Basic Foundational Concepts Using COBIT 5 

 

These materials are intended for ISACA Academic Advocates only. You must be logged in to the web site as an ISACA Academic Advocate in order to access them. Please note: ISACA’s Academic Advocate program is currently on hold and at this time we are not accepting any new applications.

Please first review the Academic Guidelines for using this material:

Download Academic Guidelines (292K)

Download Academic Translation Agreement (323)

For copyright permission to customize the material, contact Julia Fullerton, Director of Intellectual Property and Business Product Development at jfullerton@isaca.org.


Student Book

  • Chapter 1. The Purpose of This Document is to provide a learning resource that can be used effectively by students with little or no business experience.
  • Chapter 2. IT Governance and the Political Dimension provides an overview of IT governance, its emergence and political and legislative drivers and briefly discusses IT governance frameworks, including COBIT 5.
  • Chapter 3. Core Concepts in COBIT 5 explains the important concepts from COBIT 5 for general use of the framework.
  • Chapter 4. Value Creation and Benefits Realisation provides an introduction and overview of the concept of how IT can create value for the organisation.
  • Chapter 5. Risk presents definitions for risk, risk management, enterprise risk, and the risk management process.
  • Chapter 6. Information Security explains information security, its objectives and the information life cycle.
  • Chapter 7. Assurance explains the assurance process, drivers for assurance, techniques for assurance and components of assurance.

  Download Student Book (Academic Advocates only; 35-page PDF)


Bottler Company Caselet

Company profile, background information, notes and questions for discussion included. Students are assigned the role of the CIO in a soft-drink bottling company, for which they need to use COBIT 5 to design business processes, develop a business case for an ERP system, and improve governance of enterprise IT.

  Download Caselet (Academic Advocates only; 32-slide PPT file)

  Download Caselet Answers/Solutions (Academic Advocates only; Teaching Notes, 46-slide PPT file)


Cornerstone AirLifted Caselet

Company profile, background information, problems, business risks, issues, and questions for discussion included. Students are assigned the role of the CISO in a small airlines company, for which they need to identify key information for new B2C (business-to-consumer) e-commerce information systems, using COBIT 5 to define compliance metrics to mitigate IS risk and minimize business risk.

  Download Caselet (Academic Advocates only; 28-slide PPT file)

  Download Caselet Answers/Solutions (Academic Advocates only; Teaching Notes, 20-slide PPT file)


KS Solutions Caselet

Company profile, background information, problems, the student’s role, and questions for discussion included. A formerly dysfunctional software development company has hired a new CIO (the student role) charged with driving business processes toward growth and profitability, including mapping the system development life cycle (SDLC) for the problems identified.

  Download Caselet (Academic Advocates only; 31-slide PPT file)

  Download Caselet Answers/Solutions (Academic Advocates only; Teaching Notes, 27-slide PPT file)


Major Manufacturing Caselet

Company profile, background information, problems, figures, and questions for discussion included. Students take on the role of an independent Senior IT Auditor, assigned to audit an enterprise with which that individual has family ties, prior staff/consulting work experience, and inside knowledge of operations that presents challenges to delivering an impartial report.

  Download Caselet (Academic Advocates only; 26-slide PPT file)

  Download Caselet Answers/Solutions (Academic Advocates only; Teaching Notes, 31-slide PPT file)


Smithsonian Banking Group Caselet

Company profile, background information, problems, and questions for discussion included. Students take on the role of a rather inexperienced, but newly CISA-certified IS Auditor, assigned to identify and report on areas to review for a large financial institution’s Internet banking technology and products.

  Download Caselet (Academic Advocates only; 35-slide PPT file)

  Download Caselet Answers/Solutions (Academic Advocates only; Teaching Notes, 31-slide PPT file)