Find Resources and Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

Subscribe to this discussion

COBIT Focus - COBIT 5 Mapping Exercise for Establishing Enterprise IT Strategy

In recent years, (as demonstrated in myprevious article titled “ISO/IEC 27001 Process Mapping to COBIT 4.1 to Derive aBalanced Scorecard for IT Governance”),[i]the balanced scorecard (BSC)[ii],[iii],[iv]has been applied to enterprise IT and the first real-life IT securitygovernance application has been developed based on mapping the controlobjectives from the International Organization for Standardization (ISO)/InternationalElectrotechnical Commission’s (IEC) ISO/IEC 27001:2013 standard to COBIT® 4.1 process and ITgovernance focus areas.[v] Asa further exercise, the relationships and similarities between ISO/IEC27001:2013, COBIT 4.1 and COBIT® 5 can be explored toprovide data values, insights and results that will help in strategicmanagement discussions.

What is driving the need for this mapping exercise?

·        The need to integrate ITgovernance with overall business governance

·        The need for effectivedeployment, governance and management of enterprise IT

·        The exercise will help inestablishing enterprise IT strategy through control objective linkages

·        Key performance indicators(KPIs) can be derived for individuals or business unit

 This article explains how an exercisein instituting controls can be used to establish IT strategy, which is shown inthe resultant enterprise and IT goals BSC values and outcomes applied in COBIT 5. In so doing, it showcases the IT/business governance and alignmentprocesses as derived from mapping ISO/IEC 27001 and COBIT 4.1 controls and processes further to COBIT 5 governance and management processes...



Read this article in its entirety here. The author will also be available to answer questions. 

You must sign in to rate content.
(1 ratings)

Comments

RE: COBIT Focus - COBIT 5 Mapping Exercise for Establishing Enterprise IT Strategy

The process mapping exercise of ISO 27001:2013 to COBIT 5 provides valuable, actionable information on the benefits of COBIT in instituting controls, compliance and for effective governance and management of enterprise IT. It is recognized that risk exists due to the confluence of assets, threats and vulnerabilities and, accordingly, employing mitigating controls that reduce one or all of these factors reduces the overall risk exposure of the organization.
Chris Emeka AnoruoSocial at 12/7/2016 12:47:40 PM Quote
You must sign in to rate content.
(Unrated)

RE: COBIT Focus - COBIT 5 Mapping Exercise for Establishing Enterprise IT Strategy

The process mapping exercise of ISO 27001:2013 to COBIT 5 provides valuable, actionable information on the benefits of COBIT in instituting controls, compliance and for effective governance and management of enterprise IT. It is recognized that risk exists due to the confluence of assets, threats and vulnerabilities and, accordingly, employing mitigating controls that reduce one or all of these factors reduces the overall risk exposure of the organization.
Chris Emeka AnoruoSocial at 12/7/2016 12:47:40 PM Quote
You must sign in to rate content.
(Unrated)

RE: COBIT Focus - COBIT 5 Mapping Exercise for Establishing Enterprise IT Strategy

The process mapping exercise of ISO 27001:2013 to COBIT 5 provides valuable, actionable information on the benefits of COBIT in instituting controls, compliance and for effective governance and management of enterprise IT. It is recognized that risk exists due to the confluence of assets, threats and vulnerabilities and, accordingly, employing mitigating controls that reduce one or all of these factors reduces the overall risk exposure of the organization.
Chris Emeka AnoruoSocial at 12/7/2016 12:47:40 PM Quote
You must sign in to rate content.
(Unrated)

Leave a Comment

* required

You must login to leave a comment.