Understand the concepts relating to the structure and format of the framework, the drivers and business benefits of using the COBIT 5 framework
To know facts, terms and concepts relating to the Process Capability Model
To understand the Process Capability Model and the basic ISO 15504 concepts
Known facts and terms relating to the COBIT 5 Enablers
Understand that COBIT enables IT to be governed and managed in a holistic manner for the entire enterprise.
To know facts, terms and concepts relating to the Implementation of COBIT 5
Main goal:
Attempt Foundation exam with confidence
Secondary goal:
Benefits and value of IT Governance and COBIT 5
3/12 | 3/246M00 - Course introduction
Please share with the class: Your name and surname Your organization Your profession (title, function, job
responsibilities) Your familiarity with:
Project management
IT management
IT service management (ITSM)
Enterprise architecture Your experience with IT Governance Your personal session expectations
4/12 | 4/246M00 - Course introduction
Foundation Exam
Paper based and closed book exam Only pencil and eraser are allowed Simple multiple (ABCD) choice exam Only one answer is correct 50 questions, pass mark is 25 (50%) No negative points, no “Tricky Questions”
No pre-requisite for Foundation exam
Sample, one (official) mock exam is provided to you
Candidates completing an examination in a language that is not their mother tongue, will receive additional time
6/12 | 6/246M00 - Course introduction
Target Audience
Consultants, IT practitioners, Business managers
Apply the COBIT 5 good practice continual improvement lifecycle approach to GEIT, tailored to suit the needs of a specific enterprise. In particular
Candidates completing an examination in a language that is not their mother tongue, will receive additional time
7/12 | 7/246M00 - Course introduction
Target Audience
Internal and external (Lead) Auditors
Perform a process capability assessment using the Assessor Guide: using COBIT 5
Apply the Process Assessment Model
Identify and assess the roles and responsibilities
Candidates completing an examination in a language that is not their mother tongue, will receive additional time
8/12 | 8/246M00 - Course introduction
COBIT5 main publication is COBIT 5 - A Business Framework for the Governance and Management of Enterprise IT:• ISBN-13: 978-1604202373
COBIT5 syllabus section code and title
OV Overview and Key Features of COBIT 5
PR The COBIT 5 Principles
EN The COBIT 5 Enablers
IM Introduction to COBIT 5 Implementation
PC Process Capability Assessment Model
Syllabus Handbook Page
Module slide number / total module slides
Slide number / total slides
Module number and name
COBIT5handbook page
COBIT5 syllabus section code
9/12 | 9/246M00 - Course introduction
twitter.com/mirodabrowski
linkedin.com/in/miroslawdabrowskigoogle.com/+miroslawdabrowski
miroslaw_dabrowski
www.miroslawdabrowski.com
Mirosław DąbrowskiAgile Coach, Trainer, Consultant(former JEE/PHP developer, UX/UI designer, BA/SA)
Creator Writer / Translator Trainer / Coach
• Creator of 50+ mind maps from PPM and related topics (2mln views): miroslawdabrowski.com
• Lead author of more than 50+ accredited materials from PRINCE2, PRINCE2 Agile, MSP, MoP, P3O, ITIL, M_o_R, MoV, PMP, Scrum, AgilePM, DSDM, CISSP, CISA, CISM, CRISC, CGEIT, TOGAF, COBIT5 etc.
• Creator of 50+ interactive mind maps from PPM topics: mindmeister.com/users/channel/2757050
• Product Owner of biggest Polish project management portal: 4PM: 4pm.pl (15.000+ views each month)
• Editorial Board Member of Official PMI Poland Chapter magazine: “Strefa PMI”: strefapmi.pl
• Official PRINCE2 Agile, AgilePM, ASL2, BiSL methods translator for Polish language
• English speaking, international, independenttrainer and coach from multiple domains.
