Find Resources and Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

Subscribe to this discussion

COBIT Focus - Screws Have to Tighten?

When most organizations undertake an important process improvement effort (e.g., compliance, cyber security,governance), they typically refer to different standards and prepare a complex process to implement the improvement.

From this author’s point of view, the main issue with that approach is that it refers to only one standard for the process and follows it strictly from the 1st page to the last. These kinds of projects are usually long in duration, expensive, require the engagement of several experts, and may require the purchase of hardware and software. These things are not cheap.

To easily integrate this kind of project into the organization, the project leader should take into account those processes that provide important value as quickly as possible for the organization(quick wins). By focusing on the quick wins, it will be less likely for stakeholders to withhold support from or question the project, and the project leader can quickly obtain support from the project sponsors.


__________________________

To read the rest of this article click here: http://www.isaca.org/COBIT/focus/Pages/which-screws-have-to-tighten.aspx

You must sign in to rate content.
(2 ratings)

Comments

RE: COBIT Focus - Screws Have to Tighten?

Thanks for considering the Pareto Principle in process improvement. Implementing the first 20% of change that aims to make the first 80% improvement. Organizational tolerance for further changes and the drive for process excellence that has early gains in it tend to win the support for successive improvements. Also, it is often the case that the next pain points can "appear form left field" and are not actually anticipated well form a master deployment design. In the Quality Improvement and software world this has lead to a successive Agile like effort with a kind of refinement by successive smaller waterfall design. After one looks for the first 20% of problems that could lead to an 80% gain, a re-inspection for a new set of 20% of causes responsible for the next 80% gain tends to win a lot of respect, momentum and friends to bolster organizational change. It also helps keep process improvement value driven. Quality Assurance -- particularly Six Sigma -- expresses this as avoiding Quality for Quality sake but always working from the position of Cost Effective Quality. This implies that each process gain has a credible change to "pay for itself" and not simply adopt process for purity sake. To be sure well design controls with a well thought out top down design can satisfy design effectiveness rather well. But, pareto ordering of quick wins helps with operational effectiveness and appropriate control value when scaling controls implemented. The goal being to gain from good controls implemented while controlling the cost to comply by spending the most where gain is detectable. Then, then lighter touch controls can be enhanced when a gain appears and still fit into a larger well thought through effective control design. Cobit implemented with control levels set in a pareto-Agile deployment and enhancement delivery.
Don TurnbladeEnergizer at 6/26/2017 3:55:06 PM Quote
You must sign in to rate content.
(2 ratings)

RE: COBIT Focus - Screws Have to Tighten?

Revisiting control levels over time also adapts to organizational dynamic change. One control at first may deliver huge benefits at first with stronger control levels. As other controls become more mature the control level itself may provide less compensation for other controls that were once weaker. Thus, a re-tuning of control levels provides value. As the organization begins to leverage its new controls, it will also adapt. Thus, left field control needs will begin to switch where control tuning gains best fit. To be sure classic pareto gains: 20% of causes are responsible for 80% of adverse impacts, is not always true. Yet, during most early deployments these are a sweet spot to find quick wins to for early focus and to build change momentum in first adopting and then perfecting cost effective controls. Further, a quality assurance focus helps rid the organization of the view that control will ever be perfect. A classic paradox model in quality is not exactly or even ever precisely true but worthy to consider for change messaging. Once early pareto wins begin to be used up then the Quality-Time-Cost paradox begins to occur and the cost effectiveness of change becomes less certain. Ideally, momentum is built up so at that point coming to rest at a sustainable level of excellence will then make sense and sustain itself.
Don TurnbladeEnergizer at 6/26/2017 4:13:50 PM Quote
You must sign in to rate content.
(2 ratings)

RE: COBIT Focus - Screws Have to Tighten?

No article has been published!
peterhillEnergizer at 6/28/2017 4:33:20 AM Quote
You must sign in to rate content.
(Unrated)

RE: COBIT Focus - Screws Have to Tighten?

Dear Peter, the article is in the following link http://www.isaca.org/COBIT/focus/Pages/which-screws-have-to-tighten.aspx
Roberto SorianoSocial at 6/28/2017 4:49:58 AM Quote
You must sign in to rate content.
(Unrated)

RE: COBIT Focus - Screws Have to Tighten?

View this video clip 7 minutes from the start:  https://www.youtube.com/watch?v=j_OcrRRRZFM&t=38s
peterhillEnergizer at 6/28/2017 5:59:59 AM Quote
You must sign in to rate content.
(Unrated)

RE: COBIT Focus - Screws Have to Tighten?

