Presentation is loading. Please wait.

Presentation is loading. Please wait.

ITIL & COBIT O6PLM Kevin Lisay – Rendy Winarta –

Published byLucy Oliver Modified over 8 years ago

Similar presentations

Presentation on theme: "ITIL & COBIT O6PLM Kevin Lisay – Rendy Winarta –"— Presentation transcript:

1 ITIL & COBIT O6PLM Kevin Lisay – 1501147113 Rendy Winarta – 1501149226
Steven Ekaputranto Stefani Trifosa – Gladys Natalia –

2 Background Information Technology is a thing that can’t be missed in this modern world. Effectiveness and efficiency that IT offers are great and gives so much benefit. Any company especially the big one can’t endure to use IT nowadays. In order to make the structure of IT operates really well, many of company use ITIL (Information Technology Infrastructure Library), which is a set of document a set of documents which defines best practices and accepted techniques in Information Technology community. Also COBIT (Control objectives for information and related technology) that helps top tier user (managers, IT professionals and assurance professionals) develop IT itself.

3 Scope Implementation of Information Technology Infrastructure Library.
Implementation of Control Objective for Information and Related Technology. Differences between Information Technology Infrastructure Library and Control Objective for Information and Related Technology.

4 What is ITIL (Information Technology Infrastructure Library)
ITIL is the most widely adopted approach for IT Service Management in the world. It provides a practical, no-nonsense framework for identifying, planning, delivering and supporting IT services to the business.

5 COBIT? (Control objectives for information and related technology)
A model designed to control the IT function. This model was originally developed by the Information System Audit and control foundation (ISACF). COBIT support IT governance by providing a comprehensive description of the control objectives for IT processes and by offering the possibility of examining the maturity of these processes.

6 Implementation of Information Technology Infrastructure Library.

7 1.Process Implementation
Objective The objective of this document is to provide a template for developing process implementation plans that will be usable across a wide range of diverse organizations Program Management

8 2. Process Implementation Projects
Process, People And Technology (The Integrated Project Plan) Project Timelines Expected Project Deliverables Implementation Roles Process Owner Core Process Team Stakeholder Groups And Subject Matter Experts Internal and External Process Advisors Pink Elephant Consulting Roles High Level Process Model Development

9 3. Process Embedding Strategy
Process Workshops / Training Develop Lesson Plans Schedule Workshop And Process Embedding Date Coaching Period Initial Process Review And Adjustment Detailed Activities (Project Check List) People Involved Awareness Campaign Systems Implementation Activities Support Tools Post Implementation and Audit Other Considerations

10 4. Evaluationof The Project
Post Project Review Auditing Using Quality Parameters Generic Quality Parameters for IT Service Management Process Specific Quality Parameters for IT Service Management

11 Implementation of Control Objective for Information and Related Technology.

12 1. Background The bank in the given case is a global conglomerate with operations in more than 50 countries and with more than 125,000 employees across the globe. The bank’s technology teams are located throughout the world to support global lines of business. The IT teams include development centers that are part of the bank and others that are outsourced to vendors, as well as technology back offices that support IT infrastructure and services. The bank had a history of multiple governance and assurance templates and processes followed by different teams, regions and locations. Hence, the key challenge was to create a common governance and assurance process across technology teams.

13 2. Use of COBIT Defining a framework to use—Control objective framework (COF) Identifying a standard definition of ‘entities’ against which risks and controls were to be evaluated—Key entity management model Identifying a risk management process— Risk and control assessment (RCA)

14 Defining COF It should act as a tool to facilitate the effective assessment of risks and controls within technology. It should act as a reporting framework to demonstrate how technology satisfies reporting regulatory requirements, including those of Sarbanes- Oxley. It should act as an aid to drive management assurance. The steps in implementing COF using COBIT included: Identify principal risks Identify level II risks Identify control objectives

15

16 Benefit of Defining COF
Prior to implementing this framework, each entity, organization and location had its own set of controls. COBIT helped in developing and managing a single list of controls for each type of risk through the mapping of needed controls to COBIT. In turn, this assisted with the attestation of each type of risk, which provided confidence to senior executives on the reporting and attestation process. Subsequently, a risk assessment process was developed to define risks and controls. This helped in ensuring that adequate controls were deployed to cover the principal risks and level II risks.

