For COBIT 5 Foundation Exam v1.1.pdf

For COBIT 5 Foundation Exam Governance of Enterprise IT(GEIT) Governance Objective: Value Creation from Benefits Realisation + Risk Optimisation + Resource Optimisation Goals Cascade: Stakeholder Drivers (Environment, Technology Evolution, …) -> Stakeholder Needs ->Enterprise Goals -> -> IT-related Goals -> Enabler Goals COBIT 5 Enterprise Goals: BSC Dimension (Financial, Customer, Internal, Learning and Growth) Internal Stakeholders: External Stakeholders: Business Partners, Suppliers, Shareholders, Board, Cxx, Business executives, Managers, Internal audit, users, … Regulators/Government, External users, Customers, Standardisation organisations, External auditors, Consultants, …

5 Principles of COBIT5 1. 2. 3. 4.

Meeting stakeholder needs Covering the Enterprise end-to-end Applying a Single Integrated Framework Enabling a Holistic Approach (7 Enablers) 5. Separating governance from management DIKW Data – Information - Knowledge –- Wisdom (Value)

Information Enabler Intrinsic quality: Accuracy, Objectivity, Believability, Reputation Contextual and representational quality Relevancy, Completeness, Currency, Appropriate amount of information, Concise representation, Consistent representation Interpretability, Understandability, Ease of manipulate Security/accessibility quality Availability/timeliness, Restricted access Information layers:  Physical world (carrier/media), Empiric (user interface), Syntactic (code/language), Semantic (meaning), Pragmatic (use), Social world (e.g. contracts, law, culture)

7 Enablers of COBIT5

Enabler Dimensions

1. Principles, policies and frameworks 2. Processes 3. Organisational structures 4. Culture, ethics and behaviours 5. Information 6. Service, infrastructure and applications 7. People skills and competencies

Stakeholders  Internal / External Goals (Expected outcome of enabler; Application or operation of the enabler itself):  Intrinsic Quality - Enablers work accurately,

Enabler Performance Management Metrics for Achievement of Goals (Lag indicator)  Are stakeholders needs addressed?  Are enabler goals achieved? Metrics for Application of Practice (Lead Indicators):  Is life cycle managed?  Are good practices applied?

Process Reference Model

 Monitor, Evaluate & Assess (MEA) – 3pr. Plan – Build – Run - Monitor

 Accessibility& Security (of enablers + outcomes) Life Cycle  Plan  Design  Build/Acquire/Create/Implement  Use/Operate  Evaluate/Monitor  Update/Dispose Good Practices  Practices  Work Products (Inputs/Outputs)

Information for Business (COBIT 4.1)

Good Policy Effective, Efficient, Non-intrusive

5 Domains: 37 Processes Governance  Evaluate, Direct & Monitor (EDM) – 5pr. Management  Align, Plan & Organise (APO) – strategic – 13pr.  Build, Acquire & Implement (BAI) – tactical – 10pr.  Deliver, Service & Support (DSS)operational – 6pr.

objectively and provide accurate, objective and reputable results  Contextual Quality (Relevant, complete, current, appropriate, consistent, understandable and easy to use)

1.Effectiveness 2.Efficiency 3.Confidentiality 4.Integrity

COBIT 4.1 Maturity Model

COBIT 5 Process Capability Model 5

Optimising

4

Predictable

3

Established

2

Managed

PA5.1 PA5.2 PA4.1 PA4.2 PA3.1 PA3.2 PA2.1 PA2.2 PA1.1 -

1 Performed 0 Incomplete Rating Levels:

Process Innovation Process Optimisation Process Management Process Control Process Definition Process Deployment Performance Management Work Product Management Process Performance (Goals) - (Performance Attribute (PA))

 F - Fully achieved (>85%)  L - Largely achieved (50-85%)

5.Availability 6.Compliance 7.Reliability

5

Optimised

4

Managed and measurable

3

Defined process

2

Repeatable but intuitive

1 0

Initial/Ad hoc Non-existent

 P – Partially achieved (15-50%)  N – Non achieved (