Cobit overview

1

Transforming Transforming Enterprise ITEnterprise IT

Speaker Name/TitleSpeaker Name/TitleDateDate

2009 ISACA All Rights reserved. 2

IT Requires Executive OversightIT Requires Executive Oversight

• An apparel manufacturing company’s difficulties in installing supply chain software cost it an estimated US $200 million

• A publicly traded company admitted that a virtual collapse of its financial reporting system reduced its market value by one-third in a single day

• An operational meltdown after the merger of two transportation companies was traced to the inability to coordinate their IT systems

With good reason:


Oversight Can Lead to Value CreationOversight Can Lead to Value Creation

• A major airline’s supply chain transformation improved the forecast of demand, reduced procurement costs and increased service levels while costs fell

• A technology products and services company saved US $12 billion over two years by linking up disparate pieces of its supply chain, thereby reducing inventory levels

IT can provide significant benefits, too:


IT Governance Is the Key IssueIT Governance Is the Key Issue

• Enterprises are sacrificing money, productivity and competitive advantage by not implementing effective IT governance

• Executives need a better way to:– Direct IT for optimal

advantage– Measure the value provided

by IT– Manage IT-related risks


CCOBIOBITT® ® is a Road Map to Good IT Governanceis a Road Map to Good IT Governance

• Accepted globally as a set of tools that ensures IT is working effectively

• Functions as an overarching framework • Provides common language to communicate goals, objectives

and expected results to all stakeholders• Based on, and integrates, industry standards and good

practices in:– Strategic alignment of IT with business goals– Value delivery of services and new projects– Risk management– Resource management– Performance measurement


Developed by the Leader in IT GovernanceDeveloped by the Leader in IT Governance

Professional association with 86,000 constituents. Worldwide leader in IT governance, control, security

and assurance.Offers the CISA, CISM and CGEIT certifications.

Control Objectives for Information and related Technology


CCOBIOBITT®® Business Benefits Business Benefits

COBIT® provides guidance for executive management to govern IT within the enterprise

• More effective tools for IT to support business goals

• More transparent and predictable full life-cycle IT costs

• More timely and reliable information from IT

• Higher quality IT services and more successful projects

• More effective management of IT-related risks


Harmonising the Elements of IT GovernanceHarmonising the Elements of IT Governance

IT Governance

ResourceManagement

Strate

gic

Alignment Value

Delivery

Performan

ce

Measu

remen

tR

isk

Man

agem

ent


A Closer Look at


CCOBIOBITT®® Answers Key Business Questions Answers Key Business Questions

Is my information technologyorganisation doing the right things?

Are we doing them the right way?

Are we getting them done well?

Are we getting the benefits? *

Is my information technologyorganisation doing the right things?

Are we doing them the right way?

Are we getting them done well?

Are we getting the benefits? *

* Based on the “Four Ares” as described by John Thorp in his book The Information Paradox, written jointly with Fujitsu, first published in 1998 and revised in 2003


The CThe COBIOBITT®® Framework Framework


CCOBIOBITT® ® Defines Processes, Goals and MetricsRelationship Amongst Process, Goals and Metrics (DS5)


Defined Responsibilities for Each ProcessDefined Responsibilities for Each Process

Link business goals to IT goals. C IA/R

I C

Identify critical dependencies and current performance.

C C RA/R

C C C C C C

Build an IT strategic plan. A C C R I C C C C I C

Build IT tactical plans. C I A C C C C C R I

Analyse programme portfolios and manage project and service portfolios.

C I I A R R C R C C I

RACI Chart

Activities Funct

ionsA RACI chart identifies who is Responsible,

Accountable, Consulted and/or Informed.


CCOBIOBITT®® Products and Their Primary Audience Products and Their Primary Audience

COBIT, Risk IT and Val IT frameworks Implementing and

Continually Improving IT Governance

COBIT User Guide for Service Managers

COBIT and Application Controls


• COBIT is often used at the highest level of IT governance • It harmonises practices and standards such as

ITIL, ISO 27001 and 27002, and PMBOK– Improves their alignment

to business needs – Covers full spectrum of

IT-related activities

CCOBIOBITT® ® Harmonises Other StandardsHarmonises Other Standards

27001/2


Used by Organisations WorldwideUsed by Organisations Worldwide

(for complete case studies visit www.isaca.org/cobitcasestudies)

‘We continue to recommend that enterprises use [COBIT] to challenge their established IT governance procedures

and to improve the controls they have in place.’ —Gartner

also used by Allstate, Harley-Davidson, the Bahrain Civil Service Bureau and many others


Getting StartedGetting StartedVisit www.isaca.org/cobit to download the COBIT® framework

Education

Cobit overview