IT and it’s Implementation..

Some of the Exciting, Notable

And Sometimes Confusing
Common Phrases and
Challenging (or Alien) Terms
Generally We Come Across
IT projects fail to Restrictions in IT
deliver what they – Hurdle in IT is not Available
promised business strategy

%of critical Enough people,

business Control cost of IT skill levels and
processes performances

IT projects fail to
Assurance over IT Information is
deliver what they
secured promised

Restrictions in IT %of critical

– Hurdle in IT is not available business
business strategy processes
 Efficient and User satisfaction
resilient IT Value from IT Levels and quality
operation of IT Services

Are we exploiting
Structure my IT Management of
new
Dependency on outsourcing
technologies for
external providers agreements
new strategic
opportunities

Enough people,
Control cost of IT skill levels and Assurance over IT
performances

Information is
secured
These are Some Common Concerns About

Management & Governance

of
IT and Related Technologies
 So..?

So What …
There is a Solution
If You’re looking forward for the
Solution…then Refer

Control Objectives for Information &

Related Technologies
 COBIT Is a
Business Framework
for the
Governance & Management
of
Enterprise IT
Generates Optimal Value from IT By

Resource
Optimization

Risk
Optimization

Benefit
Realization
 Based on

Key Principles
Meeting Stakeholders
Needs
Covering Enterprise End to End
 Applying a Single
Integrated Framework
Enabling a Holistic Approach
Separating Management
From Governance
No ..
 COBIT 5
Principles

Meeting Covering Applying a Separating

Enabling a Holistic
Stakeholder Enterprise End to Single Management
Approach
s Needs End Integrated From Governance
Framework

Goals Cascade Governanc Framewor Enablers Governance &

e k
Enablers Integrator Management

Governanc Interconnecte COBIT 5 Process

e Scope d Enablers Reference Model

Roles, Activities Enabler

and Relationships Dimensions

Enabler’s
Performance
Managemen
t
So…

• Meeting Stakeholders Needs

1

And 2
• Covering Enterprise End to End

We Have We Have 5 Principles • Applying a Single Integrated

Challenges that Gives the 3 Framework

Solution • Enabling a Holistic Approach

4

• Separating Management From

5 Governance
 Principle 1
Meeting Stakeholder’s Need
Stakeholder’s Need - Fear of Unknown
• What stakeholder needs?
• Governance Objectives?
• Enterprise Goals?
• IT Goals?
• Can I relate these goals with Governance Objectives?
• Relation Between Enterprise Goals and IT Goals
• Relation Between IT Goals and Process (or any
Enablers' Goal)
• Relation Between Stakeholders Needs and Enterprise
Goals
 What stakeholder needs?
COBIT 5 Provides Generic S/H Needs Statements e.g.
Governance Objectives?
COBIT 5 Provides 3 Standard
Governance Objectives
 Enterprise Goals?
COBIT 5 Provides 17 Generic Enterprise Goals
and their relationship with
Governance Objectives
 IT Goals?
COBIT 5 Provides 17 Generic IT Goals
 Relation Between Enterprise Goals and IT Goals
COBIT 5 Provides Mapping of Enterprise and IT
Goals
 Hence with COBIT 5
• We can write an statement of Stakeholder’s Need
from a give list of generic Stakeholder's Goals

• These Statements can be mapped with Selected

Enterprise Goals

• Enterprise Goals Can be than Mapped with Selected IT

Goals

• Subsequently, Enabler Goals (e.g. Processes) can be

derived from the Selected IT Goals
This will Result in
 COBIT 5 Principles
• Meeting Stakeholders Needs
• Covering Enterprise End to End
• Applying a Single Integrated Framework
• Enabling a Holistic Approach
• Separating Management From Governance
 Covering Enterprise End to End
Means…
Seamless Integration of
Enterprise
Governance With
Enterprise IT
Governance
i.e. covering all internal and external IT Services & business processes
of the Enterprise
Seamless Integration of
Enterprise Governance
With
Enterprise IT Governance
Means Managed flow of

Information
COBIT 5 Treats Information as
One of the Enabler
 Information – An Enabler
• The COBIT 5 Allows every stakeholder to
define their requirement for information
and the information processing life cycle.
• Hence, connecting business and its need
for adequate information and IT function
in term supporting the business and
context focus.
The Approach of the Governance is
Along with Governance Objectives,
the COBIT 5 Provides
• Frameworks
Governance Enablers • Principles
• Structures
organizational resources • Processes & practices
• Service Capabilities (IT Infrastructure,
for governance such as applications etc.)
• people and Information

Governance Scope • Enterprise, an entity or an asset

• Who is involved in governance

Governance of Roles, • how they are involved
Activities and • What they do and
Relationships • How they interact within the scope
of any governance system.
 COBIT 5 Principles

