• Bookmark

COBIT Focus Archives

Drive Transparent and Measurable Value With COBIT 5 Process Metrics

By Okanlawon Zachy Olorunojowon, CISA, CGEIT, COBIT Assessor, COBIT Foundation, COBIT Implementation, COBIT Trainer, CSX Foundation, PMP, Prosci Change Management

COBIT Focus | 18 December 2017


Okanlawon Zachy Olorunojowon “If you cannot measure it, you cannot manage it” is a saying that applies to governance of enterprise IT (GEIT) just as much as it does to the entire organization. Not only would one fail the test of effective governance and management without metrics, but improvement would lag and proof of value would be, at best, unfounded. Read More >>

Delivering Disruptive Innovation Using the COBIT 5 Framework

By Oluwaseyi Ojo, CEng, CRISC, CISM, CGEIT, COBIT 5 Certified Assessor, CISSP, SABSA CSA, TOGAF 9

COBIT Focus | 4 December 2017 Japanese


Oluwaseyi Ojo In today’s competitive and dynamic business environment, it is mandatory to have disruptive innovation capability or capabilities both for growing a business and protecting existing markets. Yet delivering disruptive innovation needs new mindsets and behaviors for organization leaders and the organizations they lead. This article describes how to use the COBIT 5 framework to deliver disruptive innovation. Read More >>

Using COBIT in Government Departments

By Panduranga Bichal, COBIT Implementer, ISO 27001 LI, ITIL Expert, PRINCE2 Practitioner, TOGAF

COBIT Focus | 30 October 2017


Panduranga Bichal The government of India is focused on ensuring the effective delivery of government services to its customers who consist of citizens, businesses, tourists or anyone who may require interaction with government departments at different levels for their day-to-day activities. The government of India’s aim is to improve the lives of the nation’s citizens by doing much more than simply implementing technology. Read More >>

Using COBIT 5 to Assess IT Processes Capabilities and Evaluate Compliance With the World Lottery Association Security Control Standard and ISO 27001

By Ioannis Panopoulos, CISA, CRISC, CGEIT, CSXF, ISO 27001 LA, and Maria Melliou, CISA, CAML, CCO, CIA, CRMA, ISO 27001 LA

COBIT Focus | 16 October 2017


Ioannis Panopoulos Maria Melliou The internal audit team of one of the biggest gaming operators in Europe implemented a cloud-based governance, risk and compliance (GRC) platform to improve the quality of its audit work papers and the productivity and collaboration with the other assurance teams (i.e., compliance, risk, security) of the company. MetricStream was selected as partner for this implementation. Read More >>

Focus on COBIT Adoption Rather Than Implementation

By Pam Erskine, COBIT Implementation and Assessor, DevOps Fundamentals ITIL Expert, Kepner-Fourie, Lean IT, Six Sigma

COBIT Focus | 25 September 2017 Japanese


Pam Erskine Organizational change management (OCM) focuses on helping people adapt to change. Research shows that by acknowledging the importance of OCM and taking steps to address the people side of change, organizations will be 4 times more likely to be successful. Read More >>

Portfolio, Program and Project Management Using COBIT 5


COBIT Focus | 11 September 2017


Sunil Bakshi Many organizations attribute their success to being able to execute their strategic goals and objectives. Execution will be successful if it is measured and if corrective actions are taken at appropriate times when there are deviations. Thus, there has to be a plan that should enable measurement, help track progress and enable corrective action to be taken at the right time to keep the execution on track. Read More >>

Participatory Health Care Security

By Ed Moyle

COBIT Focus | 21 August 2017


Ed Moyle If you have ever wanted to be a doctor but ended up taking a different career path, participatory medicine may be just the new development for you. As its name implies, it is a philosophy of providing health care in which patients abandon their traditional passive stance and instead take an active role in their treatment. Read More >>

Using ISACA Privacy Principles for GDPR Compliance


COBIT Focus | 14 August 2017


Rebecca Herold I started addressing privacy risk within a large multinational financial and health care organization around 1993 when, generally, no legal requirements for addressing privacy existed, but certainly many privacy risk factors and concerns did indeed exist. (Note: Just because there are no laws governing privacy, it does not mean there is no privacy risk or potential privacy harms; there could be many.) How times have changed. Read More >>

A Group IT Governance System Model With a Pair of Wheels—Oversight and Shared IT—for a Financial Group in Japan

By Yuichi (Rich) Inaba, CISA

COBIT Focus | 31 July 2017 Japanese


Yuichi (Rich) Inaba The financial industry in Japan has seen a growing number of organizing financial groups or conglomerates since the Japanese antitrust law was revised in the late 1990s to make it easy to establish a holding company and formulate a company group. Read More >>

COBIT 5 Aids Transition to Smart and Sustainable Cities

By Graciela Braga, CGEIT, COBIT 5 Foundation, CSX Foundation

COBIT Focus | 24 July 2017


Graciela Braga A new edition of The Green Standards Week has finished, but the journey for cities has just begun.

The International Telecommunication Union (ITU), together with several organizations, including the United Nations Human Settlements Programme (UN-Habitat) and the Inter-American Association of Telecommunication Enterprises (ASIET), have organized the 7th edition of the Green Standards Week from 3 to 5 April 2017 in Manizales, Colombia. Read More >>

COBIT 5 for Risk—A Powerful Tool for Risk Management

By Hafiz Sheikh Adnan Ahmed, CGEIT, COBIT 5 Assessor, ISO 20000 LA, ISO 27001 LA, ISO 27032 Lead Cybersecurity Manager ISO 38500 Lead IT Corporate Governance Manager, Lean Six Sigma Green Belt

COBIT Focus | 10 July 2017


Hafiz Sheikh Adnan Ahmed Today, as we continue to adapt to a highly volatile environment, businesses are becoming more proactive about risk management. Risk management is on most corporate agendas, whether a private or public organization. Special attention to risk management is paid by governments, semigovernments, stock exchanges, shareholders and regulators. Read More >>

Which Screws Have to Tighten?