• Master Lead Trainer• 11+ years in training and coaching / 15.000+ hours• 100+ certifications• 5000+ people trained and coached• 25+ trainers trained and coached
linkedin.com/in/miroslawdabrowski
Agile Coach / Scrum Master PM / IT architect Notable clients
• 8+ years of experience with Agile projects as a Scrum Master, Product Owner and Agile Coach
• Coached 25+ teams from Agile and Scrum• Agile Coach coaching C-level executives • Scrum Master facilitating multiple teams
experienced with UX/UI + Dev teams• Experience multiple Agile methods• Author of AgilePM/DSDM Project Health Check
Questionnaire (PHCQ) audit tool
• Dozens of mobile and ecommerce projects• IT architect experienced in IT projects with budget
above 10mln PLN and timeline of 3+ years• Experienced with (“traditional”) projects under high
security, audit and compliance requirements based on ISO/EIC 27001
• 25+ web portal design and development and mobile application projects with iterative,incremental and adaptive approach
ABB, AGH, Aiton Caldwell, Asseco, Capgemini, Deutsche Bank, Descom, Ericsson, Ericpol, Euler Hermes, General Electric, Glencore, HP Global Business Center, Ideo, Infovide-Matrix, Interia, Kemira, Lufthansa Systems, Media-Satrun Group, Ministry of Defense (Poland), Ministry of Justice (Poland), Nokia Siemens Networks, Oracle, Orange, Polish Air Force, Proama, Roche, Sabre Holdings, Samsung Electronics, Sescom, Scania, Sopra Steria, Sun Microsystems, Tauron Polish Energy, Tieto, University of Wroclaw, UBS Service Centre, Volvo IT…miroslawdabrowski.com/about-me/clients-and-references/
Accreditations/certifications (selected): CISA, CISM, CRISC, CASP, Security+, Project+, Network+, Server+, Approved Trainer: (MoP, MSP, PRINCE2, PRINCE2 Agile, M_o_R, MoV, P3O, ITIL Expert, RESILIA), ASL2, BiSL, Change Management, Facilitation, Managing Benefits, COBIT5, TOGAF 8/9L2, OBASHI, CAPM, PSM I, SDC, SMC, ESMC, SPOC, AEC, DSDM Atern,DSDM Agile Professional, DSDM Agile Trainer-Coach, AgilePM, OCUP Advanced, SCWCD, SCBCD, SCDJWS, SCMAD, ZCE 5.0, ZCE 5.3, MCT, MCP, MCITP, MCSE-S, MCSA-S, MCS, MCSA, ISTQB, IQBBA, REQB, CIW Web Design / Web Development / Web Security Professional, Playing Lean Facilitator, DISC D3 Consultant, SDI Facilitator, Certified Trainer Apollo 13 ITSM Simulation …
12/12 | 12/246M00 - Course introduction
1. Defining IT Governance and COBIT5
2. COBIT 5 principles
3. COBIT 5 enablers
4. The Lifecycle approach
5. COBIT 4.1 differences to COBIT 5
6. COBIT 5 Process Capability Model (PCM)
2/22 | 14/246M01 - Defining IT Governance and COBIT 5
1. The Reasons for the Development of COBIT 52. The History of COBIT 3. The Drivers for developing a Framework4. The Benefits of using COBIT 55. The COBIT 5 Format and product Architecture6. COBIT 5 and Other Frameworks
3/22 | 15/246M01 - Defining IT Governance and COBIT 5
ISACA Board of Directors directive: “Tie together and reinforce all ISACA knowledge
assets with COBIT”
Provide a renewed and authoritative governance and management framework for enterprise information and related technology
Integrate all other major ISACA frameworks and guidance
Align with other major frameworks and standards
© 2
013
ISAC
A. A
ll Ri
ghts
Res
erve
d.
4/22 | 16/246M01 - Defining IT Governance and COBIT 5
Governance of Enterprise IT
COBIT 5
IT Governance
COBIT4.0/4.1
Management
COBIT3
Control
COBIT2
Audit
COBIT1
2005/720001998
Evo
lutio
n
1996 2012
Val IT 2.0(2008)
Risk IT(2009)
BMIS(2010)
© 2
013
ISAC
A. A
ll Ri
ghts
Res
erve
d.
COBIT 5 ties together all ISACA knowledge assets, i.e.• COBIT 4.1• Val IT™• Risk IT• Business Model for
Information Security™ (BMIS™)
• ITAssuranceFramework™ (ITAF™);
• Taking Governance orward (TGF),
• Board Briefing on IT Governance, 2nd Edition.
5/22 | 17/246M01 - Defining IT Governance and COBIT 5
Provide guidance in: Enterprise architecture Asset and service management Emerging sourcing and organization
models Innovation and emerging
technologies
End to end business and IT responsibilities
Controls for user-initiated and user-controlled IT solutions
A need for the enterprise to: Achieve increased value creation Obtain business user satisfaction Achieve compliance with relevant
laws, regulations and policies Improve the relation between
business and IT Increase the return of governance
over enterprise IT Connect and align with other major
frameworks and standards
© 2
013
ISAC
A. A
ll Ri
ghts
Res
erve
d.
6/22 | 18/246M01 - Defining IT Governance and COBIT 5
Information is the business currency of the 21st Century
Information has a life cycle: it is created, used, retained, disclosed and destroyed
Technology plays a key role in these actions
Technology is becoming pervasive in all aspects of business and personal life
Every form of enterprise needs to be able to rely on quality information to support quality executive decisions!
© 2
013
ISAC
A. A
ll Ri
ghts
Res
erve
d.
7/22 | 19/246M01 - Defining IT Governance and COBIT 5
Not simply IT; not only for big business! COBIT 5 is about governing and managing information
Whatever medium is used
End to end throughout the enterprise Information is equally important to:
Global, multinational business
National and local government
Charities and not for profit enterprises
Small to medium enterprises
Clubs and associations
© 2
013
ISAC
A. A
ll Ri
ghts
Res
erve
d.
