The new Cobit 5 framework recently introduced by ISACA is an evolution in thinking by its members in ways that are important for those unfamiliar with — and those already familiar with — the framework to seriously consider using it or reconsider using it if not already firmly adopted.
What is Cobit 5?
Cobit 5 is a framework for the governance and management of enterprise IT. It’s an expansive — and yes detailed — intellectual framework covering a broad range of enterprise constituents who evaluate and establish direction for IT, and who plan, direct, operate and monitor IT.
In short, Cobit 5 is a framework for anyone who benefits from or delivers value from the use of information systems for an enterprise. And, it’s a framework that builds on earlier intellectual capital of previous editions, from the early frameworks for audit and control to the management and governance of IT.
Why should you care?
The research conducted by the Group (URL: www.itpolicycompliance.com/research-reports/c-level-secrets-of-the-it-masters/) reveals the Cobit framework – in addition to the use of Balance Scorecards, IT portfolio management, ISO, CIS benchmarks and a few other references — is one of the distinguishing characteristics of organizations achieving the most value for stakeholders, while managing resources and minimizing risks. This is especially striking when compared to worse outcomes that are being posted by 9-in-10 other organizations that either do not use Cobit in part or whole.
If you’re interesting in maximizing the most value and minimizing risks related to the use of IT, then Cobit 5 should be important to you. The best-in-class organizations already understand this.
Structure and features of Cobit 5
Cobit 5 divides the activities of establishing direction for and managing information systems into one of two main domains: either the Governance domain containing five process areas, or the Management domain with four process areas. In addition, Cobit 5′s structure is designed to aid in continuous improvement, from asking the big questions about whether the goals for IT are in line with the organization, to intermediate change management activities, and continual lifecycle improvements typically needed to deliver further value and less risk.
Features new or adapted in Cobit with the 5th edition include: Governance of Enterprise IT (GEIT) principles, goals cascades, enablers, process reference models, practices and activities, goals and metrics, RACI charts, and process capability assessments. In addition, Cobit 5 is aligned with other industry standards and frameworks, including: COSO, ISO 9000, ISO 31000, ISO 38500, ISO 27000, TOGAF and PMBOK/PRICE2 among others. And detailed sections map processes such as evaluate plan and monitor (EDM), align, plan and organize (APO), build, acquire and implement (BAI), deliver service and support (DSS), evaluate, direct and monitor (EDM), monitor, and evaluate and assess (MEA) among others.
Not to be lost in “process-heaven”, Cobit 5 also comes with practical guides that enable its use, such as the Cobit 5 implementation guide; professional guides that are specific to roles and functions such as those for information security, audit and assurance and risk management; and with assessment guides such as the Cobit 5 assessor guide, the process assessment guide and the self-assessment guide.
See and listen to John Lainhart on Cobit 5 here: www.youtube.com/watch?v=HptI0l2SdNc
See the explanation from ISACA on Cobit 5 and GRC here: www.isaca.org/COBIT/Documents/COBIT5-and-GRC.ppt
See and hear Robert Stroud on Cobit 5 here: www.youtube.com/watch?v=zLOGrSGd4HQ
Take advantage of Cobit 5 training here: www.isaca.org/Education/COBIT-Education/Pages/Introduction-to-COBIT-5-Course.aspx
Get yours today
The new principles and enablers of Cobit 5 are generic enough to be generally applicable to any industry including non-profits and government agencies. Whether you are new to Cobit or are already using some of it or all of it, the new structure and features of Cobit 5 promise to assist you in delivering further trust and value from information systems.
Head on over to ISACA (URL: www.isaca.org/COBIT/Pages/default.aspx) to get your own copy of the new and improved Cobit 5. You’ll be glad you did.