PO 10 PO 10.1 Programme Management Framework

2. IT Financial Management Service Strategy PO 5 PO 5.0 Manage the IT Investment

Service Valuation DS 6 DS 6.2 Identify and Allocate Costs
Service Provisioning models and analysis PO 5 PO 5.4 Cost Management
Funding PO 5 PO 5.3 IT Budgeting
Business Impact Analysis (Financial Value) PO 5 PO 5.5 Benefit Management
Chargeback DS6 DS 6.3 Cost Model and Charging
Return on Investment PO 5 PO 5.5 Benefit Management

3. Service Portfolio Management Service Strategy PO 1 PO 1.6 IT Portfolio Management

Define Services & Ensure Business Case PO 1 PO 1.6 IT Portfolio Management
Analyse portfolio Value & prioritize PO 1 PO 1.6 IT Portfolio Management
Approve & Authorize Services and Resources PO 1 PO 1.6 IT Portfolio Management
Charter Services and allocate Resources PO 1 PO 1.6 IT Portfolio Management

4. Demand Management Service Strategy PO 1 PO 1.2 Business - IT Alignment

Core Services and Support Services PO 1 PO 1.2 Business - IT Alignment
Developing differentiated Offerings PO 1 PO 1.2 Business - IT Alignment
Service Level Packages (SLPs) PO 1 PO 1.2 Business - IT Alignment
Segmentation PO 3 PO 3.0 Determine technical Direction

5. Service Catalogue Management Service Design DS 1 DS 1.0 Define and Manage Service Levels
Agreeing and documenting a service definition DS 1 DS 1.2 Definition of Service
Interfacing with Service Portfolio Management DS 1 DS 1.1 Service Level Management Frameworks
Producing and Maintaining a Service Catalogue DS 1 DS 1.1 Service Level Management Frameworks
Interfacing with Business & IT Service Continuity Mgmt DS 1 DS 1.1 Service Level Management Frameworks
Interfacing with support teams, suppliers and configuration mgmt DS 1 DS 1.1 Service Level Management Frameworks

6. Service Level Management Service Design DS 1 DS 1.0 Define and Manage Service Levels
Designing SLA frameworks DS 1 DS 1.1 Service Level Framework
Determine, document and agree requirements & produce SLRs DS 1 DS 1.3 Service Level Agreements
Monitor service performance against SLA DS 1 DS 1.5 Monitoring and Reporting of Service Level Agreements
Collate, measure and improve customer satisfaction DS 1 DS 1.5 Monitoring and Reporting of Service Level Agreements
Produce service reports DS 1 DS 1.5 Monitoring and Reporting of Service Level Agreements
Conduct service reviews and instigate improvements within an SIP DS 1 DS 1.6 Review of Service Level Agreements and Contracts
Review and revise SLAs, Service Scope and underpinning agreements DS 1 DS 1.6 Review of Service Level Agreements and Contracts
Develop contacts and relationship PO 4 PO 4.15 Relationships
Compliants and compliments PO 4 PO 4.15 Relationships
Determine Legel Requirements, Compliance ME 3 ME 3.1 Ident. of Ext Legal, Regulatory and Contractual Compliance Req.

7. Availability Management Service Design DS 3 DS 3.4 Resource Availability

Monitor, measure, analyse and report service and component availability DS 3 DS 3.4 Resource Availability
Unavailability analysis DS 3 DS 3.4 Resource Availability
The expanded incident lifecycle DS 3 DS 3.4 Resource Availability
Service failure analysis DS 3 DS 3.4 Resource Availability
Identifying Vital Business Functions (VBF) DS 3 DS 3.4 Resource Availability
Designing for availability DS 3 DS 3.4 Resource Availability
Designing for recovery DS 3 DS 3.4 Resource Availability
Risk Analysis and Management (for availability of Services) DS 3 DS 3.4 Resource Availability
Planned and preventive maintenance DS 3 DS 3.4 Resource Availability

www.glenfis.ch
www.itil.org
(c) Glenfis AG www.ISO20000.ch V 2.0
Glenfis AG ITIL V3 Seite 3 von 6

COBiT V4.1 Mapping Overview

ITIL Service Management Process Lifecycle Stage Process Control Objective Description

Production of the Projected Service Outage (PSO) document DS 3 DS 3.4 Resource Availability
Availability Testing Schedule DS 3 DS 3.4 Resource Availability

