Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
COBIT 5 & 4.1 Comparison
1. COBIT 5 & 4.1 Comparison
ANTHONY DEHNASHI
(PARSYSTECH.COM)
2013
2. Overview
A brief overview of changes in COBIT 5 vs. COBIT 4.1
COBIT 5 now covers:
The governance for the enterprise as a whole and not just IT.
It includes RISK-IT and VAL-IT which were introduced before
as separate frameworks to cover the risk management and
value management/delivery of IT work.
It has been shaped as an integrated framework where provides
the simple and easy way for integration with other
frameworks such as ITIL, TOGAF, ISO 27000, ….
It separates governance from management.
3. Improvements
Improvements
Considerable COBIT 5 now The improvements to The most significant
improvements to make introduced as an COBIT 5 include change to COBIT is the
COBIT 5 a model for the integrated solution in restructuring the reorganization of the
corporate ® governance order to easily glued description of the framework from being
of information and work with other individual processes, an IT process model
technology. Unlike its frameworks. identifying the actual into an IT governance
predecessor, the COBIT base practices within framework with a set of
5 addresses/covers all each process and governance practices
three levels of an IT describing the key for IT, a management
governance framework. activities within each system for the
base practice. continuous
improvement of IT
activities and a process
model with baseline
practices.
4. Process Change Log Summary
Merged
Reassigned Relocated Net New
Processes
EDM1 Set and Maintain
DS7 is merged with PO7 Governance Framework APO1
(Education and Human Define the Management
Resources) Framework
PO1 to APO2 (Strategic APO4 Manage Innovation
PO6 is merged with PO1 Planning) (partly PO3)
(Management Communications
and Management)
APO8 Manage Relationships
PO2 is merged with PO3
(Information and Technical ME4 to EDM1, 2, 3, 4, 5
(Governance)
Architectures)
BAI8 Knowledge Management
AI2 is merged with AI3
(Application Software and
Infrastructure Components) DSS2 Manage Assets (partly
PO4 to APO1 (Organization,
Relationships and Processes) DS9)
DS12 is merged with DS5
(Physical Environment and DSS8 Manage Business Process
Information Security) Controls.
5. COBIT 5 Implementation
Implementing COBIT 5
COBIT 5 comprises an The COBIT 5 framework The COBIT 5 process Implementing COBIT 5
operational model and a includes a process model is a complete, starts with determining
common language for all reference model and comprehensive model that which stakeholder
parts of the business defines and describes the an enterprise must tailor interests have priority,
involved in IT activities. It management and to its own specific needs what are their
also provides a framework governance processes. The after taking into account expectations, what is the
for measuring and process reference model the internal business IT functions capability to
monitoring IT includes all the processes needs, the external satisfy these expectations
performance, integrating normally found in an business pressures and and who is accountable for
best management enterprise relating to IT the various stakeholders’ doing so. This will require
practices, governance and activities, providing a expectation of the knowledge about the
communicating with common reference model, organization and the IT underlying processes and
stakeholders. understandable to function. management system that
operational IT and supports the IT function
business managers. deliver the services and
performance expected.
6. Upgrading
Upgrade from 4.1 to 5
COBIT 5 builds on the process Organizations already at a Where an organization has Completely new for most
model previously defined in COBIT maturity level of at made considerable organizations will be the
earlier releases of COBIT. It is least 2 (measured using ISO investments in implementing introduction of a management
an evolutionary change that 15504) will find the upgrade the COBIT 4.1 processes it may system and a governance
has rationalized the existing relatively easy. However be desirable to first complete framework. This will require
processes through combining organizations at a maturity this initiative before merging managers to develop a
and reassigning practices level 1 are likely to find the the COBIT 4.1 processes to structured approach to how
within the existing processes upgrade from COBIT 4.1 to align with the COBIT 5 they plan, organize, direct and
and including additional COBIT 5 to be challenging. processes. control resources and deliver
processes and practices for the Organizations currently the performance required.
management and governance operating at a maturity level of
of information technology. 1 or below (i.e. without defined
processes in place) may find it
easier and more cost efficient
to adopt COBIT 5 and start
afresh using the new COBIT 5
framework.
7. Resources & References
To get a full comparison of COBIT 5 and 4.1 please
refer to the following links on ISACA site.
http://www.isaca.org/COBIT/Documents/Compare-with-
4.1.pdf
http://www.isaca.org/COBIT/Documents/Comparing-
COBIT.pdf
References & Sources
ISACA
IT governance
COBIT 5 & 4.1