it governance & cobit 5
Post on 23-Jan-2015
4.495 Views
Preview:
DESCRIPTION
TRANSCRIPT
Dr. Santipat Arunthari Chief Technology officer (CTO)
PTT ICT Solutions
Governance
COBIT 4.1 to COBIT 5.0
How to use COBIT 5.0
Governance is the process of decision-
making and the process by which decisions are implemented (or not implemented) – directed and controlled.
Governance is the process of decision-
making and the process by which decisions are implemented (or not implemented) – directed and controlled.
What
for whom
How
Governance is about meeting strategic objectives (performance) …
Governance is about meeting strategic
objectives (performance) …
◦ Directing the business
◦ Setting strategic aims
Governance is about meeting strategic objectives (performance) …
Governance is about meeting strategic objectives (performance) …
• Programs achieve their intended results, • Resources are used consistent with agency
mission,
Governance is about meeting strategic
objectives (performance) while meeting legal and regulatory, contractual and other obligatory requirements often supported by policies (conformance).
• Programs and resources are
protected from waste, fraud, and mismanagement,
• Laws and regulations are followed, and
Governance is about meeting strategic
objectives (performance) while meeting legal and regulatory, contractual and other obligatory requirements often supported by policies (conformance).
Governance is the process of decision-
making and the process by which decisions are implemented (or not implemented) – directed and controlled.
ITG Best Practices & Standards • COBIT • COSO • ITIL/ISO20000 • ISO 27001 • CMMI • PMBOK/Prince2 • TOGAF • ISO17799
15
Value delivery
Focuses on ensuring the linkage of business and IT plans;
on defining, maintaining and validating the IT value proposition;
and on aligning IT operations with enterprise operations
Is about executing the value proposition throughout the delivery cycle, ensuring
that IT delivers the promised benefits against the strategy, concentrating on
optimising costs and proving the intrinsic value of IT
Is about the optimal investment in, and the proper management of, critical IT
resources: applications, information, infrastructure and people. Key issues
relate to the optimisation of knowledge and infrastructure.
Requires risk awareness by senior corporate officers, a clear understanding of
the enterprise’s appetite for risk, understanding of compliance
requirements, transparency about the significant risks to the enterprise, and
embedding of risk management responsibilities in the organisation
Tracks and monitors strategy implementation, project completion, resource
usage, process performance and service delivery, using, for example,
balanced scorecards that translate strategy into action to achieve goals
measurable beyond conventional accounting
Performance
measurement
Risk management
Resource
management
Strategic
alignment
COBIT 4.1 to COBIT 5.0
Linking Business Goals to IT Goals and Processes
1. New Principles 2. Increased Focus on Enablers 3. New Process Reference
Model 4. New and Modified Processes 5. Practices and Activities 6. Goals and Metrics 7. Inputs and Outputs 8. RACI Charts 9. Process Capability Maturity
Models and Assessments
COBIT 5 helps enterprises to create optimal value from IT by maintaining a balance between realizing benefits and optimizing risk levels and resource use.
1. New Principles 2. Increased Focus on Enablers 3. New Process Reference
Model 4. New and Modified Processes 5. Practices and Activities 6. Goals and Metrics 7. Inputs and Outputs 8. RACI Charts 9. Process Capability Maturity
Models and Assessments
1. New Principles 2. Increased Focus on Enablers 3. New Process Reference
Model 4. New and Modified Processes 5. Practices and Activities 6. Goals and Metrics 7. Inputs and Outputs 8. RACI Charts 9. Process Capability Maturity
Models and Assessments
• APO03 Manage enterprise architecture. • APO04 Manage innovation. • APO05 Manage portfolio. • APO06 Manage budget and costs. • APO08 Manage relationships. • APO13 Manage security.
• BAI05 Manage organizational change
enablement. • BAI08 Manage knowledge. • BAI09 Manage assets.
• DSS05 Manage security service. • DSS06 Manage business process controls.
1. New Principles 2. Increased Focus on Enablers 3. New Process Reference
Model 4. New and Modified Processes 5. Practices and Activities 6. Goals and Metrics 7. Inputs and Outputs 8. RACI Charts 9. Process Capability Maturity
Models and Assessments
1. New Principles 2. Increased Focus on Enablers 3. New Process Reference
Model 4. New and Modified Processes 5. Practices and Activities 6. Goals and Metrics 7. Inputs and Outputs 8. RACI Charts 9. Process Capability Maturity
Models and Assessments
35
Source: COBIT® 5: Enabling Processes, page 31. © 2012 ISACA® All rights reserved.
Source: COBIT® 4.1, page 39. © 2007 IT Governance Institute® All rights reserved.
Financial: • 01 Alignment
of IT and business strategy
56
Santipat Arunthari, Ph.D.
Chief Technology Officer (CTO)
PTT ICT Solutions Company Limited
Energy Complex, Building A, 4th Floor,
555/1 Vibhavadi Rangsit Road
Chatuchak, Bangkok, 10900 Mobile: +66 (0) 8-66173000
"If you are not thinking and acting strategically,
then you are merely following orders and responding to pressure.“
Date: 22/8/2555
top related