But Peter, that is one of the official videos about COBIT 5 Implementation. What is the point on that?
What I wrote is, of course related with the use of COBIT and there are some points in common, but is not the same. Isn't it?

Please let me what is your point about it.

BR.
Roberto SorianoSocial at 7/6/2017 8:44:18 AM Quote
You must sign in to rate content.
(Unrated)

RE: COBIT Focus - Screws Have to Tighten?

Dear Don Tumblade
is a good point. It is not exactly the Pareto Principle but is based on it. With your permission I will include your comments in my presentations about it. 
I didn't describe the whole process but is true that there is a moment where quick wins have to leave place to the rest of related process to be implemented. Maybe can we talk about small wins? Well, it will depend on projects and also what we had agreed.

It could be the second part of the article. Do you want to write it?

Thanks a lot for your comments.
Roberto SorianoSocial at 7/6/2017 8:57:48 AM Quote
You must sign in to rate content.
(1 ratings)

RE: COBIT Focus - Screws Have to Tighten?

Roberto, I would be glad to assist with ideas on using Cost of Quality methods to created operationally excellent enhancement, deployment and momentum for effectively designed controls like COBIT. As careful considering connector/screw torque adds quality, durability and sustainability to physical designs and devices, so matching control intensity inside a well designed set of controls can be done in a favorable deployment and sustaining process. Plan, Do, Check, Act is a quality assurance process not just performed by auditors but also leveraged strategically in the implementation of controls themselves. Sorting control level and maturity in order of their affect on upon overall positive control effectiveness and seeking the first set that cumulatively amounts to an 80% gain in beneficial control is recognizable as a business friendly approach to sequencing control deployment or enhancement. Choosing these controls from an effective design like COBIT helps always with the top down comprehensive goodness and coverage. Even implementing every control at its lowest level and then dialing up the first set of controls that would make the first 80% of improvement keeps coverage and design effectiveness in place while staying value focused with each iterative pass of a Plan, Do, Check, Act cycle of control level appropriateness evaluation. It also provides both the story of gain to the business from Audit activity and the heart beat of wholesome momentum inside the dynamic business teams themselves.
Don TurnbladeEnergizer at 7/6/2017 11:13:02 AM Quote
You must sign in to rate content.
(1 ratings)

RE: COBIT Focus - Screws Have to Tighten?

Roberto, I would be glad to assist with ideas on using Cost of Quality methods to created operationally excellent enhancement, deployment and momentum for effectively designed controls like COBIT. As careful considering connector/screw torque adds quality, durability and sustainability to physical designs and devices, so matching control intensity inside a well designed set of controls can be done in a favorable deployment and sustaining process. Plan, Do, Check, Act is a quality assurance process not just performed by auditors but also leveraged strategically in the implementation of controls themselves. Sorting control level and maturity in order of their affect on upon overall positive control effectiveness and seeking the first set that cumulatively amounts to an 80% gain in beneficial control is recognizable as a business friendly approach to sequencing control deployment or enhancement. Choosing these controls from an effective design like COBIT helps always with the top down comprehensive goodness and coverage. Even implementing every control at its lowest level and then dialing up the first set of controls that would make the first 80% of improvement keeps coverage and design effectiveness in place while staying value focused with each iterative pass of a Plan, Do, Check, Act cycle of control level appropriateness evaluation. It also provides both the story of gain to the business from Audit activity and the heart beat of wholesome momentum inside the dynamic business teams themselves.
Don TurnbladeEnergizer at 7/6/2017 11:13:02 AM Quote
You must sign in to rate content.
(1 ratings)

RE: COBIT Focus - Screws Have to Tighten?

Dear Don Tumblade
is a good point. It is not exactly the Pareto Principle but is based on it. With your permission I will include your comments in my presentations about it. 
I didn't describe the whole process but is true that there is a moment where quick wins have to leave place to the rest of related process to be implemented. Maybe can we talk about small wins? Well, it will depend on projects and also what we had agreed.

It could be the second part of the article. Do you want to write it?

Thanks a lot for your comments.
Roberto SorianoSocial at 7/6/2017 8:57:48 AM Quote
You must sign in to rate content.
(1 ratings)

RE: COBIT Focus - Screws Have to Tighten?

But Peter, that is one of the official videos about COBIT 5 Implementation. What is the point on that?
What I wrote is, of course related with the use of COBIT and there are some points in common, but is not the same. Isn't it?

Please let me what is your point about it.

BR.
Roberto SorianoSocial at 7/6/2017 8:44:18 AM Quote
You must sign in to rate content.
(Unrated)

RE: COBIT Focus - Screws Have to Tighten?

