SlideShare une entreprise Scribd logo
1  sur  40
Aligning COBIT 5 and ISO 385000 for
Effective IT Governance
By
Orlando Olumide Odejide
www.pecb.com www.trainingheights.net
38500
Summary
• What does COBIT have to offer and what is
contained in the extensive body of knowledge
called COBIT 5.
• What is complementary that ISO 38500
brings to an organization.
COBIT 5 Product Family
• COBIT 5 framework is built on 5 basic principles, which
are covered in detail, and includes extensive guidance
on enablers for governance and management of
enterprise IT.
• COBIT 5 Product Family include various products which
include:
– COBIT 5 Framework.
– COBIT Enabler Guides (Enabling Process, Enabling
Information).
– COBIT 5 Professional Guides (Implementation, Information
Security, Assurance and Risk).
COBIT 5 Product Family
4
Source: COBIT® 5, figure 11. © 2012 ISACA® All rights reserved.
Information
• Information is a key resource for all enterprises, and
from the time that information is created to the moment
that it is destroyed, technology plays a significant role.
• Information technology in increasingly advanced and has
become pervasive in enterprises and in social, public
and business environments.
Business Concerns
• Maintain high-quality information to support business
decisions
• Generate business value from IT-enabled investments
i.e. achieve strategic goals and realize business benefits
through effective and innovative use of IT.
• Achieve operational excellence through the reliable and
efficient application of technology.
• Maintain IT-related risk at an acceptable level.
• Optimize the cost of IT services and technology.
• Comply with ever-increasing relevant laws, regulations,
contractual agreements and policies.
Major drivers for the development of COBIT 5 are:
1. Provide more stakeholders a say in determining what they expect from
information and related technology (what benefits, at what acceptable level of
risk and at what costs) and what their priorities are in ensuring that expected
value is actually being delivered.
2. Address the increasing dependency of enterprise success on external business
and IT parties such as outsourcers, suppliers, consultants, cloud and other
service providers, on a diverse set of internal means and mechanism to deliver
the expected value.
3. Deal with the amount of information, which has increased significantly. How do
enterprises select the relevant and credible information that will lead to effective
and efficient business decisions.
4. Deal with much more pervasive IT, it is more and more an integral part of the
business. Often, it is no longer satisfactory to have IT separate even if it is
aligned to the business.
5. Provide further guidance in the area of innovation and emerging technologies;
this is about creativity, inventiveness, developing new products, making the
existing products more compelling to customers and reaching new types of
customers.
5 Principles
• Meeting Stakeholder Needs
• Covering the Enterprise End-to-end
• Applying a Single Integrated Framework
• Enabling a Holistic Approach
• Separating Governance from Management
Principle 1: Meeting Stakeholder Needs
• Enterprises exist to create value for their stakeholders.
• Value Creation is a Governance objective for every
organization.
• Value creation means realizing benefits at an optimal
resource cost while optimizing risk.
• Benefits may take many forms e.g. financial for commercial
enterprises or public service fir government entities.
• Governance is about negotiating and deciding amongst
different stakeholders’ value interests.
• Governance system should consider all stakeholders when
making benefit, risk and resource assessment decisions.
COBIT Goals Cascade
• Stakeholder Drivers Influence Stakeholder Needs
• Stakeholder Needs Cascade to Enterprise Goals
• Enterprise Goals Cascade to IT-related Goals
• IT-related Goals cascade to Enabler Goals
COBIT has borrowed from Balanced Scorecard and has aligned both its Enterprise
and IT-related Goals to the 4 Balanced Scorecard Perspectives.
COBIT has a list of 17 Enterprise Goals that is vastly applicable to every kind of
organization.
COBIT also has a list of 17 IT-related Goals that is applicable to every size and type
of IT organization.
COBIT also has an extensive list if 22 business needs.
Covering the Enterprise End-To-End
• COBIT 5 addresses the governance and management of
information and related technology from an enterprise wide
end-to-end perspective.
• COBIT 5 integrated governance of enterprise IT into
enterprise governance. That is, the governance system for
enterprise IT proposed by COBIT 5 integrates seamlessly in
any governance system. COBIT 5 aligns with the latest views
on governance.
• Covers all functions and processes required to govern and
manage enterprise information and related technologies
wherever that information maybe processed. Given this
extended enterprise scope, COBIT 5 addresses all the
relevant internal and external IT services, as well as internal
and external business processes.
Governance Approach
• Governance Approach includes the Governance
Enablers and Governance Scope.
• Owners and Stakeholders Delegate to the Governing
Body and there are in turn Accountable to them.
• Governing Body Set the Direction for Management and
they also are in turn Monitor them.
• Management Instructs and Aligns Operations and
Execution and they in turn Report to them.
Principle 3: Applying a Single Integrated
Framework
• It aligns with other latest relevant standards and framework, and
thus allows the enterprise to use COBIT 5 as the overarching
governance and management framework integrator.
• It is complete in enterprise coverage, providing a basis to integrate
effectively other frameworks, standards and practices used.
• A single overarching framework serves as a consistent and
integrated source of guidance in a non-technical, technology-
agnostic common language.
• It provides a simple architecture for structuring guidance materials
and producing consistent product set.
• It integrated and knowledge previously dispersed over different
ISACA frameworks. ISACA has researched the key areas of
enterprise governance for many years and has developed
frameworks such as COBIT, VAL IT, Risk IT, BMIS and ITAF to
provide guidance and assistance to enterprises.
COBIT 5 is a single and integrated framework because:
Principle 4: Enabling a Holistic Approach
• Principles, policies and frameworks are the vehicle to translate he desired
behavior into practical guidance for day-to-day management.
• Processes describe an organized set of practices and activities to achieve
certain objectives and produce a set of outputs in support of achieving overall
IT-related goals.
• Organisational Structures are the key decision-making entities in an
enterprise.
• Culture, ethics and behavior of individuals and of the enterprise are very often
underestimated as a success factor in governance and management activities.
• Information is pervasive throughout any organization and includes all
information produced and used by the enterprise. Information is very often the
key product of the enterprise itself.
• Services, Infrastructure and Application include the Infrastructure,
Technology and Applications that provide the enterprise with Information
Technology processing and services.
• People, Skills and competencies are linked to people and are required for
successful completion of all activities and for making correct decisions and
taking corrective actions.
COBIT 5 Enablers (7)
7 Enablers in a Diagram.
COBIT 5 Enabling Process
Principle 5: Separating Governance from
Management
• The COBIT 5 framework makes clear distinction between
governance and management. These 2 disciples encompass
different types of activities, require different organizational structures
and serve different purposes.
• The COBIT 5 view on this key distinction between governance and
management is:
– Governance ensures that stakeholders needs, conditions and options
are evaluated to determine balanced, agreed-on enterprise objectives to
be achieved; setting direction through prioritization and decision making;
and monitoring performance and compliance against agreed-on
direction and objectives.
– Management plans, builds, runs and monitors activities in alignment
with the direction set by the governance body to achieve the enterprise
objectives.
Governance and Management
COBIT Governance and Management Key
Areas
37 Processes for Governance and Management of
Enterprise IT (Process Reference Model)
Implementation Guidance
• Optimal value can be realized from leveraging COBIT only if it
effectively adopted and adapted to suit each enterprise's unique
environment.
• Each implementation approach will also need to address specific
challenges, including managing changes to culture and behavior.
• The implementation guidance allows
– Making a business case for the implementation and improvement of
governance and management of IT
– Recognizing typical pain points and trigger events
– Creating the appropriate environment for implementation
– Leveraging COBIT to identify gaps and guide the development of
enablers such as policies, processes, principles, organizational
structures, roles and responsibilities.
Introduction
Key success factors for successful
implementation include:
• Top Management providing the direction and mandate
for the initiative, as well as visible ongoing commitment
and support.
• All parties supporting the governance and management
processes to understand the business and IT objectives.
• Ensuring effective communication and enablement of
necessary changes
• Tailoring COBIT and other supporting good practices and
standards to fit the unique context of the enterprise
• Focusing on quick wins and prioritizing the most
beneficial improvements that are easiest to implement.
Enterprise Context
• Ethics and Culture
• Applicable Laws, regulations and policies
• Mission, vision and values
• Governance policies and practices
• Business plans and strategic intentions
• Operating model and level of maturity
• Management Style
• Risk Appetite
• Capabilities and available resources
• Industry practices
Factors in the Internal an External Enterprise Environment
7 Phases of the Implementation Lifecycle
COBIT 5 Process Capability Model
6 Levels of Capability
Level Attributes Description
0 = Incomplete 0 Attribute The process is not implemented or fails to achieve its
intended purpose.
1 = Performed 1 Attribute The implemented process achieves its process purpose.
