SlideShare une entreprise Scribd logo

Cobit 2019 framework by ISACA

Télécharger en tant que PPTX, PDF
M
MDFazlaRabbiAbir

This is a summary of Control Objectives for Information and related Technology audit framework. Anyone can understand COBIT-19 framework within few slides. COBIT was published by ITGI, a nonprofit research entity created by ISACA

Technologie
1  sur  19
Course Name: IT Audit & Assessment [ CSE 6165 ] Course Instructor: SUMAN AHMED[ Asst. Professor, UIU ] Topic: COBIT® 2019 FRAMEWORK MOZAFFAR HOSSAIN FAZLA RABBI ABIR 1
Overview Of COBIT COBIT is published by ITGI, a nonprofit research entity created by ISACA in 1998. First released in 1996, COBIT was often perceived as merely an audit framework, from the version 2 the framework to apply outside the auditing community. COBIT 2019 is the most current version of the framework. 2 COBIT ( Control OBjectives for Information and related Technology ) - COBIT is an Information Technology management framework developed by ISACA to help businesses, develop, organize and implement strategies around information management and governance. A model designed to control of the IT function. ISACA – ( Information Systems Audit and Control Association )ISACA is an international professional association focused on IT governance. ISACA provides guidance, benchmarks and governance tools for enterprises that use information systems. ISACA also hosts a series of international conferences that focus on both technical and managerial topics relating to IS assurance, control, security and IT governance. It also coordinates several certification programs, currently ISACA offering 8 certificate programs.
What CobiT is not!! ❖ COBIT is not a full description of the whole IT environment of an enterprise. ❖ COBIT is not a framework to organize business processes ❖ COBIT is not an (IT-)technical framework to manage all technology. ❖ Audit software ❖ An IT audit plan ❖ An IT Internal Audit work program ❖ An IT audit testing plan ❖ Guide on “How to Audit” IT 3 Overview Of COBIT Then what is CobiT? ❖ A methodology consisting of standards and controls created to assist IT professionals in the implementation, review,administration and monitoring of an IT environment. ❖ A tool that for IT professionals that has linked information technology and control practices
❖ COBIT represents 1. A control framework, 2. A set of generally accepted control objectives, & 3. The COBIT Audit Guidelines. 4 Overview Of COBIT What is the purpose of CobiT? ❖ To provide management and business process owners with an Information Technology (IT) governance model that helps in understanding and managing the risks associated with IT. ❖ CobiT helps bridge the gaps between business risks, control needs and technical issues by presenting the controls through one vehicle. ❖ It is a control model to meet the needs of IT governance and ensure the integrity of
Enterprise Governance of I&T and Benefits Enterprise governance of IT is about defining processes and structures throughout the organization that enable boards and business and IT people to execute their responsibilities in support of business/IT alignment and value creation. 5 Figure 1— The Context of Enterprise Governance of Information and Technology
Enterprise Governance of I&T and Benefits Benefits of Information and Technology Governance ❖ Benefits realization— IT value should also be measured in a way that shows the impact and contributions of IT-enabled investments in the value creation process of the enterprise. ❖ Risk optimization— Risk management focuses on the preservation of value. ❖ Resource optimization— It recognizes the importance of people, in addition to hardware and software, it focuses on providing training, promoting retention and ensuring competence of key IT personnel. 6 Figure 2-- IT Governance Benefits
COBIT STAKEHOLDERS The target audience for COBIT is the stakeholders for EGIT and by extension, the stakeholders for corporate governance. In COBIT there are two category of stakeholders as below: 7 Internal Stakeholders External Stakeholders ➢ Boards ➢ Executive Management ➢ Business Managers ➢ IT Managers ➢ Assurance Providers ➢ Risk Management ➢ Regulators ➢ Business Partners ➢ IT Vendors
