SlideShare una empresa de Scribd logo

COBIT 2019 Executive Summary_v1.1 .pdf

D
DiegoIvanAlvaradoVel

Guía COBIT

Liderazgo y gestión
1 de 19
Descargar para leer sin conexión
© 2018 ISACA. All rights reserved. INTRODUCING Executive Summary November 2018
© 2018 ISACA. All rights reserved. COBIT® 2019 The globally recognized COBIT Framework, which helps ensure effective enterprise governance of information and technology, has been updated with new information and guidance, facilitating easier, tailored implementation— strengthening COBIT’s continuing role as an important driver of innovation and business transformation. This document sets the scene for the upcoming release of COBIT® 2019 guidance.
© 2018 ISACA. All rights reserved. Remembering John Lainhart • In dedication to John Lainhart, who was there from COBIT day -1 in 1995 until his passing in September 2018. • John was the relentless support behind many COBIT related projects, including COBIT 2019 . • ISACA is extremely grateful for John and his vision, and COBIT 2019 (and its progeny) are his legacy. Picture provided courtesy of Dirk Steuperaert
© 2018 ISACA. All rights reserved. COBIT 2019 DRIVERS AND BENEFITS
© 2018 ISACA. All rights reserved. COBIT 2019 UPDATE DRIVERS COBIT 2019 Optimizing I&T Governance Staying relevant in a changed environment Building on COBIT strengths and identifying opportunities Addressing COBIT 5 limitations
© 2018 ISACA. All rights reserved. COBIT 2019 OPTIMIZING I&T GOVERNANCE Enterprise Governance of I&T Business/IT Alignment Value Creation IT - used to refer to the organizational department with main responsibility for technology – versus I&T – all the information the enterprise generates, processes and uses to achieve its goals, as well as the technology to support that throughout the enterprise. COBIT 2019 Optimizing I&T Governance Staying relevant in a changed environment Building on COBIT strengths and identifying opportunities Addressing COBIT5 imperfections
© 2018 ISACA. All rights reserved. COBIT 2019 STAYING RELEVANT IN A CHANGED ENVIRONMENT • COBIT 5 was published in 2012, making it almost 7 years old • New technology and business trends in the use of IT (e.g. digitization) have not been incorporated into COBIT, requiring re-alignment • The need for the integration of new insights from practitioners, science and academia in the domain of I&T governance creation • Other standards have evolved, resulting in a different standards/frameworks landscape, requiring a re-alignment • More fluid and frequent updates of COBIT required COBIT 2019 Optimizing I&T Governance Staying relevant in a changed environment Building on COBIT strengths and identifying opportunities Addressing COBIT5 imperfections
© 2018 ISACA. All rights reserved. COBIT 2019 STAYING RELEVANT IN A CHANGED ENVIRONMENT COBIT 2019 Optimizing I&T Governance Staying relevant in a changed environment Building on COBIT strengths and identifying opportunities Addressing COBIT5 imperfections • US National Institute of Standards and Technology (NIST) standards: –NIST Cybersecurity Framework v1.1 –NIST SP 800 53 Rev 5 –NIST SP 800 37 Rev 2 (Risk Management Framework) • ISO/IEC 20000 • ISO/IEC 27000 family: –ISO/IEC 27001 –ISO/IEC 27002 –ISO/IEC 27004 –ISO/IEC 27005 • ISO/IEC 31000:2018 • ISO/IEC 38500 • ISO/IEC 38502 • A Guide to the Project Management Book of Knowledge: PMBOK® Guide, Sixth Edition, 2017 • The TOGAF® Standard, The Open Group • The Open Group IT4IT™ Reference Architecture, version 2.0 • CIS ® Critical Security Controls, Center for Internet Security • King IV Report on Corporate Governance™, 2016 • Scaled Agile Framework (SAFe®) • Cloud standards and good practices: • Amazon Web Services (AWS®) • Security Considerations for Cloud Computing, ISACA • Controls and Assurance in the Cloud: Using COBIT ® 5, ISACA • Enterprise Risk Management (ERM)— Integrated Framework, Committee of Sponsoring Organizations of the Treadway Commission (COSO), June 2017 • The TBM Taxonomy, The TBM Council • “Options for Transforming the IT Function Using Bimodal IT,” MIS Quarterly Executive (white paper) • ITIL V3 • HITRUST ® Common Security Framework, version 9, September 2017 • Change Management Methodology, Prosci • Skills Framework for the Information Age (SFIA® ) V6 • The Standard of Good Practice for Information Security, Information Security Forum (ISF), 2016 • CMMI V2.0 • The CMMI Cybermaturity Platform, 2018 • The Data Management Maturity Model, CMMI Institute, 2014 The COBIT 2019 development team looked at following standards/frameworks to align COBIT 2019 with:
© 2018 ISACA. All rights reserved. STRENGTHS • COBIT is a unique overarching IT Governance framework • COBIT process guidance has matured and has reached its best quality level yet • COBIT’s business perspective on IT brings a unique opportunity to further expand its impact OPPORTUNITIES • The current (target) audience for COBIT is still very much IT- and Assurance oriented • There is an opportunity to re-discover or re-launch some of COBIT hidden gems • More prescriptive implementation guidance such as incorporating specific design factors COBIT 2019 BUILDING ON COBIT STRENGTHS AND IDENTIFYING OPPORTUNITIES COBIT 2019 Optimizing I&T Governance Staying relevant in a changed environment Buildng on COBIT strengths and identifying opportunities Addressing COBIT5 imperfections