2 = Managed 2 Attribute The previously described performed process is now
implemented in a managed fashion and its work products
are appropriately established, controlled and maintained.
3 = Established 3 Attribute The previously described managed process is now
implemented using a defined process that is a capable of
achieving its process outcomes.
4 = Predictable 4 Attribute The previously described established process now operates
within defined limits to achieve its process outcomes.
5 = Optimizing 5 Attribute The previously described predictable process is continuously
improved to meet relevant current and projected business
goals.
ISO 38500: Corporate Governance for the
Management of IT
• The objective of ISO 38500 is to provide a structure of
principles for directors (including owners, board members,
directors, partners and senior executives) to use when
evaluating, directing and monitoring the use of IT in their
organizations.
• This standard provides a structure for effective governance of
IT to assist those at the highest level of organizations to
understand and fulfill their legal, regulatory and ethical
obligations regarding their organizations’ use of IT.
• The scope of the standard is to provide guiding principles for
directors of organizations on the effective, efficient and
acceptable use of IT within their organizations.
• It is applicable for all organizations, from the smallest to the
largest, regardless of purpose, design or ownership structure.
The Model
• Evaluate the current and future use of IT.
• Direct preparation and implementation of plans and policies to
ensure that the use of IT meets business objectives.
• Monitor conformance to policies and performance against the plans.
• The standard sets out six principles for good corporate governance
of IT.
• The principles express preferred behavior to guide decision making.
• The statement of each principle refers to what should happen, but
does not prescribe how, when or by whom the principles would be
implemented; these aspects are dependent on the nature of the
organization implementing the principles. It is similar to a capability
maturity model description of an ideal state.
• Each of the principles is then tied into the model to provide a best
practice for each principle, see the image next.
Directors should govern IT through three main tasks:
Model
Principle 1: Responsibility
• The business (customer) and IT (provider) should collaborate in a
partnership model utilising effective communications based on a
positive and trusted relationship and demonstrating clarity regarding
responsibility and accountability.
• For larger enterprises, an IT executive committee (also referred to as
the IT strategy committee) acting on behalf of the board and chaired by
a board member is a very effective mechanism for evaluating, directing
and monitoring the use of IT in the enterprise and for advising the board
on critical IT issues.
• Directors of small and medium-sized enterprises with a simpler
command structure and shorter communication paths need to take a
more direct approach when overseeing IT activities.
• In all cases, appropriate governance organisational structures, roles
and responsibilities are required to be mandated from the governing
body, providing clear ownership and accountability for important
decisions and tasks.
• This should include relationships with key third-party IT service
providers.
Principle 2: Strategy
• IT strategic planning is a complex and critical undertaking
requiring close co-ordination amongst enterprise wide
business unit and IT strategic plans.
• It is also vital to prioritize the plans most likely to achieve the
desired benefits and to allocate resources effectively.
• High-level goals need to be translated into achievable tactical
plans, ensuring minimal failures and surprises.
• The goal is to deliver value in support of strategic objectives
while considering the associated risk in relation to the board’s
risk appetite.
• While it is important to cascade plans in a top-down fashion,
the plans must also be flexible and adaptable to meet rapidly
changing business requirements and IT opportunities.
Principle 2: Strategy Continued
• Furthermore, the presence or absence of IT capabilities can
either enable or hinder business strategies; therefore, IT
strategic planning should include transparent and appropriate
planning of IT capabilities.
• This should include assessment of the ability of the current IT
infrastructure and human resources to support future
business requirements and consideration of future
technological developments that might enable competitive
advantage and/or optimize costs.
• IT resources include relationships with many external product
vendors and service providers, some of whom likely play a
critical role in supporting the business.
• Governance of strategic sourcing is thus a very significant
strategic planning activity requiring executive-level direction
and oversight.
Principle 3: Acquisition
• IT solutions exist to support business processes and therefore care
must be taken to not consider IT solutions in isolation or as just a
‘technology’ project or service.
• On the other hand, an inappropriate choice of technology
architecture, a failure to maintain a current and appropriate technical
infrastructure, or an absence of skilled human resources can result
in project failure, an inability to sustain business operations or a
reduction in value to the business.
• Acquisitions of IT resources should be considered as a part of wider
IT-enabled business change. The acquired technology must also
support and operate with existing and planned business processes
and IT infrastructures.
• Implementation is also not just a technology issue, but rather a
combination of organisational change, revised business processes,
training and enabling the change.
• Therefore, IT projects should be undertaken as part of wider
enterprisewide change programmes that include other projects
satisfying the full range of activities required to help ensure a
successful outcome.
Principle 4: Performance
• Effective performance measurement depends on two key aspects
being addressed: the clear definition of performance goals and the
establishment of effective metrics to monitor achievement of goals.
• A performance measurement process is also required to help ensure
that performance is monitored consistently and reliably.
• Effective governance is achieved when goals are set from the top
down and aligned with high-level, approved business goals, and
metrics are established from the bottom up and aligned in a way that
enables the achievement of goals at all levels to be monitored by
each layer of management.
• Two critical governance success factors are the approval of goals by
stakeholders, and the acceptance of accountability for achievement
of goals by directors and managers.
• IT is a complex and technical topic; therefore, it is important to
achieve transparency by expressing goals, metrics and performance
reports in language meaningful to the stakeholders so that
appropriate actions can be taken.
Principle 5: Conformance
• In today’s global marketplace, enabled by the Internet and advanced
technologies, enterprises need to comply with a growing number of
legal and regulatory requirements.
• Because of corporate scandals and financial failures in recent years,
there is a heightened awareness in the boardroom of the existence
and implications of tougher laws and regulations.
• Stakeholders require increased assurance that enterprises are
complying with laws and regulations and conforming to good
corporate governance practice in their operating environment.
• In addition, because IT has enabled seamless business processes
between enterprises, there is also a growing need to help ensure
that contracts include important IT-related requirements in areas
such as privacy, confidentiality, intellectual property and security.
Principle 5: Conformance Continued
• Directors need to ensure that compliance with external
requirements is dealt with as a part of strategic planning
rather than as a costly afterthought.
• They also need to set the tone at the top and establish
policies and procedures for their management and staff
to follow, to ensure that the goals of the enterprise are
realised, risk is minimised and compliance is achieved.
• Top management must strike an appropriate balance
between performance and conformance, ensuring that
performance goals do not jeopardise compliance and,
conversely, that the conformance regime is appropriate
and does not overly restrict the operation of the
business.
Principle 6: Human Behaviour
• The implementation of any IT-enabled change, including IT
governance itself, usually requires significant cultural and
behavioral change within enterprises as well as with
customers and business partners.
• This can create fear and misunderstanding amongst staff, so
implementation needs to be managed carefully if personnel
are to remain positively engaged.
• Directors must clearly communicate goals and be seen as
positively supporting the proposed changes. Training and
skills enhancement of personnel are key aspects of change—
especially given the rapidly moving nature of technology.
• People are affected by IT at all levels in an enterprise, as
stakeholders, managers and users, or as specialists providing
IT-related services and solutions to the business.
Principle 6: Human Behavior Continued
• Beyond the enterprise, IT affects customers and business
partners and increasingly enables self-service and automated
intercompany transactions within countries and across
borders.
• While IT-enabled business processes bring new benefits and
opportunities, they also carry increasing types of risk.
• Issues such as privacy and fraud are growing concerns for
individuals, and these and other types of risk need to be
managed if people are to trust the IT systems they use.
• Information systems can also dramatically affect working
practices by automating manual procedures.
ISO 38500 (Evaluate, Direct and Monitor)
• COBIT in itself enables good governance.
• The Governance domain in the COBIT process model
had five processes, and each of these processes has
EDM practices defined.
• This is the main location in COBIT 5 where governance-
related activities are defined.
Effective IT
Governance =
COBIT 5+ ISO 38500.
Thank You and Questions
orlando@trainingheights.net
N.B: Some Content, Diagrams and Trademarks belong
to ISACA COBIT and ISO 38500 Documents.

