pengantar cobit 5
TRANSCRIPT
-
8/17/2019 Pengantar Cobit 5
1/48
Slide Heading
Introducing COBIT® 5
Bob Frelinger, CGEITMay 18, !1
-
8/17/2019 Pengantar Cobit 5
2/48
"earning Ob#ecti$e%
&''reciate t(e Bac)ground Be(ind COBIT® 5
*nder%tand t(e Fi$e COBIT® 5 +rinci'le%
*nder%tand t(e Se$en COBIT® 5 Enabler%
no- Ho- to .a$igate t(e /COBIT ® 5 0 ra2e-or) docu2ent
no- Ho- to .a$igate /COBIT ® 5: Enabling Processes0
-
8/17/2019 Pengantar Cobit 5
3/48
3(at4% Be(ind COBIT® 5
Some History…
-
8/17/2019 Pengantar Cobit 5
4/48
3(at4% Be(ind COBIT® 5
References and Influencers…
Existing ISACA/ITGI Material:
C!IT "#$
%al ITRis& IT
!MIS
IT Assurance 'rame(or&
!oard !riefing on IT Go)ernance
ISO Standard%
IT Ser$ice Manage2ent
6uality Manage2ent
7i%) Manage2ent
Inor2ation Security 7i%) Manage2ent
Cor'orate Go$ernance o Inor2ation Tec(nology
+roce%% &%%e%%2entBriti%( Standard%
Bu%ine%% Continuity Manage2ent
C!IT * +roduct 'amily
&+M Introduction to
+rogra22e Manage2ent *9
Federal Enter'ri%e &rc(itecture FE&9 *S&9
T(e :Euro'ean; Co22i%%ion
Enter'ri%e IT &rc(itecture
Fra2e-or) CE&F9 Belgiu29
TOG&F® <+MBO®
OGC *9 Be%t Manage2ent +ractice +ortolio
Managing Successful Programmes (MSP)
PRINCE ®
Informa!ion Tec"nolog# Infras!ruc!ure $ibrar# (ITI$®)%
$ea&ing C"ange
by =o(n otter
ing Code o
Go$ernance +rinci'le%
ing III9 Sout( &rica9
OEC> +rinci'le% o
Cor'orate Go$ernance
France9
Co2bined Code on
Cor'orate Go$ernance4 *9
B&BO® 'ui&e
Balanced
Scorecard
COSO
-
8/17/2019 Pengantar Cobit 5
5/48
3(at4% Be(ind COBIT® 5
Glo,al Ex-ertise and Colla,oration…? O$er%een by t(e IS&C&@ITGI Fra2e-or) Co22ittee FC9
? 7e%earc( re%ult% -ere Aualitycontrolled t(roug(out t(e
de$elo'2ent 'roce%%
? +reli2inary re%earc( in$ol$ed %e$eral COBIT de$elo'2ent grou'%
ba%ed around t(e -orld
? Beore being i%%ued, t(e drat docu2ent% -ere di%tributed to 2ore
t(an 1!! %ub#ect 2atter eD'ert% around t(e -orld to obtain t(eir
'roe%%ional re$ie- co22ent%? Once ready, drat $er%ion% o COBIT 5 and COBIT 5: Enabling
Processes -ere 2ade a$ailable to t(e general 'ublic T(ou%and%
o co22ent% -ere recei$ed
-
8/17/2019 Pengantar Cobit 5
6/48
Source Glo,al Status Re-ort on t.e
Go)ernance of Enter-rise IT GEIT0 1 23$$
7olling Meado-%, I" IS&C& ITGI, !11
I2'ortance o IT
to t(e >eli$ery
o Bu%ine%%
Strategy and i%ion
I2'ortance o IT
-
8/17/2019 Pengantar Cobit 5
7/48
3(y 3(at i% COBIT® 5
Enter'ri%e%, large and %2all, co22ercial, notor'roit or 'ublic
%ector, must create o-timal )alue from IT by 2aintaining a
balance bet-een realiing beneit% and o'ti2iing ri%) le$el% and
re%ource u%e
Inor2ation and related tec(nology need% to? Be go$erned and 2anaged in a .olistic 2anner or t(e entire
enter'ri%e,? Ta)e in t(e ull endtoend ,usiness and IT unctional area% o
re%'on%ibility,? Con%ider t(e ITrelated intere%t% o internal and eDternal
sta&e.olders
T(e Bu%ine%% Ca%e
A !4SI5ESS 'RAME6R7 'R THE
G%ER5A5CE A58 MA5AGEME5T ' E5TER+RISE IT
-
