SlideShare une entreprise Scribd logo

COBIT 2019 Overview

M
MartinPatrici

Overview COBIT 2019

Business
1  sur  38
Télécharger pour lire hors ligne
© 2018 ISACA. All rights reserved. INTRODUCING OVERVIEW November 2018
© 2018 ISACA. All rights reserved. COBIT® 2019 The globally recognized COBIT Framework, which helps ensure effective enterprise governance of information and technology, has been updated with new information and guidance, facilitating easier, tailored implementation— strengthening COBIT’s continuing role as an important driver of innovation and business transformation. This document sets the scene for the upcoming release of COBIT® 2019 guidance.
© 2018 ISACA. All rights reserved. Remembering John Lainhart • In dedication to John Lainhart, who was there from COBIT day -1 in 1995 until his passing in September 2018. • John was the relentless support behind many COBIT related projects, including COBIT 2019 . • ISACA is extremely grateful for John and his vision, and COBIT 2019 (and its progeny) are his legacy. Picture provided courtesy of Dirk Steuperaert
© 2018 ISACA. All rights reserved. OVERVIEW PRODUCT FAMILY ARCHITECHTURE
© 2018 ISACA. All rights reserved. OVERVIEW PRODUCT FAMILY The COBIT 2019 product family is open-ended. The following publications will be available in Q4 2018.
© 2018 ISACA. All rights reserved. COBIT OVERVIEW COBIT 2019 PRODUCT ARCHITECTURE
© 2018 ISACA. All rights reserved. OVERVIEW INTERNAL STAKEHOLDERS Internal Stakeholders Boards Executive management Business Managers IT Managers Assurance Providers Risk Management Helps to ensure the identification and management of all IT-related risk Helps manage dependencies on external service providers, provides assurance over IT, and ensures the existence of an effective and efficient system of internal controls Provides guidance on how best to build and structure the IT department, manage performance of IT, run an efficient and effective IT operation, control IT costs, align IT strategy to business priorities, etc. Provides insights on how to get value from the use of I&T and explains relevant board responsibilities Provides guidance on how to organize and monitor performance of I&T across the enterprise Helps to understand how to obtain the I&T solutions enterprises require and how best to exploit new technology for strategic opportunities
© 2018 ISACA. All rights reserved. OVERVIEW EXTERNAL STAKEHOLDERS External Stakeholders Regulators Business Partners IT Vendors IT vendor’s operations must establish that they are secure, reliable and compliant with applicable rules and regulations Determines whether the enterprise is compliant with applicable rules and regulations and advises that the enterprise has the right governance system in place to manage and sustain compliance Confirm that a business partner’s operations are secure, reliable and compliant with applicable rules and regulations
© 2018 ISACA. All rights reserved. KEY CONCEPTS KEY CONCEPTS & CONCEPTUAL MODEL
© 2018 ISACA. All rights reserved. KEY CONCEPTS OVERVIEW COBIT 2019 CONCEPTS PRINCIPLES GOVERNANCE AND MANAGEMENT OBJECTIVES GOALS CASCADE COMPONENTS OF A GOVERNANCE SYSTEM FOCUS AREAS DESIGN FACTORS
© 2018 ISACA. All rights reserved. KEY CONCEPTS PRINCIPLES PRINCIPLES Governance System PRINCIPLES Governance Framework
© 2018 ISACA. All rights reserved. KEY CONCEPTS GOVERNANCE SYSTEM PRINCIPLES The six (6) principles are the core requirements for a governance system for enterprise information and technology. 1. Each enterprise needs a governance system to satisfy stakeholder needs and to generate value from the use of I&T. 2. A governance system for enterprise I&T is built from a number of components that can be of different types and that work together in a holistic way. 3. A governance system should be dynamic. This means that each time one or more of the design factors are changed the impact of these changes on the EGIT system must be considered. 4. A governance system should clearly distinguish between governance and management activities and structures. 5. A governance system should be tailored to the enterprise’s needs, using a set of design factors as parameters to customize and prioritize the governance system components. 6. A governance system should cover the enterprise end to end, focusing not only on the IT function but on all technology and information processing the enterprise puts in place to achieve its goals. Reference: COBIT® 2019 Framework: Introduction and Methodology, Chapter 3 COBIT Principles, Figure 3.1
© 2018 ISACA. All rights reserved. KEY CONCEPTS GOVERNANCE FRAMEWORK PRINCIPLES The three (3) principles identify the underlying principles for a governance framework that can be used to build a governance system for the enterprise. 1. A governance framework should be based on a conceptual model, identifying the key components and relationships among components, to maximize consistency and allow automation. 2. A governance framework should be open and flexible. It should allow the addition of new content and the ability to address new issues in the most flexible way, while maintaining integrity and consistency. 3. A governance framework should align to relevant major related standards, frameworks and regulations Reference: COBIT® 2019 Framework: Introduction and Methodology, Chapter 3 COBIT Principles, Figure 3.2
© 2018 ISACA. All rights reserved. KEY CONCEPTS GOVERNANCE AND MANAGEMENT OBJECTIVES For information and technology to contribute to enterprise goals, a number of governance and management objectives should be achieved. • A governance or management objective always relates to one process and a series of related components of other types to help achieve the objective • A governance objective relates to a governance process, while a management objective relates to a management process.
© 2018 ISACA. All rights reserved. KEY CONCEPTS GOVERNANCE AND MANAGEMENT OBJECTIVES Similar to COBIT 5, The governance and management objectives in COBIT® 2019 are grouped into five domains. The domains have names that express the key purpose and areas of activity of the objectives contained in them. EDM Evaluate, Direct and Monitor APO Align, Plan and Organize BAI Build, Acquire and Implement DSS Deliver, Service and Support MEA Monitor, Evaluate and Assess Governance objectives Management objectives
Known as the Process Reference Model, or PRM in COBIT 5, COBIT® 2019 identifies this as the COBIT Core Model. Reference: COBIT® 2019 Framework: Introduction and Methodology, Chapter 4 Basic Concepts: Governance Systems and Components, Figure 4.2 Reference: COBIT® 2019 Framework: Introduction and Methodology, Chapter 4 Basic Concepts: Governance Systems and Components, Figure 4.2
© 2018 ISACA. All rights reserved. KEY CONCEPTS GOVERNANCE AND MANAGEMENT OBJECTIVES HIGH LEVEL INFORMATION • Domain name • Focus area • Governance or management objective name • Description • Purpose statement GOALS CASCADE • Applicable Alignment goals • Applicable Enterprise goals • Example metrics RELATED COMPONENTS • Processes, practices and activities • Organizational structures • Information flows and items • People, skills and competencies • Policies and frameworks • Culture, ethics and behavior • Services, infrastructure and applications RELATED GUIDANCE • Where applicable links and cross references are provided to other standards and frameworks for each of the governance components within each governance and management objective
© 2018 ISACA. All rights reserved. KEY CONCEPTS GOALS CASCADE • Enterprise goals have been consolidated, reduced, updated and clarified. • Alignment goals emphasize the alignment of all IT efforts with business objectives  These were IT-related goals in COBIT 5  The update seeks to avoid the frequent misunderstanding that these goals indicate purely internal objectives of the IT department within an enterprise  Alignment goals have also been consolidated, reduced, updated and clarified where necessary Reference: COBIT® 2019 Framework: Introduction and Methodology, Chapter 4 Basic Concepts: Governance Systems and Components, Figure 4.16
© 2018 ISACA. All rights reserved. KEY CONCEPTS COMPONENTS OF A GOVERNANCE SYSTEM • Each enterprise’s governance system is built from a number of components • Components can be of different types • Components interact with each other, resulting in a holistic governance system for I&T • These were known as enablers in COBIT 5 Reference: COBIT® 2019 Framework: Basic Concepts: Governance Systems and Components, Figure 4.3