How Does COBIT Work 8 Information Technology Infrastructure Library (ITIL®), and related standards from the International Organization for Standardization (ISO). For a successful implementation of COBIT 2019 within an Enterprise, a combination of the listed objectives must be used. A specified set of 40 objectives becomes the heart of COBIT 2019. These objectives are to be fulfilled if the enterprise goals are to be achieved. These objectives are further bifurcated into governance and management objectives, ensuring that the Boards & executive management undertake the governance processes while management implements management processes, respectively.
COBIT Principles COBIT 2019 has its basis on following sets of principles: ❖ Principles enlisting the core requirements of a governance system for IT ❖ Principles to build a governance framework for the organization COBIT 2019 has 6 system principles for a governance system: 9 ❖ Satisfy stakeholder needs and to generate value. ❖ Many components form to make a governance system ❖ The governance system should be dynamic. Figure 3— Governance System Principles
COBIT Principles ❖ There is difference amongst activities and structures for governance and management. ❖ Option of customization as per the organizational requirements. ❖ The governance system includes those organizational functions. 10 The 3 principles for a governance framework: ❖ The framework be based on a conceptual model. ❖ The framework should be open and flexible. ❖ The governance framework be aligned to relevant major related standards, frameworks and regulations. Figure 4— Governance Framework Principles
COBIT Components of a Governance System 11 Figure 5—COBIT Components of a Governance System For the achievement of governance & management objectives, Thare have 7 Components and these are .. 1. Process 2. Organizational Structures 3. Principles,Policies,Procedures 4. Information 5. Culture,Ethics and Behavior 6. People,Skills and Competencies 7. Services ,Infrastructure and Applications
Tailored Governance System Design 12 Impact of Design Factors: Design factors influence in different ways the tailoring of the governance system of an enterprise 1. Management objective priority/selection 2. Components variation 3. Need for specific focus areas
13 T Governance System Design Process Figure 6— Governance System Design Workflow There is no magic formula. The final design will be a case-by-case decision, based on all the elements on the design canvas. By following these steps, enterprises will realize a governance system that is tailored to their needs.
14 COBIT Domain Figure 7— Governance System Design Workflow ❖ Plan & Organize – concerned with identification of the way IT can best contribute to the achievement of business objectives ❖ Acquire and Implement – acquiring, implementing or development of IT Solutions to be integrated into business process ❖ Deliver & Support – delivery of required services including traditional operations, security, and training ❖ Monitor & Evaluate – regular assessment over time for quality and compliance with control requirements
15 Implementing Enterprise Governance of IT Figure 8—COBIT Implementation Road Map ❖ What are the drivers? ❖ Where are we now? ❖ Where do we want to be? ❖ What needs to be done? ❖ How do we get there? ❖ Did we get there? ❖ How do we keep the momentum going?
COBIT Case Studies -AL Rahji Bank -Middle East Bank -Tokio Marine System -Dubai Customs -New York State Government Agency -Europian Electricity Transmission Network 16
COBIT-2019 GOALS 17 According to the ISACA, COBIT 2019 was updated to include: ❖ Focus areas and design factors that give more clarity on creating a governance system for business needs ❖ Regular updates released on a rolling basis ❖ More guidance and tools to support businesses when developing a “best-fit governance system, making COBIT 2019 more prescriptive” ❖ A better tool to measure performance of IT and alignment with the CMMI ❖ More support for decision making including new online collaborative features
COBIT-2019 Benefits & Shortcomings 18 Benefits: ❖ Improve and maintain high-quality information to support business decisions. ❖ Use IT effectively to achieve business goals; ❖ Use technology to promote operational excellence; ❖ Ensure IT risk is managed effectively; ❖ Ensure organisations realise the value of their investments in IT; and ❖ Achieve compliance with laws, regulations and contractual agreements. Shortcomings: Some researchers have pointed out that the biggest disadvantage with COBIT is that it requires a great deal of knowledge to understand its framework before it could be applied as a tool to support IT governance.
THANK YOU 19