8/22 | 20/246M01 - Defining IT Governance and COBIT 5
Enterprises and their executives strive to:
Maintain quality information to support business decisions
Generate business value from IT-enabled investments, i.e., achieve strategic goals and realise business benefits through effective and innovative use of IT
Achieve operational excellence through reliable and efficient application of technology
Maintain IT-related risk at an acceptable level Optimise the cost of IT services and technology
© 2
013
ISAC
A. A
ll Ri
ghts
Res
erve
d.
9/22 | 21/246M01 - Defining IT Governance and COBIT 5
Delivering enterprise stakeholder value requires good governance and management of information and technology (IT) assets
Enterprise boards, executives and management have to embrace IT like any other significant part of the business
External legal, regulatory and contractual compliance requirements related to enterprise use of information and technology are increasing, threatening value if breached
COBIT 5 provides a comprehensive framework that assists enterprises to achieve their goals and deliver value through effective governance and management of enterprise IT
© 2
013
ISAC
A. A
ll Ri
ghts
Res
erve
d.
10/22 | 22/246M01 - Defining IT Governance and COBIT 5
Enterprises are under constant pressure to: Increase benefits realization through effective and innovative use of enterprise
IT: Generate business value from new enterprise investments with a supporting IT
investment
Achieve operational excellence through application of technology
Maintain IT related risk at an acceptable level Contain cost of IT services and technology Ensure business and IT collaboration, leading to business user satisfaction with
IT engagement and services Comply with ever increasing relevant laws, regulations and policies
© 2
013
ISAC
A. A
ll Ri
ghts
Res
erve
d.
11/22 | 23/246M01 - Defining IT Governance and COBIT 5
COBIT 5 is initially in 3 volumes: COBIT 5: A Business Framework for
the Governance and Management of Enterprise IT
COBIT 5: Enabling Processes COBIT 5: Implementation
Several guides acts as extension COBIT 5: for Information Security COBIT 5: for Risk
Simplified: COBIT 5 directly addresses the
needs of the viewer from different perspectives.
Development continues with specific practitioner guides
COBIT 5 is based on: 5 principles 7 enablers
© 2
013
ISAC
A. A
ll Ri
ghts
Res
erve
d.
12/22 | 24/246M01 - Defining IT Governance and COBIT 5
COBIT
ISO 9000ISO/EIC 27002
ITIL
COSO
WHAT HOW
SCOPE OF COVERAGE
© 2
013
ISAC
A. A
ll Ri
ghts
Res
erve
d.
14/22 | 26/246M01 - Defining IT Governance and COBIT 5
PERFORMANCE: Business Goals
CONFORMANCEBasel III, Sarbanes-
Oxley Act, etc.
Enterprise Governance
IT Governance
ISO 9001:2000
ISO/EIC27002
ISO/EIC 20000Best Practice Standards
QAProceduresProcesses and Procedures
Drivers
COSO
Security Principles
ITIL
Balanced Scorecard
© 2
013
ISAC
A. A
ll Ri
ghts
Res
erve
d.
15/22 | 27/246M01 - Defining IT Governance and COBIT 5
ISO/IEC 38500:
ISO’s 6 principles map to COBIT 5 (appendix E).
ITIL - the following 5 areas and domains are covered by ITIL:
A subset of process in the DSS and BAI domain Some process in the APO domain
ISO/IEC 27000:
Security and IT-related processes in domains EDM, APO and DSS
Some monitoring of security monitoring activities in MEA
ISO/IEC 31000:
Risk management related activities in EDM and APO
© 2
013
ISAC
A. A
ll Ri
ghts
Res
erve
d.
17/22 | 29/246M01 - Defining IT Governance and COBIT 5
TOGAF (The Open Group Architecture Framework):
Resource-related processes in EDM TOGAF components of the architecture board and
governance areas Enterprise architecture processes of APO
PRINCE2:
Project management processes in the BAI domain Portfolio related processes in the APO domain
CMMI:
Some organisational and quality-related processes in the APO domain
Application - building and acquisition related processes in BAI
© 2
013
ISAC
A. A
ll Ri
ghts
Res
erve
d.
18/22 | 30/246M01 - Defining IT Governance and COBIT 5
Defines the starting point of governance and management activities with the stakeholder needs related to enterprise IT
Creates a more holistic, integrated and complete view of enterprise governance and management of IT that is consistent, provides an end-to-end view on all IT-related matters and provides a holistic view
Creates a common language between IT and business for the enterprise governance and management of IT
Is consistent with generally accepted corporate governance standards, and thus helps to meet regulatory requirements ©
201
3 IS
ACA.
All
Righ
ts R
eser
ved.
19/22 | 31/246M01 - Defining IT Governance and COBIT 5
COBIT 5 Scope
Benefits
Enterprise Benefits
Stakeholder Value
The COBIT 5 Volumes
COBIT 5 Product Family
COBIT 5 Mapping
COBIT and Other IT Governance Frameworks
20/22 | 32/246M01 - Defining IT Governance and COBIT 5
Top Related