COBIT 5 Foundation Exam Revision on a page!

Governance of Enterprise IT (GEIT)

Enterprise = organisation = commercial (corporate) OR public sector OR not for profit
Governance Objective: Value Creation from Benefits Realisation + Risk Optimisation+ Resource Optimisation
Governance Scope = where governance applies: usually the enterprise, but can be just some assets
GOALS CASCADE: Stakeholder Needs Enterprise Goals IT-related Goals Enabler Goals
5 Principles of COBIT 5 7 Enablers of COBIT 5 (i.e. Governance Enablers)
1. Meeting stakeholder needs 1. Principles, policies and frameworks
2. Covering the Enterprise end-to-end 2. Processes
3. Single integrated Framework 3. Organisational structures Memory aid:
4. Holistic approach of 7 enterprise Enablers 4. Culture, ethics and behaviours POP PICS
5. Separating governance from management 5. Information
6. Service infrastructure and applications
Memory aid: Stakeholder FEES 7. People skills and competencies
Generic Governance Enablers
Enabler Dimensions Enabler Performance Management
Stakeholders Questions to be answered:
Internal & External Outcomes (Lag indicators)
Goals = expected outcome of enabler Are stakeholders needs addressed?
Intrinsic Quality (work well & provide results) Are enabler goals achieved?
Contextual Quality (Relevance, effectiveness) Functioning of enabler itself (Lead indicator)
Accessibility & Security (of enablers + outcomes) Is the enabler lifecycle managed?
Life Cycle Are good practices applied?
Plan, Design, Information Enabler (Enabler 5)
Build/Acquire/Create/Implement
Use/Operate Intrinsic quality:
Evaluate/Monitor Accuracy, Objectivity, Believability, Reputation
Update/Dispose Information layers
Good Practices Physical world (carrier/media), Empiric (User interface)
Practices Syntactic (code/language), Semantic (meaning)
Work Products (Inputs & Outputs) Pragmatic (use)
Social world (e.g. contracts, law, culture)
COBIT 5 Processes COBIT 5 Process Capability Assessment Model (PAM)
5 Domains = 37 processes Performance
0 Incomplete
Governance Attribute (PA)
Evaluate, Direct & Monitor (EDM) PA1.1 Process Performance
1 Performed
Management
Align, Plan & Organise (APO) strategic
Build, Acquire & Implement (BAI) tactical PA2.1 Performance Management
Deliver, Service & Support (DSS) - operational 2 Managed
Monitor, Evaluate & Assess (MEA) PA2.2 Work Product Management
EDM(5) APO(13) BAI(10) DSS(6) PA3.1 Process Definition
MEA(3) 3 Established
PA3.2 Process Deployment
Memory aid: PA4.1 Process Measurement
Management domains are in alphabetic 4 Predictable
order. PA4.2 Process Control
E is 5th letter in alphabet and EDM has
5 processes. PA5.1 Process Innovation
In alphabetic order, Management 5 Optimising PA5.2 Process Optimisation
processes get less by 3 or 4
COBIT 5 Implementation Lifecycle
Phase 1 2 3 4 5 6 7
What are the Where are we Where do we What needs to How do we get Did we get How do we keep
drivers? now? want to be? be done? there? there? the momentum
going?
Programme Initiate Define problems Define road Plan Execute plan Realise Review
Management program & opportunities map programme benefits Effectiveness
Change Establish Form Communicate Identify role Operate and Embed new Sustain
Enablement desire to implementation outcome players use approaches
change team
Continual Recognise Assess current Define target Build Implement Operate and Monitor and
Improvement need to act state state improvements improvements measure evaluate
Lifecycle

2012-15 Maat Consulting Ltd www.maatconsulting.com

COBIT is a registered trade mark of ISACA and the IT Governance Institute (ITGI) V1.4 July 2015
This is not an official COBIT publication and is not endorsed, sponsored, or otherwise affiliated with ISACA or ITGI.