Recommandé

Introduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT managementIntroduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT management
Christian F. Nissen
 
cobit 2019 presentation.pdf
cobit 2019 presentation.pdfcobit 2019 presentation.pdf
cobit 2019 presentation.pdf
mohammed539963
 
An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019
Gregor Polančič
 
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise ITCOBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
Mark Constable
 
COBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdfCOBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdf
MartinPatrici
 
Introduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT managementIntroduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT management
Christian F. Nissen
 
IT Governance - COBIT Perspective
IT Governance - COBIT PerspectiveIT Governance - COBIT Perspective
IT Governance - COBIT Perspective
Sayyed Zakir Ali Rizwe
 
IT Governance Framework
IT Governance FrameworkIT Governance Framework
IT Governance Framework
Sherri Booher
 

Recommandé

Introduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT managementIntroduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT management
Christian F. Nissen
 
cobit 2019 presentation.pdf
cobit 2019 presentation.pdfcobit 2019 presentation.pdf
cobit 2019 presentation.pdf
mohammed539963
 
An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019
Gregor Polančič
 
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise ITCOBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
Mark Constable
 
COBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdfCOBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdf
MartinPatrici
 
Introduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT managementIntroduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT management
Christian F. Nissen
 
IT Governance - COBIT Perspective
IT Governance - COBIT PerspectiveIT Governance - COBIT Perspective
IT Governance - COBIT Perspective
Sayyed Zakir Ali Rizwe
 
IT Governance Framework
IT Governance FrameworkIT Governance Framework
IT Governance Framework
Sherri Booher
 
IT Governance
IT GovernanceIT Governance
IT Governance
Carlos Chalico
 
COBIT5 Introduction
COBIT5 IntroductionCOBIT5 Introduction
COBIT5 Introduction
Mohammad Reda Katby
 
CISA Review Course Slides - Part1
CISA Review Course Slides - Part1CISA Review Course Slides - Part1
CISA Review Course Slides - Part1
Iyad Mourtada, CMA, CIA, CFE, CCSA, CRMA, CPLP
 
It governance & cobit 5
It governance & cobit 5It governance & cobit 5
It governance & cobit 5
Laddawan Rattanaruang
 
Cobit 2019 foundation study material
Cobit 2019 foundation study materialCobit 2019 foundation study material
Cobit 2019 foundation study material
Anees Shaikh
 
Use COBIT for IT SAVINGS
Use COBIT for IT SAVINGSUse COBIT for IT SAVINGS
Use COBIT for IT SAVINGS
Sanjiv Arora
 
Cobit5 owerwiev and implementation proposal
Cobit5 owerwiev and implementation proposalCobit5 owerwiev and implementation proposal
Cobit5 owerwiev and implementation proposal
Emilio Gratton
 
Governance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 FrameworkGovernance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 Framework
Goutama Bachtiar
 
ISO 27005:2022 Overview 221028.pdf
ISO 27005:2022 Overview 221028.pdfISO 27005:2022 Overview 221028.pdf
ISO 27005:2022 Overview 221028.pdf
Andrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
IT Governance - COBIT 5 Capability Assessment
IT Governance - COBIT 5 Capability AssessmentIT Governance - COBIT 5 Capability Assessment
IT Governance - COBIT 5 Capability Assessment
Eryk Budi Pratama
 
COBIT® Presentation Package.ppt
COBIT® Presentation Package.pptCOBIT® Presentation Package.ppt
COBIT® Presentation Package.ppt
Emmacuet
 
COBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an IntroductionCOBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an Introduction
aqel aqel
 
It Audit
It AuditIt Audit
It Audit
robinslides
 
Itil,cobit and ıso27001
Itil,cobit and ıso27001Itil,cobit and ıso27001
Itil,cobit and ıso27001
Burcu Pelin TELLİ
 
IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5
Eryk Budi Pratama
 
Qap cobit2019-20181111
Qap cobit2019-20181111Qap cobit2019-20181111
Qap cobit2019-20181111
Patrick Soenen
 
Implement cobit in your organization
Implement cobit in your organizationImplement cobit in your organization
Implement cobit in your organization
Cheikh Hamallah DJIBA
 
CISA Training - Chapter 2 - 2016
CISA Training - Chapter 2 - 2016CISA Training - Chapter 2 - 2016
CISA Training - Chapter 2 - 2016
Hafiz Sheikh Adnan Ahmed
 
Cobit 5 - An Overview
Cobit 5 - An OverviewCobit 5 - An Overview
Cobit 5 - An Overview
Anurag Purohit
 
Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)
Hendri Eka Saputra
 
Cobit 4.1 ivo oktavianti
Cobit 4.1 ivo oktaviantiCobit 4.1 ivo oktavianti
Cobit 4.1 ivo oktavianti
darminritonga amy
 
Cobit 4.1 ivooktavianti
Cobit 4.1 ivooktaviantiCobit 4.1 ivooktavianti
Cobit 4.1 ivooktavianti
Ivo Oktavianti
 

Contenu connexe

Tendances

Cobit 2019 foundation study material
Cobit 2019 foundation study materialCobit 2019 foundation study material
Cobit 2019 foundation study material
Anees Shaikh
 
COBIT® Presentation Package.ppt
COBIT® Presentation Package.pptCOBIT® Presentation Package.ppt
COBIT® Presentation Package.ppt
Emmacuet
 
Implement cobit in your organization
Implement cobit in your organizationImplement cobit in your organization
Implement cobit in your organization
Cheikh Hamallah DJIBA
 