© 2018 ISACA. All rights reserved. • COBIT users find it hard to locate relevant contents for their needs • Perceived as complex and challenging to apply in practice • The enabler model is incomplete in terms of development and guidance, and thus often ignored • A challenging process capability model and general lack of support of performance management for other enablers • The perceived reputation of IT Governance itself as an inhibitor of change and (administrative) overhead – not per se a COBIT weakness but an IT Governance problem at large COBIT 2019 ADDRESSING COBIT 5 LIMITATIONS COBIT 2019 Optimizing I&T Governance Staying relevant in a changed environment Building on COBIT strengths and identifying opportunities Addressing COBIT5 limitations
© 2018 ISACA. All rights reserved. INTRODUCTION ENTERPRISE GOVERNANCE OF INFORMATION & TECHNOLOGY (EGIT) AND THE NATURE OF COBIT
© 2018 ISACA. All rights reserved. In the light of digital transformation, information and technology (I&T) have become crucial in the support, sustainability and growth of enterprises. • Previously, governing boards and senior management could delegate, ignore or avoid I&T-related decisions • In most sectors and industries, such attitudes are now ill advised • Digitized enterprises are increasingly dependent on I&T for survival and growth • Stakeholder value creation is often driven by a high degree of digitization in new business models, efficient processes, successful innovation, etc. INTRODUCTION ENTERPRISE GOVERNANCE OF INFORMATION AND TECHNOLOGY (EGIT)
© 2018 ISACA. All rights reserved. Given the centrality of I&T for enterprise risk management and value generation, a specific focus on enterprise governance of information and technology (EGIT) has arisen over the last two decades. EGIT is an integral part of corporate governance • Exercised by the board that oversees the definition and implementation of processes, structures and relational mechanisms • Enables both business and IT people to execute their responsibilities in support of business/IT alignment • Enables creation of business value from I&T-enabled business investments INTRODUCTION ENTERPRISE GOVERNANCE OF INFORMATION AND TECHNOLOGY (EGIT)
© 2018 ISACA. All rights reserved. Fundamentally, EGIT is concerned with value delivery from digital transformation and the mitigation of business risk that results from digital transformation. More specifically, three main outcomes can be expected after successful adoption of EGIT. INTRODUCTION ENTERPRISE GOVERNANCE OF INFORMATION AND TECHNOLOGY (EGIT) Benefits Realization Risk Optimization Resource Optimization
© 2018 ISACA. All rights reserved. COBIT is a framework for the governance and management of enterprise information and technology, aimed at the whole enterprise. • Enterprise I&T means all the technology and information processing the enterprise puts in place to achieve its goals, regardless of where this happens in the enterprise • Enterprise I&T is not limited to the IT department of an organization, but certainly includes it INTRODUCTION COBIT AS AN INFORMATION & TECHNOLOGY (I&T) FRAMEWORK
© 2018 ISACA. All rights reserved. Governance (Board Level) Management (Executive Level) INTRODUCTION GOVERNANCE AND MANAGEMENT DEFINED • Plans, builds, runs and monitors activities, in alignment with the direction set by the governance body, to achieve the enterprise objectives • Ensure stakeholder needs, conditions and options are evaluated to determine enterprise objectives • Ensure direction is set through prioritization and decision making • Ensure performance and compliance are monitored against objectives
© 2018 ISACA. All rights reserved. INTRODUCTION WHAT IS COBIT AND WHAT IT IS NOT: SETTING THE RIGHT EXPECTATIONS COBIT IS • A framework for the governance and management of enterprise I&T • COBIT defines the components to build and sustain a governance system • COBIT defines the design factors that should be considered by the enterprise to build a best fit governance system • COBIT is flexible and allows guidance on new topics to be added COBIT IS NOT • A full description of the whole IT environment of an enterprise • A framework to organize business processes • An (IT-) technical framework to manage all technology • COBIT does not make or prescribe any IT-related decisions
© 2018 ISACA. All rights reserved. APPENDIX
© 2018 ISACA. All rights reserved. ABOUT ISACA Nearing its 50th year, ISACA® (isaca.org) is a global association helping individuals and enterprises achieve the positive potential of technology. Today’s world is powered by technology, and ISACA equips professionals with the knowledge, credentials, education and community to advance their careers and transform their organizations. ISACA leverages the expertise of its 450,000 engaged professionals in information and cyber security, governance, assurance, risk and innovation, as well as its enterprise performance subsidiary, CMMI® Institute, to help advance innovation through technology. ISACA has a presence in 188 countries, including 217 chapters worldwide and offices in both the United States and China.