© 2018 ISACA. All rights reserved. KEY CONCEPTS COMPONENTS OF A GOVERNANCE SYSTEM Components can be generic or variants of generic components: • Generic components are described in the COBIT core model  Apply in principle to any situation  However, they are generic in nature and generally need customization before being practically implemented • Variants are based on generic components but  Tailored for a specific purpose or context within a focus area (e.g., for information security, DevOps, a particular regulation) GENERIC COMPONENTS VARIANT COMPONENTS
© 2018 ISACA. All rights reserved. KEY CONCEPTS FOCUS AREAS • A Focus Area describes a certain governance topic, domain or issue that can be addressed by a collection of governance and management objectives and their components. • Focus Areas can contain a combination of generic governance components and variants • The number of focus areas is virtually unlimited. That is what makes COBIT open-ended. New focus areas can be added as required or as subject matter experts and practitioners contribute. EXAMPLES OF FOCUS AREAS • Small and medium enterprises • Information Security • Risk • DevOps
© 2018 ISACA. All rights reserved. KEY CONCEPTS DESIGN FACTORS Design factors are factors that: • Influence the design of an enterprise’s governance system • Position it for success in the use of I&T • More information and detailed guidance on how to use the design factors for designing a governance system can be found in the COBIT Design Guide publication Reference: COBIT® 2019 Framework: Basic Concepts: Design Factors, Figure 4.4 COBIT 2019 Design Factors
© 2018 ISACA. All rights reserved. KEY CONCEPTS DESIGN FACTORS: EXAMPLES Enterprise Strategy • Growth / Acquisition • Innovation / Differentiation • Cost Leadership • Client Service / Stability Threat Landscape • Normal • High Role of IT • Support • Factory • Turnaround • Strategic
© 2018 ISACA. All rights reserved. DESIGNING AND IMPLEMENTING A TAILORED GOVERNANCE SYSTEM USING COBIT 2019
© 2018 ISACA. All rights reserved. DESIGNING A TAILORED GOVERNANCE SYSTEM IMPACT OF DESIGN FACTORS Design factors influence in different ways the tailoring of the governance system of an enterprise. Design Factor Impact Management Objective Priority & Target Capability Levels Component Variations Specific Focus Areas Reference: COBIT® 2019 Framework: Introduction and Methodology, Chapter 7 Designing a Tailored Governance System, Figure 7.1
© 2018 ISACA. All rights reserved. DESIGNING A TAILORED GOVERNANCE SYSTEM IMPACT OF DESIGN FACTORS Management Objective Priority and Target Capability Levels • Design factor influence can make some governance and management objectives more important than others, sometimes to the extent that they become negligible • In practice, this higher importance translates into setting higher target capability levels Design Factor Impact Management Objective Priority & Target Capability Levels Component Variations Specific Focus Areas Reference: COBIT® 2019 Framework: Introduction and Methodology, Chapter 7 Designing a Tailored Governance System, Figure 7.1
© 2018 ISACA. All rights reserved. DESIGNING A TAILORED GOVERNANCE SYSTEM IMPACT OF DESIGN FACTORS Component Variations • Components are required to achieve governance and management objectives. Some design factors can influence the importance of one or more components or can require specific variations Design Factor Impact Management Objective Priority & Target Capability Levels Component Variations Specific Focus Areas Reference: COBIT® 2019 Framework: Introduction and Methodology, Chapter 7 Designing a Tailored Governance System, Figure 7.1
© 2018 ISACA. All rights reserved. DESIGNING A TAILORED GOVERNANCE SYSTEM IMPACT OF DESIGN FACTORS Specific Focus Areas • Some design factors, such as threat landscape, specific risk, target development methods and infrastructure set-up, will drive the need for variation of the core COBIT model content to a specific context Design Factor Impact Management Objective Priority & Target Capability Levels Component Variations Specific Focus Areas Reference: COBIT® 2019 Framework: Introduction and Methodology, Chapter 7 Designing a Tailored Governance System, Figure 7.1
© 2018 ISACA. All rights reserved. DESIGNING A TAILORED GOVERNANCE SYSTEM GOVERNANCE SYSTEM DESIGN WORKFLOW The different stages and steps in the design process will result in recommendations for prioritizing governance and management objectives or related governance system components, for target capability levels, or for adopting specific variants of a governance system component. Reference: COBIT® 2019 Framework: Introduction and Methodology, Chapter 7 Designing a Tailored Governance System, Figure 7.2
© 2018 ISACA. All rights reserved. IMPLEMENTING A TAILORED GOVERNANCE SYSTEM The implementation approach is based on empowering business and IT stakeholders and role players to take ownership of IT-related governance and management decisions and activities by facilitating and enabling change. • Implementation guide is a phased approach with three perspectives  Continual Improvement  Program Management  Change Enablement
© 2018 ISACA. All rights reserved. IMPLEMENTING A TAILORED GOVERNANCE SYSTEM IMPLEMENTATION The COBIT® 2019 Implementation Guide emphasizes an enterprise-wide view of governance of I&T. It recognizes that I&T are pervasive in enterprises and that it is neither possible nor good practice to separate business and IT-related activities. Reference: COBIT® 2019 Framework: Introduction and Methodology, Chapter 8 Implementing Enterprise Governance of IT, Figure 8.1
© 2018 ISACA. All rights reserved. PERFORMANCE MANAGEMENT CAPABILITY & MATURITY
© 2018 ISACA. All rights reserved. PERFORMANCE MANAGEMENT OVERVIEW COBIT Performance Management (CPM) refers to how well the governance and management system and all the components of an enterprise work, and how they can be improved up to the required level. It includes concepts and methods such as capability levels and maturity levels. COBIT 2019 is based on the following principles: • Simple to understand and use • Consistent with, and support the COBIT conceptual model • Provide reliable, repeatable and relevant results • Must be flexible • Should support different types of assessments The term “COBIT Performance Management” (CPM) is used to describe these activities, and the concept is an integral part of the COBIT framework.
© 2018 ISACA. All rights reserved. PERFORMANCE MANAGEMENT CAPABILITY AND MATURITY • COBIT 2019 supports a CMMI-based process capability scheme • The process within each governance and management objective can operate at capability levels, between 0 to 5 • The capability level is a measure for how well a process is implemented and performing • Each process activity is associated with a capability level Reference: COBIT® 2019 Framework: Introduction and Methodology, Chapter 6 Performance Management in COBIT, Figure 6.2
© 2018 ISACA. All rights reserved. PERFORMANCE MANAGEMENT CAPABILITY AND MATURITY • Each process activity is associated with a capability level  Helps users implement processes at a foundational level  Identifies future activities to achieve a higher capability level
© 2018 ISACA. All rights reserved. PERFORMANCE MANAGEMENT CAPABILITY AND MATURITY • Sometimes a more high-level for expressing performance is required, less granular than individual process capability ratings: Maturity Levels • We define maturity levels in COBIT 2019 update as a performance measure at the Focus Area level Reference: COBIT® 2019 Framework: Introduction and Methodology, Chapter 6 Performance Management in COBIT, Figure 6.3
© 2018 ISACA. All rights reserved. APPENDIX
© 2018 ISACA. All rights reserved. ABOUT ISACA Nearing its 50th year, ISACA® (isaca.org) is a global association helping individuals and enterprises achieve the positive potential of technology. Today’s world is powered by technology, and ISACA equips professionals with the knowledge, credentials, education and community to advance their careers and transform their organizations. ISACA leverages the expertise of its 450,000 engaged professionals in information and cyber security, governance, assurance, risk and innovation, as well as its enterprise performance subsidiary, CMMI® Institute, to help advance innovation through technology. ISACA has a presence in 188 countries, including 217 chapters worldwide and offices in both the United States and China.

