COBIT® 5 Overview of Enabler 1 Tutorial

1 Overview of COBIT® 5 Enablers: Enabler 1

Hello and welcome to lesson 3 of the COBIT® 5 (read as KOBIT Five) Foundation Certification course offered by Simplilearn. In this lesson, we will focus on the key aspects of the seven enablers described in the COBIT® 5 framework, and specifically discuss the enabler 1. Let us begin with the objectives of this lesson in the next screen.

2 Objectives

By the end of this lesson, you will be able to: ? Identify the seven enablers of COBIT® 5 ? Explain enabler 1 of COBIT® 5 ? Differentiate between principles and policies ? Describe the characteristics of a good policy Let us move on to the next screen to discuss the COBIT® 5 enterprise enablers.

3 COBIT® 5 Enterprise Enablers

COBIT® 5 enablers are defined as factors that, individually and collectively, influence the success of an initiative and are driven by the goals cascade. The image on the screen depicts the seven enablers of COBIT® 5. The first enabler is ‘principles, policies and frameworks’. The second enabler is processes. The third enabler is ‘organisational structures’. The fourth enabler is ‘culture, ethics and behaviour’. The fifth enabler is information. The sixth enabler is ‘services, infrastructure and applications’. The seventh and the final enabler is ‘people, skills and competencies’. In next screen, let us proceed to have a quick recap of principle 4 that is ‘enabling a holistic approach’.

4 Recap of Principle 4—Enabling a Holistic Approach

As we have discussed in principle 4, all enablers have a set of common dimensions that: provide a common, simple and structured way to deal with the enablers; allow an entity to manage its complex interactions; and facilitate successful outcomes. In the next screen, let us understand the ‘enabling a holistic approach’ principle with the help of an example.

5 Enabling a Holistic Approach Principle—Problem Statement

The top management of Nutri Worldwide Inc., a food processing company, has decided to diversify their business activities and sell kitchen products. They invested in a larger plant, new warehouse, bigger office and additional retail areas. Their focus shifted from the day-to-day operations to a high- intensity, nation-wide marketing campaign. The day-to-day operations were left to the numerous staff trained for this purpose. However, within a short time, sales fell drastically and continued to fall in the subsequent months. Expenses had rocketed owing to the amount spent on marketing. In their attempt to diversify, the company lost focus of their primary product and began to face an identity crisis. Employee morale was at an all-time low and the company struggled to be in business. What should the organisation have done to sustain their success and growth? Let us find out the possible solution in the next screen.

6 Enabling a Holistic Approach Principle—Solution

The organisation should have asked the four questions of the ‘enabling a holistic approach’ principle on a regular basis. The four questions are as follows. Are stakeholders’ needs addressed? Are enabler goals achieved? Is the enabler lifecycle managed? Are good practices applied? The following would be the answer to the question, ‘Are stakeholder needs addressed?’. The organisation has succeeded with one product and immediately decided to diversify. They failed to check if there was a need or demand for another product. The organisation was more likely to achieve their revenue targets by focusing on the customers’ needs. The following would be the answer to the question, ‘Are enabler goals achieved?’. The enabler goal of ‘people, skills, and competencies’ have not been met, as evident from the declining sales. The organisation failed to achieve optimum utilisation of resources due to the huge storage-related expenses and inexperienced staffs. The following would be the answer to the question, ‘Is the enabler lifecycle managed?’. The lifecycle activities, namely, plan, design, build, operate, monitor and update were not managed as the stakeholders were not identified. The change of focus from the day-to-day operations led to the mismanagement and inappropriate monitoring of the activities. The following would be the answer to the question, ‘Are good practices applied?’. It is necessary to assess if the organisation has applied good practices, especially to the ‘people, skills and competencies’ enabler. It should also ensure the inclusion of the answers to the questions regarding the hiring of the skilled and competent people who can contribute to the growth and appropriate utilisation of their skills and competencies. In the next screen, let us focus on the first enabler of COBIT® 5 that is ‘principles, policies and frameworks’.

7 Enabler 1—Principles, Policies and Frameworks

Let us first understand the purpose of principles, policies and frameworks. The purpose of the principles, policies and frameworks enabler is to convey the governing body’s and management’s direction and instructions. They are instruments to communicate the rules of the enterprise and to support the governance objectives and enterprise values as defined by the board and executive management. In the next screen, we will look into the differences between principles and policies.