8. Capacity Management Service Design DS 3 DS 3.0 Manage Performance and Capacity

Business Capacity Management DS 3 DS 3.1 Performance and Capacity Planning
Service Capacity Management DS 3 DS3.2 Current Performance and Capacity
Component Capacity Management DS 3 DS 3.3 Future Performance and Capacity
Utilization Monitoring DS 3 DS 3.5 Monitoring and Reporting
Response Time Monitoring DS 3 DS 3.5 Monitoring and Reporting
Exploitation of new technology PO 3 PO 3.3 Monitor Future Trends and Regulation
Threshold management and control DS 3 DS 3.5 Monitoring and Reporting
Demand Management DS 3 DS 3.3 Future Performance and Capacity
Modelling and trending DS 3 DS 3.3 Future Performance and Capacity
Application sizing DS 3 DS 3.3 Future Performance and Capacity

9. IT Service Continuity Management Service Design DS 4 DS 4.0 Ensure Continuous Service

Initiation - Policy setting DS 4 DS 4.1 IT Continuity Framework
Specify terms of reference and scope DS 4 DS 4.1 IT Continuity Framework
Allocate resources DS 4 DS 4.1 IT Continuity Framework
Define the project organization and control structure DS 4 DS 4.1 IT Continuity Framework
Agree project and quality plans DS 4 DS 4.1 IT Continuity Framework
Business Impact Analyses for requirements DS 4 DS 4.1 IT Continuity Framework
Risk analysis PO 9 PO 9.4 Risk Assessment
IT Service Continuity Strategy PO 9 PO 9.5 Risk Response
Risk response measures DS 4 DS 4.2 IT Continuity Plan
Implementation Risk reduction and Standby arrangements AI 3 AI 3.1 Technological Infrastructure Acquisition Plan
Organization and Disaster Recovery Planning DS 4 DS 4.4 Maintenance of the IT Continuity Plan
Initial and ongoing testing DS 4 DS 4.5 Testing of the continuity plan
Ongoing Education, Awareness and training DS 4 DS 4.6 IT Continuity Plan Training
Regular Reviews DS 4 DS 4.10 Post-resumption Review
Change Management AI 6 AI 6.2 Impact Assessment, Prioritization and Authorization

10. Information Security Management Service Design DS 5 DS 5.0 Ensure Systems Security
Production, review and revision of an overall Information Security Policy DS 5 DS 5.1 Management of IT Security
Communication, Implementation and enforcement of Security Policy DS 5 DS 5.2 IT Security Plan
Assessment and classification of all information assets and documentation PO 9 PO 9.4 Risk Assessment
Implementation, review and revision and improvement security controls DS 5 DS 5.2 Management of IT Security
Monitor and management of all security breaches and major security incidents DS 5 DS 5.9 Malicious Software Prevention, Detection and Correction
Analysis, reporting and reduction of the volumes and impact of security breaches and incidents DS 5 DS 5.9 Malicious Software Prevention, Detection and Correction
Schedule and completion of security reviews, audits and penetration tests DS 5 DS 5.2 IT Security Plan

11. Supplier Management Service Design DS 2 DS 2.0 Manage Third-Party Services

Evaluation of new suppliers and contracts DS 2 DS 2.1 Identification of all Supplier Relationships
Supplier categorization and maintenance Supplier and Contracts Database (SCD) DS 2 DS 2.3 Supplier Risk Management
Establishing new suppliers and contracts DS 2 DS 2.2 Supplier Relationship Management
Supplier and Contract Management and performance DS 2 DS 2.2 Supplier Relationship Management
Contract renewal and/or termination DS 2 DS 2.4 Supplier Performance Monitoring

12. Transition Planning & Support Service Transition AI 4 AI 4.1 Planning for Operational Solution
Transition Strategy AI 4 AI 4.1 Planning for Operational Solution
Prepare for Service Transition AI 4 AI 4.1 Planning for Operational Solution
Planning and coordinating Service Transition AI 4 AI 4.1 Planning for Operational Solution

13. Change Management Service Transition AI 6 AI 6.0 Manage Changes

Planning and controlling changes AI 6 AI 6.4 Change Status Tracking and Reporting

www.glenfis.ch
www.itil.org
(c) Glenfis AG www.ISO20000.ch V 2.0
Glenfis AG ITIL V3 Seite 4 von 6

COBiT V4.1 Mapping Overview

ITIL Service Management Process Lifecycle Stage Process Control Objective Description

Change and release scheduling AI 6 AI 6.4 Change Status Tracking and Reporting
Communications AI 6 AI 6.4 Change Status Tracking and Reporting
Change decision making and change authorization AI 6 AI 6.2 Impact Assessment, Prioritization and Authorization
Ensuring there are remediation plans AI 6 AI 6.1 Change Standards and Procedures
Chang Advisory Board AI 6 AI 6.1 Change Standards and Procedures
Emergency Change Handling AI 6 AI 6.3 Emergency Changes
Measurement and control AI 6 AI 6.4 Change Status Tracking and Reporting
Management Reporting AI 6 AI 6.4 Change Status Tracking and Reporting
Understanding the impact of change AI 6 AI 6.2 Impact Assessment, Prioritization and Authorization
Continual improvement AI 6 AI 6.1 Change Standards and Procedures