Contenu connexe

Tendances

COBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdfCOBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdfMartinPatrici
 
Iso 27001 in images - sample slides from different levels of training, e.g. F...
Iso 27001 in images - sample slides from different levels of training, e.g. F...Iso 27001 in images - sample slides from different levels of training, e.g. F...
Iso 27001 in images - sample slides from different levels of training, e.g. F...Stratos Lazaridis
 
cobit 2019 presentation.pdf
cobit 2019 presentation.pdfcobit 2019 presentation.pdf
cobit 2019 presentation.pdfmohammed539963
 
Initiating IT Governance Strategy to Identify Business Needs
Initiating IT Governance Strategy to Identify Business NeedsInitiating IT Governance Strategy to Identify Business Needs
Initiating IT Governance Strategy to Identify Business NeedsPECB
 
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise ITCOBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise ITMark Constable
 
Presentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMPresentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMShantanu Rai
 
Information Security Governance and Strategy
Information Security Governance and Strategy Information Security Governance and Strategy
Information Security Governance and Strategy Dam Frank
 
Introduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT managementIntroduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT managementChristian F. Nissen
 
IT Governance Presentation
IT Governance PresentationIT Governance Presentation
IT Governance Presentationjmcarden
 
Governance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 FrameworkGovernance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 FrameworkGoutama Bachtiar
 
IT Governance Made Easy
IT Governance Made EasyIT Governance Made Easy
IT Governance Made EasyJerry Bishop
 
Enterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating ModelEnterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating ModelEryk Budi Pratama
 
ISO 37001 Implementation - The Key to Protecting Your Company’s Reputation
ISO 37001 Implementation - The Key to Protecting Your Company’s ReputationISO 37001 Implementation - The Key to Protecting Your Company’s Reputation
ISO 37001 Implementation - The Key to Protecting Your Company’s ReputationPECB
 
ISMS Requirements
ISMS RequirementsISMS Requirements
ISMS Requirementshumanus2
 

Tendances (20)

COBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdfCOBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdf
 
It governance & cobit 5
It governance & cobit 5It governance & cobit 5
It governance & cobit 5
 
Iso 27001 in images - sample slides from different levels of training, e.g. F...
Iso 27001 in images - sample slides from different levels of training, e.g. F...Iso 27001 in images - sample slides from different levels of training, e.g. F...
Iso 27001 in images - sample slides from different levels of training, e.g. F...
 
What is Cobit
What is CobitWhat is Cobit
What is Cobit
 
cobit 2019 presentation.pdf
cobit 2019 presentation.pdfcobit 2019 presentation.pdf
cobit 2019 presentation.pdf
 
Initiating IT Governance Strategy to Identify Business Needs
Initiating IT Governance Strategy to Identify Business NeedsInitiating IT Governance Strategy to Identify Business Needs
Initiating IT Governance Strategy to Identify Business Needs
 
IT Governance - COBIT Perspective
IT Governance - COBIT PerspectiveIT Governance - COBIT Perspective
IT Governance - COBIT Perspective
 
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise ITCOBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
 
Presentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMPresentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCM
 
Cobit 5 - An Overview
Cobit 5 - An OverviewCobit 5 - An Overview
Cobit 5 - An Overview
 
Information Security Governance and Strategy
Information Security Governance and Strategy Information Security Governance and Strategy
Information Security Governance and Strategy
 
Introduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT managementIntroduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT management
 
IT Governance Presentation
IT Governance PresentationIT Governance Presentation
IT Governance Presentation
 
ISO 27001:2022 What has changed.pdf
ISO 27001:2022 What has changed.pdfISO 27001:2022 What has changed.pdf
ISO 27001:2022 What has changed.pdf
 
Governance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 FrameworkGovernance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 Framework
 
IT Governance Made Easy
IT Governance Made EasyIT Governance Made Easy
IT Governance Made Easy
 
Enterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating ModelEnterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating Model
 
ISO 37001 Implementation - The Key to Protecting Your Company’s Reputation
ISO 37001 Implementation - The Key to Protecting Your Company’s ReputationISO 37001 Implementation - The Key to Protecting Your Company’s Reputation
ISO 37001 Implementation - The Key to Protecting Your Company’s Reputation
 
It strategic-plan-2018-2020
It strategic-plan-2018-2020It strategic-plan-2018-2020
It strategic-plan-2018-2020
 
ISMS Requirements
ISMS RequirementsISMS Requirements
ISMS Requirements
 

En vedette

COBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an IntroductionCOBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an Introductionaqel aqel
 
3.5 ICT Policies
3.5 ICT Policies3.5 ICT Policies
3.5 ICT Policiesmrmwood
 
2012 04 16 Iso38500 Governance V1
2012 04 16 Iso38500 Governance V12012 04 16 Iso38500 Governance V1
2012 04 16 Iso38500 Governance V1Michael Boyle
 
Bsi iso27001-mapping-guide
Bsi iso27001-mapping-guideBsi iso27001-mapping-guide
Bsi iso27001-mapping-guidefloora_jj
 
Secure Cloud Adoption - Checklist
Secure Cloud Adoption - ChecklistSecure Cloud Adoption - Checklist
Secure Cloud Adoption - ChecklistSecurestorm
 
Pivotal Digital Transformation Forum: Requirements to Become a Data-Driven En...
Pivotal Digital Transformation Forum: Requirements to Become a Data-Driven En...Pivotal Digital Transformation Forum: Requirements to Become a Data-Driven En...
Pivotal Digital Transformation Forum: Requirements to Become a Data-Driven En...VMware Tanzu
 
2015 ISACA NACACS - Audit as Controls Factory
2015 ISACA NACACS - Audit as Controls Factory2015 ISACA NACACS - Audit as Controls Factory
2015 ISACA NACACS - Audit as Controls FactoryNathan Anderson
 
Roles and Responsibilities | RACI
Roles and Responsibilities | RACIRoles and Responsibilities | RACI
Roles and Responsibilities | RACIPatricia Hswe
 
ISO 27001 ISMS MEASUREMENT
ISO 27001 ISMS MEASUREMENTISO 27001 ISMS MEASUREMENT
ISO 27001 ISMS MEASUREMENTGaffri Johnson
 
Vendor Cybersecurity Governance: Scaling the risk
Vendor Cybersecurity Governance: Scaling the riskVendor Cybersecurity Governance: Scaling the risk
Vendor Cybersecurity Governance: Scaling the riskSarah Clarke
 
How to take organizations to higher testing maturity suresh bose anagha mahaj...
How to take organizations to higher testing maturity suresh bose anagha mahaj...How to take organizations to higher testing maturity suresh bose anagha mahaj...
How to take organizations to higher testing maturity suresh bose anagha mahaj...Anagha Mahajan
 
Superior it governance with iso 38500.key
Superior it governance with iso 38500.keySuperior it governance with iso 38500.key
Superior it governance with iso 38500.keyBasta Group BV
 