Recommandé

Itil,cobit and ıso27001
Itil,cobit and ıso27001Itil,cobit and ıso27001
Itil,cobit and ıso27001Burcu Pelin TELLİ
 
cobit 2019 presentation.pdf
cobit 2019 presentation.pdfcobit 2019 presentation.pdf
cobit 2019 presentation.pdfmohammed539963
 
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise ITCOBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise ITMark Constable
 
An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019Gregor Polančič
 
IT Governance - COBIT Perspective
IT Governance - COBIT PerspectiveIT Governance - COBIT Perspective
IT Governance - COBIT PerspectiveSayyed Zakir Ali Rizwe
 
Cobit 2019 framework by ISACA
Cobit 2019 framework by ISACACobit 2019 framework by ISACA
Cobit 2019 framework by ISACAMDFazlaRabbiAbir
 
Introduction to COBIT 2019 Certification and Training
Introduction to COBIT 2019 Certification and TrainingIntroduction to COBIT 2019 Certification and Training
Introduction to COBIT 2019 Certification and TrainingMark Edmead
 
COBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an IntroductionCOBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an Introductionaqel aqel
 

Recommandé

Itil,cobit and ıso27001
Itil,cobit and ıso27001Itil,cobit and ıso27001
Itil,cobit and ıso27001Burcu Pelin TELLİ
 
cobit 2019 presentation.pdf
cobit 2019 presentation.pdfcobit 2019 presentation.pdf
cobit 2019 presentation.pdfmohammed539963
 
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise ITCOBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise ITMark Constable
 
An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019Gregor Polančič
 
IT Governance - COBIT Perspective
IT Governance - COBIT PerspectiveIT Governance - COBIT Perspective
IT Governance - COBIT PerspectiveSayyed Zakir Ali Rizwe
 
Cobit 2019 framework by ISACA
Cobit 2019 framework by ISACACobit 2019 framework by ISACA
Cobit 2019 framework by ISACAMDFazlaRabbiAbir
 
Introduction to COBIT 2019 Certification and Training
Introduction to COBIT 2019 Certification and TrainingIntroduction to COBIT 2019 Certification and Training
Introduction to COBIT 2019 Certification and TrainingMark Edmead
 
COBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an IntroductionCOBIT 5 IT Governance Model: an Introduction
COBIT 5 IT Governance Model: an Introductionaqel aqel
 
Cobit 2019 foundation study material
Cobit 2019 foundation study materialCobit 2019 foundation study material
Cobit 2019 foundation study materialAnees Shaikh
 
Introduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT managementIntroduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT managementChristian F. Nissen
 
IT Governance - COBIT 5 Capability Assessment
IT Governance - COBIT 5 Capability AssessmentIT Governance - COBIT 5 Capability Assessment
IT Governance - COBIT 5 Capability AssessmentEryk Budi Pratama
 
Introduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT managementIntroduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT managementChristian F. Nissen
 
Qap cobit2019-20181111
Qap cobit2019-20181111Qap cobit2019-20181111
Qap cobit2019-20181111Patrick Soenen
 
It governance
It governanceIt governance
It governanceMahetab Khan
 
COBIT 5 as an IT Management Best Practices Framework - by Goh Boon Nam
COBIT 5 as an IT Management Best Practices Framework - by Goh Boon NamCOBIT 5 as an IT Management Best Practices Framework - by Goh Boon Nam
COBIT 5 as an IT Management Best Practices Framework - by Goh Boon NamNUS-ISS
 
IT Governance
IT GovernanceIT Governance
IT GovernanceCarlos Chalico
 
IT4IT™ - Managing the Business of IT
IT4IT™ - Managing the Business of ITIT4IT™ - Managing the Business of IT
IT4IT™ - Managing the Business of ITReal IRM
 
IT4IT - Manage the Digital Enterprise.pdf
IT4IT - Manage the Digital Enterprise.pdfIT4IT - Manage the Digital Enterprise.pdf
IT4IT - Manage the Digital Enterprise.pdfitSMF Belgium
 
COBIT 5 Basic Concepts
COBIT 5 Basic ConceptsCOBIT 5 Basic Concepts
COBIT 5 Basic ConceptsSpyros Ktenas
 
Using ITIL 4 and IT4IT together
Using ITIL 4 and IT4IT togetherUsing ITIL 4 and IT4IT together
Using ITIL 4 and IT4IT togetherRob Akershoek
 
