Presentation is loading. Please wait.

Presentation is loading. Please wait.

How to use C OBI T implementation resources Brian Selby Director of C OBI T Initiatives ISACA.

Published byBrittney Aubrey Carson Modified over 8 years ago

Similar presentations

Presentation on theme: "How to use C OBI T implementation resources Brian Selby Director of C OBI T Initiatives ISACA."— Presentation transcript:

1 How to use C OBI T implementation resources Brian Selby Director of C OBI T Initiatives ISACA

2 2 Introduction This session will introduce the ITGI resources created to help an enterprise with the C OBI T implementation process: –C OBI T Quickstart; –IT Governance Implementation Guide; and –C OBI T Online. There will be time for an open discussion to cover C OBI T implementation questions, approaches and experiences at the end of the session

3 3 C OBI T Components A reminder:

4 4 C OBI T Quickstart In examining the contents of this publication, we will review: –Quickstart purpose and audience and –Quickstart suitability tests; –Quickstart controls baseline; –Quickstart diagnostic tables

5 5 Quickstart purpose C OBI T QuickStart is designed to assist in rapid and easy adoption of the important elements of C OBI T. It is a summarized version of C OBI T resources. It focuses on key IT processes, control objectives, and metrics and helps users gain the benefits of C OBI T quickly.

6 6 Quickstart audience COBIT QuickStart is aimed at small and medium sized enterprises (SMEs), and other entities where: – IT is not strategic or absolutely critical for survival – Breadth and depth of COBIT is too detailed or too time consuming to analyze and focus on initially

7 7 Quickstart suitability tests Quickstart provides two tests to assess an enterprise’s suitability for implementing control over IT based on the Quickstart set of controls: –Test 1: ‘Stay in the blue zone’, helps assess enterprise suitability to use Quickstart –Test 2: ‘Watch the heat’, looks for any need to go beyond Quickstart for specific business reasons

8 8 Quickstart controls baseline COBIT QuickStart provides a baseline of control objectives. In large organizations, the baseline is a useful tool to accelerate adoption of governance best practices. The summarized baseline (as compared to COBIT): Domains Processes Control Obj’s QuickstartC OBI T 44 34 318 30 62

9 9 Quickstart diagnostic tables Appendix I of the publication provides two diagnostic tables to help quickly identify the controls that need to be addressed –The first table links risk factors to IT governance aspects and Technology issues; –The second table links Quickstart control objectives to the same IT governance aspects and Technology issues

10 10 IT Governance Implementation Guide In examining the contents of this publication, we will: –Understand the overall approach; –Look at the links to the IT governance picture; –Walk through the implementation road-map; –Look at the steps involved; –Review the supporting toolkit

11 11 Guide Overview An educational resource for boards of directors, executive management and information technology control professionals. The guide presents a generic methodology that addresses: –Why IT governance is important; –How COBIT ids linked to IT governance; –Implementing IT governance using COBIT

12 12 IT Governance value propositions

13 13 Overall approach The approach is to create strategies for business value and risk analysis. It involves gap analysis by looking at As-is and To-be positions leading to project identification and initiation.

14 14 Link to the ITGI IT governance domains

15 15 Link to the ITGI IT governance domains

16 16 Implementation Guide roadmap assists different stakeholders with a detailed roadmap that helps the organization in implementing its IT governance needs. ensures that the focus is on business needs when improving control and governance of IT processes. represents a project that can be fairly large and that requires strict project management practices and thorough management involvement and oversight. a “bootstrap” for IT governance, after which the enterprise should move into a continuous IT governance cycle, reusing the elements of this road map as required.

17 17 Implementation Guide roadmap The roadmap provides the identification of COBIT components to be leveraged during an implementation action plan, from initial needs identification phase all the way through to the implementation of the solution, passing through envisioning and planning phases.

18 18 Implementation Guide steps Each of the four phases of the implementation action plan are introduced with the steps to be taken, the suggested roles of the major enterprise stakeholders and the COBIT support available. All 12 steps are presented in detail, with: –Process step name and reference; –Process objective; –Process (description); –Tasks; –Input; –Using COBIT components; –Output; –Tool kit support

19 19 Implementation Guide steps Phase 1 – Identify Needs –Step 1: Raise Awareness and make Decision on Approach –Step 2: Analyse values –Step 3: Analyse risks –Step 4: Select Target IT Processes Phase 2 – Envision Solution –Step 5: Define where you are –Step 6: Define where you want to be –Step 7: Analyse Gaps

20 20 Implementation Guide steps Phase 3 – Plan solution –Step 8: Define Projects –Step 9: Develop Improvement Plan Phase 4 – Implement Solution –Step 10: Integrate into Day-to-day practices –Step 11: Integrate measures into IT Balanced Scorecard –Step 12: Post-implementation Review

21 21 Implementation Tool Kit Implementation Guide identifies COBIT components and provides tool kit items to support the completion of each Roadmap action plan phase and step.

22 22 The tool kit material comes on a ‘Supplemental tools and materials’ CD: Implementation Tool Kit

23 23 A tool I found particularly useful.. I facilitated use of a management awareness spreadsheet tool with an IT management team and got good buy in to the collective results obtained..