8/17/2019 Pengantar Cobit 5
8/48
IT7elated I%%ue%
Source Glo,al Status Re-ort on t.e Go)ernance of Enter-rise IT GEIT0 1 23$$ 7olling
Meado-%, I" IS&C& ITGI, !11
-
8/17/2019 Pengantar Cobit 5
9/48
>ri$er% or GEIT &cti$itie%
Source Glo,al Status Re-ort on t.e Go)ernance of Enter-rise IT GEIT0 1 23$$ 7olling
Meado-%, I" IS&C& ITGI, !11
-
8/17/2019 Pengantar Cobit 5
10/48
Enter'ri%e 7eadine%% or GEIT
Source Glo,al Status Re-ort on t.e Go)ernance of Enter-rise IT GEIT0 1 23$$ 7olling
Meado-%, I" IS&C& ITGI, !11
-
8/17/2019 Pengantar Cobit 5
11/48
3(at i% COBIT® 5
T.e +roduct 'amily…
Source COBIT® 5, igure 1 !1 IS&C&® &ll rig(t% re%er$ed
-
8/17/2019 Pengantar Cobit 5
12/48
Ma)ing It 7eal J =u%t Try It
• Integrate be%t, good and co22on indu%try 'ractice%
• Ca%cade goal% and ob#ecti$e%
• Mea%ure bot( 'eror2ance to-ard, and ac(ie$e2ent o,
goal%
• Ta)e t(e (oli%tic a''roac(K endtoend $ie-
• "in) in'ut% and out'ut% o )ey 2anage2ent 'ractice%
• Enable %ucce%% t(roug( integration and align2ent o
%ee2ingly di%connected go$ernance and 2anage2ent
acti$itie%
Em,race t.e Conce-ts Em,edded in C!IT *…
-
8/17/2019 Pengantar Cobit 5
13/48
COBIT® 5 +rinci'le%
Source COBIT® 5, igure !1 IS&C&® &ll rig(t% re%er$ed
Ba%ed on fi)e
&ey -rinci-les
or go$ernance
and 2anage2ento enter'ri%e IT
-
8/17/2019 Pengantar Cobit 5
14/48
COBIT® 5 J +rinci'le 1
+rinci-le $# Meeting Sta&e.older 5eeds
Source COBIT® 5, igure L !1 IS&C&® &ll rig(t% re%er$ed
Enter'ri%e% eDi%t to
create )alue or
t(eir %ta)e(older%
-
8/17/2019 Pengantar Cobit 5
15/48
COBIT® 5 J +rinci'le 1
T(e COBIT 5 goals cascade
tran%late% %ta)e(older need%
into %'eciic, actionable and
cu%to2ied goal% -it(in t(e
conteDt o t(e
? Enter'ri%e goal%,
? ITrelated goal% and? Enabler goal%
Source COBIT® 5, igure !1 IS&C&® &ll rig(t% re%er$ed
+rinci-le $# Meeting Sta&e.older 5eeds
-
8/17/2019 Pengantar Cobit 5
16/48
COBIT® 5 J Goal% Ca%cade
Generic Model 1 !ased on Sound Glo,al Researc.Ma''ing Sta)e(older .eed% to COBIT 5 Enter'ri%e Goal%
Ma''ing COBIT 5 Enter'ri%e Goal% to ITrelated Goal%
Ma''ing COBIT 5 ITrelated Goal% to +roce%%e%
A--endix !
A--endix 8
A--endix C
+roce%% Goal% and Sugge%ted Metric%C!IT *: Ena,ling +rocesses
-
8/17/2019 Pengantar Cobit 5
17/48
COBIT® 5 J +rinci'le
+rinci-le 2# Co)ering t.e Enter-rise End9to9end
Source COBIT® 5, igure 8 < co2bined !1 IS&C&® &ll rig(t% re%er$ed
? Enter'ri%e-ide, endto
end 'er%'ecti$e
? Inor2ation and related
tec(nology (.ere)er t(at inor2ation i% being
'roce%%ed
? 5T #u%t t(e IT unction
Go)ernance
System
7ey
Com-onents
-
8/17/2019 Pengantar Cobit 5
18/48
COBIT® 5 J +rinci'le L
+rinci-le # A--lying a Single Integrated 'rame(or&? &lign% -it( ot(er %tandard%
and ra2e-or)%
? Co2'lete in enter'ri%e
co$erage? Si2'le arc(itecture or
? %tructuring guidance
2aterial%? 'roducing a con%i%tent
'roduct %et? Integrate% all )no-ledge
're$iou%ly di%'er%ed o$er
dierent IS&C&@ITGI
ra2e-or)%Source COBIT® 5, igure 1!
