This lesson is a part of COBIT® 5 Foundation Certification Course and provides a detailed understanding of the second and third principles of COBIT® 5. Let us begin with the objectives of this lesson.
By the end of this lesson you will be able to:
Describe principle 2 of COBIT® 5
Discuss governance enablers and governance scope
Identify the key roles in governance
Explain principle 3 of COBIT® 5
Let us move on to the next section to discuss the second principle of COBIT® 5.
The second key principle of COBIT® 5 is ’covering the enterprise end-to-end’.
It means that COBIT® 5:
integrates the governance of enterprise IT with enterprise governance;
covers all functions and processes required to govern and manage enterprise information and related technologies wherever that information is processed and
addresses all relevant internal and external IT services as well as external and internal business processes.
Now let us understand the governance approach to the second principle.
The image shown below depicts the governance approach to ’covering the enterprise end-to-end’.
The image also shows the flow and interaction between the various components that illustrate the governance approach to this principle.
In the following section, we will discuss the various elements of the governance approach.
The main elements of the governance approach for the principle ‘covering the enterprise end-to-end’ are as follows.
The first element is governance enablers.
- They comprise the organizational resources for governance, such as frameworks, principles, structures, processes and practices towards which action is directed and objectives can be attained. Governance enablers include the enterprise’s resources as well.
- Enablers also comprise resources such as service capabilities including infrastructure and applications, as well as people and information.
- A lack of resources or enablers may affect the ability of the enterprise to create value.
- It may comprise the whole enterprise or an entity.
- Governance can be applied not only at an enterprise entity or unit level but also at a tangible or intangible asset level. In the next section, we will look into the governance roles, activities and relationships.
Check out the COBIT 5 Foundation Certificate Course Here!
To outline governance roles, activities and relationships, it is important to define:
who is involved in governance,
how they are involved,
what they do and
how they interact within the scope of any governance system.
The key generic roles are handled by the owners and stakeholders, governing body, management and operations team. The key responsibilities of those who are involved in the governance process and the process flow are as follows.
The owners and stakeholders are accountable for the governance process. However, they delegate the responsibility of the process to a governing body.
The governing body sets the direction of the process to the management.
The management instructs and aligns the operations team with the direction set by the governing body.
The operations team executes the instructions and re ports back to the management.
The management will also monitor operations on behalf of the governing body.
The governing body will report back to owners and stakeholders about the performance.
Each of these roles and their responsibilities is discussed in detail in the forthcoming sections. Let us first understand the governance roles, activities and relationships of the stakeholders in the next section.
The role of the owners and stakeholders and their activities, accountabilities and responsibilities are:
to specify their needs based on the drivers, for example, strategy changes, a changing business and regulatory environment, new technologies or advances in technology
to delegate their requests in the form of needs to be satisfied by the governing body
to be accountable in terms of the needs meeting the specified requirements.
In the next section, we will discuss the governance roles, activities and relationships of the governing body.
The role of the governing body and their responsibilities are:
to set directions in terms of enterprise goals for the management to fulfill the stakeholder needs
to hold the stakeholders accountable for the needs meeting the specified requirements
to receive requests from the stakeholders and evaluate the needs before setting the direction to the management and
to monitor the overall management functionality in delivering the stakeholder needs.
In the next section, we will focus on the governance roles, activities and relationships of the management.
The role of the management and their activities and responsibilities are:
to receive directions from the governing body
to set IT-related goals for the IT and related operations team to meet the stakeholder needs
to instruct and align directions to the operations teams
to monitor the overall operations and execution to fulfill the stakeholder needs
to receive reports from the operations team.
We will focus on the governance roles, activities and relationships of the operations team in the following section.
The role of the operations team and their activities and responsibilities are:
to plan, build, test, run and monitor the activities that produce the final product or service that meets the stakeholder needs
to perform extensive planning, building, testing, running and monitoring the services and
to report to the management regarding the performance at regular intervals
In the next section, we will focus on the third principle of COBIT® 5, which is ‘applying a single integrated framework’.
The following are some important information about frameworks, models and standards.
Frameworks
Frameworks are a system of rules, ideas or beliefs used to plan and build or even provide a support structure to build something.
Example, buildings, enterprises and best practices systems, such as ITIL® (read as I-T-I-L), COBIT® or software applications
Models
Models are similar to blueprints or prototypes of the intended real objects. They are physical representations that aid better visualization and conception of the real objects.
Examples of models are blueprints of buildings, 3D models and prototypes of products.
Standards
Standards are agreed levels of quality. They are used as the norm and have to be met for the fulfillment of organizational goals and objectives.
Example, many companies have to comply with the quality standards such as ISO 9001 (Read as nine thousand and one) Standard, especially in the healthcare or food-related industries.
COBIT® 5 is an integrated framework because:
it aligns with the latest relevant standards and frameworks.
it is complete in enterprise coverage.
it provides a basis to integrate other frameworks, standards and practices effectively.
it integrates the knowledge previously distributed over different ISACA® (read as one word EESAKA) frameworks.
it provides a simple architecture for structuring guidance materials and producing a consistent product set.
In the next section, we will look into the illustration of the COBIT® 5 integrated framework.
What are you waiting for? Interested in taking up a COBIT® 5 Course? Check out our Course Preview!
The image shown below depicts the COBIT® 5 Integrated framework.
As a single integrated framework, COBIT® 5 consists of existing ISACA guidance that includes other frameworks such as older versions of COBIT®, Val IT®, Risk IT®, and BMIS™. It also includes the new ISACA® guidance materials and other standards and frameworks.
The COBIT® 5 knowledge base consists of current guidance and contents, along with the structure for the future content. The COBIT® 5 enablers contribute greatly to the knowledge base and its upkeep.
The content filter for the knowledge base is applied to provide the various COBIT® 5 guides and publications namely:
COBIT® 5
COBIT® 5 Enablers Guide
COBIT® 5 Professional Guides and
COBIT® 5 Online Collaborative Environment.
In the next section, we will discuss the ISACA® frameworks that have influenced COBIT® 5 and are included in it.
COBIT® 5 includes three legacy frameworks:
COBIT® 4.1 Control Objectives
Val IT® Key Management Practices
Risk IT® Management Practices
These map to the COBIT® 5 Governance and Management Practices.
The image shown below depicts the three legacy frameworks:
In the next section, we will look into the COBIT® 5 product family.
The image shown below depicts the COBIT® 5 product family which enables a single integrated framework.
COBIT® 5: A Business Framework for the Governance and Management of Enterprise IT
COBIT® 5: Enabling Processes COBIT® 5 Implementation Guide
COBIT® 5 for Information Security
COBIT® 5 for Assurance
COBIT® 5 for Risk
COBIT® 5 Online Collaborative Environment
A series of other products that will be tailored to specific audiences or topics are planned. The COBIT® 5 products are linked to the external sources for standards.
Planning to get COBIT 5 Certified? Click to see our Course Preview!
Let us summarise what we have learned in this tutorial:
The second principle of COBIT® 5 is ‘covering the enterprise end-to-end’ which means that COBIT® 5 integrates the governance of enterprise IT with enterprise governance.
The governance enablers comprise the organizational resources for the governance and the enterprise.
The governance scope comprises the whole enterprise, an entity and a tangible or an intangible asset.
The key roles in governance are handled by the owners and stakeholders, governing body, management and operations team.
The third principle of COBIT® 5 is ‘applying a single integrated framework’.
COBIT® 5 is an integrated framework because it aligns with the latest relevant standards and frameworks.
We will learn about Principle 4 and 5 of COBIT® 5 in the next lesson.
A Simplilearn representative will get back to you in one business day.