Optimize the IT Operating Model
Optimize the IT Operating ModelOptimize the IT Operating Model
Optimize the IT Operating ModelInfo-Tech Research Group
 
Integrating It Frameworks, Methodologies And Best Practices Into It Delivery ...
Integrating It Frameworks, Methodologies And Best Practices Into It Delivery ...Integrating It Frameworks, Methodologies And Best Practices Into It Delivery ...
Integrating It Frameworks, Methodologies And Best Practices Into It Delivery ...Alan McSweeney
 
Itil 4 34 Management Practices
Itil 4 34 Management PracticesItil 4 34 Management Practices
Itil 4 34 Management PracticesPeter Palme 高 彼特
 
IT Governance Framework
IT Governance FrameworkIT Governance Framework
IT Governance FrameworkSherri Booher
 
Implement cobit in your organization
Implement cobit in your organizationImplement cobit in your organization
Implement cobit in your organizationCheikh Hamallah DJIBA
 
ITIL 4 - Make sense of what BA, UI/UX Designer, Coder, QA, PM and DevOps do
ITIL 4 - Make sense of what BA, UI/UX Designer, Coder, QA, PM and DevOps doITIL 4 - Make sense of what BA, UI/UX Designer, Coder, QA, PM and DevOps do
ITIL 4 - Make sense of what BA, UI/UX Designer, Coder, QA, PM and DevOps doCliffordEgbomeade
 
IT4IT - The Full Story for Digital Transformation - Part 1
IT4IT - The Full Story for Digital Transformation - Part 1IT4IT - The Full Story for Digital Transformation - Part 1
IT4IT - The Full Story for Digital Transformation - Part 1Mohamed Zakarya Abdelgawad
 
IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5Eryk Budi Pratama
 
COBIT 2019 Executive Summary_v1.1 .pdf
COBIT 2019 Executive Summary_v1.1 .pdfCOBIT 2019 Executive Summary_v1.1 .pdf
COBIT 2019 Executive Summary_v1.1 .pdfDiegoIvanAlvaradoVel
 
COBIT 2019 - DIGITAL TRUST FRAMEWORK
COBIT 2019 - DIGITAL TRUST FRAMEWORKCOBIT 2019 - DIGITAL TRUST FRAMEWORK
COBIT 2019 - DIGITAL TRUST FRAMEWORKMaganathin Veeraragaloo
 

Contenu connexe

Tendances

Cobit 2019 foundation study material
Cobit 2019 foundation study materialCobit 2019 foundation study material
Cobit 2019 foundation study materialAnees Shaikh
 
Introduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT managementIntroduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT managementChristian F. Nissen
 
IT Governance - COBIT 5 Capability Assessment
IT Governance - COBIT 5 Capability AssessmentIT Governance - COBIT 5 Capability Assessment
IT Governance - COBIT 5 Capability AssessmentEryk Budi Pratama
 
Introduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT managementIntroduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT managementChristian F. Nissen
 
Qap cobit2019-20181111
Qap cobit2019-20181111Qap cobit2019-20181111
Qap cobit2019-20181111Patrick Soenen
 
COBIT 5 as an IT Management Best Practices Framework - by Goh Boon Nam
COBIT 5 as an IT Management Best Practices Framework - by Goh Boon NamCOBIT 5 as an IT Management Best Practices Framework - by Goh Boon Nam
COBIT 5 as an IT Management Best Practices Framework - by Goh Boon NamNUS-ISS
 
IT4IT™ - Managing the Business of IT
IT4IT™ - Managing the Business of ITIT4IT™ - Managing the Business of IT
IT4IT™ - Managing the Business of ITReal IRM
 
IT4IT - Manage the Digital Enterprise.pdf
IT4IT - Manage the Digital Enterprise.pdfIT4IT - Manage the Digital Enterprise.pdf
IT4IT - Manage the Digital Enterprise.pdfitSMF Belgium
 
COBIT 5 Basic Concepts
COBIT 5 Basic ConceptsCOBIT 5 Basic Concepts
COBIT 5 Basic ConceptsSpyros Ktenas
 
Using ITIL 4 and IT4IT together
Using ITIL 4 and IT4IT togetherUsing ITIL 4 and IT4IT together
Using ITIL 4 and IT4IT togetherRob Akershoek
 
Integrating It Frameworks, Methodologies And Best Practices Into It Delivery ...
Integrating It Frameworks, Methodologies And Best Practices Into It Delivery ...Integrating It Frameworks, Methodologies And Best Practices Into It Delivery ...
Integrating It Frameworks, Methodologies And Best Practices Into It Delivery ...Alan McSweeney
 
IT Governance Framework
IT Governance FrameworkIT Governance Framework
IT Governance FrameworkSherri Booher
 
Implement cobit in your organization
Implement cobit in your organizationImplement cobit in your organization
Implement cobit in your organizationCheikh Hamallah DJIBA
 
ITIL 4 - Make sense of what BA, UI/UX Designer, Coder, QA, PM and DevOps do
ITIL 4 - Make sense of what BA, UI/UX Designer, Coder, QA, PM and DevOps doITIL 4 - Make sense of what BA, UI/UX Designer, Coder, QA, PM and DevOps do
ITIL 4 - Make sense of what BA, UI/UX Designer, Coder, QA, PM and DevOps doCliffordEgbomeade
 
IT4IT - The Full Story for Digital Transformation - Part 1
IT4IT - The Full Story for Digital Transformation - Part 1IT4IT - The Full Story for Digital Transformation - Part 1
IT4IT - The Full Story for Digital Transformation - Part 1Mohamed Zakarya Abdelgawad
 
IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5Eryk Budi Pratama
 

Tendances (20)

Cobit 2019 foundation study material
Cobit 2019 foundation study materialCobit 2019 foundation study material
Cobit 2019 foundation study material
 
Introduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT managementIntroduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT management
 
IT Governance - COBIT 5 Capability Assessment
IT Governance - COBIT 5 Capability AssessmentIT Governance - COBIT 5 Capability Assessment
IT Governance - COBIT 5 Capability Assessment
 
Introduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT managementIntroduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT management
 
Qap cobit2019-20181111
Qap cobit2019-20181111Qap cobit2019-20181111
Qap cobit2019-20181111
 
It governance
It governanceIt governance
It governance
 
COBIT 5 as an IT Management Best Practices Framework - by Goh Boon Nam
COBIT 5 as an IT Management Best Practices Framework - by Goh Boon NamCOBIT 5 as an IT Management Best Practices Framework - by Goh Boon Nam
COBIT 5 as an IT Management Best Practices Framework - by Goh Boon Nam
 