Recomendados

Cobit 2019 foundation study material
Cobit 2019 foundation study materialCobit 2019 foundation study material
Cobit 2019 foundation study material
Anees Shaikh
 
COBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdfCOBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdf
MartinPatrici
 
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise ITCOBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
Mark Constable
 
Introduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT managementIntroduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT management
Christian F. Nissen
 
An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019
Gregor Polančič
 
Maximising The Value and Benefits of Enterprise Architecture
Maximising The Value and Benefits of Enterprise ArchitectureMaximising The Value and Benefits of Enterprise Architecture
Maximising The Value and Benefits of Enterprise Architecture
Alan McSweeney
 
Enterprise Architecture Implementation And The Open Group Architecture Framew...
Enterprise Architecture Implementation And The Open Group Architecture Framew...Enterprise Architecture Implementation And The Open Group Architecture Framew...
Enterprise Architecture Implementation And The Open Group Architecture Framew...
Alan McSweeney
 
IT Control Objectives Framework, A Relationship Between COSO Cobit and ITIL
IT Control Objectives Framework, A Relationship Between COSO Cobit and ITILIT Control Objectives Framework, A Relationship Between COSO Cobit and ITIL
IT Control Objectives Framework, A Relationship Between COSO Cobit and ITIL
Alfid Ardyanto
 

Recomendados

Cobit 2019 foundation study material
Cobit 2019 foundation study materialCobit 2019 foundation study material
Cobit 2019 foundation study material
Anees Shaikh
 
COBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdfCOBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdf
MartinPatrici
 
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise ITCOBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
COBIT 2019 webinar Use Cases: Tailoring Governance of Your Enterprise IT
Mark Constable
 
Introduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT managementIntroduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT management
Christian F. Nissen
 
An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019
Gregor Polančič
 
Maximising The Value and Benefits of Enterprise Architecture
Maximising The Value and Benefits of Enterprise ArchitectureMaximising The Value and Benefits of Enterprise Architecture
Maximising The Value and Benefits of Enterprise Architecture
Alan McSweeney
 
Enterprise Architecture Implementation And The Open Group Architecture Framew...
Enterprise Architecture Implementation And The Open Group Architecture Framew...Enterprise Architecture Implementation And The Open Group Architecture Framew...
Enterprise Architecture Implementation And The Open Group Architecture Framew...
Alan McSweeney
 
IT Control Objectives Framework, A Relationship Between COSO Cobit and ITIL
IT Control Objectives Framework, A Relationship Between COSO Cobit and ITILIT Control Objectives Framework, A Relationship Between COSO Cobit and ITIL
IT Control Objectives Framework, A Relationship Between COSO Cobit and ITIL
Alfid Ardyanto
 
IT Enterprise architecture ppt
IT Enterprise architecture pptIT Enterprise architecture ppt
IT Enterprise architecture ppt
Monsif sakienah
 
Cobit 2019 framework by ISACA
Cobit 2019 framework by ISACACobit 2019 framework by ISACA
Cobit 2019 framework by ISACA
MDFazlaRabbiAbir
 
ITIL and ISO 20000: Fundamentals and necessary compliance Synergies
ITIL and ISO 20000: Fundamentals and necessary compliance SynergiesITIL and ISO 20000: Fundamentals and necessary compliance Synergies
ITIL and ISO 20000: Fundamentals and necessary compliance Synergies
PECB
 
Audit Checklist for Information Systems
Audit Checklist for Information SystemsAudit Checklist for Information Systems
Audit Checklist for Information Systems
Ahmad Tariq Bhatti
 
Introduction to COBIT 2019 Certification and Training
Introduction to COBIT 2019 Certification and TrainingIntroduction to COBIT 2019 Certification and Training
Introduction to COBIT 2019 Certification and Training
Mark Edmead
 
COBIT® Presentation Package.ppt
COBIT® Presentation Package.pptCOBIT® Presentation Package.ppt
COBIT® Presentation Package.ppt
Emmacuet
 
Togaf 9.2 Introduction
Togaf 9.2 IntroductionTogaf 9.2 Introduction
Togaf 9.2 Introduction
Mohamed Zakarya Abdelgawad
 
Cobit
CobitCobit
Cobit
ifourkhushbooshah
 
MAPPING TOGAF® ADM AND AGILE APPROACH
MAPPING TOGAF® ADM AND AGILE APPROACHMAPPING TOGAF® ADM AND AGILE APPROACH
MAPPING TOGAF® ADM AND AGILE APPROACH
Architecture Center Ltd
 
Implement cobit in your organization
Implement cobit in your organizationImplement cobit in your organization
Implement cobit in your organization
Cheikh Hamallah DJIBA
 
Enterprise communication using archiMate
Enterprise communication using archiMateEnterprise communication using archiMate
Enterprise communication using archiMate
Louw Labuschagne
 
Enterprise Architecture using TOGAF 's ADM - Architecture Delivery Method (...
Enterprise Architecture using TOGAF 's ADM - Architecture Delivery Method (...Enterprise Architecture using TOGAF 's ADM - Architecture Delivery Method (...
Enterprise Architecture using TOGAF 's ADM - Architecture Delivery Method (...
Chandrashekhar More
 
Enterprise Architecture Governance: A Framework for Successful Business
Enterprise Architecture Governance: A Framework for Successful BusinessEnterprise Architecture Governance: A Framework for Successful Business
Enterprise Architecture Governance: A Framework for Successful Business
Nathaniel Palmer
 
Review of Information Technology Function Critical Capability Models
Review of Information Technology Function Critical Capability ModelsReview of Information Technology Function Critical Capability Models
Review of Information Technology Function Critical Capability Models
Alan McSweeney
 
Best Practices for a CoE
Best Practices for a CoEBest Practices for a CoE
Best Practices for a CoE
Splunk
 
ITIL4 and ServiceNow
ITIL4 and ServiceNowITIL4 and ServiceNow
ITIL4 and ServiceNow
ITSM Academy, Inc.
 
