Cobit 7 Enablers

[Niobe Hennigan]

ISACAa globally renowned organization, developed Control Objectives for Information and Related Technology (COBIT). It strikes a balance between risk management and information technology governance. In addition, employs an IT strategy to help the company achieve its business objectives and provides internationally acknowledged concepts, methods, and analytical tools.

COBIT is defined as a framework that helps businesses to govern and manage the IT department within the organization. Implementing COBIT plays a crucial role in achieving business success. This ISACA designed framework further enables businesses to align their IT processes in accordance with the goals of the business. In addition, COBIT framework ensures that the resources are optimally utilized and potential risks are mitigated. Applying COBIT has allowed various businesses to spend less on IT services secured internally by effective use of information technology.

The COBIT 5 approach entitles businesses to track their information assets using advanced methods. This empowers organizations to make better decisions and survive in the industry. With COBIT 5, businesses can streamline their IT and business processes for deriving more useful information. In order to apply the COBIT framework and realize its benefits businesses can recruit COBIT 5 Assessor and Implementers. Such certified professionals possess the advanced skill to implement the COBIT 5 framework as per the needs of businesses.

According to this principle, organizations should always prioritize stakeholder demands since they can only succeed if all their needs are satisfied. This principle focuses on stakeholder governance, negotiation, and decision-making in the case of conflicting stakeholder requirements. While making management and IT governance decisions, the company should consider how and which stakeholder would profit from the decision. Also, the risks faced by stakeholders should be listed in detail.

COBIT 5 combines IT governance with organizational governance in this principle, which encompasses all information and technology management processes. In addition, this approach combines even business processes and IT governance. As a result, COBIT framework enables the identification of any possible threats to the company.

The organization can utilize COBIT 5 as a single integrated framework. Rapid changes of IT are necessitating organizations to meet the demands from stakeholders, suppliers, and consumers. As a result, the COBIT 5 framework enables organizations to have an integrated framework (which includes other applicable standards, techniques, and frameworks such as PRINCE2, TOGAF, ISO 27001, and others) that ensures consistency and coverage.

Organizations should consider the broader structure and processes of governance and management before making significant choices. Enablers are being used in COBIT 5 to help with governance and IT management. The major component that promotes the effectiveness of both government and IT-related activities is enablers. It may be used throughout the company, including all internal and external resources involved in IT governance and management.

In terms of activities, responsibilities, support system organization, and structure, the government and management are quite different. As a result, COBIT 5 separates the governance from management, implementing EDM for governance and PBRM for management.

A number of goals can be found in an enabler. If these goals are achieved, the enabler provide greater value. The enabler goals are the final step in the COBIT 5 goals cascade. These goals can be further split up in to three different categories: Intrinsic quality, Contextual quality and Access and security.

Each enabler has a Life Cycle. This starts from inception through an operational/useful life until disposal. This applies to information, structures, processes and policies. The phases of the life cycle consist of plan, design and build/acquire/create/implement and use/operate.

And finally, good practices can be defined. They provide examples or suggestions on how best to implement the enabler as well as what work products or inputs and outputs are required in order to support the achievement of the enabler goals.

All four parts of the Enabler Dimension can be found in all 7 enablers. This rule also applies for Enabler Performance Management which supports the practical use of enablers as well as the positive outcomes expected from the application.

It supports this by asking 4 questions. The first group of questions: Are stakeholder needs addressed? and Are enabler goals achieved? identify and measure the achievement of goals. These are called lag indicators. The second group: Is the enabler life cycle managed? and Are good practices applied? focus on the application of practice, dealing with the actual functioning of the enabler and metrics. These are known as lead indicators.

COBIT stands for Control Objectives for Information and Related Technology. What is it? Put simply, it is a framework for enterprise wide governance to include business functions, information and information technology resources. The COBIT framework provides a structure upon which to build an enterprise governance program. Whereas previous versions of COBIT enumerated and focused on control objectives, the latest version of COBIT, version 5, has transitioned to governance and management guiding principles and enablers. The framework is becoming less recognized by its expanded definition (Control Objectives for Information and Related Technology) and is today essentially referred to as just COBIT.

COBIT is not prescriptive in nature. It outlines a high level approach for implementing a governance program that extends across the entire enterprise and can involve everyone (depending on the level of implementation) from the Chairman of the Board down to the employees in the various departments of the organization. At the heart of COBIT 5 are five key principles and seven enablers. This blog post is intended as introduction to and summary of COBIT 5 and will cover the key principles and enablers at a high level and end with a few thoughts on implementing COBIT.

One of the primary points of emphasis of the five key principles is to optimize investments made in information technology and leverage the gains for the benefit of the organizational stakeholders. Taken from the COBIT 5 documentation, Figure 1 depicts the five key principles of COBIT.

This COBIT 5 principle denotes the coverage of the COBIT 5 governance framework; it includes all functions and processes needed to execute a governance program for information and related technologies. COBIT 5 is comprehensive, establishing governance capabilities ranging IT services to business process functions enabled by the people, processes and technology of the enterprise.

The COBIT 5 governance framework is non-technical and technology agnostic. It allows for the alignment and integration of other frameworks, such as ITIL, TOGAF and ISO, as well as supporting standards and practices. It is designed to produce a consistent product set and contains a set of good practices that support the COBIT enablers.

These seven enablers are intertwined and dependent upon each other. The output of one enabler also serves as the input to another. For example, organizational structures consist of competent and skilled people that use information to make decisions regarding principles, policies and processes for the enterprise.

Under the realm of governance, the practices of Evaluate, Direct and Monitor are established and are part of each of the governance processes defined by the COBIT 5 governance and process reference model. Within the management realm, four domains (Plan, Build, Run and Monitor) are supported by multiple processes. Each of the four management domains is further decomposed as follows:

The 7 COBIT enablers (principles, policies and frameworks, processes organizational structures, culture, ethics and behaviour, information services, infrastructure and applications, people, skills and competencies) are all described by a common structure which helps us both understand and use the enabler in practice.

The structural portion of the enabler, enabler dimensions, provides a common, simple and structured way to deal with enablers, allows an entity to manage its complex interactions and facilitates successful outcomes of the enablers while the second structural portion, the enabler performance management, supports the positive outcomes expected from the application and practical use of enablers.

The second of the two structures consists of four questions which are used to identify and measure the achievement of goals (or lag indicators) and the application of practice (lead indicators). The four questions are:

COBIT 5 is a framework for managers for managing information technology. COBIT stands for Control Objectives for Information and Related Technology. It has been designed as a tool to bridge the gap between technical issues, risks, and control objectives.

COBIT 5 is a recognised guideline and can be applied to pretty much any organisation in any industry. COBIT 5 guarantees the quality, control, and reliability of the information systems within organisations. The goal of COBIT is to optimise the Governance of Enterprise IT (GEIT)

COBIT is used all over the world by different organisations because it offers a manual to create added value and manage risks. Properly functioning and efficient information technology solutions are very important for organisations. It helps ensure that the right information reaches the right places at the right time, supporting internal decision making.

It also helps towards achieving strategic planning goals. In turn, organisations have to keep the risks at acceptable levels and optimise IT processes. Moreover, they need to comply with laws and regulations.

3a8082e126