COBIT2019 guide to implement enterprise governance of information and ttechnology
- 1. Cobit 2019 Somchai Patviboon CISA,CISM,CRISC,CGEIT,CSX fundamental Axl_best@Hotmail.com
- 2. Cobit 2019 Enterprise governance of information and technology (EGIT)
- 6. Sustaining the Governance System
- 7. Typical Pain Points • Frustration between different IT entities across the organization because of a perception of low contribution to business value • Frustration between business departments (i.e., the IT customer) and the IT department because of failed initiatives or a perception of low contribution to business value • Significant I&T-related incidents, such as data loss, security breaches, project failure, application errors,linked to IT • Service delivery problems by the IT outsourcer(s) • Failure to meet IT-related regulatory or contractual requirement • Regular audit findings or other assessment reports about poor IT performance or reported IT quality or service problems
- 8. • Substantial hidden and rogue IT spending • Duplications between various initiatives, or other forms of wasted resources • Insufficient IT resources, staff with inadequate skills and staff burnout/dissatisfaction • IT-enabled changes or projects frequently failing to meet business needs and delivered late or over budget • Multiple and complex IT assurance efforts • Reluctance of board members, executives or senior management to engage with IT, or lack of committed business sponsors for IT • Complex IT operating model and/or unclear decision mechanisms for IT-related decisions • Excessively high cost of IT • Obstructed or failed implementation of new initiatives or innovations caused by the current IT architecture and systems
- 9. • High level of end-user computing, creating (among other issues) a lack of oversight and quality control over the applications that are being developed and put in operation • Business departments implementing their own information solutions with little or no involvement of the enterprise IT department • Ignorance of and/or noncompliance with security and privacy regulations • Inability to exploit new technologies or innovate using I&T • Regular issues with data quality and integration of data across various sources • Gap between business and technical knowledge
- 10. Trigger events • Merger, acquisition or divestiture • Shifts in the market, economy or competitive position • Changes in business operating model or sourcing arrangements • New regulatory or compliance requirements • Significant technology change or paradigm shifts • Enterprise wide governance focus or project • External audit or consultant assessments • New business strategy or priority • Desire to significantly improve the value gained from I&T
- 12. Cobit 5 vs Cobit 2019 Comparation Cobit 5
- 13. Cobit 5
- 14. Cobit 5
- 15. Cobit 5
- 16. Cobit 5
- 17. Cobit 5
- 18. bit 5
- 19. Cobit 5
- 21. Cobit 5
- 22. Cobit 5
- 23. Cobit 5
- 24. B. Component: Organizational Structures Cobit 5
- 25. C. Component: Information Flows and Items Cobit 5
- 28. Cobit 5
- 29. Cobit 5
- 30. Cobit 5
- 31. 11 Factors
- 32. Focus Areas • Examples of focus areas include small and medium enterprises, cybersecurity, digital transformation, cloud computing, privacy, and DevOps • A number of focus area content guides are in preparation, and the set will continue to evolve. For the latest information on currently available and pending publications and other content, please visit www.isaca.org/cobit.
- 40. 11 Factors
- 43. Factor 1 - Enterprise Strategy
- 44. Factor 2 -Understand Enterprise Goals
- 45. Factor 3- Understand the Risk Profile
- 50. Factor 4- Understand Current I&T-Related Issues
- 51. Factor 5- Threat Landscape Consider the Threat Landscape (Design Factor 5)
- 52. Factor 6 – Compliance Requirements
- 53. Factor 7- Role of IT
- 55. Factor 8 - the Sourcing Model for IT
- 56. Factor 9 IT Implementation Methods
- 59. Factor 10 Technology Adoption Strategy
- 60. Factor 11 Enterprise Size 13 26 At the time of publication of the COBIT® 2019 Design Guide: Designing an Information and Technology Governance Solution, the small and medium enterprise focus area content was in development and not yet released.
- 63. Enterprise Strategy (Design Factor 1)