!1 IS&C&® &ll rig(t% re%er$ed
-
8/17/2019 Pengantar Cobit 5
19/48
COBIT® 5 J +rinci'le
+rinci-le "# Ena,ling a Holistic A--roac.
? >ri$en by t(e goal%
ca%cade J goal% deine
-(at enabler% %(ould
ac(ie$e
? To ac(ie$e enter'ri%e
ob#ecti$e% con%ider an
interconnected %et o
enabler%
? So2e enabler% are t(e
enter'ri%e re%ource%
Source COBIT® 5, igure 1 !1 IS&C&® &ll rig(t% re%er$ed
-
8/17/2019 Pengantar Cobit 5
20/48
COBIT® 5 J +rinci'le
+rinci-le "# Ena,ling a Holistic A--roac.
1 T(e $e(icle% to
tran%late t(e de%ired
be(a$ior into 'ractical
guidance or daytoday2anage2ent
Source COBIT® 5, igure 1 !1 IS&C&® &ll rig(t% re%er$ed
-
8/17/2019 Pengantar Cobit 5
21/48
COBIT® 5 J +rinci'le
+rinci-le "# Ena,ling a Holistic A--roac.
>e%cribe an organied
%et o 'ractice% and
acti$itie% to ac(ie$e
certain ob#ecti$e% and'roduce a %et o out'ut%
in %u''ort o ac(ie$ing
o$erall ITrelated goal%
Source COBIT® 5, igure 1 !1 IS&C&® &ll rig(t% re%er$ed
-
8/17/2019 Pengantar Cobit 5
22/48
COBIT® 5 J +rinci'le
+rinci-le "# Ena,ling a Holistic A--roac.
L &re t(e )ey deci%ion
2a)ing entitie% in an
enter'ri%e T(ey can be
t(e traditional $ertical%tructure% or (oriontal
or lateral %tructure%9
Source COBIT® 5, igure 1 !1 IS&C&® &ll rig(t% re%er$ed
-
8/17/2019 Pengantar Cobit 5
23/48
Organiational Structure
'ormal org structure su--orted ,y cross9org structures
-
8/17/2019 Pengantar Cobit 5
24/48
COBIT® 5 J +rinci'le
+rinci-le "# Ena,ling a Holistic A--roac.
&''lie% to bot(
indi$idual% and o t(e
enter'ri%eK $ery oten
undere%ti2ated a% a%ucce%% actor in
go$ernance and
2anage2ent acti$itie%
Source COBIT® 5, igure 1 !1 IS&C&® &ll rig(t% re%er$ed
-
8/17/2019 Pengantar Cobit 5
25/48
COBIT® 5 J +rinci'le
+rinci-le "# Ena,ling a Holistic A--roac.
5 +er$a%i$e t(roug(out
any organiation and
include% all t(e
inor2ation 'roduced andu%ed by t(e enter'ri%e
Source COBIT® 5, igure 1 !1 IS&C&® &ll rig(t% re%er$ed
-
8/17/2019 Pengantar Cobit 5
26/48
COBIT® 5 J +rinci'le
+rinci-le "# Ena,ling a Holistic A--roac.
N T(e inra%tructure,
tec(nology and
a''lication% t(at 'ro$ide
t(e enter'ri%e -it(inor2ation tec(nology
'roce%%ing and %er$ice%
Source COBIT® 5, igure 1 !1 IS&C&® &ll rig(t% re%er$ed
-
8/17/2019 Pengantar Cobit 5
27/48
COBIT® 5 J +rinci'le
+rinci-le "# Ena,ling a Holistic A--roac.