Itil,cobit and ıso27001
Itil,cobit and ıso27001Itil,cobit and ıso27001
Itil,cobit and ıso27001
Burcu Pelin TELLİ
 
Cobit 5 - An Overview
Cobit 5 - An OverviewCobit 5 - An Overview
Cobit 5 - An Overview
Anurag Purohit
 
Implementing Effective Enterprise Architecture
Implementing Effective Enterprise ArchitectureImplementing Effective Enterprise Architecture
Implementing Effective Enterprise Architecture
Leo Shuster
 
Enterprise Architecture
Enterprise ArchitectureEnterprise Architecture
Enterprise Architecture
Vikas Grover
 
COBIT-2019-Executive-Summary_v1.0.pptx
COBIT-2019-Executive-Summary_v1.0.pptxCOBIT-2019-Executive-Summary_v1.0.pptx
COBIT-2019-Executive-Summary_v1.0.pptx
tonydwisusanto2
 
Cobi t 4.1-brochure
Cobi t 4.1-brochureCobi t 4.1-brochure
Cobi t 4.1-brochure
Deloitte
 

Más contenido relacionado

La actualidad más candente

ITIL and ISO 20000: Fundamentals and necessary compliance Synergies
ITIL and ISO 20000: Fundamentals and necessary compliance SynergiesITIL and ISO 20000: Fundamentals and necessary compliance Synergies
ITIL and ISO 20000: Fundamentals and necessary compliance Synergies
PECB
 
COBIT® Presentation Package.ppt
COBIT® Presentation Package.pptCOBIT® Presentation Package.ppt
COBIT® Presentation Package.ppt
Emmacuet
 
Implement cobit in your organization
Implement cobit in your organizationImplement cobit in your organization
Implement cobit in your organization
Cheikh Hamallah DJIBA
 
Enterprise communication using archiMate
Enterprise communication using archiMateEnterprise communication using archiMate
Enterprise communication using archiMate
Louw Labuschagne
 
Enterprise Architecture Governance: A Framework for Successful Business
Enterprise Architecture Governance: A Framework for Successful BusinessEnterprise Architecture Governance: A Framework for Successful Business
Enterprise Architecture Governance: A Framework for Successful Business
Nathaniel Palmer
 
Review of Information Technology Function Critical Capability Models
Review of Information Technology Function Critical Capability ModelsReview of Information Technology Function Critical Capability Models
Review of Information Technology Function Critical Capability Models
Alan McSweeney
 

La actualidad más candente (20)

IT Enterprise architecture ppt
IT Enterprise architecture pptIT Enterprise architecture ppt
IT Enterprise architecture ppt
 
Cobit 2019 framework by ISACA
Cobit 2019 framework by ISACACobit 2019 framework by ISACA
Cobit 2019 framework by ISACA
 
ITIL and ISO 20000: Fundamentals and necessary compliance Synergies
ITIL and ISO 20000: Fundamentals and necessary compliance SynergiesITIL and ISO 20000: Fundamentals and necessary compliance Synergies
ITIL and ISO 20000: Fundamentals and necessary compliance Synergies
 
Audit Checklist for Information Systems
Audit Checklist for Information SystemsAudit Checklist for Information Systems
Audit Checklist for Information Systems
 
Introduction to COBIT 2019 Certification and Training
Introduction to COBIT 2019 Certification and TrainingIntroduction to COBIT 2019 Certification and Training
Introduction to COBIT 2019 Certification and Training
 
COBIT® Presentation Package.ppt
COBIT® Presentation Package.pptCOBIT® Presentation Package.ppt
COBIT® Presentation Package.ppt
 
Togaf 9.2 Introduction
Togaf 9.2 IntroductionTogaf 9.2 Introduction
Togaf 9.2 Introduction
 
Cobit
CobitCobit
Cobit
 
MAPPING TOGAF® ADM AND AGILE APPROACH
MAPPING TOGAF® ADM AND AGILE APPROACHMAPPING TOGAF® ADM AND AGILE APPROACH
MAPPING TOGAF® ADM AND AGILE APPROACH
 
Implement cobit in your organization
Implement cobit in your organizationImplement cobit in your organization
Implement cobit in your organization
 
Enterprise communication using archiMate
Enterprise communication using archiMateEnterprise communication using archiMate
Enterprise communication using archiMate
 
Enterprise Architecture using TOGAF 's ADM - Architecture Delivery Method (...
Enterprise Architecture using TOGAF 's ADM - Architecture Delivery Method (...Enterprise Architecture using TOGAF 's ADM - Architecture Delivery Method (...
Enterprise Architecture using TOGAF 's ADM - Architecture Delivery Method (...
 