Risk Management and Remediation
Risk Management and RemediationRisk Management and Remediation
Risk Management and RemediationCarahsoft
 
Re-Architect Your Legacy Environment To Enable An Agile, Future-Ready Enterprise
Re-Architect Your Legacy Environment To Enable An Agile, Future-Ready EnterpriseRe-Architect Your Legacy Environment To Enable An Agile, Future-Ready Enterprise
Re-Architect Your Legacy Environment To Enable An Agile, Future-Ready EnterpriseDell World
 
Transform IT Operations with CSC
Transform IT Operations with CSCTransform IT Operations with CSC
Transform IT Operations with CSCAmazon Web Services
 
Standardization of IT Processes
Standardization of IT ProcessesStandardization of IT Processes
Standardization of IT ProcessesNatarajan V
 
Transform IT Operations and Management
Transform IT Operations and ManagementTransform IT Operations and Management
Transform IT Operations and ManagementAmazon Web Services
 
Cobit 5 for information security
Cobit 5 for information securityCobit 5 for information security
Cobit 5 for information securityElkanouni Mohamed
 

En vedette (20)

COBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an IntroductionCOBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an Introduction
 
Christophe feltus introduction to iso 38500 v1 0
Christophe feltus introduction to iso 38500 v1 0Christophe feltus introduction to iso 38500 v1 0
Christophe feltus introduction to iso 38500 v1 0
 
3.5 ICT Policies
3.5 ICT Policies3.5 ICT Policies
3.5 ICT Policies
 
2012 04 16 Iso38500 Governance V1
2012 04 16 Iso38500 Governance V12012 04 16 Iso38500 Governance V1
2012 04 16 Iso38500 Governance V1
 
Bsi iso27001-mapping-guide
Bsi iso27001-mapping-guideBsi iso27001-mapping-guide
Bsi iso27001-mapping-guide
 
Secure Cloud Adoption - Checklist
Secure Cloud Adoption - ChecklistSecure Cloud Adoption - Checklist
Secure Cloud Adoption - Checklist
 
Pivotal Digital Transformation Forum: Requirements to Become a Data-Driven En...
Pivotal Digital Transformation Forum: Requirements to Become a Data-Driven En...Pivotal Digital Transformation Forum: Requirements to Become a Data-Driven En...
Pivotal Digital Transformation Forum: Requirements to Become a Data-Driven En...
 
2015 ISACA NACACS - Audit as Controls Factory
2015 ISACA NACACS - Audit as Controls Factory2015 ISACA NACACS - Audit as Controls Factory
2015 ISACA NACACS - Audit as Controls Factory
 
Roles and Responsibilities | RACI
Roles and Responsibilities | RACIRoles and Responsibilities | RACI
Roles and Responsibilities | RACI
 
ISO 27001 ISMS MEASUREMENT
ISO 27001 ISMS MEASUREMENTISO 27001 ISMS MEASUREMENT
ISO 27001 ISMS MEASUREMENT
 
Vendor Cybersecurity Governance: Scaling the risk
Vendor Cybersecurity Governance: Scaling the riskVendor Cybersecurity Governance: Scaling the risk
Vendor Cybersecurity Governance: Scaling the risk
 
How to take organizations to higher testing maturity suresh bose anagha mahaj...
How to take organizations to higher testing maturity suresh bose anagha mahaj...How to take organizations to higher testing maturity suresh bose anagha mahaj...
How to take organizations to higher testing maturity suresh bose anagha mahaj...
 
Superior it governance with iso 38500.key
Superior it governance with iso 38500.keySuperior it governance with iso 38500.key
Superior it governance with iso 38500.key
 
Risk Management and Remediation
Risk Management and RemediationRisk Management and Remediation
Risk Management and Remediation
 
Re-Architect Your Legacy Environment To Enable An Agile, Future-Ready Enterprise
Re-Architect Your Legacy Environment To Enable An Agile, Future-Ready EnterpriseRe-Architect Your Legacy Environment To Enable An Agile, Future-Ready Enterprise
Re-Architect Your Legacy Environment To Enable An Agile, Future-Ready Enterprise
 
Transform IT Operations with CSC
Transform IT Operations with CSCTransform IT Operations with CSC
Transform IT Operations with CSC
 
Standardization of IT Processes
Standardization of IT ProcessesStandardization of IT Processes
Standardization of IT Processes
 
Transform IT Operations and Management
Transform IT Operations and ManagementTransform IT Operations and Management
Transform IT Operations and Management
 
Cobit 5 for information security
Cobit 5 for information securityCobit 5 for information security
Cobit 5 for information security
 
CobiT Foundation Free Training
CobiT Foundation Free TrainingCobiT Foundation Free Training
CobiT Foundation Free Training
 

Similaire à PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500

CoBIT 5 (A brief Description)
CoBIT 5 (A brief Description)CoBIT 5 (A brief Description)
CoBIT 5 (A brief Description)Sam Mandebvu
 
Syzygal cobit5-brc
Syzygal cobit5-brcSyzygal cobit5-brc
Syzygal cobit5-brcSyzygal
 
Cobi t 4.1-brochure
Cobi t 4.1-brochureCobi t 4.1-brochure
Cobi t 4.1-brochureDeloitte
 
Cobit5 introduction
Cobit5 introductionCobit5 introduction
Cobit5 introductionMarkus Yaldu
 
Principal 4 Enabling A Holistic Approach
Principal 4 Enabling A Holistic ApproachPrincipal 4 Enabling A Holistic Approach
Principal 4 Enabling A Holistic ApproachMohammad Reda Katby
 
02-cobit5-introduction.ppt
02-cobit5-introduction.ppt02-cobit5-introduction.ppt
02-cobit5-introduction.pptElonMotta
 
Cobit 2019 framework by ISACA
Cobit 2019 framework by ISACACobit 2019 framework by ISACA
Cobit 2019 framework by ISACAMDFazlaRabbiAbir
 
Governance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 FrameworkGovernance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 FrameworkGoutama Bachtiar
 
Executive's Handbook on IT Strategy and Governance
Executive's Handbook on IT Strategy and GovernanceExecutive's Handbook on IT Strategy and Governance
Executive's Handbook on IT Strategy and GovernanceKuda Musundire CA (Z), RPA
 
Cobit5 introduction
Cobit5 introductionCobit5 introduction
Cobit5 introductionsuhaskokate
 
Governance and management of IT.pptx
Governance and management of IT.pptxGovernance and management of IT.pptx
Governance and management of IT.pptxPrashant Singh
 
Gaining and Maintaining IT & Business Alignment.pptx
Gaining and Maintaining IT & Business Alignment.pptxGaining and Maintaining IT & Business Alignment.pptx
Gaining and Maintaining IT & Business Alignment.pptxRobert Sheesley, CBA, CPHIMS
 
Lecture 06 - CoBit - Control Objectives for Information and Related Technolog...
Lecture 06 - CoBit - Control Objectives for Information and Related Technolog...Lecture 06 - CoBit - Control Objectives for Information and Related Technolog...
Lecture 06 - CoBit - Control Objectives for Information and Related Technolog...TRANANHQUAN4
 
It Governance OC CIO Nov,2013
It Governance OC CIO Nov,2013It Governance OC CIO Nov,2013
It Governance OC CIO Nov,2013James Sutter
 
It Governance OC CIO Nov,2013
It Governance OC CIO Nov,2013It Governance OC CIO Nov,2013
It Governance OC CIO Nov,2013Jim Sutter
 

Similaire à PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500 (20)

CoBIT 5 (A brief Description)
CoBIT 5 (A brief Description)CoBIT 5 (A brief Description)
CoBIT 5 (A brief Description)
 
Syzygal cobit5-brc
Syzygal cobit5-brcSyzygal cobit5-brc
Syzygal cobit5-brc
 
How to pass cobit exam
How to pass cobit exam   How to pass cobit exam
How to pass cobit exam
 