8 Principles vs Policies

The following are a few basic differences between principle and policies. Principles serve as the basis or foundation for the system of behaviour an organisation will put in place and follow as part of its growth, vision and mission; whereas, Policies have a mechanism or framework in place where they can be effectively managed and the users are aware of it. Principles should be limited in number. They should also be in simple language so that the core values of the enterprise are expressed in a simple and clear manner. Policies should be detailed and provide guidance on how to put principles in practice. They should be comprehensive and cover all the required areas. They should be open and flexible allowing for easy adaptation and change. They should also be current and up to date. In the next screen, we will look into the characteristics of a good policy.

9 Characteristics of a Good Policy

The characteristics of a good policy are as follows. The first characteristic is to be effective and efficient. A good policy should enable efficient implementation and also achieve its purpose thereby making it effective. The next characteristic is to be non-intrusive. A good policy should be logical to those who comply with it. When writing policies, the enterprise should avoid the creation of unnecessary resistance. The third characteristic is to be manageable and available. A good policy should have a framework for effective management and to provide easy access to information. Another characteristic is to be comprehensive. A good policy should cover all the necessary areas. The fifth characteristic is to be open and flexible. A good policy should allow for easy adaptation and change. The sixth characteristic is to be current. A good policy should be up to date and relevant to the current needs of the organisation. While creating or writing policies, enterprises should avoid the creation of unnecessary resistance. In the next screen, we will discuss the requirements for good practice.

10 Good Practice Requirements

The good practice requirements for policies and frameworks include: their scope; the consequences of failing to comply with the policy; the means of handling exceptions; and the procedures to monitor policies. In the next screen, we will understand the relationship between principles, policies and frameworks and other enablers.

11 Relationship Between the First Enabler and Others

The links and relationships between ‘principles, policies and frameworks’ and other enablers are as follows. Principles, policies and frameworks reflect the cultures, ethics and values of the enterprise. Processes are the most important vehicle for executing the policies. Organisational structures can define and implement policies. Policies are part of information in the organisation. In the next screen, let us understand the ‘principles, policies and framework’ enabler with the help of an example.

12 Principles, Policies and Frameworks—Problem Statement

An online service to help business owners monitored their financial services. They ran into trouble when the emails and Facebook accounts of the board members were hacked. The hackers also sent defamatory emails about the company using the contacts list of all the hacked accounts. It soon emerged that a former disgruntled employee of the organisation had faked his identity and created multiple backdoor entrances to the company's software, paving the way for cyber-attacks in the future. What could have prevented these malicious attacks and saved the company? Let us find out the possible solution in the next screen.

13 Principles, Policies and Frameworks—Solution

One of the ways in which the organisation could have prevented the attacks was by having appropriate principles, policies and frameworks in place to check unauthorised access to their software or systems. Some of these measures include: policies and a framework for conducting background checks on employees before they joined the organisation; and an IT framework with firewalls and associated policies preventing external access to the organisation’s mail, intranet and software applications.

14 Summary

Let us summarise what we have learnt in this lesson: The COBIT® 5 enablers are principles, policies and frameworks; processes; organisational structures; culture, ethics and behaviour; information; services, infrastructure and applications and people, skills and competencies. The principles, policies and frameworks are instruments that communicate the rules of the enterprise. The principles serve as the basis or foundation for the system of behaviour an organisation will put in place, whereas the policies have an established mechanism where they can be effectively managed. A good policy should be effective and efficient, non-intrusive, manageable, comprehensive, open and flexible as well as current. Next, we will focus on the second enabler of COBIT® 5.

  • Disclaimer
  • PMP, PMI, PMBOK, CAPM, PgMP, PfMP, ACP, PBA, RMP, SP, and OPM3 are registered marks of the Project Management Institute, Inc.

Request more information

For individuals
For business
Phone Number*
Your Message (Optional)
We are looking into your query.
Our consultants will get in touch with you soon.

A Simplilearn representative will get back to you in one business day.

First Name*
Last Name*
Phone Number*
Job Title*