• Bookmark

COBIT Focus Archives

COBIT: The Road Ahead

By Peter Tessin, CISA, CRISC, CGEIT

COBIT Focus | 22 August 2016

 

1996 had its share of significant events. The first flip phone, the Motorola StarTAC, went on sale. The Czech Republic applied for European Union membership. Australia defeated Sri Lanka 2-0 to win cricket's World Series Cup. The first version of the Java programming language was released. The massive Internet collaboration "24 Hours in Cyberspace" took place. Read More >>


The Five A’s of Enterprise Governance of IT

By Peter T. Davis, CISA, CISM, CGEIT, COBIT Foundation, COBIT Implementation, COBIT Assessor, COBIT INCS, CISSP, CPA, CMA, CMC, ITIL FC, ISO 9001 FC, ISO 20000 FC/LI/LA, ISO 27001 LI/LA, ISO 27005/31000 RM, ISO 27005 Lead Risk Manager, ISO 28000 FC, ISO 31000 Lead Risk Manager, ISTQB CTFL, Lean IT FC, Open FAIR FC, PMI-RMP, PMP, PRINCE2 FC, RESILIA FC, SSGB

COBIT Focus | 8 August 2016

 

At the 2016 COBIT Conference in New Orleans, many of the presenters talked about the need to adopt and adapt the COBIT framework. You will find this tailoring concept as a principle of many modern frameworks (e.g., PRINCE2). With frameworks, one size does not fit all. No doubt these 2 action verbs—adopt and adapt—are necessary to gain success in implementing your framework using COBIT 5; however, I think we need to add 3 additional verbs: alert, align and assure. Read More >>


An Appropriate Approach for Program and Project Management

By My Hanh Nguyen, CISA, CISM, CRISC, CGEIT, ACCA

COBIT Focus | 25 July 2016

 

One of the challenges of IT management is how to manage and deliver transformation projects on time, on budget, in compliance with the quality standards, while achieving the business’s requirements. BAI01 Manage Programs and Projects is good guidance to ensure that IT management has overall project management knowledge. Read More >>


Creating Value

By Peter T. Davis, CISA, CISM, CGEIT, COBIT Foundation, COBIT Implementation, COBIT Assessor, COBIT INCS, CISSP, CPA, CMA, CMC, ITIL FC, ISO 9001 FC, ISO 20000 FC/LI/LA, ISO 27001 LI/LA, ISO 27005 Lead Risk Manager, ISO 28000 FC, ISO 31000 Lead Risk Manager, ISTQB CTFL, Lean IT FC, Open FAIR FC, PMI-RMP, PMP, PRINCE2 FC, SFC, SSGB, RESILIA FC

COBIT Focus | 18 July 2016

 

In COBIT 5, we are taught that enterprises exist to create value for their stakeholders. A truism if ever there was one. Consequently, every enterprise will have value creation as an objective. The COBIT 5 framework helps enterprises create optimal value from IT by maintaining a balance between realizing benefits and optimizing risk levels and resource use. Read More >>


Transforming Risk Culture Through Organizational Culture Leveraging COBIT 5 for Risk

By Ganapathy Kannan, ISO 27001 LA, and Vinoth Sivasubramanian, CEH, CISSP, DCPLA, ISO 27001 LA

COBIT Focus | 5 July 2016

 

The point has been made again and again and, as per the Forcepoint 2016 Global Threat Report, humans are still the weakest link in security. It is, therefore, essential that information security professionals acknowledge and address this problem. Resolving problems within the human workforce is complex, challenging and daunting, but it is definitely not an insurmountable task. Read More >>


Improving Business With COBIT 5

By Sushil Chatterji, CGEIT, CEA, CMC

COBIT Focus | 20 June 2016

 

Benefits realization of IT-enabled investments is a strategic imperative. In a 2008 study on benefits realization, researchers found that in the majority of enterprises surveyed (57%), less than half of the change initiatives undertaken delivered the expected business benefits. This conclusion is consistent with earlier studies that show that that the majority of IT-enabled initiatives are judged to be unsuccessful. Read More >>


