Portfolio, Program and Project Management Using COBIT 5

Similar documents
ISACA All Rights Reserved.

September 17, 2012 Pittsburgh ISACA Chapter

CISA, CISM, CGEIT, CRISC, CISSP, ABCI, AMIIB, MCA, PMP

Project Management Process Groups. PMP Study Group Based on the PMBOK Guide 4 th Edition

and COBIT 5 ISACA STRATEGIC ADVISORY BOARD VICE PRESIDENT STRATEGY & INNOVATION CA TECHNOLOGIES 2012 ISACA. All Rights Reserved.

If It s not a Business Initiative, It s not COBIT 5

Annex 1 (Integrated frameworks on Business/IT alignment) Annex 2 Goals Cascade, adapted from COBIT5

National Stock Exchange of India Limited

Project Management Processes A process is a set of interrelated actions and activities performed to create a product, service, or result

Evidence Management for the COBIT 5 Assessment Programme By Jorge E. Barrera N., CISA, CGEIT, CRISC, COBIT (F), ITIL V3F, PMP

The 9 knowledge Areas and the 42 Processes Based on the PMBoK 4th

Borderlink Resources Limited.

PMP PMBOK Guide Sixth Edition Training Course Agenda

Project Management Processes

Agenda. PMBOK Guide Third Edition. PMI Standards Background. PMI Life Cycle Plan for Standards. Presented by Kevin Chui, PMP. How Did We Get Here?

COBIT 5 for Information Security. Dr. Derek J. Oliver Co-Chair, COBIT 5 Task Force

CGEIT Certification Job Practice

Project Management International Organization for Standardization ISO 21500:2012(E) v.2

2012 ISACA. All rights reserved. No part of this publication may be used, copied, reproduced, modified, distributed, displayed, stored in a retrieval

Selftestengine COBIT5 36q

PMP TRAINING COURSE CONTENT

PMP PMBOK 5 th Edition Course Agenda

Project Management Framework with reference to PMBOK (PMI) July 01, 2009

Braindumps COBIT5 50q

PMBOK Guide Sixth Edition Updates and Agile Alignment By Tony Johnson July 2017

Feature. Unlocking Hidden Value in ERP System Acquisitions Using Risk Management. Risk. Monitoring. Residual Risk Acceptance.

Translate stakeholder needs into strategy. Governance is about negotiating and deciding amongst different stakeholders value interests.

Driving Enterprise IT Strategy Alignment and Creating Value Using the COBIT 5 Goals Cascade

Project Management Professional

INTEGRATION of PROJECT MANAGEMENT and SYSTEMS ENGINEERING

Call for Articles. By Sudarsan Jayaraman, CISA, CISM, BS LA, COBIT (F), ITIL V3 Expert, ISO LA, ISO LA, ISO 9001 LA

Mentored Course Plan PMP (2013 version)

Intensive Course Plan CAPM 5 (2013 version)

Project Management Professional Training

Successful Project Management. Overview Houston Community College Fall, 2017

Organizational Project Management Maturity Model 3 (OPM3)

Summary of 47 project management processes (PMBOK Guide, 5 th edition, 2013)

ISO/IEC Process Mapping to COBIT 4.1 to Derive a Balanced Scorecard for IT Governance

LookingGlass - Project Management Professional Exam Prep (PMP01)

Knowledge Areas According to the PMBOK edition 5. Chapter 4 - Integration

THE STANDARD FOR PROGRAM MANAGEMENT

PMP 2 Days Classroom Training


S O Seminar Objective

Comparing PMBOK Guide 4 th Edition, PMBOK Guide 5 th Edition, and ISO 21500

Does your organization Establish Career Path for all Organizational Project Management Roles"?

