COBIT Case Study: The Manta Group 

 

Abstract

A boutique management consulting firm, The Manta Group has found information technology (IT) governance to be a strong differentiating factor for its clients. The current global, networked business environment now demands that IT improve organizational processes via well-defined controls and metrics. The Manta Group uses Control Objectives for Information and related Technology (COBIT) to help clients improve their processes and achieve alignment with business goals through relevant and practical controls and metrics. After extensive research and review, as well as hands-on expertise in the field, the firm has found COBIT to be the only internationally accepted governance framework to provide a complete and concise model for governing and attaining value from investments in IT.

Background

The Manta Group was founded in 2003 with the goal to unleash the power of IT investment through governance. Early on in its formation, The Manta Group founders performed extensive research and decided to use Control Objectives for Information and related Technology (COBIT) as the governance framework. As such, the company has had several years of solid experience in using COBIT within government, retail, media and finance sectors in Canada.

The Manta Group offers four sets of consulting services: governance, portfolio management, service management, risk and compliance. As a boutique management consulting firm, The Manta Group uses publicly available best practices and standards, such as COBIT, ITIL, PMBoK, NIST and ISO. The Manta Group services are delivered by a combination of employees and contract staff with annual revenue of CAN $3 million.

Process

The industry demand for IT to improve organizational processes through well-defined controls and metrics is no longer a negotiable item. As such, The Manta Group uses COBIT to help client IT organizations improve their processes and achieve alignment with business goals through relevant and practical controls and metrics.

The firm relies on COBIT as a governance framework for its clients within private and public sectors, to enable investments in IT to be managed and measured by a set of transparent and concise controls and metrics.

Its clients are all public companies and government agencies with boards of directors and audit committees. The Manta Group uses COBIT and other IT Governance Institute research publications to educate and orient professionals involved in all levels of IT and business management regarding the value of IT governance. Its approach to implementing COBIT for its clients involves knowledge transfer. Expert COBIT consultants facilitate the process so clients can assume the roles and responsibilities for IT governance at all levels.

Gaining support for COBIT implementations from senior management is frequently initiated by the audit committee and the audit report. COBIT adoption also gains momentum from a strategic perspective as senior management realizes that good governance over IT is not an externality but a significant value-add.  

The Manta Group has developed a series of risk-based, demand-based and capability-based models that it uses with its clients to determine the value vs. risk of a control objective as per the capability of the organization. The firm’s approach to COBIT implementation is extremely customized and client-centric. It analyzes clients’ demand for technology vs. the risk so it can determine which areas of COBIT will deliver the most value for its clients. For example:

  • Within the media sector, The Manta Group used the COBIT framework to address Sarbanes-Oxley audit requirements for IT general computing controls.
  • Within the retail sector, The Manta Group has used COBIT to establish risk frameworks for technology and alignment with application portfolios driven by business demands.
  • Within the financial sector, The Manta Group used COBIT to transform IT cost structure, delivery strategy and organization structure from strategic and tactical perspectives, resulting in an overhaul of IT.
  • Within the government sector, The Manta Group has used COBIT to establish a risk assessment framework to manage change at the corporate level for shared infrastructure and services.

COBIT’s contribution to Sarbanes-Oxley compliance
The firm has also used the COBIT framework for initiatives involving compliance with the U.S. Sarbanes-Oxley Act. Within the retail and media sectors, COBIT has helped expedite the process of establishing and testing general computing controls for audit purposes. The firm has derived positive experiences when implementing the COBIT framework for Sarbanes-Oxley because it has been able to effectively implement guidelines and test procedures that are acceptable by audit while intrinsically increasing the value of IT through governance. 

Conclusion

The Manta Group and its clients have found COBIT to be the most effective governance framework due to its coverage footprint as well its result/outcome-oriented approach, where every task and action is measured by a specific contribution to a goal. The firm has successfully established COBIT as the IT governance framework for its clients that have a demand for IT governance. It has not found any other governance framework that provides such a complete and concise model for governing investment in IT.

The Manta Group credo is “the performance you keep,” and it has found that COBIT provides the underlying governance framework for its customers to experience the benefits of investment in governance through a 30-day, 60-day and 90-day plan that its consultants have implemented. Its risk-based, demand-based and capability-based analytical models enable its clients to assess the value of control for the specific characteristics of their organization and avoid the pitfalls of generalization. 

The Manta Group is committed to COBIT and has first-hand experience of its power and strengths. The firm plans to continue to use COBIT as its governance framework for IT, and looks forward to the ongoing update and increasing benefits of implementing COBIT for its clients.