Root Cause Analysis

By Peter T. Davis, CISA, CISM, CGEIT, COBIT Foundation, COBIT Implementation, COBIT Assessor, COBIT INCS, CISSP, CPA, CMA, CMC, ITIL FC, ISO 9001 FC, ISO 20000 FC/LI/LA, ISO 27001 LI/LA, ISO 27005 Lead Risk Manager, ISO 28000 FC, ISO 31000 Lead Risk Manager, ISTQB CTFL, Lean IT FC, Open FAIR FC, PMI-RMP, PMP, PRINCE2 FC, SFC, SSGB, RESILIA FC

COBIT Focus | 13 June 2016

 

Buried in COBIT 5 processes such as APO11 Manage quality and APO12 Manage risk in the Align, Plan and Organize (APO) domain, you will find a root cause analysis (RCA) as an output of the management practices. The RCA output is used by numerous other processes. Obviously, knowledge of RCA methods and techniques are essential for the Deliver, Service and Support (DSS) processes DSS02 Manage service requests and incidents and DSS03 Manage problems. Read More >>


Creating Value with an Enterprise IT Governance Implementation Model Using COBIT 5

By Yuichi (Rich) Inaba, CISA

COBIT Focus | 23 May 2016 Japanese

 

After the subprime mortgage crisis and the Lehman Brothers collapse in the US, the Financial Services Agency of Japan (FSA) strengthened financial regulations. The FSA regulations introduced an IT governance perspective, which detailed the rules for information security enhancement and IT risk minimization. Read More >>


Monitoring, Evaluating and Assessing Compliance

By Peter T. Davis, CISA, CISM, CGEIT, COBIT Foundation, COBIT Implementation, COBIT Assessor, COBIT INCS, CISSP, CPA, CMA, CMC, ITIL FC, ISO 9001 FC, ISO 20000 FC/LI/LA, ISO 27001 LI/LA, ISO 27005/31000 RM, ISO 27005 Lead Risk Manager, ISO 28000 FC, ISO 31000 Lead Risk Manager, ISTQB CTFL, Lean IT FC, Open FAIR FC, PMI-RMP, PMP, PRINCE2 FC, SSGB, RESILIA FC

COBIT Focus | 16 May 2016

 

A 2015 Deloitte Risk Services Report found that 35% of companies still do not actively measure the effectiveness of their compliance programme. The rest of the study’s participating companies (that is, 65%) measure the effectiveness of their compliance function using “busy metrics” such as the number of incidents and completion of compliance training. The COBIT 5 Monitor, Evaluate and Assess (MEA) process MEA03 Monitor, evaluate and assess compliance with external requirements itself focuses on busy metrics such as... Read More >>


Are Your IT and Strategic Business Goals Aligned?

By Alexander Zapata, CISA, CGEIT, CRISC, COBIT 5 Implementation and Assessor, ISO 22301 LI, ISO 27001 and Foundations, PMP

COBIT Focus | 9 May 2016

 

Developing and using models to help represent relationships between business strategy and IT is an effective method to show the strategic effect of IT within the enterprise. As more and more business commerce becomes automated, the growing impact of IT on business strategy, such as the development of a sustained competitive advantage in a highly connected world, becomes increasingly evident. Read More >>


Stuck Thoughts

By Peter T. Davis, CISA, CISM, CGEIT, COBIT Foundation, COBIT Implementation, COBIT Assessor, COBIT INCS, CISSP, CPA, CMA, CMC, ITIL FC, ISO 9001 FC, ISO 20000 FC/LI/LA, ISO 27001 LI/LA, ISO 27005/31000 RM, ISO 27005 Lead Risk Manager, ISO 28000 FC, ISO 31000 Lead Risk Manager, ISTQB CTFL, Lean IT FC, Open FAIR FC, PMI-RMP, PMP, PRINCE2 FC, SSGB, RESILIA FC

COBIT Focus | 25 April 2016

 