By Roberto Soriano, CISA, CRISC, CISM, ISO 27001 LA, PMP

COBIT Focus | 26 June 2017 Spanish


Roberto Soriano When most organizations undertake an important process improvement effort (e.g., compliance, cyber security, governance), they typically refer to different standards and prepare a complex process to implement the improvement. Read More >>


COBIT 5 for Risk: Making Sense of IT Risk Management

By Syed Salman, CISA

COBIT Focus | 12 June 2017


A leading Big 4 professional services firm in the Middle East was selected by a large retail bank in the region to assist in enabling IT risk management practices to deliver value to the enterprise in a cost-effective manner. The bank was facing and continues to face a growing and ever-changing IT risk landscape. Read More >>

COBIT 5 and the GDPR

By Joanna Karczewska, CISA

COBIT Focus | 29 May 2017


With just a year left until the European Union’s (EU’s) General Data Protection Regulation (GDPR) takes effect, it is time for any organization with European customers to get started with the implementation of its requirements. Most supervisory authorities in EU countries have published guidelines on how to get ready. Read More >>

Applying the Goals Cascade to the COBIT 5 Principle Meeting Stakeholder Needs

By Govind Kulkarni, COBIT 5, CSQA, DevOps Master, ISO 27000 Auditor, ITIL Expert, PMP

COBIT Focus | 24 April 2017


COBIT 5 is a renowned best practice framework for governing and managing enterprise information technology. This framework covers the entire enterprise from end to end in terms of processes, organization structures, policies, skills and talent, information, and other enablers, and top to bottom from the board of directors to incident management specialists working in operations. Read More >>

How COBIT 5 Can Help Reduce the Likelihood and Impact of the Top 5 Cyberthreats

By Sue Milton, CISA, CGEIT

COBIT Focus | 3 April 2017


2017 is here with cyberbreaches increasing, with their impacts rippling ever further into business and personal life.

Are these threats too big to manage? Is cyberthreat management the ‘elephant in the room’? Read More >>

Using Visual Models for Adopting IT Governance Practices

By Rafael Almeida, Pedro Linares Pinto, Renato Lourinho, Miguel Mira da Silva, Ph.D.

COBIT Focus | 20 March 2017


IT governance (ITG) can be adopted using a mixture of various structures, processes and relational mechanisms that encourage behaviors consistent with the organization’s mission, strategy, values, norms and culture. Examples of process mechanisms are ITG frameworks, best practices and International Organization for Standardization (ISO) standards such as COBIT 5, ITIL 2011 and ISO/IEC 27001. Read More >>

A Model Proposal for Organizational Prudence and Wisdom Within Governance of Business and Enterprise IT

By Ahmet Efe, Ph.D., CISA, COBIT 5 Foundation

COBIT Focus | 6 March 2017


The intimidatingly rapid growth of big data in the ever-changing, innovative information technology environment has created challenges for enterprises, such as the optimization of risk, costs and resources to best respond to the requirements of the ecosystem and the needs of stakeholders.

The Essence of Information

By Peter T. Davis, CISA, CISM, CGEIT, COBIT Foundation, COBIT Implementation, COBIT Assessor, COBIT INCS, CISSP, CPA, CMA, CMC, DevOps FC, ITIL FC, ISO 9001 FC, ISO 20000 FC/LI/LA, ISO 27001 LI/LA, ISO 27005 Lead Risk Manager, ISO 27032 Lead Cybersecurity Manager, ISO 28000 FC, ISO 31000 Lead Risk Manager, ISTQB CTFL, Lean IT FC, Open FAIR FC, PMI-RMP, PMP, PRINCE2 FC, RESILIA FC, SFC, SSGB

COBIT Focus | 13 February 2017


I was taught that information was processed data. While the definition was useful, it was not very enlightening. It raised as many questions as it answered. Who uses the information? Why do I need information? For what do I use information? Where do I use information? When do I use it? How do I use it? So many questions. Read More >>

Extending COBIT 5 Data Security and Governance Guidance

By Myles Suer, ITIL, and Les McMonagle, CISA, CISSP, ITIL

COBIT Focus | 30 January 2017


COBIT 5 contains highly relevant guidance for IT practitioners and business leaders regarding governing and protecting data and information. However, the question of whether COBIT 5 is enough should be asked. This article explores what COBIT 5 provides and does not provide, then suggests a series of appropriate additions. Read More >>

Developing Business Capabilities Using COBIT 5

By Oluwaseyi Ojo, CEng, CRISC, CISM, CGEIT, COBIT 5 Certified Assessor, CISSP, TOGAF 9

COBIT Focus | 16 January 2017


To execute your strategy, you need to build business capabilities. In order to ensure a business will be successful in the future, an organization must understand how it defines success and must know if it has the capability today to do better or to do more to achieve this success.

Setting the Record Straight: Convincing Management of COBIT’s Value in Risk Management

By Julian Marquez, CISA, CRISC, COBIT Foundation, ISO 27001 LA, ITIL Foundation

COBIT Focus | 3 January 2017


Although COBIT remains an extremely valuable tool for IT risk management, many Latin American companies still find themselves slightly confused when trying to understand what it takes to carry out a complete or partial COBIT implementation. In fact, organizations still struggle with how to achieve long-term business and IT goals through ... Read More >>


COBIT Focus Archives page 1 | 2 | 3 | 4 | 5