14. Service Asset & Configuration Management Service Transition DS 9 DS 9.0 Manage the Configuration
Configuration Management and Planning DS 9 DS 9.1 Configuration Repository and Baseline
Configuration Identification DS 9 DS 9.2 Identification and Maintenance of Configuration Items
Configuration Control DS 9 DS 9.1 Configuration Repository and Baseline
Status accounting and reporting DS 9 DS 9.1 Configuration Repository and Baseline
Verification and audit DS 9 DS 9.3 Configuration Integrity review

15. Release & Deployment Management Service Transition AI 7 AI 7.0 Install and Accredit Solutions and Changes
Release and deployment planning AI 7 AI 7.3 Implementation Plan
Preparation for build, test and deployment AI 7 AI 7.2 Test Plan
Build and test AI 7 AI 7.6 Testing of Changes
Service testing and pilots AI 7 AI 7.6 Testing of Changes
Plan and prepare for deployment AI 7 AI 7.3 Implementation Plan
Perform transfer, deployment and retirement AI 7 AI 7.8 Promotion to Production
Verify deployment AI 7 AI 7.9 Post Implementation Review
Early life support AI 7 AI 7.8 Promotion to Production
Review and close deployment AI 7 AI 7.9 Post Implementation Review
Review and close Service Transition AI 7 AI 7.9 Post Implementation Review

16. Service Validation and Testing Service Transition AI 7 AI 7.6 Testing of Changes
Validation and Test Management AI 7 AI 7.4 Test Environment
Plan and Design Test AI 7 AI 7.2 Test Plan
Verify test plan and test design AI 7 AI 7.2 Test Plan
Prepare test environment AI 7 AI 7.4 Test Environment
Perform tests AI 7 AI 7.6 Testing of Changes
Evaluate exit criteria and report AI 7 AI 7.7 Final Acceptance Test
Test clean up and close AI 7 AI 7.7 Final Acceptance Test

17. Evaluation Service Transition PO 10 PO 10.13 Project Performance Measurement, Reporting and Monitoring
Evaluation plan PO 10 PO 10.13 Project Performance Measurement, Reporting and Monitoring
Understanding the intended effect of a change PO 10 PO 10.13 Project Performance Measurement, Reporting and Monitoring
Understanding the unintended effect of a change PO 10 PO 10.13 Project Performance Measurement, Reporting and Monitoring
Factors for considering the effect of a service change PO 10 PO 10.13 Project Performance Measurement, Reporting and Monitoring
Evaluation of predicted performance PO 10 PO 10.13 Project Performance Measurement, Reporting and Monitoring
Evaluation of actual performance PO 10 PO 10.13 Project Performance Measurement, Reporting and Monitoring
Risk assessment PO 9 PO 9.4 Risk Assessment

18. Knowledge Management Service Transition AI 4 AI 4.4 Knowledge Transfer to Operations and Support Staff
Knowledge Management Strategy AI 4 AI 4.4 Knowledge Transfer to Operations and Support Staff
Knowledge Transfer AI 4 AI 4.4 Knowledge Transfer to Operations and Support Staff
Data and Information Management PO 2 PO 2.1 Enterprise Information Architecture Model
Using the service knowledge management system AI 4 AI 4.4 Knowledge Transfer to Operations and Support Staff

19. Incident Management Service Operation DS 8 DS 8.0 Manage Service Desk and Incidents

www.glenfis.ch
www.itil.org
(c) Glenfis AG www.ISO20000.ch V 2.0
Glenfis AG ITIL V3 Seite 5 von 6

COBiT V4.1 Mapping Overview

ITIL Service Management Process Lifecycle Stage Process Control Objective Description

Incident Identification DS 8 DS 8.2 Registration of Customer Queries

Incident Logging DS 8 DS 8.2 Registration of Customer Queries
Incident categorization DS 8 DS 8.2 Registration of Customer Queries
Incident prioritization DS 8 DS 8.2 Registration of Customer Queries
Initial diagnosis DS 8 DS 8.2 Registration of Customer Queries
Incident escalation DS 8 DS 8.3 Incident Escalation
Investigation and diagnosis DS 8 DS 8.3 Incident Escalation
Resolution and recovery DS 8 DS 8.3 Incident Escalation
Incident closure DS 8 DS 8.4 Incident Closure

