Upload
itpreneurs
View
260
Download
12
Tags:
Embed Size (px)
DESCRIPTION
Â
Citation preview
COBIT is a registered trademark of the Information Systems Audit and Control Association © Copyright 2010 by ITpreneurs Nederland B.V. All rights reserved
INSTRUCTOR GUIDEversion 1.0
Sample
Mate
rial -
Not for
Rep
rint
The information contained in this classroom material is subject to change without notice. This material contains proprietary information that is protected by copyright. No part of this material may be photocopied, reproduced, or translated to another language without the prior consent of ITpreneurs Nederland B.V.
© Copyright 2010 by ITpreneurs Nederland B.V. All rights reserved.
COBIT is a registered trademark of ISACA and the IT Governance Institute. The course content is based on COBIT V4.1
The language used in this course is US English. Our sources of reference for grammar, syntax, and mechanics are The Chicago Manual of Style, The American Heritage Dictionary, and the Microsoft Manual of Style for Technical Publications.
Sample
Mate
rial -
Not for
Rep
rint
3
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
F O U N D A T I O N
4.1 Instructor Guide
Contents
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
Module 1: Course Introduction 1
Module 2: Why COBIT: Context in organizations, and the need for IT Governance 11
Module 3: COBIT: An Introduction 51
Assignment I: IT Challenges for Callwick 77
Module 4: The COBIT Cube 81
Assignment II: Video on Demand is Launched 111
Module 5: The COBIT Components - Part 1 117
Assignment III: Preparing for the Management Meeting 149
Module 6: The COBIT Components - Part 2 155
Assignment IV: The Resolution for Callwick 189
Module 7: Assurance Guidance 195
Module 8: COBIT Resources 217
Module 9: Inter-relationships with other IT Frameworks, Standards and Regulations 245
Module 10: Exam Preparation Guide 283
Appendix I: Case Study: Callwick 309
Appendix II: Glossary 313
Appendix III: COBIT Foundation Exam Requirements 319
Appendix VI: Process Description of AI4 and ME1 329
Appendix V: Process Description of P010 and DS2 339
Appendix VI: COBIT Processes and Their Objectives 349
Appendix VII: Linking Business Goals and IT Goals 355
Appendix VIII: Mapping IT Process to IT Governance Focus Areas 359
Appendix IX: Answers (Not Applicable For Instructor Guide) N/A
Feedback Form 361
Contents
Sample
Mate
rial -
Not for
Rep
rint
Sample
Mate
rial -
Not for
Rep
rint
F O U N D A T I O N
4.1
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
Module 1: Course Introduction
Sample
Mate
rial -
Not for
Rep
rint
F O U N D A T I O N
2Instructor Guide4.1
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
Sample
Mate
rial -
Not for
Rep
rint
F O U N D A T I O N
3Instructor Guide4.1
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
Delivery InstructionsExplain the objectives of this course.
Sample
Mate
rial -
Not for
Rep
rint
F O U N D A T I O N
4Instructor Guide4.1
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
Delivery InstructionsExplain the Modules of this course.
Sample
Mate
rial -
Not for
Rep
rint
F O U N D A T I O N
5Instructor Guide4.1
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
Delivery InstructionsTake the group through the agenda and the schedule. Discuss the content of each module in detail. Stress the fact that there is an exam at the end of the course so that the learners pay extra attention to the lectures.
Sample
Mate
rial -
Not for
Rep
rint
F O U N D A T I O N
6Instructor Guide4.1
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
Sample
Mate
rial -
Not for
Rep
rint
F O U N D A T I O N
7Instructor Guide4.1
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
Sample
Mate
rial -
Not for
Rep
rint
F O U N D A T I O N
8Instructor Guide4.1
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
Delivery InstructionsGive the group a brief overview of the course, the background of COBIT and the overall COBIT training program.
Stress the fact that most COBIT users or people who are aware of COBIT are only conscious of it in parts. Very few people are familiar with all the components of COBIT.
Although awareness of COBIT and its use is becoming quite widespread, few organizations understand it completely.Sam
ple M
ateria
l - Not
for R
eprin
t
F O U N D A T I O N
9Instructor Guide4.1
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
Delivery InstructionsGive the group a brief overview of the course, the background of COBIT and the overall COBIT training program.
