This presentation is a mindmap created to help readers preparing for COBIT5 Foundation Certification which is one of the prime Certifications for IT Governance.Please share and give your Comments at my Email Id:Wajahat_Iqbal@Yahoo.com.Thanks
Best SEO Services Company in Dallas | Best SEO Agency Dallas
Study Notes - COBIT 5 Foundation Certification
1. Copyright@Wajahat Iqbal (2015)
This is not an official COBIT publication and is not endorsed, sponsored, or otherwise affiliated with ISACA or ITGI.
(Study Notes) - COBIT 5 Exam (ISACA Enterprise Governance Framework)
1) Governance Objective:
Value Creation from Benefits Realisation + Risk Optimisation+ Resource Optimisation
2) Cobit 5 initially available in 3 Volumes:
- The Framework
- Process Reference Guides
- Implementation Guide
3) Five Principles of Cobit 5:
- Meeting the Stakeholders needs
- Covering the Enterprise end-to-end
- Single integrated Framework
- Holistic approach of 7 enterprise enablers
- Separating governance from management
4) Stakeholder Needs Enterprise Goals IT-related Goals Enabler Goals
5) Seven Enablers of Cobit 5 (i.e. Governance enablers)
- Principles, policies and frameworks
- Processes
-Organisational structures
- Culture, ethics and behaviours
- Information
- Service infrastructure and applications
- People skills and competencies
6) Important Drivers for Cobit 5
- Performance (Business Goals)
- Conformance (SOX, HIPAA)
- Creating value for Enterprise Stakeholders through efficient use of Technology & Information
- Complete Enterprise Governance
- Covers all Functions and Processes
- Address all Internal & External Services
- Address all Internal & External Business Processes
- Address End to end Business and IT responsibilities
- Enterprise Architecture
- Asset and Service management
7) Cobit 5 Triggers
- Pains
- Risks
- Goals Cascade
2. Copyright@Wajahat Iqbal (2015)
This is not an official COBIT publication and is not endorsed, sponsored, or otherwise affiliated with ISACA or ITGI.
8) Mapping of Governance & Management Domain
a) Governance Domain (EDM – Evaluate, Direct & Monitor)
b) Management Domain:
(APO – Align, Plan & Organise)
(BAI – Build, Acquire & Implement)
(DSS – Deliver, Service & Support)
(MEA – Monitor, Evaluate & Asses)
9) Cobit 5 Product Guides:
- Level 1 (Cobit Enabling Processes, Cobit 5 Enabling Information, Other Enabling Guides)
- Level 2 (Cobit 5 Implementation, Cobit 5 for Information Security, Cobit 5 for Assurance, Cobit 5 for
Risk, Other Professional Guides)
- Level 3 (Cobit 5 Online Collaborative Environment)
10) Key Governance Objective VALUE CREATION
11) Enabler Characteristics
- Stakeholders (Internal & External)
- Goals (expected outcome of enabler)
Intrinsic Quality (work well & provide results)
Contextual Quality (Relevance, effectiveness)
Accessibility & Security (of enablers + outcomes)
- Lifecycle
Plan, Design,
Build/Acquire/Create/Implement
Use/Operate
Evaluate/Monitor
Update/Dispose
- Good Practice
Practices
Work Products (Inputs & Outputs)
12) Cobit 5 Enterprise 17 Goals (Balanced Score Card 5 Dimensions):
- Financial
- Customer
- Internal
- Learning Growth
13) Cobit 5 Implementation Lifecycle
3. Copyright@Wajahat Iqbal (2015)
This is not an official COBIT publication and is not endorsed, sponsored, or otherwise affiliated with ISACA or ITGI.
COBIT 5 IMPLEMENTATION CYCLE
Phase 1 2 3 4 5 6 7
What are the
Drivers?
Where are we
Now?
Where do we
Want to be?
What needs to
Be done?
How do we get
there?
Did we get
There?
How do we keep
the momentum
Going?
Programme
Management
Initiate
program
Define
problems
& opportunities
Define road
map
Plan
programme
Execute plan Realise
benefits
Review
Effectiveness
Change
Enablement
Establish
desire to
change
Form
implementation
team
Communicate
outcome
Identify role
players
Operate and
use
Embed new
approaches
Sustain
Continual
Improvement
Lifecycle
Recognise
need to act
Assess current
state
Define target
state
Build
improvements
Implement
improvements
Operate
improvements
Monitor and
evaluate
14) Charteristics of a Good Business Case:
- Address Business Benefits
- Address Investment needed
- Address Constraints & Dependencies
- Address Investment Monitoring
- Address business changes required
- Address ongoing IT Operating Costs
- Address Roles, Responsibilities & Accountability
15) Cobit 5 Process Capability Model (PAM)
Cobit 5 Process Capability Model (PAM)
0 Incomplete Performance Attribute (PA)
1 Performed PA1.1 Process Performance
2 Managed PA2.1 Performance Management
PA2.2 Work Product Management
3 Established PA3.1 Process Definition
PA3.2 Process Deployment
4 Predictable PA4.1 Process Measurement
PA4.2 Process Control
5 Optimising PA5.1 Process Innovation
PA5.2 Process Optimisation
Rating Levels:
a) F- Fully achieved (>85%) b) P - Partially achieved (15-50%)
c) L-Largely achieved (50-85%) d) N- Non achieved (<15%)
4. Copyright@Wajahat Iqbal (2015)
This is not an official COBIT publication and is not endorsed, sponsored, or otherwise affiliated with ISACA or ITGI.
16) Enterprise = Organisation = Commercial (Corporate) OR Public Sector OR Not for Profit
17) Information Enabler (Enabler 5)
1) Intrinsic Quality Accuracy,Objectivity,Believability,Reputation
2) Contextual Relevancy, Completeness, Currency, Appropriate amount of
information, Concise representation, Consistent representation
Interpretability, Understandability, Ease of manipulation
3) Security/Accessibility Availability/timeliness, Restricted Access
4) Information Layers Physical World(Carrier/Media)
Empiric(User Interface)
Syntactic (Code/Language)
Semantic (Meaning)
Pragmatic (Use)
Social Use (e.g. Contracts,Law,Culture)
18) Cobit 5 Stakeholders:
- Internal (Board,CFO,CIO,CTO,CEO,Business Executives,Managers,Internal Auditors,Users ..)
- External (Business Partners,Suppliers,Shareholders,Regulators,Govt,External
Users,Customers,Standardisation organizations,External Auditors,Consultants..)
19) Good Policy Effective, Efficient, Non-Intrusive
20) DIKW - [Data – Information-Knowledge-Wisdom (Value)]
21) Information for Business (COBIT 4.1)
1 Quality Effectiveness
Efficiency
2 Security Confidentiality
Integrity
Availability
3 Fiduciary Compliance
Reliability
5. Copyright@Wajahat Iqbal (2015)
This is not an official COBIT publication and is not endorsed, sponsored, or otherwise affiliated with ISACA or ITGI.
22) PBRM -> Plan, Build, Run, Monitor Levels (Total 37 Processes)
Governance EDM (5 Processes)
Evaluate, Direct & Monitor
Management APO (13 Processes)
Align, Plan & Organise
BAI (10 Processes)
Build, Acquire & Implement
DSS (6 Processes)
Deliver, Service & Support
MEA (3 Processes)
Monitor, Evaluate & Asses