Cobi t 4.1-brochure
Cobi t 4.1-brochureCobi t 4.1-brochure
Cobi t 4.1-brochure
 
Cobit5 introduction
Cobit5 introductionCobit5 introduction
Cobit5 introduction
 
Cobit 4.1 indri
Cobit 4.1 indriCobit 4.1 indri
Cobit 4.1 indri
 
Principal 4 Enabling A Holistic Approach
Principal 4 Enabling A Holistic ApproachPrincipal 4 Enabling A Holistic Approach
Principal 4 Enabling A Holistic Approach
 
COBIT5-IntroductionS
COBIT5-IntroductionSCOBIT5-IntroductionS
COBIT5-IntroductionS
 
02-cobit5-introduction.ppt
02-cobit5-introduction.ppt02-cobit5-introduction.ppt
02-cobit5-introduction.ppt
 
COBIT5 Introduction
COBIT5 IntroductionCOBIT5 Introduction
COBIT5 Introduction
 
Cobit 2019 framework by ISACA
Cobit 2019 framework by ISACACobit 2019 framework by ISACA
Cobit 2019 framework by ISACA
 
Governance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 FrameworkGovernance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 Framework
 
Executive's Handbook on IT Strategy and Governance
Executive's Handbook on IT Strategy and GovernanceExecutive's Handbook on IT Strategy and Governance
Executive's Handbook on IT Strategy and Governance
 
Cobit5 introduction
Cobit5 introductionCobit5 introduction
Cobit5 introduction
 
Governance and management of IT.pptx
Governance and management of IT.pptxGovernance and management of IT.pptx
Governance and management of IT.pptx
 
Donna Febriani
Donna FebrianiDonna Febriani
Donna Febriani
 
Gaining and Maintaining IT & Business Alignment.pptx
Gaining and Maintaining IT & Business Alignment.pptxGaining and Maintaining IT & Business Alignment.pptx
Gaining and Maintaining IT & Business Alignment.pptx
 
Lecture 06 - CoBit - Control Objectives for Information and Related Technolog...
Lecture 06 - CoBit - Control Objectives for Information and Related Technolog...Lecture 06 - CoBit - Control Objectives for Information and Related Technolog...
Lecture 06 - CoBit - Control Objectives for Information and Related Technolog...
 
It Governance OC CIO Nov,2013
It Governance OC CIO Nov,2013It Governance OC CIO Nov,2013
It Governance OC CIO Nov,2013
 
It Governance OC CIO Nov,2013
It Governance OC CIO Nov,2013It Governance OC CIO Nov,2013
It Governance OC CIO Nov,2013
 

Plus de PECB

Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI GovernanceSecuring the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI GovernancePECB
 
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...PECB
 
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...PECB
 
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks EffectivelyISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks EffectivelyPECB
 
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...PECB
 
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital TransformationISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital TransformationPECB
 
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulationsManaging ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulationsPECB
 
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?PECB
 
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...PECB
 
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...PECB
 
Student Information Session University KTMC
Student Information Session University KTMC Student Information Session University KTMC
Student Information Session University KTMC PECB
 
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...PECB
 
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...PECB
 
Student Information Session University CREST ADVISORY AFRICA
Student Information Session University CREST ADVISORY AFRICA Student Information Session University CREST ADVISORY AFRICA
Student Information Session University CREST ADVISORY AFRICA PECB
 
IT Governance and Information Security – How do they map?
IT Governance and Information Security – How do they map?IT Governance and Information Security – How do they map?
IT Governance and Information Security – How do they map?PECB
 
Information Session University Egybyte.pptx
Information Session University Egybyte.pptxInformation Session University Egybyte.pptx
Information Session University Egybyte.pptxPECB
 
Student Information Session University Digital Encode.pptx
Student Information Session University Digital Encode.pptxStudent Information Session University Digital Encode.pptx
Student Information Session University Digital Encode.pptxPECB
 
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023PECB
 
ISO 28000:2022 – Reduce risks and improve the security management system
ISO 28000:2022 – Reduce risks and improve the security management systemISO 28000:2022 – Reduce risks and improve the security management system
ISO 28000:2022 – Reduce risks and improve the security management systemPECB
 
ISO/IEC 27005:2022 – What are the changes?
ISO/IEC 27005:2022 – What are the changes?ISO/IEC 27005:2022 – What are the changes?
ISO/IEC 27005:2022 – What are the changes?PECB
 

Plus de PECB (20)

Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI GovernanceSecuring the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
 
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
 
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
 
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks EffectivelyISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
 
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
 
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital TransformationISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
 
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulationsManaging ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations
 
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
 
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
 
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
 
Student Information Session University KTMC
Student Information Session University KTMC Student Information Session University KTMC
Student Information Session University KTMC
 
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
 
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
 
Student Information Session University CREST ADVISORY AFRICA
Student Information Session University CREST ADVISORY AFRICA Student Information Session University CREST ADVISORY AFRICA
Student Information Session University CREST ADVISORY AFRICA
 
IT Governance and Information Security – How do they map?
IT Governance and Information Security – How do they map?IT Governance and Information Security – How do they map?
IT Governance and Information Security – How do they map?
 
Information Session University Egybyte.pptx
Information Session University Egybyte.pptxInformation Session University Egybyte.pptx
Information Session University Egybyte.pptx
 
Student Information Session University Digital Encode.pptx
Student Information Session University Digital Encode.pptxStudent Information Session University Digital Encode.pptx
Student Information Session University Digital Encode.pptx
 
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023
 
ISO 28000:2022 – Reduce risks and improve the security management system
ISO 28000:2022 – Reduce risks and improve the security management systemISO 28000:2022 – Reduce risks and improve the security management system
ISO 28000:2022 – Reduce risks and improve the security management system
 
ISO/IEC 27005:2022 – What are the changes?
ISO/IEC 27005:2022 – What are the changes?ISO/IEC 27005:2022 – What are the changes?
ISO/IEC 27005:2022 – What are the changes?
 

Dernier

Vani Magazine - Quarterly Magazine of Seshadripuram Educational Trust
Vani Magazine - Quarterly Magazine of Seshadripuram Educational TrustVani Magazine - Quarterly Magazine of Seshadripuram Educational Trust
Vani Magazine - Quarterly Magazine of Seshadripuram Educational TrustSavipriya Raghavendra
 
SOLIDE WASTE in Cameroon,,,,,,,,,,,,,,,,,,,,,,,,,,,.pptx
SOLIDE WASTE in Cameroon,,,,,,,,,,,,,,,,,,,,,,,,,,,.pptxSOLIDE WASTE in Cameroon,,,,,,,,,,,,,,,,,,,,,,,,,,,.pptx
SOLIDE WASTE in Cameroon,,,,,,,,,,,,,,,,,,,,,,,,,,,.pptxSyedNadeemGillANi
 
ARTICULAR DISC OF TEMPOROMANDIBULAR JOINT
ARTICULAR DISC OF TEMPOROMANDIBULAR JOINTARTICULAR DISC OF TEMPOROMANDIBULAR JOINT
ARTICULAR DISC OF TEMPOROMANDIBULAR JOINTDR. SNEHA NAIR
 
How to Add Existing Field in One2Many Tree View in Odoo 17
How to Add Existing Field in One2Many Tree View in Odoo 17How to Add Existing Field in One2Many Tree View in Odoo 17
How to Add Existing Field in One2Many Tree View in Odoo 17Celine George
 
How to Send Emails From Odoo 17 Using Code
How to Send Emails From Odoo 17 Using CodeHow to Send Emails From Odoo 17 Using Code
How to Send Emails From Odoo 17 Using CodeCeline George
 
In - Vivo and In - Vitro Correlation.pptx
In - Vivo and In - Vitro Correlation.pptxIn - Vivo and In - Vitro Correlation.pptx
In - Vivo and In - Vitro Correlation.pptxAditiChauhan701637
 