24 24 C OBI T Online In looking at C OBI T Online we will learn: –How to access, filter and download the C OBI T content needed; –How to benchmark your organization against others; –How to participate in the C OBI T Online user community

25 25 C OBI T Online Overview C OBI T Online presents C OBI T knowledge in a uniform and user-friendly fashion. It is a web-based multi-user browsing, searching, sharing and assessment tool. It supports downloads (text, forms, database), benchmark comparisons and gap analysis. It serves as an interface to maintain C OBI T content & implement future versions by recording filtered feedback information, capturing expert knowledge, providing frequent online updates and automatic print production.

26 26 C OBI T Online access Access to C OBI T Online section is by subscription Subscription options available: –Baseline (also, Basic subscriber – an ISACA member benefit) ; –Full Subscriber –Full Subscriber + Benchmarking For full details, follow the links from the ISACA or ITGI home pages

27 27 Welcome to C OBI T Online

28 28 5 C OBI T Online components Browsing - provides online search and extract access to C OBI T content over the Internet; Benchmarking - enables users to input values for their enterprise and compare them against other user data; Feedback & surveys - user feedback can bee provided from any screen. A survey feature is included to allow ISACA/ITGI to obtain feedback on specific topics from users; Community - available for users to meet, post questions, reply to questions and exchange experiences; Help - FAQ, glossary, search and email support are available on each page and are easy to navigate and search

29 29 COBIT Online demonstration Lets take a look at the real thing … access, filter and download COBIT content; benchmark your organization against others; participate in the COBIT Online user community

30 30 The ‘bad’ news … Implementing COBIT is done to address different issues in different enterprises –Different enterprises have different control cultures, risk tolerance profiles and legal and regulatory compliance requirements –Each enterprise has unique priorities and resource constraints to manage So, implementing C OBI T has to be an initiative that is specifically tailored to address these issues in each enterprise.

31 31 The good news … There are quality resources available to support the tailored implementation of C OBI T The summarized COBIT information in Quickstart, the roadmap action plan in the IT Governance Implementation Guide and the accessibility and flexibility of C OBI T Online are a powerful combination

32 32 Q&A roundtable What questions do you have on the implementation resources we have looked at? Do you have any feedback to share on your C OBI T implementation approaches or experiences? ????????

33 33 For More Information: Brian Selby Director of C OBI T initiatives ISACA bselby@isaca.org

34 Thank you!

Download ppt "How to use C OBI T implementation resources Brian Selby Director of C OBI T Initiatives ISACA."

Similar presentations

PQF Induction: Small group delivery or 1-1 session.

PQF Induction: Small group delivery or 1-1 session.
Business Improvement Review Knowledge Understanding Action.

Business Improvement Review Knowledge Understanding Action.
Migrant Education Comprehensive Needs Assessment

Migrant Education Comprehensive Needs Assessment
Develop an Information Strategy Plan

Develop an Information Strategy Plan
Alignment of COBIT to Botswana IT Audit Methodology

Alignment of COBIT to Botswana IT Audit Methodology
Instant Business Improvement “Managing Operational Performance”

Instant Business Improvement “Managing Operational Performance”
Using training packages to meet client needs Facilitator: Gerard Kell.

Using training packages to meet client needs Facilitator: Gerard Kell.
<<Date>><<SDLC Phase>>

<<Date>><<SDLC Phase>>
Strategy 2022: A Holistic View Tony Hayes International President ISACA 2013-2014 © 2012, ISACA. All rights reserved.

Strategy 2022: A Holistic View Tony Hayes International President ISACA © 2012, ISACA. All rights reserved.
Jim Johnson Amy Harper. congress.nsc.org Shared Challenge: Moving the Curve No. Companies Safety Performance Voluntary ParticipationEnforcement Motivate.

Jim Johnson Amy Harper. congress.nsc.org Shared Challenge: Moving the Curve No. Companies Safety Performance Voluntary ParticipationEnforcement Motivate.
SC2 meeting 24 November 2014 Security Measures and Resources Toolbox

SC2 meeting 24 November 2014 Security Measures and Resources Toolbox
Www.isaca-malta.org Roger Southgate Past President of ISACA London Chapter Member of the BSI Committees for Service Management and IT Governance Leader.

Roger Southgate Past President of ISACA London Chapter Member of the BSI Committees for Service Management and IT Governance Leader.
By Collin Smith http://techinitiatives.blogspot.com COBIT Introduction By Collin Smith http://techinitiatives.blogspot.com.

By Collin Smith COBIT Introduction By Collin Smith
Rational Unified Process

Rational Unified Process
Quality evaluation and improvement for Internal Audit

Quality evaluation and improvement for Internal Audit
Certified Business Process Professional (CBPP®)

Certified Business Process Professional (CBPP®)
Orientation to the Physical Education K to 7 Integrated Resource Package 2006.

Orientation to the Physical Education K to 7 Integrated Resource Package 2006.
Your High-Level Overview of the Components Provided by ESP Solutions Group Disaster Prevention and Recovery.

Your High-Level Overview of the Components Provided by ESP Solutions Group Disaster Prevention and Recovery.
Software Engineer Report What should contains the report?!

Software Engineer Report What should contains the report?!
1-2 Training of Process FacilitatorsTraining of Coordinators 3-1.

1-2 Training of Process FacilitatorsTraining of Coordinators 3-1.

Similar presentations

Ads by Google