Cobit 2019 Overview

[Aide Broeckel]

Inan era where technology plays an ever-increasing role in the operation and strategy of businesses, IT professionals need to understand the frameworks and methodologies that can guide effective IT governance and management. This comprehensive presentation titled "Cobit: IT Governance Overview and ITIL Mapping" endeavors to illuminate these essential components for IT professionals across many industries.

The presentation first provides the audience with a fundamental understanding of IT Governance. This critical process ensures the effective and efficient use of IT in enabling an organization to achieve its goals. Despite its significance, IT Governance can be a complex subject to navigate due to its multidimensional nature, which can create challenges in its comprehension and implementation.

Recognizing this complexity, the presentation introduces the audience to the COBIT (Control Objectives for Information and Related Technology) IT Governance Framework. This robust, adaptable framework, pioneered by a leading global association focused on IT governance, provides a comprehensive tool that IT professionals can use to better manage and control their IT landscape.

But the learning does not stop at COBIT. The presentation maps the COBIT framework to ITIL V3 (Information Technology Infrastructure Library, version 3), another widely-accepted approach to IT service management. By aligning COBIT and ITIL, the presentation offers a unique perspective on how these two frameworks can complement and reinforce each other in pursuing effective IT governance.

Furthermore, the presentation explores the integration of COBIT with other IT Governance Frameworks, thereby creating a broader, more holistic view of the IT governance ecosystem. It concludes with an overview of the COBIT Maturity Model, a practical tool for assessing IT management capability and guiding the development of a roadmap for continual improvement.

Through a deep dive into COBIT and its relation to ITIL and other IT Governance frameworks, this presentation delivers valuable insights to help IT professionals create a more controlled, strategic, and value-driven IT environment.

This presentation offers valuable insights and actionable knowledge for Chief Information Officers (CIOs) striving to develop more effective and efficient IT governance within their organizations. Here are some ways in which the learnings can be applied:

My default source of IT good practice is COBIT. It wins over ITIL, hands down.As a consultant, COBIT is my first-choice body of knowledge for my engagements. I go to it first to assess, to frame, to define, to justify, to audit. I turn to ITIL second, when I need more detail, or when I need the authority of the holy of holies to justify what I suggest. I presented this at the Pink Elephant 2012 conference, in a session called Showdown of the Methodologies.

They want your ISACA membership fee (about $150 membership - varies by region) to get the remaining books in digital format for free, but personally I think that is a good deal, especially allowing for all the other benefits of membership. I pay it. I buy the hardcopy versions too at the heavily discounted members' price, but I'm like that: I still prefer paper to bytes.

If you are not the joining kind, you can still buy the books, digital and hardcopy, but you will spend at least as much as the membership fee without all the other benefits of membership. I get more value from ISACA than I do from itSMF. If you are going to actually use COBIT, at a minimum you need COBIT 5 (the overview and framework) and COBIT 5: Enabling Process (the details of all the processes) and you could also get COBIT 5: Implementation (putting in place governance and management of IT). To buy all three will cost you

It is worth noting that what they give away for free in COBIT 5 is less than they gave away in COBIT 4.1. The free core in COBIT 4.1 is the equivalent of the COBIT 5: Enabling Process book and then some. Still, $250-odd buys you a lot of COBIT 5.

I don't count the prISM accreditation scheme as an advantage for ITIL. First I think it is crazy over-the-top. Second, ISACA provides accreditation specific to COBIT. Third, the IT community accredits the broader IT space that COBIT addresses (e.g. in New Zealand we have IT Certified Professional accreditation from the Computer Society, and in the UK they have similar CITP)

My first impression of the comparison and the information I've been able to review is that COPBIT still shares the same key failure points that caused me to label ITIL 2011 as Inside-Out. One day the framework evangelists will have the epiphany I see happening day after day in client organizations that the job of IT today is to engage its customers immediately and constantly and to think and act with the customer's interests in mind at the outset - thats what is termed thinking outside-ion.

The danger of both of these framework is that in the wrong hands they will encourage and support a process/service/maturity approach that fails the customer because its inside-out. As others have indicated, comparing these against each other is inte4resting but to what purpose. What would help would be for the industry to agree on a set of overriding principles for service management that could be used to assess these and any other frameworks based upon the imagined role of IT today in the 'age of the customer'.

I agree, COBIT is about Governance & Control, ITIL is about Service Management.

There is space for both in one organisation and ISACA enabled this by incorporating ITIL (and Val-IT) concepts in the latest version of COBIT 5.

IT-CMF V1.0 June 2010. It has big players like BP, Chevron, AXA, Ernst and Young, Northrup Grumman, Microsoft, Google etc. Visit Maynooth, 15km west of Dublin on Mon 3 June 2012 to attend a free IVI Summer Summit conference. I'm attending.

From what I have read thus far, I am very much liking the Cobit approach. It's focus, and consistent reference to the cultural and behavioural aspects involved in new implementations and change for example, makes for some good reading.

The reformed process capability model is also welcome. Although it asks more of a process in terms of attributes required to reach a given maturity level, it will hopefully be embraced by adopters as a means of further enhancing the efficiency of their processes and associated value.

AP001 manage management Needs no explanation, where is govern government?

AP002 manage strategy But IT needs no strategy, corporation has strategy, IT has architecture and plans but no strategy

AP004 manage innovation "Sadly you can no more summon up true innovation or measure it or manage it than you can do those things to art. Flogging staff to come up with innovation is like demanding they paint a masterpiece." Now who wrote this great comment ;)

Effective governance and management of information security is necessary for achieving enterprise objectives. It can help enterprises build resilience and minimize the occurrence and impact of security breaches that can cause reputational damage, legal and regulatory risk, or even threaten their very survival. ISACA's new COBIT Focus Area: Information Security is a highly anticipated first focus area publication to launch under the COBIT 2019 umbrella, fulfilling its promise to make its guidance more flexible and practical to use.

COBIT Focus Area: Information Security serves to extend the COBIT portfolio by building upon best practices shared for the governance and management of information and technology aimed at the whole enterprise through the lens of information security, and details additional metrics and activities that should be considered when implementing or assessing COBIT in the context of information security. The major drivers for the development of this publication include:

This focus area publication is comprehensive, providing an overview and description of COBIT roles and organizational structures, COBIT terminology and key concepts including the components of a governance system and COBIT governance and management objectives.

It joins other available COBIT publications, including: COBIT 2019 Framework: Introduction and Methodology, COBIT 2019 Framework: Governance and Management Objectives (both free downloads for ISACA members), and COBIT 2019 Design Guide: Designing an Information and Technology Governance Solution. Find all COBIT publications at www.isaca.org/resources/cobit. Find additional ISACA resources at www.isaca.org/resources.

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

Idlbek R. Using COBIT to Increase Performance: A Case Study of a Higher Education Institution. Privredna kretanja i ekonomska politika [Internet]. 2011 [cited 2024 July 28];21(126):51-85. Available from:

The paper provides an overview of existing research related to the impact of IT quality on an organization's business excellence, as well as an analysis of the current IT status in a higher education institution in the Republic of Croatia. The article also describes methods of self-evaluating IT maturity levels within an organization and shows how the COBIT methodological framework can be used to help increase performance. The paper discusses the methodology and analyzes the results of research conducted on a specific business system. The proposed method may be used as a basis for IT self-evaluation in other organizations and to establish concrete measures for increasing IT quality.

3a8082e126