Enterprise Architecture Governance: A Framework for Successful Business
Enterprise Architecture Governance: A Framework for Successful BusinessEnterprise Architecture Governance: A Framework for Successful Business
Enterprise Architecture Governance: A Framework for Successful Business
 
Review of Information Technology Function Critical Capability Models
Review of Information Technology Function Critical Capability ModelsReview of Information Technology Function Critical Capability Models
Review of Information Technology Function Critical Capability Models
 
Best Practices for a CoE
Best Practices for a CoEBest Practices for a CoE
Best Practices for a CoE
 
ITIL4 and ServiceNow
ITIL4 and ServiceNowITIL4 and ServiceNow
ITIL4 and ServiceNow
 
Itil,cobit and ıso27001
Itil,cobit and ıso27001Itil,cobit and ıso27001
Itil,cobit and ıso27001
 
Cobit 5 - An Overview
Cobit 5 - An OverviewCobit 5 - An Overview
Cobit 5 - An Overview
 
Implementing Effective Enterprise Architecture
Implementing Effective Enterprise ArchitectureImplementing Effective Enterprise Architecture
Implementing Effective Enterprise Architecture
 
Enterprise Architecture
Enterprise ArchitectureEnterprise Architecture
Enterprise Architecture
 

Similar a COBIT 2019 Executive Summary_v1.1 .pdf

Comparación de CobiT 5 con CobiT 4.1
Comparación de CobiT 5 con CobiT 4.1Comparación de CobiT 5 con CobiT 4.1
Comparación de CobiT 5 con CobiT 4.1
Slime Argentina
 

Similar a COBIT 2019 Executive Summary_v1.1 .pdf (20)

COBIT-2019-Executive-Summary_v1.0.pptx
COBIT-2019-Executive-Summary_v1.0.pptxCOBIT-2019-Executive-Summary_v1.0.pptx
COBIT-2019-Executive-Summary_v1.0.pptx
 
Cobi t 4.1-brochure
Cobi t 4.1-brochureCobi t 4.1-brochure
Cobi t 4.1-brochure
 
Comparación de CobiT 5 con CobiT 4.1
Comparación de CobiT 5 con CobiT 4.1Comparación de CobiT 5 con CobiT 4.1
Comparación de CobiT 5 con CobiT 4.1
 
COBIT 5 FAQ
COBIT 5 FAQCOBIT 5 FAQ
COBIT 5 FAQ
 
Introduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT managementIntroduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT management
 
Frameworks to drive value from your investment in Information Technology
Frameworks to drive value from your investment in Information TechnologyFrameworks to drive value from your investment in Information Technology
Frameworks to drive value from your investment in Information Technology
 
Cobit overview
Cobit overviewCobit overview
Cobit overview
 
Cobit 4.1 indri
Cobit 4.1 indriCobit 4.1 indri
Cobit 4.1 indri
 
COBIT Intor.pptx
COBIT Intor.pptxCOBIT Intor.pptx
COBIT Intor.pptx
 
Darmin ritonga 11353205418
Darmin ritonga 11353205418Darmin ritonga 11353205418
Darmin ritonga 11353205418
 
cobit 2019 -current-user - ISACA Publication
cobit 2019 -current-user - ISACA Publicationcobit 2019 -current-user - ISACA Publication
cobit 2019 -current-user - ISACA Publication
 
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500
 
IT Governance Framework
IT Governance FrameworkIT Governance Framework
IT Governance Framework
 
Lailatul izzati
Lailatul izzatiLailatul izzati
Lailatul izzati
 
CobiT Foundation Free Training
CobiT Foundation Free TrainingCobiT Foundation Free Training
CobiT Foundation Free Training
 
Cobit5 introduction
Cobit5 introductionCobit5 introduction
Cobit5 introduction
 
Cobit 4.1 ivo oktavianti
Cobit 4.1 ivo oktaviantiCobit 4.1 ivo oktavianti
Cobit 4.1 ivo oktavianti
 
Cobit 4.1 ivooktavianti
Cobit 4.1 ivooktaviantiCobit 4.1 ivooktavianti
Cobit 4.1 ivooktavianti
 
Cobit 4.1 ivo oktavianti
Cobit 4.1 ivo oktaviantiCobit 4.1 ivo oktavianti
Cobit 4.1 ivo oktavianti
 
IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing world IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing world
 

Último

The Psychology Of Motivation - Richard Brown
The Psychology Of Motivation - Richard BrownThe Psychology Of Motivation - Richard Brown
The Psychology Of Motivation - Richard Brown
SandaliGurusinghe2
 
W.H.Bender Quote 62 - Always strive to be a Hospitality Service professional
W.H.Bender Quote 62 - Always strive to be a Hospitality Service professionalW.H.Bender Quote 62 - Always strive to be a Hospitality Service professional
W.H.Bender Quote 62 - Always strive to be a Hospitality Service professional
William (Bill) H. Bender, FCSI
 