IT Governance
IT GovernanceIT Governance
IT Governance
 
IT4IT™ - Managing the Business of IT
IT4IT™ - Managing the Business of ITIT4IT™ - Managing the Business of IT
IT4IT™ - Managing the Business of IT
 
IT4IT - Manage the Digital Enterprise.pdf
IT4IT - Manage the Digital Enterprise.pdfIT4IT - Manage the Digital Enterprise.pdf
IT4IT - Manage the Digital Enterprise.pdf
 
COBIT 5 Basic Concepts
COBIT 5 Basic ConceptsCOBIT 5 Basic Concepts
COBIT 5 Basic Concepts
 
Using ITIL 4 and IT4IT together
Using ITIL 4 and IT4IT togetherUsing ITIL 4 and IT4IT together
Using ITIL 4 and IT4IT together
 
Optimize the IT Operating Model
Optimize the IT Operating ModelOptimize the IT Operating Model
Optimize the IT Operating Model
 
Integrating It Frameworks, Methodologies And Best Practices Into It Delivery ...
Integrating It Frameworks, Methodologies And Best Practices Into It Delivery ...Integrating It Frameworks, Methodologies And Best Practices Into It Delivery ...
Integrating It Frameworks, Methodologies And Best Practices Into It Delivery ...
 
Itil 4 34 Management Practices
Itil 4 34 Management PracticesItil 4 34 Management Practices
Itil 4 34 Management Practices
 
IT Governance Framework
IT Governance FrameworkIT Governance Framework
IT Governance Framework
 
Implement cobit in your organization
Implement cobit in your organizationImplement cobit in your organization
Implement cobit in your organization
 
ITIL 4 - Make sense of what BA, UI/UX Designer, Coder, QA, PM and DevOps do
ITIL 4 - Make sense of what BA, UI/UX Designer, Coder, QA, PM and DevOps doITIL 4 - Make sense of what BA, UI/UX Designer, Coder, QA, PM and DevOps do
ITIL 4 - Make sense of what BA, UI/UX Designer, Coder, QA, PM and DevOps do
 
IT4IT - The Full Story for Digital Transformation - Part 1
IT4IT - The Full Story for Digital Transformation - Part 1IT4IT - The Full Story for Digital Transformation - Part 1
IT4IT - The Full Story for Digital Transformation - Part 1
 
IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5
 

Similaire à COBIT 2019 Overview

COBIT 2019 Executive Summary_v1.1 .pdf
COBIT 2019 Executive Summary_v1.1 .pdfCOBIT 2019 Executive Summary_v1.1 .pdf
COBIT 2019 Executive Summary_v1.1 .pdfDiegoIvanAlvaradoVel
 
Comparación de CobiT 5 con CobiT 4.1
Comparación de CobiT 5 con CobiT 4.1Comparación de CobiT 5 con CobiT 4.1
Comparación de CobiT 5 con CobiT 4.1Slime Argentina
 
PPT-UEU-Topik-dalam-IT-Resources-Management-13.pptx
PPT-UEU-Topik-dalam-IT-Resources-Management-13.pptxPPT-UEU-Topik-dalam-IT-Resources-Management-13.pptx
PPT-UEU-Topik-dalam-IT-Resources-Management-13.pptxssuserd1791e
 
Cobit5 introduction
Cobit5 introductionCobit5 introduction
Cobit5 introductionsuhaskokate
 
Cobit® 5 Comparação com Cobit® 4
Cobit® 5 Comparação com Cobit® 4Cobit® 5 Comparação com Cobit® 4
Cobit® 5 Comparação com Cobit® 4brunise
 
CoBIT 5 (A brief Description)
CoBIT 5 (A brief Description)CoBIT 5 (A brief Description)
CoBIT 5 (A brief Description)Sam Mandebvu
 
Cobi t 4.1-brochure
Cobi t 4.1-brochureCobi t 4.1-brochure
Cobi t 4.1-brochureDeloitte
 
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500PECB
 
Cobit 4.1 ivooktavianti
Cobit 4.1 ivooktaviantiCobit 4.1 ivooktavianti
Cobit 4.1 ivooktaviantiIvo Oktavianti
 

Similaire à COBIT 2019 Overview (20)

COBIT 2019 Executive Summary_v1.1 .pdf
COBIT 2019 Executive Summary_v1.1 .pdfCOBIT 2019 Executive Summary_v1.1 .pdf
COBIT 2019 Executive Summary_v1.1 .pdf
 
COBIT 2019 - DIGITAL TRUST FRAMEWORK
COBIT 2019 - DIGITAL TRUST FRAMEWORKCOBIT 2019 - DIGITAL TRUST FRAMEWORK
COBIT 2019 - DIGITAL TRUST FRAMEWORK
 
cobit 2019 -current-user - ISACA Publication
cobit 2019 -current-user - ISACA Publicationcobit 2019 -current-user - ISACA Publication
cobit 2019 -current-user - ISACA Publication
 
Comparación de CobiT 5 con CobiT 4.1
Comparación de CobiT 5 con CobiT 4.1Comparación de CobiT 5 con CobiT 4.1
Comparación de CobiT 5 con CobiT 4.1
 
PPT-UEU-Topik-dalam-IT-Resources-Management-13.pptx
PPT-UEU-Topik-dalam-IT-Resources-Management-13.pptxPPT-UEU-Topik-dalam-IT-Resources-Management-13.pptx
PPT-UEU-Topik-dalam-IT-Resources-Management-13.pptx
 
COBIT 5 FAQ
COBIT 5 FAQCOBIT 5 FAQ
COBIT 5 FAQ
 
Cobit5 introduction
Cobit5 introductionCobit5 introduction
Cobit5 introduction
 
Lailatul izzati
Lailatul izzatiLailatul izzati
Lailatul izzati
 
Darmin ritonga 11353205418
Darmin ritonga 11353205418Darmin ritonga 11353205418
Darmin ritonga 11353205418
 
COBIT
COBITCOBIT
COBIT
 
01 intro-cobit
01 intro-cobit01 intro-cobit
01 intro-cobit
 
Co5bit
Co5bitCo5bit
Co5bit
 
Cobit5 compare-with-4.1
Cobit5 compare-with-4.1Cobit5 compare-with-4.1
Cobit5 compare-with-4.1
 
Cobit® 5 Comparação com Cobit® 4
Cobit® 5 Comparação com Cobit® 4Cobit® 5 Comparação com Cobit® 4
Cobit® 5 Comparação com Cobit® 4
 
CoBIT 5 (A brief Description)
CoBIT 5 (A brief Description)CoBIT 5 (A brief Description)
CoBIT 5 (A brief Description)
 