Tendances (20)

IT Governance
IT GovernanceIT Governance
IT Governance
 
COBIT5 Introduction
COBIT5 IntroductionCOBIT5 Introduction
COBIT5 Introduction
 
CISA Review Course Slides - Part1
CISA Review Course Slides - Part1CISA Review Course Slides - Part1
CISA Review Course Slides - Part1
 
It governance & cobit 5
It governance & cobit 5It governance & cobit 5
It governance & cobit 5
 
Cobit 2019 foundation study material
Cobit 2019 foundation study materialCobit 2019 foundation study material
Cobit 2019 foundation study material
 
Use COBIT for IT SAVINGS
Use COBIT for IT SAVINGSUse COBIT for IT SAVINGS
Use COBIT for IT SAVINGS
 
Cobit5 owerwiev and implementation proposal
Cobit5 owerwiev and implementation proposalCobit5 owerwiev and implementation proposal
Cobit5 owerwiev and implementation proposal
 
Governance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 FrameworkGovernance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 Framework
 
ISO 27005:2022 Overview 221028.pdf
ISO 27005:2022 Overview 221028.pdfISO 27005:2022 Overview 221028.pdf
ISO 27005:2022 Overview 221028.pdf
 
IT Governance - COBIT 5 Capability Assessment
IT Governance - COBIT 5 Capability AssessmentIT Governance - COBIT 5 Capability Assessment
IT Governance - COBIT 5 Capability Assessment
 
COBIT® Presentation Package.ppt
COBIT® Presentation Package.pptCOBIT® Presentation Package.ppt
COBIT® Presentation Package.ppt
 
COBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an IntroductionCOBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an Introduction
 
It Audit
It AuditIt Audit
It Audit
 
Itil,cobit and ıso27001
Itil,cobit and ıso27001Itil,cobit and ıso27001
Itil,cobit and ıso27001
 
IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5
 
Qap cobit2019-20181111
Qap cobit2019-20181111Qap cobit2019-20181111
Qap cobit2019-20181111
 
Implement cobit in your organization
Implement cobit in your organizationImplement cobit in your organization
Implement cobit in your organization
 
CISA Training - Chapter 2 - 2016
CISA Training - Chapter 2 - 2016CISA Training - Chapter 2 - 2016
CISA Training - Chapter 2 - 2016
 
Cobit 5 - An Overview
Cobit 5 - An OverviewCobit 5 - An Overview
Cobit 5 - An Overview
 
Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)
 

Similaire à Cobit 2019 framework by ISACA

Implementation of a Decision System for a Suitable IT Governance Framework
Implementation of a Decision System for a Suitable IT Governance FrameworkImplementation of a Decision System for a Suitable IT Governance Framework
Implementation of a Decision System for a Suitable IT Governance Framework
IJCSIS Research Publications
 

Similaire à Cobit 2019 framework by ISACA (20)

Cobit 4.1 ivo oktavianti
Cobit 4.1 ivo oktaviantiCobit 4.1 ivo oktavianti
Cobit 4.1 ivo oktavianti
 
Cobit 4.1 ivooktavianti
Cobit 4.1 ivooktaviantiCobit 4.1 ivooktavianti
Cobit 4.1 ivooktavianti
 
Cobit 4.1 ivo oktavianti
Cobit 4.1 ivo oktaviantiCobit 4.1 ivo oktavianti
Cobit 4.1 ivo oktavianti
 
COBIT 5 FAQ
COBIT 5 FAQCOBIT 5 FAQ
COBIT 5 FAQ
 
Donna Febriani
Donna FebrianiDonna Febriani
Donna Febriani
 
ICT Governance for Enterprise Control & Value Creation - Day1
ICT Governance for Enterprise Control & Value Creation - Day1ICT Governance for Enterprise Control & Value Creation - Day1
ICT Governance for Enterprise Control & Value Creation - Day1
 
Audit rizkie hafizzah
Audit rizkie hafizzahAudit rizkie hafizzah
Audit rizkie hafizzah
 
Cobit 4.1 indri
Cobit 4.1 indriCobit 4.1 indri
Cobit 4.1 indri
 
COBIT
COBITCOBIT
COBIT
 
Implementation of a Decision System for a Suitable IT Governance Framework
Implementation of a Decision System for a Suitable IT Governance FrameworkImplementation of a Decision System for a Suitable IT Governance Framework
Implementation of a Decision System for a Suitable IT Governance Framework
 
information system and computers
information system and computersinformation system and computers
information system and computers
 
