ENTERPRISE IT GOVERNANCE COBIT 5 presentation

26 3 0
  • Loading ...
1/26 trang

Thông tin tài liệu

Ngày đăng: 14/09/2019, 21:39

ENTERPRISE IT GOVERNANCE USING COBIT5 Trainer:John Doan E-mail:dedoan@gmail.com Cellphone:(+84)938-491-888 SourcefromISACA dedoan@gmail.com A BUSINESS FRAMEWORK FOR THE GOVERNANCE AND MANAGEMENT OF ENTERPRISE IT APEXLearningContentDevelopmentTeam Information! v Information is a key resource for all enterprises v Information is created, used, retained, disclosed and destroyed v Technology plays a key role in these actions v Technology is becoming pervasive in all aspects of business and personal life What benefits information and technology bring to enterprises? dedoan@gmail.com APEXLearningContentDevelopmentTeam Enterprise Benefits Enterprises and their executives strive to: v Maintain quality information to support business decisions v Generate business value from IT-enabled investments, i.e., achieve strategic goals and realise business benefits through effective and innovative use of IT v Achieve operational excellence through reliable and efficient application of technology v Maintain IT-related risk at an acceptable level v Optimise the cost of IT services and technology How can these benefits be realised to create enterprise stakeholder value? dedoan@gmail.com APEXLearningContentDevelopmentTeam What is COBIT? Control Objectives for Information and Related Technology Evolution of scope GovernanceofEnterpriseIT IT Governance Val IT 2.0 Management (2008) Control Risk IT (2009) Audit COBIT1 1996 COBIT2 1998 COBIT3 2000 COBIT4.0/4.1 2005/7 COBIT5 2012 A BUSINESS FRAMEWORK FOR THE GOVERNANCE AND MANAGEMENT OF ENTERPRISE IT dedoan@gmail.com APEXLearningContentDevelopmentTeam COBIT Product Family dedoan@gmail.com APEXLearningContentDevelopmentTeam Meeting Stakeholder needs Separating Governance from Management COBIT5 Coveringthe Enterprise End-to-end Principles Enablinga Holistic Approach dedoan@gmail.com Applyinga Single Integrated Framework APEXLearningContentDevelopmentTeam Meeting Stakeholder Needs dedoan@gmail.com APEXLearningContentDevelopmentTeam Benefits Realisation Stakeholder value of business investments FINANCIAL CUSTOMER INTERNAL Customeroriented service culture Optimisation of business process functionality LEARNING AND GROWTH dedoan@gmail.com Risk Realisation Portfolio of competitive products and services Managed business risk (safeguarding of assets) Business service continuity and availability Agile responses to a changing business environment Optimisation of business process costs Resource Realisation Compliance with external laws and regulations Financial transparency Informationbased strategic decision making Optimisation of service delivery costs Operational and staff productivity Compliance with internal policies Managed business change programmes Skilled and motivated people Product and business innovation culture APEXLearningContentDevelopmentTeam BUSINESSVALUE FINANCIAL Alignmentof ITand business strategy Commitmentof executivemanagement formakingIT-related decisions ITcomplianceandsupportforbusiness compliancewithexternallawsandregulations CUSTOMER INTERNAL LEARNING AND GROWTH dedoan@gmail.com DeliveryofITservicesinlinewith businessrequirements v ITagility v Securityofinformation,processing infrastructureandapplications v Optimisation ofITassets, resourcesandcapabilities v ITcompliancewithinternalpolicies Competentandmotivated businessandITpersonnel ManagedITrelated businessrisk TransparencyofIT costs,benefits andrisk Realised benefitsfromIT-enabled investmentsandservicesportfolio Adequateuseofapplications, informationandtechnologysolutions v Deliveryofprogrammes delivering benefits,ontime,onbudget,and meetingrequirementsandquality standards v Enablementandsupportofbusiness processesbyintegratingapplicationsand technologyintobusinessprocessess Knowledge,expertiseand initiativesforbusinessinnovation APEXLearningContentDevelopmentTeam 10 IT-Related Goals Commitmentofexecutive managementformakingITrelateddecisions AlignmentofITandbusiness P strategy P Realised benefitsfromITenabledinvestmentsand servicesportfolio P TransparencyofITcosts, benefitsandrisk dedoan@gmail.com S Portfolioofcompetitive productsandservices Managedbusinessrisk (safeguardingofassets) Compliancewithexternallaws andregulations Financialtransparency Customer-orientedservice culture Businessservicecontinuityand availability Agileresponsestoachanging businessenvironment Information-basedstrategic decisionmaking Optimisation ofservicedelivery costs Optimisation ofbusiness processfunctionality Optimisation ofbusiness processcosts Managedbusinesschange programmes Operationalandstaff productivity Compliancewithinternal policies Skilledandmotivatedpeople Productandbusinessinnovation culture Stakeholdervalueofbusiness investments Enterprise Goals P ITcomplianceandsupport forbusinesscompliance withexternallawsand regulations S ManagedIT-relatedbusiness risk S S P S P S P S APEXLearningContentDevelopmentTeam P S S P P S P S S S S P S S P P S S S P P P P P P S S S S S S S S S 12 IT-Related Goals dedoan@gmail.com Stakeholdervalueofbusiness investments Portfolioofcompetitive productsandservices Managedbusinessrisk (safeguardingofassets) Compliancewithexternallaws andregulations Financialtransparency Customer-orientedservice culture Businessservicecontinuityand availability