Business leaders must take accountability for governing and managing IT-related assets within their units and functions just as they would other assets, such as those involving physical plant or human resources.
This is critical as achieving enterprise goals becomes increasingly interconnected with successfully managing and governing its technology. COBIT 5 provides the framework needed to connect business goals with IT goals while utilizing non-technical, business language, as explored in a recent ISACA podcast. John Jasinski, a COBIT certified assessor, discusses the framework’s core principles and enablers, and ways in which enterprises can successfully leverage them.
“The main purpose of the governance of enterprise IT is to achieve strategic alignment of information and related technology with the goals of the enterprise,” Jasinski said. “However, a continuing challenge for enterprises is how to achieve and maintain the alignment as stakeholder needs and enterprise goals change. The COBIT goals cascade provides context, structure and content for consistency of goals and meeting stakeholder needs.”
The COBIT 5 goals cascade provides a model to define and link enterprise goals and IT goals in support of stakeholder needs.
Decisions on how to utilize IT assets and resources should be made by business managers in an overall governance and management context, according to Jasinski. Directors should govern IT through three main tasks:
- Evaluate the current and future use of IT;
- Direct implementation of plans and policies to ensure the use of IT meets business objectives;
- Monitor conformance to policies and performance against the plans.
COBIT 5, which aligns with other relevant standards and frameworks used worldwide, provides a technology-agnostic common language to more effectively address information and cyber security, risk, vendor management, cloud controls and many other challenges faced by enterprises. Distinctions between governance and management also are addressed.
“If you’re looking for context, structure and content to address your biggest digital business challenges and opportunities, you must have an understanding the COBIT goals cascade, enabling processes and the entire COBIT library,” Jasinski said. “COBIT can help you understand how to connect all the dots, and fit the puzzle pieces together. This is important stuff.”
Further ISACA insights on the topic can be found in the white paper, “COBIT 5 Principles: Where Did They Come From?”
Editor’s note: The ISACA Podcast is now available on iTunes, Google Play and SoundCloud. Listen to experts in cyber security, audit, governance and more as they explain the latest trends and issues facing professionals.