Beyond the Codes_Repositioning towards sustainable development
Beyond the Codes_Repositioning towards sustainable developmentBeyond the Codes_Repositioning towards sustainable development
Beyond the Codes_Repositioning towards sustainable development
Nimot Muili
 
internship thesis pakistan aeronautical complex kamra
internship thesis pakistan aeronautical complex kamrainternship thesis pakistan aeronautical complex kamra
internship thesis pakistan aeronautical complex kamra
AllTops
 
How Software Developers Destroy Business Value.pptx
How Software Developers Destroy Business Value.pptxHow Software Developers Destroy Business Value.pptx
How Software Developers Destroy Business Value.pptx
Aaron Stannard
 
Agile Coaching Change Management Framework.pptx
Agile Coaching Change Management Framework.pptxAgile Coaching Change Management Framework.pptx
Agile Coaching Change Management Framework.pptx
alinstan901
 
Abortion pills in Jeddah |• +966572737505 ] GET CYTOTEC
Abortion pills in Jeddah |• +966572737505 ] GET CYTOTECAbortion pills in Jeddah |• +966572737505 ] GET CYTOTEC
Abortion pills in Jeddah |• +966572737505 ] GET CYTOTEC
Abortion pills in Riyadh +966572737505 get cytotec
 
Gautam Buddh Nagar Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Gautam Buddh Nagar Call Girls 🥰 8617370543 Service Offer VIP Hot ModelGautam Buddh Nagar Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Gautam Buddh Nagar Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Nitya salvi
 

Último (16)

Intro_University_Ranking_Introduction.pptx
Intro_University_Ranking_Introduction.pptxIntro_University_Ranking_Introduction.pptx
Intro_University_Ranking_Introduction.pptx
 
The Psychology Of Motivation - Richard Brown
The Psychology Of Motivation - Richard BrownThe Psychology Of Motivation - Richard Brown
The Psychology Of Motivation - Richard Brown
 
W.H.Bender Quote 62 - Always strive to be a Hospitality Service professional
W.H.Bender Quote 62 - Always strive to be a Hospitality Service professionalW.H.Bender Quote 62 - Always strive to be a Hospitality Service professional
W.H.Bender Quote 62 - Always strive to be a Hospitality Service professional
 
Beyond the Codes_Repositioning towards sustainable development
Beyond the Codes_Repositioning towards sustainable developmentBeyond the Codes_Repositioning towards sustainable development
Beyond the Codes_Repositioning towards sustainable development
 
Siliguri Escorts Service Girl ^ 9332606886, WhatsApp Anytime Siliguri
Siliguri Escorts Service Girl ^ 9332606886, WhatsApp Anytime SiliguriSiliguri Escorts Service Girl ^ 9332606886, WhatsApp Anytime Siliguri
Siliguri Escorts Service Girl ^ 9332606886, WhatsApp Anytime Siliguri
 
Marketing Management 16th edition by Philip Kotler test bank.docx
Marketing Management 16th edition by Philip Kotler test bank.docxMarketing Management 16th edition by Philip Kotler test bank.docx
Marketing Management 16th edition by Philip Kotler test bank.docx
 
internship thesis pakistan aeronautical complex kamra
internship thesis pakistan aeronautical complex kamrainternship thesis pakistan aeronautical complex kamra
internship thesis pakistan aeronautical complex kamra
 
How Software Developers Destroy Business Value.pptx
How Software Developers Destroy Business Value.pptxHow Software Developers Destroy Business Value.pptx
How Software Developers Destroy Business Value.pptx
 
Agile Coaching Change Management Framework.pptx
Agile Coaching Change Management Framework.pptxAgile Coaching Change Management Framework.pptx
Agile Coaching Change Management Framework.pptx
 
Reviewing and summarization of university ranking system to.pptx
Reviewing and summarization of university ranking system to.pptxReviewing and summarization of university ranking system to.pptx
Reviewing and summarization of university ranking system to.pptx
 
Leaders enhance communication by actively listening, providing constructive f...
Leaders enhance communication by actively listening, providing constructive f...Leaders enhance communication by actively listening, providing constructive f...
Leaders enhance communication by actively listening, providing constructive f...
 
Abortion pills in Jeddah |• +966572737505 ] GET CYTOTEC
Abortion pills in Jeddah |• +966572737505 ] GET CYTOTECAbortion pills in Jeddah |• +966572737505 ] GET CYTOTEC
Abortion pills in Jeddah |• +966572737505 ] GET CYTOTEC
 
digital Human resource management presentation.pdf
digital Human resource management presentation.pdfdigital Human resource management presentation.pdf
digital Human resource management presentation.pdf
 
Safety T fire missions army field Artillery
Safety T fire missions army field ArtillerySafety T fire missions army field Artillery
Safety T fire missions army field Artillery
 
Gautam Buddh Nagar Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Gautam Buddh Nagar Call Girls 🥰 8617370543 Service Offer VIP Hot ModelGautam Buddh Nagar Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Gautam Buddh Nagar Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
International Ocean Transportation p.pdf
International Ocean Transportation p.pdfInternational Ocean Transportation p.pdf
International Ocean Transportation p.pdf
 