• Meeting Stakeholders Needs

• Covering Enterprise End to End
• Applying a Single Integrated Framework
• Enabling a Holistic Approach
• Separating Management From Governance
Means What ?
There are Many Recommended
Standards, Frameworks
and
Best Practices
Available in the Market
 COBIT 5
Aligns with Latest Relevant
Standards and Frameworks
and hence
can be Used as
The Primary or Umbrella
Framework
For
Integrating
Various Governance and Management
Frameworks
 COBIT 5 Principles
• Meeting Stakeholders Needs
• Covering Enterprise End to End
• Applying a Single Integrated Framework
• Enabling a Holistic Approach
• Separating Management From Governance
Enabling Holistic Approach Means
Govern and Manage IT
on
Enterprise Level

While Considering

Full end-to-end Business and IT

Functional Areas
+
IT Related Interests of All
Stakeholders
(Internal and External)
COBIT 5 Achieve it By Means of

Enterprise Wide

Enablers
 Enablers are factors that,
Individually and/or Collectively

influence
whether

Something will work

In our case it is
Governance and Management
of
Enterprise IT
Enablers are Driven by
the Goals Cascade.
Higher Level IT
related goals
define what the
different enablers
should achieve.
* Appendix and Other references are provided here from COBIT 5 reference.
 COBIT 5 Describes
7
Different Categories
of
Enablers
An Enterprise Must Consider
Interconnected Enablers
For Achieving
Systematic
Governance and
Management
 An Enabler Needs the i/p from other
enabler to be fully effective i.e. process
need info, organizational structure needs
skill and behavior

An Enabler Delivers o/p for the benefit of other

enabler i.e. process deliver info, skill and
behavior make process sufficient
 So..
• When dealing with governance and
management of enterprise IT, good
decisions can be taken only when this
systematic nature of governance and
management is taken into account.
• It means to deal with any stakeholder’s
need, all interrelated enablers have to
be analyzed for relevance and
addressed if required.
Challenges With the Enablers

Is there a How to allow an

How to Facilitate
Common, Simple entity to manage
successful
and Structured its complex
outcome of the
way to deal with interactions?
enablers?
enablers?
 For this, in COBIT
All Enablers share
a set of
Common Dimensions
 This Set of Common Dimensions
• Provides a common, simple and structured
way to deal with enablers
• Allow an entity to manage its complex
interactions
• Facilitate successful outcome of the
enablers
 Deals with Functioning of Enablers
Deals with Actual Outcome of the Indicator
 Enabler Example

Principles, Policies and Frameworks

Enabler Example

Process
Example: Enabler –Process
Just for Reference
 COBIT 5 Principles
• Meeting Stakeholders Needs
• Covering Enterprise End to End
• Applying a Single Integrated Framework
• Enabling a Holistic Approach
• Separating Management From Governance
 Governance and Management

Two Disciplines

Encompasses Different Types of Activities,

Require Different Organizational Structures and
Serve Different Purposes.
COBIT 5 Makes Clear Distinction
Between Governance and
Management
 Governance
• Ensures that Stakeholder’s needs,
conditions and options are evaluated
to determine balanced, agreed-on-
enterprise objectives to be achieved
• Sets directions through
prioritization and decision making
• And monitors performance and
compliance against agreed on
direction and objectives.
 Management
Plans, builds, runs and monitor activities
in alignment with the direction set by the
governance body to achieve enterprise
objectives
 COBIT 5 Recommends
that an Enterprise must Implement

Governance and Management Processes

Such that
all the Key Areas are Covered
Key Areas of Governance and Management
 COBIT Provides

Process Reference Model

To
Clearly Identify and Segregate
Key Areas
in these Domains
 COBIT 5
Process Reference Model
 Defines and Describes (in
detail) a Number of
Governance and
Management Processes

Represents all of the Processes

Normally found in an Enterprise
Relating to IT Activities
Process Reference Model Also
• Provides a common reference model
understandable to operational IT and
business managers.
• A complete, comprehensive model,
but it is not the only possible process
model
• Allows an enterprise to define its own
process set based on its structure and
work culture
 ?
Advantages of the Process Model
Incorporating an operational model and a
common language for all parts of the
enterprise involved in IT activities is one
of the most important and critical steps
towards good governance
The Process Model Framework

• Can be a critical tool in measuring and

monitoring IT performance and Providing
IT assurance
• Can help in establishing effective
Communication with service providers
and
• Helps in Integrating best management
practices.
 The Process Reference Model
Divides the
Governance and Management Processes
of Enterprise IT
into

2
Main
Process Domains
 Governance Domain
Contains Five Governance Processes

Within each process

Evaluate, Direct and Monitor (EDM)
Practices are defined
 Management Domain
Contains four domains
These domains are in line with the
responsibility areas of
Plan, Build, Run and Monitor (PBRM)
and
Hence provides end-to-end coverage of
IT.
The names of the domains are chosen in
line with these main area designations,
but contain more verbs to describe them:

– Align, Plan and Organise (APO)

– Build, Acquire and Implement (BAI)
– Deliver, Service and Support (DSS)
– Monitor, Evaluate and Assess (MEA)
• Each domain contain
number of processes

• Most of these processes require

planning, Implementation, execution
and monitoring activities
 In total
COBIT 5 Provide
a set of

37
Governance and Management
Processes
The details of all processes, according
to the process model are included in
“COBIT 5: Enabling Processes”