Download (Member Only, 1.3M)
Download Abridged Version Without Appendices, References and Index
(Member Only, 342K)
Purchase the e-Book
Provide feedback on this document
Visit the COBIT - Use it Effectively Knowledge Center community
This document contains a detailed mapping of TOGAF 8.1 with COBIT 4.0 and also contains the classification of the standards discussed in this paper as presented in the overview document COBIT® Mapping: Overview of International IT Guidance, 2nd Edition.
A brief overview of the standards mapped against each other in this document follows:
- COBIT—COBIT was originally released as an IT process and control framework linking IT to business requirements. It was initially used mainly by the assurance community in conjunction with business and IT process owners. With the addition of management guidelines in 1998, COBIT was used increasingly as a management framework, providing management tools such as metrics and maturity models to complement the control framework. With the release of COBIT® 4.0 in 2005, it became a more complete IT governance framework.
- TOGAF—This detailed method and set of supporting tools for developing an enterprise architecture were developed by members of The Open Group, working within the Architecture Forum (http://www.opengroup.org/architecture). TOGAF has been in existence since 1995, when the newly created Architecture Forum developed the first version based on the US Department of Defense (DoD) Technical Architecture Framework for Information Management (TAFIM). The DoD gave The Open Group explicit permission and encouragement to create TOGAF by building on TAFIM.
The mapping was performed as follows:
- COBIT 4.0 was used for structure and indexing:
- Information criteria
- IT resources
- IT governance focus areas
- Detailed control objectives
- Management guidelines (inputs; outputs; Responsible, Accountable, Consulted and Informed (RACI) chart; goals; and metrics)
- Key concept (identified by the author)
- The content of the TOGAF 8.1 book was split; chapter and page references were used for subsequent identification of the source.
- A text search using the key concepts identified from COBIT was performed on the entire content of TOGAF 8.1 (both structured and unstructured content) to identify bidirectional mappings that were linked to COBIT control objectives.
- The COBIT 4.0 IT resources, listed in chapter 3, COBIT Overview, were mapped to the TOGAF Enterprise Architecture (EA) domains listed in chapter 4, TOGAF Overview (e.g., the IT resource people maps to the business architecture domain).
- The COBIT 4.0 RACI chart for the role of chief architect was indexed and reviewed.
- A primary, secondary and contextual mapping classification of the bidirectional links was performed where:
A high-level conceptual mapping check was performed.
- A primary mapping identifies a direct link between the COBIT control objective and TOGAF content. For example, PO3.5 IT architecture board in appendix 1, Plan and Organise, maps directly to chapter 23: Architecture Board.
- A secondary mapping is less important than a primary mapping and often supports a mapping already identified as a primary mapping. For example, in TOGAF chapter 12: Phase F—Migration Planning, COBIT control objective PO3.1 Technological direction planning has a secondary mapping to ‘application architecture viewpoints’ and a primary mapping to ‘applications baseline description’. The architecture viewpoints are primary mappings to TOGAF chapter 31: Developing Architecture Views.
- A contextual mapping provides guidance that forms the setting for primary and secondary mapping points. For example, COBIT control objective PO4.4 Organisational placement of the IT function provides context to TOGAF chapter 23: Architecture Board, and vice versa.
- The TOGAF text referenced in the appendices was limited to the primary mapping to improve the general readability of this document.