Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Addressing
Optimizing I&T
COBIT 5
Governance
limitations
COBIT
2019
Enterprise
Business/IT
Governance of Value Creation
Alignment
I&T
Addressing
Optimizing I&T
STAYING RELEVANT IN A CHANGED ENVIRONMENT Governance
COBIT
COBIT5
imperfections
2019
Addressing
BUILDING ON COBIT STRENGTHS AND IDENTIFYING OPPORTUNITIES Optimizing I&T
Governance
COBIT
COBIT5
imperfections
2019
STRENGTHS
• COBIT is a unique overarching IT Governance framework
• COBIT process guidance has matured and has reached its best quality level yet
• COBIT’s business perspective on IT brings a unique opportunity to further expand
its impact
OPPORTUNITIES
• The current (target) audience for COBIT is still very much IT- and Assurance
oriented
• There is an opportunity to re-discover or re-launch some of COBIT hidden gems
• More prescriptive implementation guidance such as incorporating specific design
factors
Benefits
Fundamentally, EGIT is concerned with Realization
value delivery from digital transformation
and the mitigation of business risk that
results from digital transformation.
Risk
Optimization
More specifically, three main outcomes
can be expected after successful
adoption of EGIT.
Resource
Optimization
Internal
Stakeholders
Helps manage dependencies on
external service providers,
provides assurance over IT, and
Assurance Business Helps to understand how to obtain
ensures the existence of an Providers Managers
effective and efficient system of the I&T solutions enterprises
internal controls require and how best to exploit
new technology for strategic
IT Managers opportunities
Provides guidance on how best to build and
structure the IT department, manage
performance of IT, run an efficient and effective
IT operation, control IT costs, align IT strategy
to business priorities, etc.
© 2018 ISACA. All rights reserved.
Determines whether the enterprise is
OVERVIEW compliant with applicable rules and
EXTERNAL STAKEHOLDERS regulations and advises that the enterprise
has the right governance system in place to
manage and sustain compliance
Regulators
External
Stakeholders
IT vendor’s operations must
Confirm that a business
establish that they are secure,
partner’s operations are
reliable and compliant with
Business secure, reliable and compliant
applicable rules and regulations IT Vendors
Partners with applicable rules and
regulations
PRINCIPLES
GOVERNANCE
DESIGN &
FACTORS MANAGEMENT
OBJECTIVES
COBIT 2019
CONCEPTS
FOCUS GOALS
AREAS CASCADE
COMPONENTS
OF A
GOVERNANCE
SYSTEM
PRINCIPLES PRINCIPLES
Governance System Governance Framework
Similar to COBIT 5, The governance and management objectives in COBIT® 2019 are grouped
into five domains. The domains have names that express the key purpose and areas of activity of
the objectives contained in them.
Governance
Management objectives
objectives
Reference:COBIT®
Reference: COBIT®2019
2019Framework:
Framework:Introduction
Introductionand
andMethodology,
Methodology,Chapter
Chapter4 4Basic
BasicConcepts:
Concepts:Governance
GovernanceSystems
Systems andComponents,
and Components,Figure
Figure4.2
4.2
KEY CONCEPTS
GOVERNANCE AND MANAGEMENT OBJECTIVES
publication
• Growth/Acquisition
Enterprise • Innovation/Differentiation
Strategy • Cost Leadership
• Client Service/Stability
Threat • Normal
Landscape • High
• Support
• Factory
Role of IT • Turnaround
• Strategic
Specific Component
Focus Areas Variations
Specific Component
Focus Areas Variations
Specific Component
Focus Areas Variations
COBIT 2019
COBIT 2019 COBIT 2019 COBIT 2019
DESIGN GUIDE IMPLEMENTATION
FRAMEWORK FRAMEWORK
Designing Your GUIDE
COBIT Introduction & COBIT Governance & Implementing and Optimizing Your
Methodology Information &
Management Objectives Technology Governance Information & Technology
Governance System
System
• The generic enabler model has been removed from the Framework
▪ Similar structures will still be part of the COBIT conceptual model, but will
remain hidden and hence make COBIT look less complex
• The detailed ‘Enabler Guidance’ has also been removed, further
simplifying COBIT
• Process Goals have been removed
• Their role is taken over by the process practice statements
• The COBIT 5 PAM and the ISO15504 (now ISO33000) based
process capability assessment model have been replaced by a
CMMI inspired capability model.
• Note: those who want to keep using that model can do so, but there is no
separate PAM publication provided with COBIT 2019