What is the Future of QuickBooks DeskTop?
What is the Future of QuickBooks DeskTop?What is the Future of QuickBooks DeskTop?
What is the Future of QuickBooks DeskTop?TechSoup
 
Slides CapTechTalks Webinar March 2024 Joshua Sinai.pptx
Slides CapTechTalks Webinar March 2024 Joshua Sinai.pptxSlides CapTechTalks Webinar March 2024 Joshua Sinai.pptx
Slides CapTechTalks Webinar March 2024 Joshua Sinai.pptxCapitolTechU
 
The basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptxThe basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptxheathfieldcps1
 
3.21.24 The Origins of Black Power.pptx
3.21.24  The Origins of Black Power.pptx3.21.24  The Origins of Black Power.pptx
3.21.24 The Origins of Black Power.pptxmary850239
 
Ultra structure and life cycle of Plasmodium.pptx
Ultra structure and life cycle of Plasmodium.pptxUltra structure and life cycle of Plasmodium.pptx
Ultra structure and life cycle of Plasmodium.pptxDr. Asif Anas
 
P4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdf
P4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdfP4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdf
P4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdfYu Kanazawa / Osaka University
 
Easter in the USA presentation by Chloe.
Easter in the USA presentation by Chloe.Easter in the USA presentation by Chloe.
Easter in the USA presentation by Chloe.EnglishCEIPdeSigeiro
 
A gentle introduction to Artificial Intelligence
A gentle introduction to Artificial IntelligenceA gentle introduction to Artificial Intelligence
A gentle introduction to Artificial IntelligenceApostolos Syropoulos
 
Unveiling the Intricacies of Leishmania donovani: Structure, Life Cycle, Path...
Unveiling the Intricacies of Leishmania donovani: Structure, Life Cycle, Path...Unveiling the Intricacies of Leishmania donovani: Structure, Life Cycle, Path...
Unveiling the Intricacies of Leishmania donovani: Structure, Life Cycle, Path...Dr. Asif Anas
 
Optical Fibre and It's Applications.pptx
Optical Fibre and It's Applications.pptxOptical Fibre and It's Applications.pptx
Optical Fibre and It's Applications.pptxPurva Nikam
 
5 charts on South Africa as a source country for international student recrui...
5 charts on South Africa as a source country for international student recrui...5 charts on South Africa as a source country for international student recrui...
5 charts on South Africa as a source country for international student recrui...CaraSkikne1
 
Education and training program in the hospital APR.pptx
Education and training program in the hospital APR.pptxEducation and training program in the hospital APR.pptx
Education and training program in the hospital APR.pptxraviapr7
 

Dernier (20)

Vani Magazine - Quarterly Magazine of Seshadripuram Educational Trust
Vani Magazine - Quarterly Magazine of Seshadripuram Educational TrustVani Magazine - Quarterly Magazine of Seshadripuram Educational Trust
Vani Magazine - Quarterly Magazine of Seshadripuram Educational Trust
 
SOLIDE WASTE in Cameroon,,,,,,,,,,,,,,,,,,,,,,,,,,,.pptx
SOLIDE WASTE in Cameroon,,,,,,,,,,,,,,,,,,,,,,,,,,,.pptxSOLIDE WASTE in Cameroon,,,,,,,,,,,,,,,,,,,,,,,,,,,.pptx
SOLIDE WASTE in Cameroon,,,,,,,,,,,,,,,,,,,,,,,,,,,.pptx
 
ARTICULAR DISC OF TEMPOROMANDIBULAR JOINT
ARTICULAR DISC OF TEMPOROMANDIBULAR JOINTARTICULAR DISC OF TEMPOROMANDIBULAR JOINT
ARTICULAR DISC OF TEMPOROMANDIBULAR JOINT
 
How to Add Existing Field in One2Many Tree View in Odoo 17
How to Add Existing Field in One2Many Tree View in Odoo 17How to Add Existing Field in One2Many Tree View in Odoo 17
How to Add Existing Field in One2Many Tree View in Odoo 17
 
How to Send Emails From Odoo 17 Using Code
How to Send Emails From Odoo 17 Using CodeHow to Send Emails From Odoo 17 Using Code
How to Send Emails From Odoo 17 Using Code
 
In - Vivo and In - Vitro Correlation.pptx
In - Vivo and In - Vitro Correlation.pptxIn - Vivo and In - Vitro Correlation.pptx
In - Vivo and In - Vitro Correlation.pptx
 
What is the Future of QuickBooks DeskTop?
What is the Future of QuickBooks DeskTop?What is the Future of QuickBooks DeskTop?
What is the Future of QuickBooks DeskTop?
 
Slides CapTechTalks Webinar March 2024 Joshua Sinai.pptx
Slides CapTechTalks Webinar March 2024 Joshua Sinai.pptxSlides CapTechTalks Webinar March 2024 Joshua Sinai.pptx
Slides CapTechTalks Webinar March 2024 Joshua Sinai.pptx
 
The basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptxThe basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptx
 
3.21.24 The Origins of Black Power.pptx
3.21.24  The Origins of Black Power.pptx3.21.24  The Origins of Black Power.pptx
3.21.24 The Origins of Black Power.pptx
 
Ultra structure and life cycle of Plasmodium.pptx
Ultra structure and life cycle of Plasmodium.pptxUltra structure and life cycle of Plasmodium.pptx
Ultra structure and life cycle of Plasmodium.pptx
 
P4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdf
P4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdfP4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdf
P4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdf
 
Finals of Kant get Marx 2.0 : a general politics quiz
Finals of Kant get Marx 2.0 : a general politics quizFinals of Kant get Marx 2.0 : a general politics quiz
Finals of Kant get Marx 2.0 : a general politics quiz
 
Easter in the USA presentation by Chloe.
Easter in the USA presentation by Chloe.Easter in the USA presentation by Chloe.
Easter in the USA presentation by Chloe.
 
A gentle introduction to Artificial Intelligence
A gentle introduction to Artificial IntelligenceA gentle introduction to Artificial Intelligence
A gentle introduction to Artificial Intelligence
 
Unveiling the Intricacies of Leishmania donovani: Structure, Life Cycle, Path...
Unveiling the Intricacies of Leishmania donovani: Structure, Life Cycle, Path...Unveiling the Intricacies of Leishmania donovani: Structure, Life Cycle, Path...
Unveiling the Intricacies of Leishmania donovani: Structure, Life Cycle, Path...
 
Optical Fibre and It's Applications.pptx
Optical Fibre and It's Applications.pptxOptical Fibre and It's Applications.pptx
Optical Fibre and It's Applications.pptx
 
Prelims of Kant get Marx 2.0: a general politics quiz
Prelims of Kant get Marx 2.0: a general politics quizPrelims of Kant get Marx 2.0: a general politics quiz
Prelims of Kant get Marx 2.0: a general politics quiz
 
5 charts on South Africa as a source country for international student recrui...
5 charts on South Africa as a source country for international student recrui...5 charts on South Africa as a source country for international student recrui...
5 charts on South Africa as a source country for international student recrui...
 