View this video clip 7 minutes from the start:  https://www.youtube.com/watch?v=j_OcrRRRZFM&t=38s
peterhillEnergizer at 6/28/2017 5:59:59 AM Quote
You must sign in to rate content.
(Unrated)

RE: COBIT Focus - Screws Have to Tighten?

Dear Peter, the article is in the following link http://www.isaca.org/COBIT/focus/Pages/which-screws-have-to-tighten.aspx
Roberto SorianoSocial at 6/28/2017 4:49:58 AM Quote
You must sign in to rate content.
(Unrated)

RE: COBIT Focus - Screws Have to Tighten?

No article has been published!
peterhillEnergizer at 6/28/2017 4:33:20 AM Quote
You must sign in to rate content.
(Unrated)

RE: COBIT Focus - Screws Have to Tighten?

Revisiting control levels over time also adapts to organizational dynamic change. One control at first may deliver huge benefits at first with stronger control levels. As other controls become more mature the control level itself may provide less compensation for other controls that were once weaker. Thus, a re-tuning of control levels provides value. As the organization begins to leverage its new controls, it will also adapt. Thus, left field control needs will begin to switch where control tuning gains best fit. To be sure classic pareto gains: 20% of causes are responsible for 80% of adverse impacts, is not always true. Yet, during most early deployments these are a sweet spot to find quick wins to for early focus and to build change momentum in first adopting and then perfecting cost effective controls. Further, a quality assurance focus helps rid the organization of the view that control will ever be perfect. A classic paradox model in quality is not exactly or even ever precisely true but worthy to consider for change messaging. Once early pareto wins begin to be used up then the Quality-Time-Cost paradox begins to occur and the cost effectiveness of change becomes less certain. Ideally, momentum is built up so at that point coming to rest at a sustainable level of excellence will then make sense and sustain itself.
Don TurnbladeEnergizer at 6/26/2017 4:13:50 PM Quote
You must sign in to rate content.
(2 ratings)

RE: COBIT Focus - Screws Have to Tighten?

Thanks for considering the Pareto Principle in process improvement. Implementing the first 20% of change that aims to make the first 80% improvement. Organizational tolerance for further changes and the drive for process excellence that has early gains in it tend to win the support for successive improvements. Also, it is often the case that the next pain points can "appear form left field" and are not actually anticipated well form a master deployment design. In the Quality Improvement and software world this has lead to a successive Agile like effort with a kind of refinement by successive smaller waterfall design. After one looks for the first 20% of problems that could lead to an 80% gain, a re-inspection for a new set of 20% of causes responsible for the next 80% gain tends to win a lot of respect, momentum and friends to bolster organizational change. It also helps keep process improvement value driven. Quality Assurance -- particularly Six Sigma -- expresses this as avoiding Quality for Quality sake but always working from the position of Cost Effective Quality. This implies that each process gain has a credible change to "pay for itself" and not simply adopt process for purity sake. To be sure well design controls with a well thought out top down design can satisfy design effectiveness rather well. But, pareto ordering of quick wins helps with operational effectiveness and appropriate control value when scaling controls implemented. The goal being to gain from good controls implemented while controlling the cost to comply by spending the most where gain is detectable. Then, then lighter touch controls can be enhanced when a gain appears and still fit into a larger well thought through effective control design. Cobit implemented with control levels set in a pareto-Agile deployment and enhancement delivery.
Don TurnbladeEnergizer at 6/26/2017 3:55:06 PM Quote
You must sign in to rate content.
(2 ratings)

RE: COBIT Focus - Screws Have to Tighten?

Roberto, I would be glad to assist with ideas on using Cost of Quality methods to created operationally excellent enhancement, deployment and momentum for effectively designed controls like COBIT. As careful considering connector/screw torque adds quality, durability and sustainability to physical designs and devices, so matching control intensity inside a well designed set of controls can be done in a favorable deployment and sustaining process. Plan, Do, Check, Act is a quality assurance process not just performed by auditors but also leveraged strategically in the implementation of controls themselves. Sorting control level and maturity in order of their affect on upon overall positive control effectiveness and seeking the first set that cumulatively amounts to an 80% gain in beneficial control is recognizable as a business friendly approach to sequencing control deployment or enhancement. Choosing these controls from an effective design like COBIT helps always with the top down comprehensive goodness and coverage. Even implementing every control at its lowest level and then dialing up the first set of controls that would make the first 80% of improvement keeps coverage and design effectiveness in place while staying value focused with each iterative pass of a Plan, Do, Check, Act cycle of control level appropriateness evaluation. It also provides both the story of gain to the business from Audit activity and the heart beat of wholesome momentum inside the dynamic business teams themselves.
Don TurnbladeEnergizer at 7/6/2017 11:13:02 AM Quote
You must sign in to rate content.
(1 ratings)

RE: COBIT Focus - Screws Have to Tighten?