Uas dwi widiastuti
Uas dwi widiastutiUas dwi widiastuti
Uas dwi widiastuti
 
Cobi t 4.1-brochure
Cobi t 4.1-brochureCobi t 4.1-brochure
Cobi t 4.1-brochure
 
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500
 
Cobit 4.1 ivo oktavianti
Cobit 4.1 ivo oktaviantiCobit 4.1 ivo oktavianti
Cobit 4.1 ivo oktavianti
 
Cobit 4.1 ivooktavianti
Cobit 4.1 ivooktaviantiCobit 4.1 ivooktavianti
Cobit 4.1 ivooktavianti
 

Dernier

India Consumer 2024 Redacted Sample Report
India Consumer 2024 Redacted Sample ReportIndia Consumer 2024 Redacted Sample Report
India Consumer 2024 Redacted Sample ReportMintel Group
 
2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis UsageNeil Kimberley
 
APRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfAPRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfRbc Rbcua
 
8447779800, Low rate Call girls in Rohini Delhi NCR
8447779800, Low rate Call girls in Rohini Delhi NCR8447779800, Low rate Call girls in Rohini Delhi NCR
8447779800, Low rate Call girls in Rohini Delhi NCRashishs7044
 
Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...
Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...
Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...ShrutiBose4
 
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCRashishs7044
 
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCRashishs7044
 
Investment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy CheruiyotInvestment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy Cheruiyotictsugar
 
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu MenzaYouth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menzaictsugar
 
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfNewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfKhaled Al Awadi
 
Market Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMarket Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMintel Group
 
Buy gmail accounts.pdf Buy Old Gmail Accounts
Buy gmail accounts.pdf Buy Old Gmail AccountsBuy gmail accounts.pdf Buy Old Gmail Accounts
Buy gmail accounts.pdf Buy Old Gmail AccountsBuy Verified Accounts
 
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfIntro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfpollardmorgan
 
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607dollysharma2066
 
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCRashishs7044
 
International Business Environments and Operations 16th Global Edition test b...
International Business Environments and Operations 16th Global Edition test b...International Business Environments and Operations 16th Global Edition test b...
International Business Environments and Operations 16th Global Edition test b...ssuserf63bd7
 
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCRashishs7044
 
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptxContemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptxMarkAnthonyAurellano
 
Organizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessOrganizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessSeta Wicaksana
 
Kenya’s Coconut Value Chain by Gatsby Africa
Kenya’s Coconut Value Chain by Gatsby AfricaKenya’s Coconut Value Chain by Gatsby Africa
Kenya’s Coconut Value Chain by Gatsby Africaictsugar
 

Dernier (20)

India Consumer 2024 Redacted Sample Report
India Consumer 2024 Redacted Sample ReportIndia Consumer 2024 Redacted Sample Report
India Consumer 2024 Redacted Sample Report
 
2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage
 
APRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfAPRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdf
 
8447779800, Low rate Call girls in Rohini Delhi NCR
8447779800, Low rate Call girls in Rohini Delhi NCR8447779800, Low rate Call girls in Rohini Delhi NCR
8447779800, Low rate Call girls in Rohini Delhi NCR
 
Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...
Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...
Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...
 
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
 
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
 
Investment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy CheruiyotInvestment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy Cheruiyot
 
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu MenzaYouth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
 
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfNewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
 
Market Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMarket Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 Edition
 
Buy gmail accounts.pdf Buy Old Gmail Accounts
Buy gmail accounts.pdf Buy Old Gmail AccountsBuy gmail accounts.pdf Buy Old Gmail Accounts
Buy gmail accounts.pdf Buy Old Gmail Accounts
 
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfIntro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
 
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
 
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
 
International Business Environments and Operations 16th Global Edition test b...
International Business Environments and Operations 16th Global Edition test b...International Business Environments and Operations 16th Global Edition test b...
International Business Environments and Operations 16th Global Edition test b...
 
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
 
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptxContemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
 
Organizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessOrganizational Structure Running A Successful Business
Organizational Structure Running A Successful Business
 
Kenya’s Coconut Value Chain by Gatsby Africa
Kenya’s Coconut Value Chain by Gatsby AfricaKenya’s Coconut Value Chain by Gatsby Africa
Kenya’s Coconut Value Chain by Gatsby Africa
 