+eo'le, and t(eir %)ill%
and co2'etencie%, are
reAuired or
? %ucce%%ul co2'letion
o all acti$itie% and
? or 2a)ing correct
deci%ion% and
? ta)ing correcti$eaction%
Source COBIT® 5, igure 1 !1 IS&C&® &ll rig(t% re%er$ed
-
8/17/2019 Pengantar Cobit 5
28/48
COBIT® 5 J +rinci'le
+rinci-le "# Ena,ling a Holistic A--roac.Enabler >i2en%ion%
T(i% co22on %et o di2en%ion%
? +ro$ide% a co22on, %i2'le and %tructured -ay to deal -it( enabler%
? &llo-% an entity to 2anage it% co2'leD interaction%
? Facilitate% %ucce%%ul outco2e% o t(e enabler%
Source COBIT® 5, igure 1L !1 IS&C&® &ll rig(t% re%er$ed
&ll enabler%
(a$e a %et o
co22ondi2en%ion%
-
8/17/2019 Pengantar Cobit 5
29/48
COBIT® 5 J +rinci'le
+rinci-le "# Ena,ling a Holistic A--roac.
Source COBIT® 5, igure 1L !1 IS&C&® &ll rig(t% re%er$ed
Enabler +eror2ance Manage2ent
&ctual Outco2e% &ctual Functioning
-
8/17/2019 Pengantar Cobit 5
30/48
COBIT® 5 J +rinci'le 5
+rinci-le *# Se-arating Go)ernance from Management
? >ierent acti$itie%
and dierentre%'on%ibilitie%
? Interaction%
bet-een t(e2 are
acilitated t(roug(
t(e Enabler%
Source COBIT® 5, igure 15 !1 IS&C&® &ll rig(t% re%er$ed
E>M9
+B7M9
-
8/17/2019 Pengantar Cobit 5
31/48
I2'le2entation Guidance
Source COBIT® 5, igure 1 !1 IS&C&® &ll rig(t% re%er$ed
-
8/17/2019 Pengantar Cobit 5
32/48
+roce%% Ca'ability Model
Source COBIT® 5, igure 1
-
8/17/2019 Pengantar Cobit 5
33/48
Business rame*or+ for !"e 'o,ernance an& Managemen! of
En!er-rise IT
• E.ecu!i,e Summar#
• O,er,ie* of COBIT 5
• c"a-!er on eac" of !"e fi,e -rinci-les
• Im-lemen!a!ion 'ui&ance
• T"e COBIT 5 Process Ca-abili!# Mo&el
• --en&ices: – References
– 'oals Ma-s
– S!a+e"ol&er Nee&s an& En!er-rise 'oals
– Ma''ing -it( t(e Mo%t 7ele$ant 7elated Standard% and Fra2e-or)%
– COBIT 5 Inor2ation Model and COBIT 1 Inor2ation Criteria
– >etailed >e%cri'tion o %e$en COBIT 5 Enabler%
–
Glo%%ary
3(at i% COBIT® 5 J TOC
T.e 'rame(or& document…,rea&ing it do(n
'age%
'age%
1 'age%K to N 'age% eac(
5 'age% J intro to t(e Guide
5 'age% J intro to t(e Model
1 'age
5 'age%
'age%
5 'age%
1 'age
L 'age%K to N 'age% eac(
5 'age%
-
8/17/2019 Pengantar Cobit 5
34/48
&e!aile& reference gui&e !o !"e -rocesses !"a! are &efine& in !"e
COBIT 5 -rocess reference mo&el/
• In!ro&uc!ion
• 'oals Casca&e an& Me!rics
• Process Mo&el
• Process Reference Mo&el
• Process Reference 'ui&e Con!en!s – 0e!aile& -rocess1rela!e& con!en! s!ruc!ure
– In-u!s an& Ou!-u!s
– 'eneric 'ui&ance for Processes
– 0e!aile& -rocess con!en! for eac" -rocess
• --en&ices: – Ma--ing COBIT 5 *i!" legac# ISC rame*or+s
– 'oals Ma-s
COBIT® 5 Enabling +roce%%e%
Ena,ling +rocesses Ena,ler Guide…,rea&ing it do(n
-
8/17/2019 Pengantar Cobit 5
35/48
&e!aile& reference gui&e !o !"e -rocesses !"a! are &efine& in !"e
COBIT 5 -rocess reference mo&el/
• In!ro&uc!ion
• 'oals Casca&e an& Me!rics
• Process Mo&el