Dear Don Tumblade
is a good point. It is not exactly the Pareto Principle but is based on it. With your permission I will include your comments in my presentations about it. 
I didn't describe the whole process but is true that there is a moment where quick wins have to leave place to the rest of related process to be implemented. Maybe can we talk about small wins? Well, it will depend on projects and also what we had agreed.

It could be the second part of the article. Do you want to write it?

Thanks a lot for your comments.
Roberto SorianoSocial at 7/6/2017 8:57:48 AM Quote
You must sign in to rate content.
(1 ratings)

RE: COBIT Focus - Screws Have to Tighten?

Thanks for considering the Pareto Principle in process improvement. Implementing the first 20% of change that aims to make the first 80% improvement. Organizational tolerance for further changes and the drive for process excellence that has early gains in it tend to win the support for successive improvements. Also, it is often the case that the next pain points can "appear form left field" and are not actually anticipated well form a master deployment design. In the Quality Improvement and software world this has lead to a successive Agile like effort with a kind of refinement by successive smaller waterfall design. After one looks for the first 20% of problems that could lead to an 80% gain, a re-inspection for a new set of 20% of causes responsible for the next 80% gain tends to win a lot of respect, momentum and friends to bolster organizational change. It also helps keep process improvement value driven. Quality Assurance -- particularly Six Sigma -- expresses this as avoiding Quality for Quality sake but always working from the position of Cost Effective Quality. This implies that each process gain has a credible change to "pay for itself" and not simply adopt process for purity sake. To be sure well design controls with a well thought out top down design can satisfy design effectiveness rather well. But, pareto ordering of quick wins helps with operational effectiveness and appropriate control value when scaling controls implemented. The goal being to gain from good controls implemented while controlling the cost to comply by spending the most where gain is detectable. Then, then lighter touch controls can be enhanced when a gain appears and still fit into a larger well thought through effective control design. Cobit implemented with control levels set in a pareto-Agile deployment and enhancement delivery.
Don TurnbladeEnergizer at 6/26/2017 3:55:06 PM Quote
You must sign in to rate content.
(2 ratings)

RE: COBIT Focus - Screws Have to Tighten?

Revisiting control levels over time also adapts to organizational dynamic change. One control at first may deliver huge benefits at first with stronger control levels. As other controls become more mature the control level itself may provide less compensation for other controls that were once weaker. Thus, a re-tuning of control levels provides value. As the organization begins to leverage its new controls, it will also adapt. Thus, left field control needs will begin to switch where control tuning gains best fit. To be sure classic pareto gains: 20% of causes are responsible for 80% of adverse impacts, is not always true. Yet, during most early deployments these are a sweet spot to find quick wins to for early focus and to build change momentum in first adopting and then perfecting cost effective controls. Further, a quality assurance focus helps rid the organization of the view that control will ever be perfect. A classic paradox model in quality is not exactly or even ever precisely true but worthy to consider for change messaging. Once early pareto wins begin to be used up then the Quality-Time-Cost paradox begins to occur and the cost effectiveness of change becomes less certain. Ideally, momentum is built up so at that point coming to rest at a sustainable level of excellence will then make sense and sustain itself.
Don TurnbladeEnergizer at 6/26/2017 4:13:50 PM Quote
You must sign in to rate content.
(2 ratings)

RE: COBIT Focus - Screws Have to Tighten?

No article has been published!
peterhillEnergizer at 6/28/2017 4:33:20 AM Quote
You must sign in to rate content.
(Unrated)

RE: COBIT Focus - Screws Have to Tighten?

Dear Peter, the article is in the following link http://www.isaca.org/COBIT/focus/Pages/which-screws-have-to-tighten.aspx
Roberto SorianoSocial at 6/28/2017 4:49:58 AM Quote
You must sign in to rate content.
(Unrated)

RE: COBIT Focus - Screws Have to Tighten?

View this video clip 7 minutes from the start:  https://www.youtube.com/watch?v=j_OcrRRRZFM&t=38s
peterhillEnergizer at 6/28/2017 5:59:59 AM Quote
You must sign in to rate content.
(Unrated)

RE: COBIT Focus - Screws Have to Tighten?

But Peter, that is one of the official videos about COBIT 5 Implementation. What is the point on that?
What I wrote is, of course related with the use of COBIT and there are some points in common, but is not the same. Isn't it?

Please let me what is your point about it.

BR.
Roberto SorianoSocial at 7/6/2017 8:44:18 AM Quote
You must sign in to rate content.
(Unrated)

Leave a Comment

* required

You must login to leave a comment.