COBIT 2019 Overview

  • 1. © 2018 ISACA. All rights reserved. INTRODUCING OVERVIEW November 2018
  • 2. © 2018 ISACA. All rights reserved. COBIT® 2019 The globally recognized COBIT Framework, which helps ensure effective enterprise governance of information and technology, has been updated with new information and guidance, facilitating easier, tailored implementation— strengthening COBIT’s continuing role as an important driver of innovation and business transformation. This document sets the scene for the upcoming release of COBIT® 2019 guidance.
  • 3. © 2018 ISACA. All rights reserved. Remembering John Lainhart • In dedication to John Lainhart, who was there from COBIT day -1 in 1995 until his passing in September 2018. • John was the relentless support behind many COBIT related projects, including COBIT 2019 . • ISACA is extremely grateful for John and his vision, and COBIT 2019 (and its progeny) are his legacy. Picture provided courtesy of Dirk Steuperaert
  • 4. © 2018 ISACA. All rights reserved. OVERVIEW PRODUCT FAMILY ARCHITECHTURE
  • 5. © 2018 ISACA. All rights reserved. OVERVIEW PRODUCT FAMILY The COBIT 2019 product family is open-ended. The following publications will be available in Q4 2018.
  • 6. © 2018 ISACA. All rights reserved. COBIT OVERVIEW COBIT 2019 PRODUCT ARCHITECTURE
  • 7. © 2018 ISACA. All rights reserved. OVERVIEW INTERNAL STAKEHOLDERS Internal Stakeholders Boards Executive management Business Managers IT Managers Assurance Providers Risk Management Helps to ensure the identification and management of all IT-related risk Helps manage dependencies on external service providers, provides assurance over IT, and ensures the existence of an effective and efficient system of internal controls Provides guidance on how best to build and structure the IT department, manage performance of IT, run an efficient and effective IT operation, control IT costs, align IT strategy to business priorities, etc. Provides insights on how to get value from the use of I&T and explains relevant board responsibilities Provides guidance on how to organize and monitor performance of I&T across the enterprise Helps to understand how to obtain the I&T solutions enterprises require and how best to exploit new technology for strategic opportunities
  • 8. © 2018 ISACA. All rights reserved. OVERVIEW EXTERNAL STAKEHOLDERS External Stakeholders Regulators Business Partners IT Vendors IT vendor’s operations must establish that they are secure, reliable and compliant with applicable rules and regulations Determines whether the enterprise is compliant with applicable rules and regulations and advises that the enterprise has the right governance system in place to manage and sustain compliance Confirm that a business partner’s operations are secure, reliable and compliant with applicable rules and regulations
  • 9. © 2018 ISACA. All rights reserved. KEY CONCEPTS KEY CONCEPTS & CONCEPTUAL MODEL
  • 10. © 2018 ISACA. All rights reserved. KEY CONCEPTS OVERVIEW COBIT 2019 CONCEPTS PRINCIPLES GOVERNANCE AND MANAGEMENT OBJECTIVES GOALS CASCADE COMPONENTS OF A GOVERNANCE SYSTEM FOCUS AREAS DESIGN FACTORS
  • 11. © 2018 ISACA. All rights reserved. KEY CONCEPTS PRINCIPLES PRINCIPLES Governance System PRINCIPLES Governance Framework
  • 12. © 2018 ISACA. All rights reserved. KEY CONCEPTS GOVERNANCE SYSTEM PRINCIPLES The six (6) principles are the core requirements for a governance system for enterprise information and technology. 1. Each enterprise needs a governance system to satisfy stakeholder needs and to generate value from the use of I&T. 2. A governance system for enterprise I&T is built from a number of components that can be of different types and that work together in a holistic way. 3. A governance system should be dynamic. This means that each time one or more of the design factors are changed the impact of these changes on the EGIT system must be considered. 4. A governance system should clearly distinguish between governance and management activities and structures. 5. A governance system should be tailored to the enterprise’s needs, using a set of design factors as parameters to customize and prioritize the governance system components. 6. A governance system should cover the enterprise end to end, focusing not only on the IT function but on all technology and information processing the enterprise puts in place to achieve its goals. Reference: COBIT® 2019 Framework: Introduction and Methodology, Chapter 3 COBIT Principles, Figure 3.1
  • 13. © 2018 ISACA. All rights reserved. KEY CONCEPTS GOVERNANCE FRAMEWORK PRINCIPLES The three (3) principles identify the underlying principles for a governance framework that can be used to build a governance system for the enterprise. 1. A governance framework should be based on a conceptual model, identifying the key components and relationships among components, to maximize consistency and allow automation. 2. A governance framework should be open and flexible. It should allow the addition of new content and the ability to address new issues in the most flexible way, while maintaining integrity and consistency. 3. A governance framework should align to relevant major related standards, frameworks and regulations Reference: COBIT® 2019 Framework: Introduction and Methodology, Chapter 3 COBIT Principles, Figure 3.2
  • 14. © 2018 ISACA. All rights reserved. KEY CONCEPTS GOVERNANCE AND MANAGEMENT OBJECTIVES For information and technology to contribute to enterprise goals, a number of governance and management objectives should be achieved. • A governance or management objective always relates to one process and a series of related components of other types to help achieve the objective • A governance objective relates to a governance process, while a management objective relates to a management process.
  • 15. © 2018 ISACA. All rights reserved. KEY CONCEPTS GOVERNANCE AND MANAGEMENT OBJECTIVES Similar to COBIT 5, The governance and management objectives in COBIT® 2019 are grouped into five domains. The domains have names that express the key purpose and areas of activity of the objectives contained in them. EDM Evaluate, Direct and Monitor APO Align, Plan and Organize BAI Build, Acquire and Implement DSS Deliver, Service and Support MEA Monitor, Evaluate and Assess Governance objectives Management objectives
  • 16. Known as the Process Reference Model, or PRM in COBIT 5, COBIT® 2019 identifies this as the COBIT Core Model. Reference: COBIT® 2019 Framework: Introduction and Methodology, Chapter 4 Basic Concepts: Governance Systems and Components, Figure 4.2 Reference: COBIT® 2019 Framework: Introduction and Methodology, Chapter 4 Basic Concepts: Governance Systems and Components, Figure 4.2
  • 17. © 2018 ISACA. All rights reserved. KEY CONCEPTS GOVERNANCE AND MANAGEMENT OBJECTIVES HIGH LEVEL INFORMATION • Domain name • Focus area • Governance or management objective name • Description • Purpose statement GOALS CASCADE • Applicable Alignment goals • Applicable Enterprise goals • Example metrics RELATED COMPONENTS • Processes, practices and activities • Organizational structures • Information flows and items • People, skills and competencies • Policies and frameworks • Culture, ethics and behavior • Services, infrastructure and applications RELATED GUIDANCE • Where applicable links and cross references are provided to other standards and frameworks for each of the governance components within each governance and management objective
  • 18. © 2018 ISACA. All rights reserved. KEY CONCEPTS GOALS CASCADE • Enterprise goals have been consolidated, reduced, updated and clarified. • Alignment goals emphasize the alignment of all IT efforts with business objectives  These were IT-related goals in COBIT 5  The update seeks to avoid the frequent misunderstanding that these goals indicate purely internal objectives of the IT department within an enterprise  Alignment goals have also been consolidated, reduced, updated and clarified where necessary Reference: COBIT® 2019 Framework: Introduction and Methodology, Chapter 4 Basic Concepts: Governance Systems and Components, Figure 4.16
  • 19. © 2018 ISACA. All rights reserved. KEY CONCEPTS COMPONENTS OF A GOVERNANCE SYSTEM • Each enterprise’s governance system is built from a number of components • Components can be of different types • Components interact with each other, resulting in a holistic governance system for I&T • These were known as enablers in COBIT 5 Reference: COBIT® 2019 Framework: Basic Concepts: Governance Systems and Components, Figure 4.3