COBIT 2019 Executive Summary_v1.1 .pdf

  • 1. © 2018 ISACA. All rights reserved. INTRODUCING Executive Summary November 2018
  • 2. © 2018 ISACA. All rights reserved. COBIT® 2019 The globally recognized COBIT Framework, which helps ensure effective enterprise governance of information and technology, has been updated with new information and guidance, facilitating easier, tailored implementation— strengthening COBIT’s continuing role as an important driver of innovation and business transformation. This document sets the scene for the upcoming release of COBIT® 2019 guidance.
  • 3. © 2018 ISACA. All rights reserved. Remembering John Lainhart • In dedication to John Lainhart, who was there from COBIT day -1 in 1995 until his passing in September 2018. • John was the relentless support behind many COBIT related projects, including COBIT 2019 . • ISACA is extremely grateful for John and his vision, and COBIT 2019 (and its progeny) are his legacy. Picture provided courtesy of Dirk Steuperaert
  • 4. © 2018 ISACA. All rights reserved. COBIT 2019 DRIVERS AND BENEFITS
  • 5. © 2018 ISACA. All rights reserved. COBIT 2019 UPDATE DRIVERS COBIT 2019 Optimizing I&T Governance Staying relevant in a changed environment Building on COBIT strengths and identifying opportunities Addressing COBIT 5 limitations
  • 6. © 2018 ISACA. All rights reserved. COBIT 2019 OPTIMIZING I&T GOVERNANCE Enterprise Governance of I&T Business/IT Alignment Value Creation IT - used to refer to the organizational department with main responsibility for technology – versus I&T – all the information the enterprise generates, processes and uses to achieve its goals, as well as the technology to support that throughout the enterprise. COBIT 2019 Optimizing I&T Governance Staying relevant in a changed environment Building on COBIT strengths and identifying opportunities Addressing COBIT5 imperfections
  • 7. © 2018 ISACA. All rights reserved. COBIT 2019 STAYING RELEVANT IN A CHANGED ENVIRONMENT • COBIT 5 was published in 2012, making it almost 7 years old • New technology and business trends in the use of IT (e.g. digitization) have not been incorporated into COBIT, requiring re-alignment • The need for the integration of new insights from practitioners, science and academia in the domain of I&T governance creation • Other standards have evolved, resulting in a different standards/frameworks landscape, requiring a re-alignment • More fluid and frequent updates of COBIT required COBIT 2019 Optimizing I&T Governance Staying relevant in a changed environment Building on COBIT strengths and identifying opportunities Addressing COBIT5 imperfections
  • 8. © 2018 ISACA. All rights reserved. COBIT 2019 STAYING RELEVANT IN A CHANGED ENVIRONMENT COBIT 2019 Optimizing I&T Governance Staying relevant in a changed environment Building on COBIT strengths and identifying opportunities Addressing COBIT5 imperfections • US National Institute of Standards and Technology (NIST) standards: –NIST Cybersecurity Framework v1.1 –NIST SP 800 53 Rev 5 –NIST SP 800 37 Rev 2 (Risk Management Framework) • ISO/IEC 20000 • ISO/IEC 27000 family: –ISO/IEC 27001 –ISO/IEC 27002 –ISO/IEC 27004 –ISO/IEC 27005 • ISO/IEC 31000:2018 • ISO/IEC 38500 • ISO/IEC 38502 • A Guide to the Project Management Book of Knowledge: PMBOK® Guide, Sixth Edition, 2017 • The TOGAF® Standard, The Open Group • The Open Group IT4IT™ Reference Architecture, version 2.0 • CIS ® Critical Security Controls, Center for Internet Security • King IV Report on Corporate Governance™, 2016 • Scaled Agile Framework (SAFe®) • Cloud standards and good practices: • Amazon Web Services (AWS®) • Security Considerations for Cloud Computing, ISACA • Controls and Assurance in the Cloud: Using COBIT ® 5, ISACA • Enterprise Risk Management (ERM)— Integrated Framework, Committee of Sponsoring Organizations of the Treadway Commission (COSO), June 2017 • The TBM Taxonomy, The TBM Council • “Options for Transforming the IT Function Using Bimodal IT,” MIS Quarterly Executive (white paper) • ITIL V3 • HITRUST ® Common Security Framework, version 9, September 2017 • Change Management Methodology, Prosci • Skills Framework for the Information Age (SFIA® ) V6 • The Standard of Good Practice for Information Security, Information Security Forum (ISF), 2016 • CMMI V2.0 • The CMMI Cybermaturity Platform, 2018 • The Data Management Maturity Model, CMMI Institute, 2014 The COBIT 2019 development team looked at following standards/frameworks to align COBIT 2019 with:
  • 9. © 2018 ISACA. All rights reserved. STRENGTHS • COBIT is a unique overarching IT Governance framework • COBIT process guidance has matured and has reached its best quality level yet • COBIT’s business perspective on IT brings a unique opportunity to further expand its impact OPPORTUNITIES • The current (target) audience for COBIT is still very much IT- and Assurance oriented • There is an opportunity to re-discover or re-launch some of COBIT hidden gems • More prescriptive implementation guidance such as incorporating specific design factors COBIT 2019 BUILDING ON COBIT STRENGTHS AND IDENTIFYING OPPORTUNITIES COBIT 2019 Optimizing I&T Governance Staying relevant in a changed environment Buildng on COBIT strengths and identifying opportunities Addressing COBIT5 imperfections