Education and training program in the hospital APR.pptx
Education and training program in the hospital APR.pptxEducation and training program in the hospital APR.pptx
Education and training program in the hospital APR.pptx
 

PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500

  • 1. Aligning COBIT 5 and ISO 385000 for Effective IT Governance By Orlando Olumide Odejide www.pecb.com www.trainingheights.net 38500
  • 2. Summary • What does COBIT have to offer and what is contained in the extensive body of knowledge called COBIT 5. • What is complementary that ISO 38500 brings to an organization.
  • 3. COBIT 5 Product Family • COBIT 5 framework is built on 5 basic principles, which are covered in detail, and includes extensive guidance on enablers for governance and management of enterprise IT. • COBIT 5 Product Family include various products which include: – COBIT 5 Framework. – COBIT Enabler Guides (Enabling Process, Enabling Information). – COBIT 5 Professional Guides (Implementation, Information Security, Assurance and Risk).
  • 4. COBIT 5 Product Family 4 Source: COBIT® 5, figure 11. © 2012 ISACA® All rights reserved.
  • 5. Information • Information is a key resource for all enterprises, and from the time that information is created to the moment that it is destroyed, technology plays a significant role. • Information technology in increasingly advanced and has become pervasive in enterprises and in social, public and business environments.
  • 6. Business Concerns • Maintain high-quality information to support business decisions • Generate business value from IT-enabled investments i.e. achieve strategic goals and realize business benefits through effective and innovative use of IT. • Achieve operational excellence through the reliable and efficient application of technology. • Maintain IT-related risk at an acceptable level. • Optimize the cost of IT services and technology. • Comply with ever-increasing relevant laws, regulations, contractual agreements and policies.
  • 7. Major drivers for the development of COBIT 5 are: 1. Provide more stakeholders a say in determining what they expect from information and related technology (what benefits, at what acceptable level of risk and at what costs) and what their priorities are in ensuring that expected value is actually being delivered. 2. Address the increasing dependency of enterprise success on external business and IT parties such as outsourcers, suppliers, consultants, cloud and other service providers, on a diverse set of internal means and mechanism to deliver the expected value. 3. Deal with the amount of information, which has increased significantly. How do enterprises select the relevant and credible information that will lead to effective and efficient business decisions. 4. Deal with much more pervasive IT, it is more and more an integral part of the business. Often, it is no longer satisfactory to have IT separate even if it is aligned to the business. 5. Provide further guidance in the area of innovation and emerging technologies; this is about creativity, inventiveness, developing new products, making the existing products more compelling to customers and reaching new types of customers.
  • 8. 5 Principles • Meeting Stakeholder Needs • Covering the Enterprise End-to-end • Applying a Single Integrated Framework • Enabling a Holistic Approach • Separating Governance from Management
  • 9. Principle 1: Meeting Stakeholder Needs • Enterprises exist to create value for their stakeholders. • Value Creation is a Governance objective for every organization. • Value creation means realizing benefits at an optimal resource cost while optimizing risk. • Benefits may take many forms e.g. financial for commercial enterprises or public service fir government entities. • Governance is about negotiating and deciding amongst different stakeholders’ value interests. • Governance system should consider all stakeholders when making benefit, risk and resource assessment decisions.
  • 10. COBIT Goals Cascade • Stakeholder Drivers Influence Stakeholder Needs • Stakeholder Needs Cascade to Enterprise Goals • Enterprise Goals Cascade to IT-related Goals • IT-related Goals cascade to Enabler Goals COBIT has borrowed from Balanced Scorecard and has aligned both its Enterprise and IT-related Goals to the 4 Balanced Scorecard Perspectives. COBIT has a list of 17 Enterprise Goals that is vastly applicable to every kind of organization. COBIT also has a list of 17 IT-related Goals that is applicable to every size and type of IT organization. COBIT also has an extensive list if 22 business needs.
  • 11. Covering the Enterprise End-To-End • COBIT 5 addresses the governance and management of information and related technology from an enterprise wide end-to-end perspective. • COBIT 5 integrated governance of enterprise IT into enterprise governance. That is, the governance system for enterprise IT proposed by COBIT 5 integrates seamlessly in any governance system. COBIT 5 aligns with the latest views on governance. • Covers all functions and processes required to govern and manage enterprise information and related technologies wherever that information maybe processed. Given this extended enterprise scope, COBIT 5 addresses all the relevant internal and external IT services, as well as internal and external business processes.
  • 12. Governance Approach • Governance Approach includes the Governance Enablers and Governance Scope. • Owners and Stakeholders Delegate to the Governing Body and there are in turn Accountable to them. • Governing Body Set the Direction for Management and they also are in turn Monitor them. • Management Instructs and Aligns Operations and Execution and they in turn Report to them.
  • 13. Principle 3: Applying a Single Integrated Framework • It aligns with other latest relevant standards and framework, and thus allows the enterprise to use COBIT 5 as the overarching governance and management framework integrator. • It is complete in enterprise coverage, providing a basis to integrate effectively other frameworks, standards and practices used. • A single overarching framework serves as a consistent and integrated source of guidance in a non-technical, technology- agnostic common language. • It provides a simple architecture for structuring guidance materials and producing consistent product set. • It integrated and knowledge previously dispersed over different ISACA frameworks. ISACA has researched the key areas of enterprise governance for many years and has developed frameworks such as COBIT, VAL IT, Risk IT, BMIS and ITAF to provide guidance and assistance to enterprises. COBIT 5 is a single and integrated framework because:
  • 14. Principle 4: Enabling a Holistic Approach • Principles, policies and frameworks are the vehicle to translate he desired behavior into practical guidance for day-to-day management. • Processes describe an organized set of practices and activities to achieve certain objectives and produce a set of outputs in support of achieving overall IT-related goals. • Organisational Structures are the key decision-making entities in an enterprise. • Culture, ethics and behavior of individuals and of the enterprise are very often underestimated as a success factor in governance and management activities. • Information is pervasive throughout any organization and includes all information produced and used by the enterprise. Information is very often the key product of the enterprise itself. • Services, Infrastructure and Application include the Infrastructure, Technology and Applications that provide the enterprise with Information Technology processing and services. • People, Skills and competencies are linked to people and are required for successful completion of all activities and for making correct decisions and taking corrective actions. COBIT 5 Enablers (7)
  • 15. 7 Enablers in a Diagram.
  • 16. COBIT 5 Enabling Process
  • 17. Principle 5: Separating Governance from Management • The COBIT 5 framework makes clear distinction between governance and management. These 2 disciples encompass different types of activities, require different organizational structures and serve different purposes. • The COBIT 5 view on this key distinction between governance and management is: – Governance ensures that stakeholders needs, conditions and options are evaluated to determine balanced, agreed-on enterprise objectives to be achieved; setting direction through prioritization and decision making; and monitoring performance and compliance against agreed-on direction and objectives. – Management plans, builds, runs and monitors activities in alignment with the direction set by the governance body to achieve the enterprise objectives. Governance and Management
  • 18. COBIT Governance and Management Key Areas
  • 19. 37 Processes for Governance and Management of Enterprise IT (Process Reference Model)
  • 20. Implementation Guidance • Optimal value can be realized from leveraging COBIT only if it effectively adopted and adapted to suit each enterprise's unique environment. • Each implementation approach will also need to address specific challenges, including managing changes to culture and behavior. • The implementation guidance allows – Making a business case for the implementation and improvement of governance and management of IT – Recognizing typical pain points and trigger events – Creating the appropriate environment for implementation – Leveraging COBIT to identify gaps and guide the development of enablers such as policies, processes, principles, organizational structures, roles and responsibilities. Introduction
  • 21. Key success factors for successful implementation include: • Top Management providing the direction and mandate for the initiative, as well as visible ongoing commitment and support. • All parties supporting the governance and management processes to understand the business and IT objectives. • Ensuring effective communication and enablement of necessary changes • Tailoring COBIT and other supporting good practices and standards to fit the unique context of the enterprise • Focusing on quick wins and prioritizing the most beneficial improvements that are easiest to implement.
  • 22. Enterprise Context • Ethics and Culture • Applicable Laws, regulations and policies • Mission, vision and values • Governance policies and practices • Business plans and strategic intentions • Operating model and level of maturity • Management Style • Risk Appetite • Capabilities and available resources • Industry practices Factors in the Internal an External Enterprise Environment
  • 23. 7 Phases of the Implementation Lifecycle
  • 24. COBIT 5 Process Capability Model