I never thought in 2016 that I would hear someone say, “We have always done it that way,” but I did. Undoubtedly, these are 7 of the saddest and most expensive words in the English language. You might know this phrase by one of its variants: “That is not the way we do it here,” or “You just do not understand how we do things around here.” These are what psychologists call “stuck thoughts.” Read More >>


Unearthing and Enhancing Intelligence and Wisdom Within the COBIT 5 Governance of Information Model

By Ahmet Efe, Ph.D., CISA, COBIT 5 Foundation

COBIT Focus | 18 April 2016

 

Data, information, knowledge and wisdom (DIKW) are the best known, sequential, theoretical and conceptual stations of understanding of things for taking proper action to save more in assets while losing less in resources in the course of life, both for individuals and legal entities. They are also the most difficult issues that can be differentiated within a certain context by practitioners without studying and referring to pertinent academic researches. Read More >>


Implementing COBIT 5 at ENTSO-E

By Greet Volders, CGEIT, COBIT Certified Assessor and Kees de Jong, CIPM, CISSP, SIPP/E

COBIT Focus | 11 April 2016

 

The IT director of the European Network of Transmission System Operators for Electricity (ENTSO-E) undertook a pragmatic approach toward implementing COBIT 5 at the organisation beginning in 2014. Now, 2 years later, it is time to share this successful collaboration between the internal IT department, the business organisation and the external consultants and to share how the results were achieved. Read More >>


A Governance and Management Model for the Public Sector Shared Services Center Based on COBIT 5

By Edson Cezar Mello Jr., and Joao Souza Neto, Ph.D., CGEIT, CRISC, PMP

COBIT Focus | 28 March 2016

 

Shared services is an environment in which a company can absorb activities that support the principle processes of each of the company’s other business units, consolidating these activities into a principal operating unit.
Read More >>


Understanding Architecture Roles

By Peter T. Davis, CISA, CISM, CGEIT, COBIT Foundation, COBIT Implementation, COBIT Assessor, COBIT INCS, CISSP, CPA, CMA, CMC, ITIL FC, ISO 9001 FC, ISO 20000 FC/LI/LA, ISO 27001 LI/LA, ISO 27005/31000 RM, ISO 27005 Lead Risk Manager, ISO 28000 FC, ISO 31000 Lead Risk Manager, ISTQB CTFL, Lean IT FC, Open FAIR FC, PMI-RMP, PMP, PRINCE2 FC, SSGB, RESILIA FC

COBIT Focus | 21 March 2016

 

When I teach classes on governance, I ask the class this: If you were newly made manager of something—security, change or problem management, or any of the COBIT processes—and you had a “greenfield,” what would you do first in the planning phase? Typically, the range of answers is wide, but the responses usually start with “fix processes” or “create a strategy.” Read More >>


Internal Controls White Paper Released

By Jimmy Heschl, CISA, CISM, CGEIT

COBIT Focus | 14 March 2016

 

COBIT 5 offers governance and management practices that can be used to construct specific controls depending on the resources that enable the accomplishment of IT-related goals. These resources are called enablers, and Internal Control Using COBIT 5 looks at the seven enablers detailed in COBIT 5 and discusses their use in developing internal controls. Read More >>


The Need for Sanctions

By Peter T. Davis, CISA, CISM, CGEIT, COBIT Foundation, COBIT Implementation, COBIT Assessor, COBIT INCS, CISSP, CPA, CMA, CMC, ITIL FC, ISO 9001 FC, ISO 20000 FC/LI/LA, ISO 27001 LI/LA, ISO 27005/31000 RM, ISO 28000 FC, ISTQB CTFL, Lean IT FC, Open FAIR FC, PMI-RMP, PMP, PRINCE2 FC, SSGB, RESILIA FC

COBIT Focus | 29 February 2016

 

In many organizations, applying the COBIT 5 Culture, Ethics and Behavior enabler is hard. Many believe that all you need to do is write a policy, tell people about it and watch them change. However, it does not work that way in the real world. People do not always embrace change and new policy. Read More >>