Stress the fact that most COBIT users or people who are aware of COBIT are only conscious of it in parts. Very few people are familiar with all the components of COBIT.
Although awareness of COBIT and its use is becoming quite widespread, few organizations understand it completely.Sam
ple M
ateria
l - Not
for R
eprin
t
Sample
Mate
rial -
Not for
Rep
rint
F O U N D A T I O N
4.1
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
Module 2: Why COBIT: Context in organizations, and the need for IT Governance
Sample
Mate
rial -
Not for
Rep
rint
F O U N D A T I O N
12Instructor Guide4.1
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
Delivery InstructionsWalk the participants through the key topics of the module.
Sample
Mate
rial -
Not for
Rep
rint
F O U N D A T I O N
13Instructor Guide4.1
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
Speaking PointsThis module focuses on the need for and the context of an IT governance and control framework, such as COBIT. You will learn about:
y The key challenges encountered in IT and the business impact of those challenges.
y What governance is in the first place, followed by a discussion on what enterprise governance is
y IT governance, its key principles and business focus areas
y Stakeholders for IT governance implementation, their roles and responsibilities, and their specific concerns
Delivery InstructionsExplain the objectives of this module to give an overview of IT governance, as defined by Information Technology Governance Institute (ITGI), and to explain the need for a controls-based framework to support IT governance.
Sample
Mate
rial -
Not for
Rep
rint
F O U N D A T I O N
14Instructor Guide4.1
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
Sub Topics: Overview Keeping IT Running Aligning IT with Business Value Security Regulatory Compliance Mastering Complexity CostsSam
ple M
ateria
l - Not
for R
eprin
t
F O U N D A T I O N
15Instructor Guide4.1
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
Most organizations also operate in a dynamic marketplace, with varying levels of business demands. It is no surprise, therefore, that managing complex technologies in the modern-day business environment is a complex and challenging task. We will look at some examples as we go.
Speaking PointsOrganizations today commit heavily to IT. As a result, they invest significant amounts of money and resources in IT. Their dependency on IT to run normal business operations and enable new, strategic objectives has never been as high as it is today.
Sample
Mate
rial -
Not for
Rep
rint
F O U N D A T I O N
16Instructor Guide4.1
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
Here is some context: In 1969, mainframes were used to perform calculations and processing. It often took an entire day to complete one task. Today, we talk of processing millions of complex transactions within seconds. Without this, customer support departments would have looked very different than they do today; providing 24/7 on-demand support would be unimaginable.
Consequently, a single breakdown can incur losses to the tune of millions. As a result, fast computers and the Internet have now become a necessity rather than a luxury, as during the mainframe age.
Speaking PointsModern organizations rely heavily on IT. The impact of any IT systems failure is huge. Take power failure for example. The business impact of power failure is almost unimaginable today.
Business-as-usual would come to a standstill if internal IT systems fail, for example, e-mail, document processing, tracking, reporting and so on
A seemingly simple failure, such as a server exceeding its storage capacity, can bring an entire department to a halt.
In even more critical business processes, such as Internet banking and order processing, the impact is, of course, far greater, and negatively impacts revenues and reputation.
Sample
Mate
rial -
Not for
Rep
rint
F O U N D A T I O N
17Instructor Guide4.1
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
The role of CIO, in several enterprises, is undergoing a change; CIOs are increasingly acting as a bridge between the business and IT.
ExampleTake the example of a builder. The builder constructs according to requirements and budgets. If requirements aren’t clear at the beginning and there is no coordination between budgets and eventual costs, the cost of construction will shoot up. The bottom line is that if an organization’s reliance on IT increases, the challenge lies in ensuring that IT meets business needs.
Speaking PointsAligning IT with business is more important than ever these days.
In most organizations, business and IT are usually not aligned with the same goals. Consequently, their decisions and actions are not always synchronized, leading to failed IT projects, loss of money and time, and a sense of overall discouragement in undertaking larger IT projects.
Sample
Mate
rial -
Not for
Rep
rint