Agileresponsestoachanging businessenvironment Information-basedstrategic decisionmaking Optimisation ofservicedelivery costs Optimisation ofbusiness processfunctionality Optimisation ofbusiness processcosts Managedbusinesschange programmes Operationalandstaff productivity Compliancewithinternal policies Skilledandmotivatedpeople Productandbusinessinnovation culture Enterprise Goals Deliveryofprogrammes deliveringbenefits,ontime, P onbudget,andmeeting requirementsandquality standards S S Availabilityofreliableand usefulinformationfor decisionmaking S S S S S S ITcompliancewithinternal policies Competentandmotivated businessandITpersonnel S S Knowledge,expertiseand initiativesforbusiness innovation S P P S S P P S S S P S S S APEXLearningContentDevelopmentTeam P S P P S P S S P 13 Anenterprisehasdefinedforitselfa numberofstrategicgoals,ofwhich improvingcustomersatisfactionisthe mostimportant Fromthere,itwantsto knowwhereitneedstoimproveinall thingsrelatedtoIT dedoan@gmail.com APEXLearningContentDevelopmentTeam Enterprise Goals 14 The enterprise decides that setting customer satisfaction as a key priority is equivalent to raising the priority of the following enterprise goals: v Customer –oriented service culture v Business service continuity and availability v Agile responses to a changing business environment dedoan@gmail.com APEXLearningContentDevelopmentTeam IT-related Goals 15 The enterprise now takes the next step in the goals cascade: analysing which IT-related goals correspond to these enterprise goals A suggested mapping between them is listed in appendix B v Alignment of IT and business strategy v Managed IT-related business risk v Delivery of IT services in line with business requirements v IT agility v Security of information, processing infrastructure and applications v Availability of reliable and useful information for decision making v Knowledge, expertise and initiatives for business innovating dedoan@gmail.com APEXLearningContentDevelopmentTeam Covering the Enterprise End-to-end 16 Source: COBIT® 5, figure â 2012 ISACAđ All rights reserved Source: COBITđ 5, figure â 2012 ISACAđ All rights reserved dedoan@gmail.com APEXLearningContentDevelopmentTeam Applying a Single Integrated Framework 17 — COBIT aligns with the latest relevant other standards and frameworks used by enterprises: — Enterprise: COSO, COSO ERM, ISO/IEC 9000, ISO/IEC 31000 — IT-related: ISO/IEC 38500, ITIL, ISO/IEC 27000 series, TOGAF, PMBOK/PRINCE2, CMMI dedoan@gmail.com APEXLearningContentDevelopmentTeam Enabling a Holistic Approach 18 Processes Organization Culture, Ethicsand Behaviour Principles,PoliciesandFrameworks Information Services, Infrastructure andApplications People, Skillsand Competencies Resources dedoan@gmail.com APEXLearningContentDevelopmentTeam Separating Governance From Management 19 dedoan@gmail.com APEXLearningContentDevelopmentTeam COBIT Process Reference Models 20 37Processes dedoan@gmail.com APEXLearningContentDevelopmentTeam 21 dedoan@gmail.com COBITIMPLEMENTATION APEXLearningContentDevelopmentTeam COBIT Coverage of Other Standards and Frameworks 22 Evaluate,DirectandMonitor ISO/IEC38500 Align,Plan,Organize TOGAF ISO/IEC31000 ISO/IEC27000 PRINCE2/PMBOK CMMI Build,AcquireandImplement ITIL2011and ISO/IEC20000 dedoan@gmail.com Monitor, Evaluate Deliver,ServiceandSupport andAssess APEXLearningContentDevelopmentTeam Assessment Overview 23 ProcessAssessmentModel AssessmentProcess dedoan@gmail.com APEXLearningContentDevelopmentTeam Process Capability Levels 24 Level Optimizing process Optimizing Theprocessiscontinuouslyimprovedtomeetrelevant currentandprojectedbusinessgoals Predictable Theprocessisenactedconsistently withindefinedlimits Established Adefinedprocessisusedbasedona standardprocess Level2 PA2.1 PA2.2 PA 5.1 PA 5.2 Level4 PA4.1 PA4.2 Level3 PA3.1 PA3.2 Processmeasurementattribute Processcontrolattribute Processdefinitionattribute Processdeploymentattribute Managedprocess Performancemanagementattribute Workproductmanagementattribute Process performance attribute Level Incomplete process dedoan@gmail.com Predictableprocess Establishedprocess Level Performed process PA 1.1 Process innovation attribute Process optimization attribute Managed Theprocessismanagedandwork productsareestablished, controlledandmaintained Performed Theprocessisimplementedand achievesitsprocesspurpose Incomplete Theprocessisnotimplementedorfailsto achieveitspurpose APEXLearningContentDevelopmentTeam Capability Maturity Assessment 25 dedoan@gmail.com APEXLearningContentDevelopmentTeam 26 Q&A dedoan@gmail.com APEXLearningContentDevelopmentTeam ... 1996 COBIT2 1998 COBIT3 2000 COBIT4 .0/4.1 20 05/ 7 COBIT 5 2012 A BUSINESS FRAMEWORK FOR THE GOVERNANCE AND MANAGEMENT OF ENTERPRISE IT dedoan@gmail.com APEXLearningContentDevelopmentTeam COBIT. .. is COBIT? Control Objectives for Information and Related Technology Evolution of scope Governance of Enterprise IT IT Governance Val IT 2.0 Management (2008) Control Risk IT (2009) Audit COBIT1 ... Deliveryof IT servicesinlinewith businessrequirements v IT agility v Securityofinformation,processing infrastructureandapplications v Optimisation of IT assets, resourcesandcapabilities v IT compliancewithinternalpolicies
- Xem thêm -

Xem thêm: ENTERPRISE IT GOVERNANCE COBIT 5 presentation , ENTERPRISE IT GOVERNANCE COBIT 5 presentation

Gợi ý tài liệu liên quan cho bạn