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500
 
Governance Tools Boyd Carter 2006
Governance Tools Boyd Carter 2006Governance Tools Boyd Carter 2006
Governance Tools Boyd Carter 2006
 
COBIT5-IntroductionS
COBIT5-IntroductionSCOBIT5-IntroductionS
COBIT5-IntroductionS
 
COBIT 2019 - DIGITAL TRUST FRAMEWORK
COBIT 2019 - DIGITAL TRUST FRAMEWORKCOBIT 2019 - DIGITAL TRUST FRAMEWORK
COBIT 2019 - DIGITAL TRUST FRAMEWORK
 
Cobit5 introduction
Cobit5 introductionCobit5 introduction
Cobit5 introduction
 
COBIT Intor.pptx
COBIT Intor.pptxCOBIT Intor.pptx
COBIT Intor.pptx
 
COBIT
COBITCOBIT
COBIT
 
Lailatul izzati
Lailatul izzatiLailatul izzati
Lailatul izzati
 
Co5bit
Co5bitCo5bit
Co5bit
 

Dernier

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 

Dernier (20)

presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 

Cobit 2019 framework by ISACA

  • 1. Course Name: IT Audit & Assessment [ CSE 6165 ] Course Instructor: SUMAN AHMED[ Asst. Professor, UIU ] Topic: COBIT® 2019 FRAMEWORK MOZAFFAR HOSSAIN FAZLA RABBI ABIR 1
  • 2. Overview Of COBIT COBIT is published by ITGI, a nonprofit research entity created by ISACA in 1998. First released in 1996, COBIT was often perceived as merely an audit framework, from the version 2 the framework to apply outside the auditing community. COBIT 2019 is the most current version of the framework. 2 COBIT ( Control OBjectives for Information and related Technology ) - COBIT is an Information Technology management framework developed by ISACA to help businesses, develop, organize and implement strategies around information management and governance. A model designed to control of the IT function. ISACA – ( Information Systems Audit and Control Association )ISACA is an international professional association focused on IT governance. ISACA provides guidance, benchmarks and governance tools for enterprises that use information systems. ISACA also hosts a series of international conferences that focus on both technical and managerial topics relating to IS assurance, control, security and IT governance. It also coordinates several certification programs, currently ISACA offering 8 certificate programs.
  • 3. What CobiT is not!! ❖ COBIT is not a full description of the whole IT environment of an enterprise. ❖ COBIT is not a framework to organize business processes ❖ COBIT is not an (IT-)technical framework to manage all technology. ❖ Audit software ❖ An IT audit plan ❖ An IT Internal Audit work program ❖ An IT audit testing plan ❖ Guide on “How to Audit” IT 3 Overview Of COBIT Then what is CobiT? ❖ A methodology consisting of standards and controls created to assist IT professionals in the implementation, review,administration and monitoring of an IT environment. ❖ A tool that for IT professionals that has linked information technology and control practices
  • 4. ❖ COBIT represents 1. A control framework, 2. A set of generally accepted control objectives, & 3. The COBIT Audit Guidelines. 4 Overview Of COBIT What is the purpose of CobiT? ❖ To provide management and business process owners with an Information Technology (IT) governance model that helps in understanding and managing the risks associated with IT. ❖ CobiT helps bridge the gaps between business risks, control needs and technical issues by presenting the controls through one vehicle. ❖ It is a control model to meet the needs of IT governance and ensure the integrity of
  • 5. Enterprise Governance of I&T and Benefits Enterprise governance of IT is about defining processes and structures throughout the organization that enable boards and business and IT people to execute their responsibilities in support of business/IT alignment and value creation. 5 Figure 1— The Context of Enterprise Governance of Information and Technology
  • 6. Enterprise Governance of I&T and Benefits Benefits of Information and Technology Governance ❖ Benefits realization— IT value should also be measured in a way that shows the impact and contributions of IT-enabled investments in the value creation process of the enterprise. ❖ Risk optimization— Risk management focuses on the preservation of value. ❖ Resource optimization— It recognizes the importance of people, in addition to hardware and software, it focuses on providing training, promoting retention and ensuring competence of key IT personnel. 6 Figure 2-- IT Governance Benefits
  • 7. COBIT STAKEHOLDERS The target audience for COBIT is the stakeholders for EGIT and by extension, the stakeholders for corporate governance. In COBIT there are two category of stakeholders as below: 7 Internal Stakeholders External Stakeholders ➢ Boards ➢ Executive Management ➢ Business Managers ➢ IT Managers ➢ Assurance Providers ➢ Risk Management ➢ Regulators ➢ Business Partners ➢ IT Vendors
