Dr. Santipat Arunthari Chief Technology officer (CTO)

PTT ICT Solutions

Governance

COBIT 4.1 to COBIT 5.0

How to use COBIT 5.0

Governance is the process of decision -making and the process by which decisions are implemented (or not implemented) directed and controlled .

Governance is the process of decision -making and the process by which decisions are implemented (or not implemented) directed and controlled .

What

for whom

How

Governance is about meeting strategic objectives ( performance

Governance is about meeting strategic objectives ( performance

Directing the business

Setting strategic aims

Governance is about meeting strategic objectives ( performance

Governance is about meeting strategic objectives ( performance

Programs achieve their intended results , Resources are used consistent with agency mission,

Governance is about meeting strategic objectives (performance ) while meeting legal and regulatory, contractual and other obligatory requirements often supported by policies ( conformance ).

Programs and resources are protected from waste, fraud, and mismanagement, Laws and regulations are followed, and

Governance is about meeting strategic objectives (performance ) while meeting legal and regulatory, contractual and other obligatory requirements often supported by policies ( conformance ).

Governance is the process of decision -making and the process by which decisions are implemented (or not implemented) directed and controlled .

ITG Best Practices & Standards COBIT COSO ITIL/ISO 20000 ISO 27001 CMMI PMBOK/Prince 2 TOGAF ISO17799

15

Value delivery

Focuses on ensuring the linkage of business and IT plans;

on defining, maintaining and validating the IT value proposition;

and on aligning IT operations with enterprise operations

Is about executing the value proposition throughout the delivery cycle, ensuring

that IT delivers the promised benefits against the strategy, concentrating on

optimising costs and proving the intrinsic value of IT

Is about the optimal investment in, and the proper management of, critical IT

resources: applications, information, infrastructure and people. Key issues

relate to the optimisation of knowledge and infrastructure.

Requires risk awareness by senior corporate officers, a clear understanding of

the , understanding of compliance

requirements, transparency about the significant risks to the enterprise, and

embedding of risk management responsibilities in the organisation

Tracks and monitors strategy implementation, project completion, resource

usage, process performance and service delivery, using, for example,

balanced scorecards that translate strategy into action to achieve goals

measurable beyond conventional accounting

Performance

measurement

Risk management

Resource

management

Strategic

alignment

COBIT 4.1 to COBIT 5.0

Linking Business Goals to IT Goals and Processes

1. New Principles 2. Increased Focus on Enablers 3. New Process Reference

Model 4. New and Modified Processes 5. Practices and Activities 6. Goals and Metrics 7. Inputs and Outputs 8. RACI Charts 9. Process Capability Maturity

Models and Assessments

COBIT 5 helps enterprises to create optimal value from IT by maintaining a balance between realizing benefits and optimizing risk levels and resource use .

1. New Principles 2. Increased Focus on Enablers 3. New Process Reference

Model 4. New and Modified Processes 5. Practices and Activities 6. Goals and Metrics 7. Inputs and Outputs 8. RACI Charts 9. Process Capability Maturity

Models and Assessments