  • 25. 6 Levels of Capability Level Attributes Description 0 = Incomplete 0 Attribute The process is not implemented or fails to achieve its intended purpose. 1 = Performed 1 Attribute The implemented process achieves its process purpose. 2 = Managed 2 Attribute The previously described performed process is now implemented in a managed fashion and its work products are appropriately established, controlled and maintained. 3 = Established 3 Attribute The previously described managed process is now implemented using a defined process that is a capable of achieving its process outcomes. 4 = Predictable 4 Attribute The previously described established process now operates within defined limits to achieve its process outcomes. 5 = Optimizing 5 Attribute The previously described predictable process is continuously improved to meet relevant current and projected business goals.
  • 26. ISO 38500: Corporate Governance for the Management of IT • The objective of ISO 38500 is to provide a structure of principles for directors (including owners, board members, directors, partners and senior executives) to use when evaluating, directing and monitoring the use of IT in their organizations. • This standard provides a structure for effective governance of IT to assist those at the highest level of organizations to understand and fulfill their legal, regulatory and ethical obligations regarding their organizations’ use of IT. • The scope of the standard is to provide guiding principles for directors of organizations on the effective, efficient and acceptable use of IT within their organizations. • It is applicable for all organizations, from the smallest to the largest, regardless of purpose, design or ownership structure.
  • 27. The Model • Evaluate the current and future use of IT. • Direct preparation and implementation of plans and policies to ensure that the use of IT meets business objectives. • Monitor conformance to policies and performance against the plans. • The standard sets out six principles for good corporate governance of IT. • The principles express preferred behavior to guide decision making. • The statement of each principle refers to what should happen, but does not prescribe how, when or by whom the principles would be implemented; these aspects are dependent on the nature of the organization implementing the principles. It is similar to a capability maturity model description of an ideal state. • Each of the principles is then tied into the model to provide a best practice for each principle, see the image next. Directors should govern IT through three main tasks:
  • 28. Model
  • 29. Principle 1: Responsibility • The business (customer) and IT (provider) should collaborate in a partnership model utilising effective communications based on a positive and trusted relationship and demonstrating clarity regarding responsibility and accountability. • For larger enterprises, an IT executive committee (also referred to as the IT strategy committee) acting on behalf of the board and chaired by a board member is a very effective mechanism for evaluating, directing and monitoring the use of IT in the enterprise and for advising the board on critical IT issues. • Directors of small and medium-sized enterprises with a simpler command structure and shorter communication paths need to take a more direct approach when overseeing IT activities. • In all cases, appropriate governance organisational structures, roles and responsibilities are required to be mandated from the governing body, providing clear ownership and accountability for important decisions and tasks. • This should include relationships with key third-party IT service providers.
  • 30. Principle 2: Strategy • IT strategic planning is a complex and critical undertaking requiring close co-ordination amongst enterprise wide business unit and IT strategic plans. • It is also vital to prioritize the plans most likely to achieve the desired benefits and to allocate resources effectively. • High-level goals need to be translated into achievable tactical plans, ensuring minimal failures and surprises. • The goal is to deliver value in support of strategic objectives while considering the associated risk in relation to the board’s risk appetite. • While it is important to cascade plans in a top-down fashion, the plans must also be flexible and adaptable to meet rapidly changing business requirements and IT opportunities.
  • 31. Principle 2: Strategy Continued • Furthermore, the presence or absence of IT capabilities can either enable or hinder business strategies; therefore, IT strategic planning should include transparent and appropriate planning of IT capabilities. • This should include assessment of the ability of the current IT infrastructure and human resources to support future business requirements and consideration of future technological developments that might enable competitive advantage and/or optimize costs. • IT resources include relationships with many external product vendors and service providers, some of whom likely play a critical role in supporting the business. • Governance of strategic sourcing is thus a very significant strategic planning activity requiring executive-level direction and oversight.
  • 32. Principle 3: Acquisition • IT solutions exist to support business processes and therefore care must be taken to not consider IT solutions in isolation or as just a ‘technology’ project or service. • On the other hand, an inappropriate choice of technology architecture, a failure to maintain a current and appropriate technical infrastructure, or an absence of skilled human resources can result in project failure, an inability to sustain business operations or a reduction in value to the business. • Acquisitions of IT resources should be considered as a part of wider IT-enabled business change. The acquired technology must also support and operate with existing and planned business processes and IT infrastructures. • Implementation is also not just a technology issue, but rather a combination of organisational change, revised business processes, training and enabling the change. • Therefore, IT projects should be undertaken as part of wider enterprisewide change programmes that include other projects satisfying the full range of activities required to help ensure a successful outcome.
  • 33. Principle 4: Performance • Effective performance measurement depends on two key aspects being addressed: the clear definition of performance goals and the establishment of effective metrics to monitor achievement of goals. • A performance measurement process is also required to help ensure that performance is monitored consistently and reliably. • Effective governance is achieved when goals are set from the top down and aligned with high-level, approved business goals, and metrics are established from the bottom up and aligned in a way that enables the achievement of goals at all levels to be monitored by each layer of management. • Two critical governance success factors are the approval of goals by stakeholders, and the acceptance of accountability for achievement of goals by directors and managers. • IT is a complex and technical topic; therefore, it is important to achieve transparency by expressing goals, metrics and performance reports in language meaningful to the stakeholders so that appropriate actions can be taken.
  • 34. Principle 5: Conformance • In today’s global marketplace, enabled by the Internet and advanced technologies, enterprises need to comply with a growing number of legal and regulatory requirements. • Because of corporate scandals and financial failures in recent years, there is a heightened awareness in the boardroom of the existence and implications of tougher laws and regulations. • Stakeholders require increased assurance that enterprises are complying with laws and regulations and conforming to good corporate governance practice in their operating environment. • In addition, because IT has enabled seamless business processes between enterprises, there is also a growing need to help ensure that contracts include important IT-related requirements in areas such as privacy, confidentiality, intellectual property and security.
  • 35. Principle 5: Conformance Continued • Directors need to ensure that compliance with external requirements is dealt with as a part of strategic planning rather than as a costly afterthought. • They also need to set the tone at the top and establish policies and procedures for their management and staff to follow, to ensure that the goals of the enterprise are realised, risk is minimised and compliance is achieved. • Top management must strike an appropriate balance between performance and conformance, ensuring that performance goals do not jeopardise compliance and, conversely, that the conformance regime is appropriate and does not overly restrict the operation of the business.
  • 36. Principle 6: Human Behaviour • The implementation of any IT-enabled change, including IT governance itself, usually requires significant cultural and behavioral change within enterprises as well as with customers and business partners. • This can create fear and misunderstanding amongst staff, so implementation needs to be managed carefully if personnel are to remain positively engaged. • Directors must clearly communicate goals and be seen as positively supporting the proposed changes. Training and skills enhancement of personnel are key aspects of change— especially given the rapidly moving nature of technology. • People are affected by IT at all levels in an enterprise, as stakeholders, managers and users, or as specialists providing IT-related services and solutions to the business.
  • 37. Principle 6: Human Behavior Continued • Beyond the enterprise, IT affects customers and business partners and increasingly enables self-service and automated intercompany transactions within countries and across borders. • While IT-enabled business processes bring new benefits and opportunities, they also carry increasing types of risk. • Issues such as privacy and fraud are growing concerns for individuals, and these and other types of risk need to be managed if people are to trust the IT systems they use. • Information systems can also dramatically affect working practices by automating manual procedures.
  • 38. ISO 38500 (Evaluate, Direct and Monitor) • COBIT in itself enables good governance. • The Governance domain in the COBIT process model had five processes, and each of these processes has EDM practices defined. • This is the main location in COBIT 5 where governance- related activities are defined.
  • 40. Thank You and Questions orlando@trainingheights.net N.B: Some Content, Diagrams and Trademarks belong to ISACA COBIT and ISO 38500 Documents.

Notes de l'éditeur

  1. Credits: Tony Aliu-PECB (Team Leader) Lorika Bina-PECB Narta Voca-PECB Angelo Scangas- Quality Support Group/ASQ Shannon Craddock-PJR Vanessa Delisle-TRC Bill Thoms Gretchen Merriman Phil Dobyns