  • 8. How Does COBIT Work 8 Information Technology Infrastructure Library (ITIL®), and related standards from the International Organization for Standardization (ISO). For a successful implementation of COBIT 2019 within an Enterprise, a combination of the listed objectives must be used. A specified set of 40 objectives becomes the heart of COBIT 2019. These objectives are to be fulfilled if the enterprise goals are to be achieved. These objectives are further bifurcated into governance and management objectives, ensuring that the Boards & executive management undertake the governance processes while management implements management processes, respectively.
  • 9. COBIT Principles COBIT 2019 has its basis on following sets of principles: ❖ Principles enlisting the core requirements of a governance system for IT ❖ Principles to build a governance framework for the organization COBIT 2019 has 6 system principles for a governance system: 9 ❖ Satisfy stakeholder needs and to generate value. ❖ Many components form to make a governance system ❖ The governance system should be dynamic. Figure 3— Governance System Principles
  • 10. COBIT Principles ❖ There is difference amongst activities and structures for governance and management. ❖ Option of customization as per the organizational requirements. ❖ The governance system includes those organizational functions. 10 The 3 principles for a governance framework: ❖ The framework be based on a conceptual model. ❖ The framework should be open and flexible. ❖ The governance framework be aligned to relevant major related standards, frameworks and regulations. Figure 4— Governance Framework Principles
  • 11. COBIT Components of a Governance System 11 Figure 5—COBIT Components of a Governance System For the achievement of governance & management objectives, Thare have 7 Components and these are .. 1. Process 2. Organizational Structures 3. Principles,Policies,Procedures 4. Information 5. Culture,Ethics and Behavior 6. People,Skills and Competencies 7. Services ,Infrastructure and Applications
  • 12. Tailored Governance System Design 12 Impact of Design Factors: Design factors influence in different ways the tailoring of the governance system of an enterprise 1. Management objective priority/selection 2. Components variation 3. Need for specific focus areas
  • 13. 13 T Governance System Design Process Figure 6— Governance System Design Workflow There is no magic formula. The final design will be a case-by-case decision, based on all the elements on the design canvas. By following these steps, enterprises will realize a governance system that is tailored to their needs.
  • 14. 14 COBIT Domain Figure 7— Governance System Design Workflow ❖ Plan & Organize – concerned with identification of the way IT can best contribute to the achievement of business objectives ❖ Acquire and Implement – acquiring, implementing or development of IT Solutions to be integrated into business process ❖ Deliver & Support – delivery of required services including traditional operations, security, and training ❖ Monitor & Evaluate – regular assessment over time for quality and compliance with control requirements
  • 15. 15 Implementing Enterprise Governance of IT Figure 8—COBIT Implementation Road Map ❖ What are the drivers? ❖ Where are we now? ❖ Where do we want to be? ❖ What needs to be done? ❖ How do we get there? ❖ Did we get there? ❖ How do we keep the momentum going?
  • 16. COBIT Case Studies -AL Rahji Bank -Middle East Bank -Tokio Marine System -Dubai Customs -New York State Government Agency -Europian Electricity Transmission Network 16
  • 17. COBIT-2019 GOALS 17 According to the ISACA, COBIT 2019 was updated to include: ❖ Focus areas and design factors that give more clarity on creating a governance system for business needs ❖ Regular updates released on a rolling basis ❖ More guidance and tools to support businesses when developing a “best-fit governance system, making COBIT 2019 more prescriptive” ❖ A better tool to measure performance of IT and alignment with the CMMI ❖ More support for decision making including new online collaborative features
  • 18. COBIT-2019 Benefits & Shortcomings 18 Benefits: ❖ Improve and maintain high-quality information to support business decisions. ❖ Use IT effectively to achieve business goals; ❖ Use technology to promote operational excellence; ❖ Ensure IT risk is managed effectively; ❖ Ensure organisations realise the value of their investments in IT; and ❖ Achieve compliance with laws, regulations and contractual agreements. Shortcomings: Some researchers have pointed out that the biggest disadvantage with COBIT is that it requires a great deal of knowledge to understand its framework before it could be applied as a tool to support IT governance.