• Process Reference Mo&el
• Process Reference 'ui&e Con!en!s – 0e!aile& -rocess1rela!e& con!en! s!ruc!ure
– In-u!s an& Ou!-u!s
– 'eneric 'ui&ance for Processes
– 0e!aile& -rocess con!en! for eac" -rocess
• --en&ices: – Ma--ing COBIT 5 *i!" legac# ISC rame*or+s
– 'oals Ma-s
3(at i% COBIT® 5
Ena,ling +rocesses Ena,ler Guide…,rea&ing it do(n
1 'age
N 'age%
L 'age%
'age%
L 'age%
8 'age%
one lin) to t(e +roce%% Ca'ability Model
See slide ; for structure
re'eat% eDtend%ra2e-or)
Broad or uni$er%al in'ut% and out'ut%
5 'age%K re'eat o 2a'% in t(e ra2e-or)
18N 'age%K L < 'age% eac(
-
8/17/2019 Pengantar Cobit 5
36/48
Enabling +roce%%e%
Ena,ler 8imensions 1 +rocesses
Source COBIT® 5 Enabling +roce%%e%, igure 8 !1 IS&C&® &ll rig(t% re%er$ed
Goal% dri$en by
goal% ca%cade
Eac" -rocess is &efine&%
crea!e&% o-era!e&% an&
a&2us!e& 3 u-&a!e& or re!ire&/
Process
Reference
Mo&el 7&CI c(art%
Process
Ca-abili!# Mo&el
Process
Ca-abili!#
ssessmen!s
$imi!e&number of
e.am-le
me!rics
-
8/17/2019 Pengantar Cobit 5
37/48
+roce%% 7eerence Model
-
8/17/2019 Pengantar Cobit 5
38/48
• Process I&en!ifica!ion
• Process 0escri-!ion
• Process Pur-ose S!a!emen!
•
'oal Casca&e Informa!ion• Process 'oals an& Me!rics
• RCI C"ar!
• 0e!aile& 0escri-!ion of Process Prac!ices – Prac!ice !i!le an& &escri-!ion
–
Prac!ice in-u!s an& ou!-u!s *3in&ica!ion of origin 4 &es!ina!ion – Process ac!i,i!ies fur!"er &e!ailing !"e -rac!ices
• Rela!e& 'ui&ance
+roce%% Content
Ena,ling +rocesses: Content Structure for All +rocesses
but re2e2ber t(e
broad or uni$er%alin'ut%
-
8/17/2019 Pengantar Cobit 5
39/48
Process I&en!ifica!ion% Process 0escri-!ion% Process Pur-ose S!a!emen!
&n EDa2'le +roce%%
A+3* 1 Manage +ortfolio
-
8/17/2019 Pengantar Cobit 5
40/48
'oal Casca&e Informa!ion
&n EDa2'le +roce%%
A+3* 1 Manage +ortfolio
-
8/17/2019 Pengantar Cobit 5
41/48
Process 'oals an& Me!rics
&n EDa2'le +roce%%
A+3* 1 Manage +ortfolio
-
8/17/2019 Pengantar Cobit 5
42/48
&n EDa2'le +roce%%
-
8/17/2019 Pengantar Cobit 5
43/48
&n EDa2'le +roce%%
0e!aile& 0escri-!ion of Process Prac!icesA+3* 1 Manage +ortfolio
-
8/17/2019 Pengantar Cobit 5
44/48
&n EDa2'le +roce%%
0e!aile& 0escri-!ion of Process Prac!icesA+3* 1 Manage +ortfolio
-
8/17/2019 Pengantar Cobit 5
45/48
&n EDa2'le +roce%%
Rela!e& 'ui&anceA+3* 1 Manage +ortfolio
-
8/17/2019 Pengantar Cobit 5
46/48
"earning Ob#ecti$e%
&''reciate t(e Bac)ground Be(ind COBIT® 5
*nder%tand t(e Fi$e COBIT® 5 +rinci'le%
*nder%tand t(e Se$en COBIT® 5 Enabler%
no- Ho- to .a$igate t(e /COBIT ® 5 0 ra2e-or) docu2ent
no- Ho- to .a$igate /COBIT ® 5: Enabling Processes0
-
8/17/2019 Pengantar Cobit 5
47/48
I2'le2entation C(allenge%
Source Glo,al Status Re-ort on t.e Go)ernance of Enter-rise IT GEIT0 1 23$$ 7olling
Meado-%, I" IS&C& ITGI, !11
-
8/17/2019 Pengantar Cobit 5
48/48
6ue%tion%P
bobrelingerQoracleco2 or
bobrelingerQitgo$(el'co2