Cobit 5! Fusion (Cobit as an approach to Business & IT Alignment)! n o ( a r g e Int Not just for your Auditor!! Cobit 5 ! John Krogh Twitter: @jakrogh Blog: www.johnakrogh.com! proven experience • proven tactics • proven success © Service Management Art 2013! What is Cobit! Control Objectives for IT & Related Technology! ! A Business Framework for the Governance and Management of Enterprise IT! What is Governance! ?! History of Cobit! Cobit 1 published in 1994! Audit Focus In 1977 the EDP Auditors (EDPAA) associa(on published the fore bearer of Cobit Cobit 2nd Edition (1998)! Control Focus Cobit 3rd Edition (2000)! Management Focus? Established Management Guidelines Key Goal Indicators & Key Performance Indicators ! History of Cobit! Cobit 4.0 (2005)! IT Governance Focus Val IT & Risk IT The goals cascade – buried in the guidance Cobit 5 (2012) ! Governance of Enterprise IT focus Tying together the ISACA Assets Clearly iden(fying and isola(on "Governance" from "Management" The "Improved" Goals Cascade an integrated part of the framework Beyond Process! -­‐ the 7 enablers. ! Cobit 5 Accreditation Scheme! Under Development (subject to change) Cer(fied COBIT Implementer Cer(fied COBIT Assessor COBIT 5 Implementa(on COBIT 5 Assessment COBIT 5 Processes COBIT 5 Founda(on Cobit Myths! Cobit is just the ITIL processes – reworded! Cobit is meant to be implemented! Cobit only applies to large organizations! Cobit addresses IT but not ITSM! Cobit adds bureaucracy! Cobit is for IT not for the business! Cobit as a Strategic Tool! The Goals Cascade Workshops Stakeholder Needs Enterprise Goals IT Related Goals Tes(ng & Valida(on Process (Enabler) Goals Steps to Strategic Alignment! Agree enterprise goals (priority)! Stakeholder workshops /Needs analysis map stakeholder needs to Cobit’s generic business goals (documen(ng excep(ons / condi(ons) Mapping enterprise goals to IT-related goals! Validate with stakeholders Mapping IT related goals to process goals! Validate process outcomes against stakeholder needs Implementation ! Stakeholders! Board! Shareholders! CEO, CFO, CIO, CRO! Business Executives! Business Process Owners! HR! IT Mangers! etc! Stakeholder Questions! How do I get value from the use of IT?! How do I manage performance of IT! How can I best exploit technology?! How do I best structure my IT department! How do I gain assurance of external providers! What are the control requirements for information! ...! ! Define…. Stakeholder Needs! Drive Stakeholder Needs Governance Objec(ve: Value Crea(on Benefits Realiza(on Risk Op(miza(on Resource Op(miza(on Map to …… Enterprise Goals! Shareholder value of business investments! Portfolio of competitive products and services! Manages business risk! Financial transparency! Customer oriented service culture! Optimization of service delivery! Skilled & motivated people! 10 others…! ! Cascade to…. IT – Related Goals! Alignment of IT and Business Strategy! Compliance with….! Manage IT related business risk! Delivery of IT services in line with bus requirements! IT Agility! Delivery of IT Programs! Knowledge! 10 others…! ! Cascade to…. Process Goals (and other enablers)! Ensure benefits delivery! Ensure resource optimization! Manage service agreements! Manage availability and capacity! Manage change! Manage problems! 31 others….! COBIT Processes! Cascade – in Practice! Big Oil – IT Objective Statement! ! IT will be recognized internally as a strategic differentiator for the business. Providing clear value for money and responding to changing business requirements.! Big Oil – Stakeholder Workshop! With Key Stakeholders! ! Agree objective statement! Prioritize generic enterprise goals! Agree scope of improvements! Document variances from generic goals! Big Oil – Enterprise Goals! 1. Stakeholder Value of Business Investments! 5. Financial Transparency! 8. Agile Responses to a Changing Business Environment! 17. Products and Business Innovation Culture! Big Oil – Stakeholder Workshop! With Key Stakeholders and using “goals cascade”! ! Identify candidate IT related goals! Validate goal outcomes against stakeholder needs! Agree IT related goals in scope! ! Big Oil – IT Related Goals! 1. Alignment of IT and business strategy! 3. Commitment of exec. For making IT related decisions! 7. Delivery of IT services in line with business requirements! 9. IT agility! 11. Optimization of IT assets resources and capabilities! Big Oil – Stakeholder Workshop! With Key Stakeholders and using “goals cascade”! ! Identify candidate IT processes for improvement! Perform Capability Assessment! Agree process target capabilities! Initiate and charter an improvement program! ! Big Oil – IT Processes! EDM01 Ensure governance framework setting and maintenance! EDM02 Ensure benefits delivery! APO08 Manage Relationships! APO10 Manage Suppliers! DSS03 Manage Problems! MEA01 Monitor, Evaluate and Assess Performance and Conformance! Answering the Question! This investment in achieving the enabler goals:! ! ! ! ____________________________! Will allow IT to achieve the IT related goal of:! ! ! ! ____________________________! Which support the Enterprise Goals of:! ! ! ! ____________________________! Which address your need to: ! ! ! ! ____________________________! ! Questions! ?!