20. Event Management Service Operation DS 13 DS 13.3 IT Infrastructure Monitoring

Event occurs DS 13 DS 13.3 IT Infrastructure Monitoring
Event notification DS 13 DS 13.3 IT Infrastructure Monitoring
Event detection DS 13 DS 13.3 IT Infrastructure Monitoring
Event filtering DS 13 DS 13.3 IT Infrastructure Monitoring
Significance of events DS 13 DS 13.3 IT Infrastructure Monitoring
Event correlation DS 13 DS 13.3 IT Infrastructure Monitoring
Trigger DS 13 DS 13.3 IT Infrastructure Monitoring
Response selection DS 13 DS 13.3 IT Infrastructure Monitoring
Review and actions DS 13 DS 13.3 IT Infrastructure Monitoring
Close event DS 13 DS 13.3 IT Infrastructure Monitoring

21. Request Fulfilment Service Operation DS 8 DS 8.1 Service Desk

Menu selection DS 8 DS 8.1 Service Desk
Financial approval DS 8 DS 8.1 Service Desk
Other approval DS 8 DS 8.1 Service Desk
Fulfilment DS 8 DS 8.1 Service Desk
Closure DS 8 DS 8.1 Service Desk

22. Problem Management Service Operation DS 10 DS 10 Manage Problems

Problem detection DS 10 DS 10.1 Identification and Classification of Problems
Problem logging DS 10 DS 10.1 Identification and Classification of Problems
Problem categorization DS 10 DS 10.1 Identification and Classification of Problems
Problem prioritization DS 10 DS 10.1 Identification and Classification of Problems
Workarounds DS 10 DS 10.2 Problem Tracking and Resolution
Raising a known Error record DS 10 DS 10.2 Problem Tracking and Resolution
Problem resolution DS 10 DS 10.2 Problem Tracking and Resolution
Problem closure DS 10 DS 10.3 Problem Closure
Major Problem review DS 10 DS 10.3 Problem Closure
Errors detect in the development environment AI 4 AI 4.4 Knowledge Transfer to Operations and Support Staff

23. Access Management Service Operation DS 5 DS 5.3 User Account Management

Requesting access DS5 DS 5.3 User Account Management
Verification DS5 DS 5.2 Identity Management
Providing rights DS5 DS 5.3 User Account Management
Monitoring identity status DS5 DS 5.3 User Account Management
Logging and tracking access DS5 DS 5.3 User Account Management
Removing or restricting rights DS5 DS 5.3 User Account Management

24. Reporting Continual Service Improvement ME 1 ME 1.0 Monitor and Evaluate IT Performance
Define targeted Audience ME 1 ME 1.1 Monitoring Approach
Define Business Views ME 1 ME 1.2 Definition and Collection of Monitoring Data
Agreement on what to monitor and report ME 1 ME 1.1 Monitoring Approach
Monitor against Service Level targets ME 1 ME 1.4 Performance Assessment
Reporting workloads, trends non-compliance ME 2/ME 3 ME 2.1/ME 3.5 Monitoring of Internal Control Framework/Integrated Reporting

www.glenfis.ch
www.itil.org
(c) Glenfis AG www.ISO20000.ch V 2.0
Glenfis AG ITIL V3 Seite 6 von 6

COBiT V4.1 Mapping Overview

ITIL Service Management Process Lifecycle Stage Process Control Objective Description

25. Service Measurement & Control Continual Service Improvement ME 1 ME 1.3 Monitoring Method
Developing a Service Management Framework ME 1 ME 1.3 Monitoring Method
Defining what to measure ME 1 ME 1.2 Definition and Collection of Monitoring Data
Setting targets ME 1 ME 1.3 Monitoring Method
Service Management process measurement ME 1 ME 1.1 Monitoring Approach
Creating a measurement framework grid ME 1 ME 1.1 Monitoring Approach
Interpreting and using metrics ME 2 ME 2.2 Supervisory Review
Interpreting metrics ME 2 ME 2.2 Supervisory Review
Using measurement and metrics ME 1 ME 1.4 Performance Assessment
Creating scorecard and reports ME 1 ME 1.5 Board and Executive Reporting

26. Return on Investment on CSI Continual Service Improvement ME 4 ME 4.3 Value Delivery
Creating a return on Investment ME 4 ME 4.3 Value Delivery
Establishing the business case ME 4 ME 4.3 Value Delivery
Measuring benefits achieved ME 4 ME 4.3 Value Delivery

www.glenfis.ch
www.itil.org
(c) Glenfis AG www.ISO20000.ch V 2.0