ICT Frameworks (Cobit5)

Assignment 2

Objectives:

  • Cobit5
  • History
  • Principles of Cobit5
  • Enablers
  • enabling process
  • benifits
  • Group Activities
  • references

Cobit 5

It is a governance and management framework for information and related technology, It is developed by ISACA and is majorly on the terms of IT Corporate Governance. For Organizations to acheive IT governance and management goals COBIT provides a comprehensive framework.

History of Cobit:

It was initially developed for audit purposes, later on several modules were added and updated to adapt by other services. Below is the chart explaining different modules which the version has concentrated on.

Currently, we are using COBIT 5 which primarily focuses on governance of enterprise IT.

Principles of COBIT

The COBIT 5 is supported on five fundamental principles:

  1. Meet the needs of stakeholders – Understanding the business needs and objectives that needs to be fulfilled. Translate the enterprise goals in to IT relevant goals to align IT with Business. Stakeholders can be both internal and external
  2. cover the entire organization – End to end coverage of enterprise, not restricted to IT wing alone , it considers information and relevant content as an asset that needs to be dealt with any other asset by everyone in the organization. Organization should work as an Unit rather than dissembled system.
  3. Apply a single integrated IT governance and management model to the organization- It can integrate and align with other frameworks and best practices. It has the flexibility to adjust and overarching other frameworks.
  4. Allow a holistic approach- defines set of enablers(policies,culture, structures of organization) to support implementation of governance and management policies by considering interacting components.
  5. Distinguish governance from management: Governance is to achieve stakeholders need by monitoring the performance and setting of goal. It is taken care by board of directors. Management is where we plan , build, run and monitor enterprise activities with aligning to governance body. It is taken care by CEO’s and executive management.

Enterprise enablers:

Efficient and effective IT governance and management requires a holistic approach that must take into account its various components. Based on this principle, COBIT 5 defines a set of seven categories of enablers . Enablers are factors that, individually or together, influence whether something will work, in this case the corporate governance and management of IT.

Image result for cobit enablers

The category Principles, Policies and Models are means for explaining desired behavior with practical guidelines for daily management. Processes describe a set of practices and activities to achieve certain goals that produce results to achieve those goals. Processes and activities are understood as elements that contain all the information about how, when and who makes the work flow . Organizational Structures are the decision-making entities of the organization. In the category of Culture, Ethics and Behavior are factors related to people.

The Information includes the information produced and used by the organization; At the operational level, information alone is often the main product. Services, Infrastructures and Applications are the factors that provide the organization with IT technology and services. The People, Skills, and Competencies category are people-associated resources and are essential for successful activities and proper decision making.

These last three categories of enablers are the organization’s IT resources or capabilities that must be managed and governed in a systemic and integrated manner with the other enablers. Effective management and utilization of these resources in conjunction with other practices leads to the creation of IT value, that is, each enabler needs information from others to become effective. For example, processes need information and organizational structures for skills and behaviors to be properly implemented.

The below video clearly explains the principles and enablers in layman terms

Enabling processes

COBIT has distributed the entire process in to two governance and management .Below diagram illustrate the modules covered in each.

Evaluate , direct and Monitor – are parts of governance where objectives are evaluated based on stakeholders needs , options and conditions. This sets direction of how they can be acheived and monitor the progress , performance and compliance of the objective.

Align ,plan and organize – how to align IT services to business goals and objectives. It works on how to obtain optimal results by using IT services as well.

Build, Acquire and Implement- Identification of IT requirements, acquiring required technology and implementing it with company’s business processes.

Deliver, service and support – It covers how the services needs to be delivered to business. How applications needs to be deployed in IT System and holding of support processes for efficient performance of these systems.

Monitor, Evaluate and Assess -monitor whether the companies goals are met, Evaluate the performance of the IT system and assess for improving the effectiveness of IT system.

Benifits of using Cobit 5

  • Accepted globally as a set of tools that ensures IT is working effectively
  • Functions as an overarching framework
  • Provides common language to communicate goals, objectives and expected results to all stakeholders
  • Based on, and integrates, industry standards and good practices in: –Strategic alignment of IT with business goals –Value delivery of services and new projects –Risk management –Resource management Performance measurement

Group Activities:

COBIT seems like a big module with lots of content in it. It has general terms of business but lot of components to deal with. Basil, mahesh and me worked on understanding the framework and a small brainstorming exercise was done .

Later we tried implementing with the technology and it was quite confusing. We tried to pick few processes and enablers to assist the COBIT process.

Since we were struck with project there wasn’t much time we could allocate with NET701 unfortunately and since it’s more research and irrelevant to course these doesn’t excite team much.

Reference:

Bernard, P. (2012). COBIT® 5-A management guide. Van Haren.

Pereira, C., & Ferreira, C. (2015). Identification of IT value management practices and resources in COBIT 5 / Identification of IT value management practices and resources in COBIT 5. Iberian Journal of Information Systems and Technologies, (15), 17-33. Retrieved from https://search-proquest-com.nmit.idm.oclc.org/docview/1707142482?accountid=40261

Mangalaraj, G., Singh, A., & Taneja, A. (2014). IT governance frameworks and COBIT-a literature review.

http://www.qualified-audit-partners.be/index.php?cont=463&lgn=3

Leave a comment