  • 10. © 2018 ISACA. All rights reserved. • COBIT users find it hard to locate relevant contents for their needs • Perceived as complex and challenging to apply in practice • The enabler model is incomplete in terms of development and guidance, and thus often ignored • A challenging process capability model and general lack of support of performance management for other enablers • The perceived reputation of IT Governance itself as an inhibitor of change and (administrative) overhead – not per se a COBIT weakness but an IT Governance problem at large COBIT 2019 ADDRESSING COBIT 5 LIMITATIONS COBIT 2019 Optimizing I&T Governance Staying relevant in a changed environment Building on COBIT strengths and identifying opportunities Addressing COBIT5 limitations
  • 11. © 2018 ISACA. All rights reserved. INTRODUCTION ENTERPRISE GOVERNANCE OF INFORMATION & TECHNOLOGY (EGIT) AND THE NATURE OF COBIT
  • 12. © 2018 ISACA. All rights reserved. In the light of digital transformation, information and technology (I&T) have become crucial in the support, sustainability and growth of enterprises. • Previously, governing boards and senior management could delegate, ignore or avoid I&T-related decisions • In most sectors and industries, such attitudes are now ill advised • Digitized enterprises are increasingly dependent on I&T for survival and growth • Stakeholder value creation is often driven by a high degree of digitization in new business models, efficient processes, successful innovation, etc. INTRODUCTION ENTERPRISE GOVERNANCE OF INFORMATION AND TECHNOLOGY (EGIT)
  • 13. © 2018 ISACA. All rights reserved. Given the centrality of I&T for enterprise risk management and value generation, a specific focus on enterprise governance of information and technology (EGIT) has arisen over the last two decades. EGIT is an integral part of corporate governance • Exercised by the board that oversees the definition and implementation of processes, structures and relational mechanisms • Enables both business and IT people to execute their responsibilities in support of business/IT alignment • Enables creation of business value from I&T-enabled business investments INTRODUCTION ENTERPRISE GOVERNANCE OF INFORMATION AND TECHNOLOGY (EGIT)
  • 14. © 2018 ISACA. All rights reserved. Fundamentally, EGIT is concerned with value delivery from digital transformation and the mitigation of business risk that results from digital transformation. More specifically, three main outcomes can be expected after successful adoption of EGIT. INTRODUCTION ENTERPRISE GOVERNANCE OF INFORMATION AND TECHNOLOGY (EGIT) Benefits Realization Risk Optimization Resource Optimization
  • 15. © 2018 ISACA. All rights reserved. COBIT is a framework for the governance and management of enterprise information and technology, aimed at the whole enterprise. • Enterprise I&T means all the technology and information processing the enterprise puts in place to achieve its goals, regardless of where this happens in the enterprise • Enterprise I&T is not limited to the IT department of an organization, but certainly includes it INTRODUCTION COBIT AS AN INFORMATION & TECHNOLOGY (I&T) FRAMEWORK
  • 16. © 2018 ISACA. All rights reserved. Governance (Board Level) Management (Executive Level) INTRODUCTION GOVERNANCE AND MANAGEMENT DEFINED • Plans, builds, runs and monitors activities, in alignment with the direction set by the governance body, to achieve the enterprise objectives • Ensure stakeholder needs, conditions and options are evaluated to determine enterprise objectives • Ensure direction is set through prioritization and decision making • Ensure performance and compliance are monitored against objectives
  • 17. © 2018 ISACA. All rights reserved. INTRODUCTION WHAT IS COBIT AND WHAT IT IS NOT: SETTING THE RIGHT EXPECTATIONS COBIT IS • A framework for the governance and management of enterprise I&T • COBIT defines the components to build and sustain a governance system • COBIT defines the design factors that should be considered by the enterprise to build a best fit governance system • COBIT is flexible and allows guidance on new topics to be added COBIT IS NOT • A full description of the whole IT environment of an enterprise • A framework to organize business processes • An (IT-) technical framework to manage all technology • COBIT does not make or prescribe any IT-related decisions
  • 18. © 2018 ISACA. All rights reserved. APPENDIX
  • 19. © 2018 ISACA. All rights reserved. ABOUT ISACA Nearing its 50th year, ISACA® (isaca.org) is a global association helping individuals and enterprises achieve the positive potential of technology. Today’s world is powered by technology, and ISACA equips professionals with the knowledge, credentials, education and community to advance their careers and transform their organizations. ISACA leverages the expertise of its 450,000 engaged professionals in information and cyber security, governance, assurance, risk and innovation, as well as its enterprise performance subsidiary, CMMI® Institute, to help advance innovation through technology. ISACA has a presence in 188 countries, including 217 chapters worldwide and offices in both the United States and China.