Initiating GEIT Using COBIT 5 at the Oman Ministry of Manpowers

By Rohit Banerjee, Redha Ahmed Al-Lawati and Maqbool Mohammed Al-Balushi

COBIT Focus | 22 February 2016

 

While attending one of the ISACA continuous professional education (CPE) sessions related to optimizing IT spending using COBIT 5 practices, it was surprising to realize that many IT audit and assurance professionals who attended the session confided having difficulty in initiating governance of enterprise IT (GEIT) and wished they had more insight on where to begin when implementing GEIT in their respective organization. Read More >>


Tips for Understanding the COBIT 5 Enabler of Process

By Lisa Young, CISA, CISMC

COBIT Focus | 8 February 2016

 

The concept of process improvement has been around for centuries. Some of the earliest efforts to improve the efficiency of work began during the Industrial Revolution in the US and Europe. Eli Whitney observed how much work was needed to remove cotton seeds from the boll by hand and invented a machine to automate the process in 1793. Read More >>


Process Standardization Is Key

By Peter T. Davis, CISA, CISM, CGEIT, COBIT Foundation, COBIT Implementation, COBIT Assessor, COBIT INCS, CISSP, CPA, CMA, CMC, ITIL FC, ISO 9001 FC, ISO 20000 FC/LI/LA, ISO 27001 LI/LA, ISO 27005/31000 RM, ISO 28000 FC, ISTQB CTFL, Lean IT FC, Open FAIR FC, PMI-RMP, PMP, PRINCE2 FC, SSGB, RESILIA FC

COBIT Focus | 25 January 2016

 

Our IT frameworks and methodologies have one thing in common. They all call for the development and standardization of processes. These processes must become ritualistic. A ritual is simply a highly precise behavior that you do at a specific time so that it becomes automatic over time and no longer requires your conscious intention or energy. Read More >>


Dubai Customs COBIT 5 Implementation

By Vishal Vyas, GEIT, Juma Al Ghaith, Ahmad Al Yaqoobi, PMP, and Syed Junaid Hasan, PMP

COBIT Focus | 18 January 2016

 

Dubai Customs is a complex and dynamic organization. The management at Dubai Customs endeavors to be on the leading edge of the latest management principles and frameworks and it utilizes many global best practices to manage activities in all business processes. Read More >>


Importance of CMMI-DEV in COBIT-based IT Governance

By Kiran Chaudhari, CISA, COBIT Assessor, CMMI, ISO 27001, ISO 90001

COBIT Focus | 4 January 2016

 

The Capability Maturity Model Integration (CMMI) is a world-class performance improvement framework for competitive organizations that want to achieve high-performance operations. Today, CMMI has become the de facto standard for information and communications technology (ICT) companies to improve operational efficiencies. Read More >>


Performance Measurement Musings

By Peter T. Davis, CISA, CISM, CGEIT, COBIT Foundation, COBIT Implementation, COBIT Assessor, COBIT INCS, CISSP, CPA, CMA, CMC, ITIL FC, ISO 9001 FC, ISO 20000 FC/LI/LA, ISO 27001 LI/LA, ISO 27005/31000 RM, ISO 28000 FC, ISTQB CTFL, Lean IT FC, Open FAIR FC, PMI-RMP, PMP, PRINCE2 FC, SSGB, RESILIA FC

COBIT Focus | 21 December 2015 Arabic | French | German | Italian | Japanese | Korean | Portuguese | Spanish

 

I keep returning to the COBIT 5 Culture, Ethics and Behaviour enabler as it is so difficult to address and it is where many companies fail. Let us focus on performance measurement in this article. You have most likely heard the expression, “You get the behavior you reward.” Most people look at this as the basis for their reward systems. Read More >>


ISO/IEC 27001 Process Mapping to COBIT 4.1 to Derive a Balanced Scorecard for IT Governance

By Christopher Oparaugo, CISM, CGEIT, CRISC

COBIT Focus | 14 December 2015

 

The balanced scorecard (BSC) initially developed by Kaplan and Norton is a performance management system that should allow enterprises to drive their strategies on measurement and follow-up.

