ISO 38500 is the international standard for the Corporate Governance of Information and Technology. COBIT® 5 is the next evolutionary step in the definition of a governance framework by ISACA that addresses operational needs, supports the organisation’s business operations and achieves strategic objectives. Today, more than ever before, information and related technologies need to be governed, managed and operated in a holistic manner with a single integrated process model that provides end-to-end coverage of the roles, responsibilities and practices required to build sufficient capability and deliver the performance expected by stakeholders.
Control Objectives for Information and related Technology (COBIT) has evolved into a fully-fledged IT governance framework. The Information Systems Audit and Control Association (ISACA) first released COBIT in 1996. It has continued to develop and promote the framework.
COBIT 5 is the most recent version of the integrated process reference model, providing further guidance, and more details, about how to govern the use of information technology, develop strategy, manage investments in information technology, deliver value, optimise resources, manage performance and govern IT risks.
This seminar will provide delegates with a clear understanding of ISO 38500 and COBIT 5 and it illustrate how to implement IT governance with practical examples..
The purpose of this seminar is to assist participants understand how to implement an IT Governance framework. On completion of this seminar, participants will be able to:
- Demonstrate an understanding of IT Governance
- Articulate how ISO 38500 and COBIT 5 meet the requirement for an IT Governance framework, as well as contribute to the implementation of IT controls
- Identify the key elements of an IT governance framework
- Design and implement a management system for COBIT 5
- Identify and implement the core components and key processes of COBIT 5
- Design and implement inherently lean COBIT 5 processes
- Upgrade from a COBIT 4.1 implementation to COBIT 5
- Make use of COBIT 5 and other standards (e.g. ISO 38500, ISO 27001 and ITIL) to establish good practices.
Company directors are accountable to the stakeholders who appointed them. Corporate governance codes expect that the directors act in the best interest of all takeholders when they EVALUATE, DIRECT and MONITOR the use of the company’s IT resources in support of business goals and strategic objectives.
COBIT® 5 builds on the foundation set by ISO 38500. It requires that organisations set and maintain a governance framework, integrated and aligned with the organisation’s approach to corporate governance.
The COBIT® 5 approach is to analyse and articulate the requirements, put in place and maintain effective enabling structures, principles, processes and practices with clarity of responsibilities and authority to achieve enterprise goals. This seminar will illustrate these key components.
COBIT® 5 expects that organisations will “maintain the enablers of a management system” and a control environment for enterprise IT and ensure that these are integrated and aligned with the enterprise’s governance and management philosophy and operating style.
The purpose of the management system is to aid the achievement of the organisation’s vision, direction and strategy. The management system will be strongly influenced by the internal environment, management culture and philosophy, and scope of activities included. The management system coordinates an integrated approach to performing work through careful planning and organising the interaction and sequence of tasks to be completed.
The COBIT 5 enabling process reference model includes all the processes normally found in an enterprise relating to IT activities, providing a comprehensive reference source about IT processes, understandable by operational IT and business managers.
The COBIT 5 enabling process reference model defines and describes the operational, management and governance processes and practices in a single integrated framework.
COBIT 5 is a complete, comprehensive model that an enterprise must tailor to its own specific needs after taking into account the internal business needs, the external business pressures and the various stakeholders’ expectation of the organisation and the IT function.