  • 20. © 2018 ISACA. All rights reserved. KEY CONCEPTS COMPONENTS OF A GOVERNANCE SYSTEM Components can be generic or variants of generic components: • Generic components are described in the COBIT core model  Apply in principle to any situation  However, they are generic in nature and generally need customization before being practically implemented • Variants are based on generic components but  Tailored for a specific purpose or context within a focus area (e.g., for information security, DevOps, a particular regulation) GENERIC COMPONENTS VARIANT COMPONENTS
  • 21. © 2018 ISACA. All rights reserved. KEY CONCEPTS FOCUS AREAS • A Focus Area describes a certain governance topic, domain or issue that can be addressed by a collection of governance and management objectives and their components. • Focus Areas can contain a combination of generic governance components and variants • The number of focus areas is virtually unlimited. That is what makes COBIT open-ended. New focus areas can be added as required or as subject matter experts and practitioners contribute. EXAMPLES OF FOCUS AREAS • Small and medium enterprises • Information Security • Risk • DevOps
  • 22. © 2018 ISACA. All rights reserved. KEY CONCEPTS DESIGN FACTORS Design factors are factors that: • Influence the design of an enterprise’s governance system • Position it for success in the use of I&T • More information and detailed guidance on how to use the design factors for designing a governance system can be found in the COBIT Design Guide publication Reference: COBIT® 2019 Framework: Basic Concepts: Design Factors, Figure 4.4 COBIT 2019 Design Factors
  • 23. © 2018 ISACA. All rights reserved. KEY CONCEPTS DESIGN FACTORS: EXAMPLES Enterprise Strategy • Growth / Acquisition • Innovation / Differentiation • Cost Leadership • Client Service / Stability Threat Landscape • Normal • High Role of IT • Support • Factory • Turnaround • Strategic
  • 24. © 2018 ISACA. All rights reserved. DESIGNING AND IMPLEMENTING A TAILORED GOVERNANCE SYSTEM USING COBIT 2019
  • 25. © 2018 ISACA. All rights reserved. DESIGNING A TAILORED GOVERNANCE SYSTEM IMPACT OF DESIGN FACTORS Design factors influence in different ways the tailoring of the governance system of an enterprise. Design Factor Impact Management Objective Priority & Target Capability Levels Component Variations Specific Focus Areas Reference: COBIT® 2019 Framework: Introduction and Methodology, Chapter 7 Designing a Tailored Governance System, Figure 7.1
  • 26. © 2018 ISACA. All rights reserved. DESIGNING A TAILORED GOVERNANCE SYSTEM IMPACT OF DESIGN FACTORS Management Objective Priority and Target Capability Levels • Design factor influence can make some governance and management objectives more important than others, sometimes to the extent that they become negligible • In practice, this higher importance translates into setting higher target capability levels Design Factor Impact Management Objective Priority & Target Capability Levels Component Variations Specific Focus Areas Reference: COBIT® 2019 Framework: Introduction and Methodology, Chapter 7 Designing a Tailored Governance System, Figure 7.1
  • 27. © 2018 ISACA. All rights reserved. DESIGNING A TAILORED GOVERNANCE SYSTEM IMPACT OF DESIGN FACTORS Component Variations • Components are required to achieve governance and management objectives. Some design factors can influence the importance of one or more components or can require specific variations Design Factor Impact Management Objective Priority & Target Capability Levels Component Variations Specific Focus Areas Reference: COBIT® 2019 Framework: Introduction and Methodology, Chapter 7 Designing a Tailored Governance System, Figure 7.1
  • 28. © 2018 ISACA. All rights reserved. DESIGNING A TAILORED GOVERNANCE SYSTEM IMPACT OF DESIGN FACTORS Specific Focus Areas • Some design factors, such as threat landscape, specific risk, target development methods and infrastructure set-up, will drive the need for variation of the core COBIT model content to a specific context Design Factor Impact Management Objective Priority & Target Capability Levels Component Variations Specific Focus Areas Reference: COBIT® 2019 Framework: Introduction and Methodology, Chapter 7 Designing a Tailored Governance System, Figure 7.1
  • 29. © 2018 ISACA. All rights reserved. DESIGNING A TAILORED GOVERNANCE SYSTEM GOVERNANCE SYSTEM DESIGN WORKFLOW The different stages and steps in the design process will result in recommendations for prioritizing governance and management objectives or related governance system components, for target capability levels, or for adopting specific variants of a governance system component. Reference: COBIT® 2019 Framework: Introduction and Methodology, Chapter 7 Designing a Tailored Governance System, Figure 7.2
  • 30. © 2018 ISACA. All rights reserved. IMPLEMENTING A TAILORED GOVERNANCE SYSTEM The implementation approach is based on empowering business and IT stakeholders and role players to take ownership of IT-related governance and management decisions and activities by facilitating and enabling change. • Implementation guide is a phased approach with three perspectives  Continual Improvement  Program Management  Change Enablement
  • 31. © 2018 ISACA. All rights reserved. IMPLEMENTING A TAILORED GOVERNANCE SYSTEM IMPLEMENTATION The COBIT® 2019 Implementation Guide emphasizes an enterprise-wide view of governance of I&T. It recognizes that I&T are pervasive in enterprises and that it is neither possible nor good practice to separate business and IT-related activities. Reference: COBIT® 2019 Framework: Introduction and Methodology, Chapter 8 Implementing Enterprise Governance of IT, Figure 8.1
  • 32. © 2018 ISACA. All rights reserved. PERFORMANCE MANAGEMENT CAPABILITY & MATURITY
  • 33. © 2018 ISACA. All rights reserved. PERFORMANCE MANAGEMENT OVERVIEW COBIT Performance Management (CPM) refers to how well the governance and management system and all the components of an enterprise work, and how they can be improved up to the required level. It includes concepts and methods such as capability levels and maturity levels. COBIT 2019 is based on the following principles: • Simple to understand and use • Consistent with, and support the COBIT conceptual model • Provide reliable, repeatable and relevant results • Must be flexible • Should support different types of assessments The term “COBIT Performance Management” (CPM) is used to describe these activities, and the concept is an integral part of the COBIT framework.
  • 34. © 2018 ISACA. All rights reserved. PERFORMANCE MANAGEMENT CAPABILITY AND MATURITY • COBIT 2019 supports a CMMI-based process capability scheme • The process within each governance and management objective can operate at capability levels, between 0 to 5 • The capability level is a measure for how well a process is implemented and performing • Each process activity is associated with a capability level Reference: COBIT® 2019 Framework: Introduction and Methodology, Chapter 6 Performance Management in COBIT, Figure 6.2
  • 35. © 2018 ISACA. All rights reserved. PERFORMANCE MANAGEMENT CAPABILITY AND MATURITY • Each process activity is associated with a capability level  Helps users implement processes at a foundational level  Identifies future activities to achieve a higher capability level
  • 36. © 2018 ISACA. All rights reserved. PERFORMANCE MANAGEMENT CAPABILITY AND MATURITY • Sometimes a more high-level for expressing performance is required, less granular than individual process capability ratings: Maturity Levels • We define maturity levels in COBIT 2019 update as a performance measure at the Focus Area level Reference: COBIT® 2019 Framework: Introduction and Methodology, Chapter 6 Performance Management in COBIT, Figure 6.3
  • 37. © 2018 ISACA. All rights reserved. APPENDIX
  • 38. © 2018 ISACA. All rights reserved. ABOUT ISACA Nearing its 50th year, ISACA® (isaca.org) is a global association helping individuals and enterprises achieve the positive potential of technology. Today’s world is powered by technology, and ISACA equips professionals with the knowledge, credentials, education and community to advance their careers and transform their organizations. ISACA leverages the expertise of its 450,000 engaged professionals in information and cyber security, governance, assurance, risk and innovation, as well as its enterprise performance subsidiary, CMMI® Institute, to help advance innovation through technology. ISACA has a presence in 188 countries, including 217 chapters worldwide and offices in both the United States and China.