In recent years, the BSC has been applied to IT and, currently, the first real-life IT security governance application has been developed based on ... Read More >>


COBIT 5 and the Added Value of Governance of Enterprise IT

By Arturo Umana, COBIT Foundation, ITIL Foundation

COBIT Focus | 7 December 2015 Arabic | French | German | Japanese | Korean | Portuguese | Spanish

 

It is a well-known fact that one of the major improvements in COBIT 5 was the integration of both Val IT and Risk IT into the framework. This follows the logical development line of COBIT along its different versions and reflects better the needs of appropriate governance of enterprise IT (GEIT) for modern enterprises. Read More >>


 

Driving Enterprise IT Strategy Alignment and Creating Value Using the COBIT 5 Goals Cascade

By Tichaona Zororo

COBIT Focus | 30 November 2015

 

The goals cascade is the nerve center of COBIT 5. It supports the identification of stakeholder needs and enterprise goals through the achievement of technical outcomes which, in turn, support the successful use of enabling processes and organizational structures (figure 1). Read More >>


 

Culture Eats Process for Breakfast

By Peter T. Davis, CISA, CISM, CGEIT, COBIT FC/IC/AC, CISSP, CPA, CMA, CMC, ITIL FC, ISO 27001 LI/LA, ISO 27005/31000 RM, ISO 20000 FC/LI/LA, ISO 9001 FC, ISO 28000 FC, ISTQB CTFL, Lean IT FC, Open FAIR FC, PMI-RMP, PMP, PRINCE2 FC, SSGB, RESILIA FC

COBIT Focus | 23 November 2015

 

I, like many of you, used to think corporate culture did not matter because others convinced me it did not. Discussion of vision, mission and values was for someone living in an ivory tower, I was told by some. They did not have time for that as they lived in the real world and had to get things done. Read More >>


Using COBIT 5 to Measure the Relationship Between Business and IT

By Mark T. Edmead, CISA, COBIT 5 Assessor, BRMP, CASM, CISSP, DevOps Foundation, Lean IT Foundation, TOGAF 9.1

COBIT Focus | 16 November 2015

 

An enterprise is much more than just information technology. The common infrastructure is that there are many functional areas including human resources (HR), IT, manufacturing, operations, finance and so on. The challenge is to get all of these functional departments to work cohesively and with the same goal in mind. Read More >>


Does a COBIT 5 Self-assessment Help the Business to Get Control of a Shared Service Center?

By Jörg Schorning, COBIT Assessor, COBIT Foundation, COBIT Implementation

COBIT Focus | 9 November 2015

 

In the summer of 2014, the chief information officer (CIO) of a shared service center (SSC) owned by 3 different, culturally diverse types of companies asked the author to perform an assessment based on COBIT 5. The most pressing question the CIO needed to answer for his organization’s board of directors (BoD) was, “Are we in control of IT?” Read More >>


COBIT 5 Adoption: Understand and Be Understood

By Oliver Crespo, CISA, CISM, ISO 2700

COBIT Focus | 2 November 2015

 

One of the most important discoveries for the human age was the Rosetta Stone. This piece of granite was the key element to decoding and understanding Egyptian hieroglyphs. Using this stone, it became possible to understand what the Egyptians wrote in their papyrus and allowed us to understand how the ancient Egyptians lived and thought. Read More >>

 

COBIT Focus Archives page 1 | 2 | 3 | 4

THIS WEBSITE USES INFORMATION GATHERING TOOLS INCLUDING COOKIES, AND OTHER SIMILAR TECHNOLOGY.
BY USING THIS WEBSITE, YOU CONSENT TO USE OF THESE TOOLS. IF YOU DO NOT CONSENT, DO NOT USE THIS WEBSITE. USE OF THIS WEBSITE IS NOT REQUIRED BY ISACA. OUR PRIVACY POLICY IS LOCATED HERE.