17 Identifying Entities for Managing Risks and Controls
Process entities Supporting services entities Technology entities Project entities

18 Defining and Implementing the RCA Process

19 Training Key Stakeholders
One of the main challenges was to explain the entire process to all of the stakeholders with different backgrounds and understanding of risks and controls and at various locations. The challenge was managed by creating additional training programs at various levels.

20 Differences Between ITIL and COBIT

21 - ITIL - COBIT Control Focused Uses IT Metrics Used by auditors in SOX
Critical Success Factors Includes a discussion of quality Includes a discussion of process maturity Strong concentration on processes Security is a very important component Focused on service delivery Has a broad base of adopting organizations with lessons learned Has an organization certification schema

22 Here is a table explaining COBIT, ITIL, and one other framework (CMMi) for SOX :

23 Another table describing COBIT, ITIL, another framework (CMMi) for non-SOX Objectives

24

25

Download ppt "ITIL & COBIT O6PLM Kevin Lisay – Rendy Winarta –"

Similar presentations

Program Management Office (PMO) Design

Program Management Office (PMO) Design
Enterprise Architecture Rapid Assessment

Enterprise Architecture Rapid Assessment
Developing a Successful Integrated Audit Approach September 14, 2010.

Developing a Successful Integrated Audit Approach September 14, 2010.
Global Congress Global Leadership Vision for Project Management.

Global Congress Global Leadership Vision for Project Management.
Achieve Benefit from IT Projects. Aim This presentation is prepared to support and give a general overview of the ‘How to Achieve Benefits from IT Projects’

Achieve Benefit from IT Projects. Aim This presentation is prepared to support and give a general overview of the ‘How to Achieve Benefits from IT Projects’
Course: e-Governance Project Lifecycle Day 1

Course: e-Governance Project Lifecycle Day 1
Test Automation Success: Choosing the Right People & Process

Test Automation Success: Choosing the Right People & Process
© Sigma (Bookham) Ltd British Computer Society 19 March 2007 'Embedding Benefit Realisation Management – Friends Provident’s experiences Ann Watts – Head.

© Sigma (Bookham) Ltd British Computer Society 19 March 2007 'Embedding Benefit Realisation Management – Friends Provident’s experiences Ann Watts – Head.
Chapter 10 Accounting Information Systems and Internal Controls

Chapter 10 Accounting Information Systems and Internal Controls
Strategy 2022: A Holistic View Tony Hayes International President ISACA 2013-2014 © 2012, ISACA. All rights reserved.

Strategy 2022: A Holistic View Tony Hayes International President ISACA © 2012, ISACA. All rights reserved.
Chapter 5 5-1 © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.
Dr. Julian Lo Consulting Director ITIL v3 Expert

Dr. Julian Lo Consulting Director ITIL v3 Expert
IT Infrastructure Library ITIL vs COBIT. ANDRIAN EDUARD BANGGA IKHSAN BASKARA JOOVANNY PASUHUK RANGGA FAJARULLAH TEAM.

IT Infrastructure Library ITIL vs COBIT. ANDRIAN EDUARD BANGGA IKHSAN BASKARA JOOVANNY PASUHUK RANGGA FAJARULLAH TEAM.
1 LBNL Enterprise Computing (EC) January 2003 LBNL Enterprise Computing.

1 LBNL Enterprise Computing (EC) January 2003 LBNL Enterprise Computing.
Sarbanes-Oxley Compliance Process Automation

Sarbanes-Oxley Compliance Process Automation
Program Management Overview (An Introduction)

Program Management Overview (An Introduction)
By Collin Smith http://techinitiatives.blogspot.com COBIT Introduction By Collin Smith http://techinitiatives.blogspot.com.

By Collin Smith COBIT Introduction By Collin Smith
© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.

© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.
Training.

Training.
project management office(PMO)

project management office(PMO)

Similar presentations

Ads by Google