"integrating itil and cobit 5 to optimize it process and service

"Integrating ITIL and COBIT 5 to Optimize IT Process and Service Delivery"

Michalis Samiotakis, ISACA Athens Chapter

Athens, Greece, April 19, 2013

6th itSMF South East Europe Conference

2

Agenda

• Who we are

• Setting the scene – IT Challenges

• COBIT, ITIL Overview

• Integrating COBIT 5 & ITIL

• Conclusions

3

ISACA got its start in 1967 100,000th CISA Certification in the Credential’s 35th Year CRISC Certification Wins Best Professional Certification Award from

SC Magazine (27/2/2013)

About ISACA International

“As an independent, nonprofit, global association, ISACA is a leading provider of knowledge, certifications, community, advocacy and education on information systems assurance, control and security, enterprise governance of IT, and IT-related risk and compliance”

4

About ISACA Athens Chapter

• Founded in 1994

• Currently 410 members (70% growth since June 2008)

• Certified: CISA: 198, CISM: 80, CRISC: 53, CGEIT: 27

Distinctions:

2012 K. Wayne Snipes Award for the Best Large Chapter in Europe / Africa (as in 2009)

2011 award for Best Newsletter of Large Chapters Worldwide

5

Associations

6

Academic Advocates & Universities Synergies

Setting the Scene

Reported on Wednesday 10 April 2013:

“New UK financial regulator, the Financial Conduct Authority (FCA), is to probe an IT failure at Royal Bank of Scotland that also affected customers at NatWest and Ulster Bank in June and July 2012”.

The glitch in the CA7 batch process scheduler ended with 12 million customer accounts being frozen, leaving them unable to access funds for at least a week while RBS, NatWest and the Ulster Bank manually updated all the account balances.

Poor IT Governance can cause..

In a letter to Andrew Tyrie MP, chairman of the Treasury Select Committee, RBS CEO Stephen Hester attributed blame to "maintenance on systems, which are managed and operated by our team in Edinburgh, which caused an error in our batch scheduler."

• Agility – Rapid reaction to new challenges and opportunities (e.g. Mergers and Acquisitions with an IT impact are occurring)

• Improvement of IT Service Delivery

• New emerging trends, BYOD: Data Leakage concerns

• Emergence of Cloud Computing: Risk and Security Concerns over business benefits

• Compliance with Regulatory / Statutory frameworks pressures

• Increasing Security Breaches and Privacy Violations are of concern

• Minimize IT Costs, maximize business benefits

• Justify Investments, IT cost-control initiatives are desired.

• IT alignment with Business Strategy and Business objectives

IT Challenges

• COBIT 5 provides a comprehensive framework that assists enterprises to achieve their goals and deliver value through effective governance and management of enterprise IT.

• COBIT 5 helps enterprises to create optimal value from IT by maintaining a balance between realising benefits and optimising risk levels and resource use.

COBIT, ITIL Overview

© 2012 ISACA. All rights reserved. 10

• ITIL provides a consistent, and coherent framework of best practices for ITSM and related processes, which promotes a quality approach for achieving business effectiveness and efficiency in the use of Information Systems.

COBIT 5 Principles and Enablers

Source: COBIT® 5, figure 16. © 2012 ISACA® All rights reserved.

“COBIT 5 brings together the five principles that allow the enterprise to build an effective governance and management framework based on a holistic set of seven enablers that optimises information and technology investment and minimise IT-related risks.”

COBIT 5 Process Reference Model

Source: COBIT® 5, figure 16. © 2012 ISACA® All rights reserved.

ITIL Service Lifecycle Governance and Operational Elements

Source: ITIL V3, Official Introduction to the ITIL Service Lifecycle, figure 10.2 produced by OGC. Reprinted with permission from OGC.

ITIL v3 - COBIT 5 Mapping

Combination of ITIL and COBIT

• COBIT and ITIL provide an integrated, top-to-bottom approach to IT governance and service management from a “business perspective”.

• When used together, the power of both approaches is amplified, with a greater likelihood of management support and direction, and a more cost-effective use of implementation resources.

16

COBIT 5 Educational Courses

Instructors COBIT Foundation

When & how All members

Non members CPEs

Next levels

COBIT 5 accredited Trainers Can sit exam 1st group est. in May-June At cost, est. €50 Please subscribe est. ~18 Info after Q2 2013

New Studies / Publications

Thanks for you attention!

Michalis Samiotakis ISACA Athens Chapter

Michalis.Samiotakis@gr.pwc.com

www.isaca.gr info@isaca.gr