COBIT 5. COBIT 5 Online Collaborative Environment

BASICS of CONSTRUCTION PROJECT MANAGEMENT

Technology s Role in Enterprise Risk Management

Comparison of ISO Draft Version and PMBOK Guide 4 th Edition 1

Project Management Institute (PMI) Practice Standard for Configuration Management

Project Management Professional(PMP ) Course

COBIT 5.0: Capability Level of Information Technology Directorate General of Treasury

Facilitated Methods: Division of Blash Enterprises Inc. Copyright 2017 All rights reserve. Greta Blash, PMP, PMI-ACP, PMI-PBA Facilitated Methods

COBIT 5: IT is complicated. IT governance does not have to be

COBIT 5. COBIT 5 Online Collaborative Environment

Ice s

Project Management Body of Knowledge (PMBOK)

Comparison of ISO and PMBOK Guide 1

COBIT 5. COBIT 5 Online Collaborative Environment

Governance and Management of Information and Related Technologies Guide. Prepared for Jordan Ahli Bank

Information and Technology. Governance. System for

Achieving Business/IT Alignment through COBIT 5

The Agile PMP Teaching an Old Dog New Tricks

PMBOK 2012 FIFTH EDITION CHANGES

Table of Contents. Introduction xxv. Assessment Test xxxvi. Chapter 1 What Is a Project? 1. Is It a Project? 2. Projects versus Operations 3

International Diploma in Project Management. (Level 4) Course Structure & Contents

Objectives of Project Management Framework. What are the Characteristics Of Project. Activities involved Project Management

Benchmarking of COBIT 5 PAM Assessments Performed in Brazilian Public Sector Banking Organizations

The Standard for Program Management

GUIDE TO THE CHANGES IN PMP simpl learn i

Compiled by Rajan Humagai

Information Technology Project Management, Eighth Edition. Note: See the text itself for full citations.

Project Management Professional (PMP) Boot Camp

Making it Happen: How Project Managers Drive Strategic Alignment and Strategy Execution. Jacob Parrish, MPH, PMP Vice President, Systems & Procedures

Comparing PMBOK Guide 4 th Edition, PMBOK Guide 5 th Edition and ISO 21500

Course outline Introduction to project management The project management process groups Project initiation

Managing Project Politics and Personalities Scott Bailey, MBA, PMP, SSGB

Project Management Training Brochure

PMBOK SIXTH EDITION CHANGES

Changes Reviewed by Date. JO Technology Manager - Samer Huwwari JO Manager, Risk & Control Technology: Issa Laty. CIO, Jordan- Mohammad Aburoub

Integration Mgmt / Initiating Process Group 4.1 Develop Project Charter

PROJECT MANAGEMENT OVERVIEW

Implementation of Service Integration in a Multiprovider Environment Using COBIT 5

PMI: Certified Associate in Project Management (CAPM)

Project Management Professionals

Project Management Advisory Board Deep Dive Study of Program Management

PgMP Exam Prep Training - 4 Days

Catching Fraud During a Recession Through Superior Internal Controls. FICPA s 25 th Annual Accounting Show. J. Stephen Nouss September 29, 2010

Guidance on project management

OPM3 Engagements Process

Leadership Lessons from Agile and PMI s PM-2. Tim Kloppenborg, PhD, PMP Marcie Lensges, PhD

Project Cost Management

Overview Webinar V6.0. Taken from A Guide to the Project Management Body of Knowledge, (PMBOK Guide) Sixth Edition, 2017

Project Management Professional (PMP) Certification Exam Preparation Program Course Outline with Outcomes

Auditing Project Management

Does This Come With Instructions?

Appendix. Process Inputs and Outputs

PMP Q&As. Project Management Professional. Pass PMI PMP Exam with 100% Guarantee. Free Download Real Questions & Answers PDF and VCE file from:

Putting the E in EPMO. Agenda. Context. Typical Project Office Implementations. Real World Examples. Open Forum. Stephen Beise PPM Domain Leader

Transcription:

DISCUSS THIS ARTICLE Portfolio, Program and Project Using COBIT 5 By Sunil Bakshi, CISA, CRISC, CISM, CGEIT, ABCI, AMIIB, BS 25999 LI, CEH, CISSP, ISO 27001 LA, MCA, PMP COBIT Focus 11 September 2017 Many organizations attribute their success to being able to execute their strategic goals and objectives. Execution will be successful if it is measured and if corrective actions are taken at appropriate times when there are deviations. Thus, there has to be a plan that should enable measurement, help track progress and enable corrective action to be taken at the right time to keep the execution on track. One such tool that enables the organization to track its execution is a portfolio/program/project management tool. A program is group of projects that are working toward achieving one goal. Among the skills that every organization requires, program and project management skills are important and find pride of place. Successful project management requires adoption of a structured approach to deal with projects, programs and portfolios. Hence, it is important for the organization to establish the practice of portfolio/program/project management and provide it with top management support. Establishment of a portfolio/program/project practice will enable the organization to reduce, if not eliminate, unsuccessful projects that cost organizations dearly in terms of time, expense and quality of deliverables meeting stakeholders expectations. Organizations can learn from the experiences of other organizations in different industries, so it would be useful for organizations to adopt globally accepted best practices in the form of a defined organizational framework for program and project management. An ideal framework would be one based on the Project Institute s (PMI) A Guide to the Project Body of Knowledge (PMBOK Guide) or Projects in led Environments (PRINCE2) version 2. As technology pervades every sphere of activity in life, businesses, too, are heavily dependent on leveraging technology to capture their customers attention. Increasing dependency on information and related technology requires an organization to initiate and execute various programs for adopting and leveraging technology-based solutions. The portfolio of IT-related programs and projects is becoming larger. Considering the investment in IT solutions, it is appropriate for organizations to adopt IT governance practices based on the International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC) ISO/IEC 38500 Information technology Governance of IT for the organization standard, using COBIT 5 as a framework. This article has mentioned 2 standards already, and a couple of questions come to mind: Should organizations need to adopt many standards? Can COBIT 5 help program and project management frameworks? Since the PMBOK Guide is a widely accepted knowledge base that is used by organizations, mapping its structure with COBIT 5 provides an answer to these questions. This article provides direction on how to map COBIT 5 with the PMBOK Guide knowledge base by describing PMI s PMBOK Guide and COBIT 5, then comparing both. 1 P a g e

Planning PMI s Knowledge Base PMI has done research in the practices of program and project management and PMBOK Guide has become a de facto industry standard. Typically, organizations use standards published by PMI to define a portfolio, program and project management framework (figure 1). Figure 1 PMI Publications Name of Publication A Guide to the Project Body of Knowledge 5 th Edition T he Standard for Program 3 rd Edition T he Standard for Portfolio 3 rd Edition Organizational Project Maturity Model (OPM3) 3 rd Edition Each of these publications focuses on providing knowledge and guidance on specific aspects of the project management framework and helps the reader to understand the intricacies of portfolio, program and project management. PMBOK Guide describes 47 processes for project management, grouped in 5 process groups, illustrated in figure 2. Figure 2 PMBOK Guide Process Groups Process Group Description Initiating Processes for initiating a project Planning Processes for planning a project Executing Processes for executing project ling and Monitoring Processes for controlling and monitoring progress of project. Typically works iteratively with the executing process group. Closing Processes for closing and documenting lessons learned Source: Excerpted from PMI, A Guide to the Project Body of Knowledge 5 th Edition, p. 49 The relationship of these process groups with the project management life cycle is depicted in figure 3. Figure 3 Project Life Cycle (From PMBOK Guide) Start Initiating Closing End Executing ling and Monitoring Source: Adapted from from PMI, A Guide to the Project Body of Knowledge 5 th Edition, p. 50 2 P a g e

The list of processes in each process group is shown in figure 4. Figure 4 Process Groups and Processes Process Groups Initiating Planning Executing ling Closing 1. Develop Project Charter 1. Develop Project Plan 1. Direct and Manage Project Execution 1. Monitor and Project Work 1. Close Project or Phase 2. Identify Stakeholders 2. Plan Scope 2.Perform Quality Assurance 2. Perform Integration Change 2. Close 3. Collect requirements 3. Acquire Project Team 4. Verify Scope 4. Define Scope 4.Development Project Team 5. Scope 5. Create Work Breakdown Structure (WBS) 6. Plan Schedule 7. Define Activities Definition 8. Sequence Activities 9. Estimate Activity Resources 10. Estimate Activity Durations 11. Develop Schedule 12 Plan Cost 13. Estimate Cost 14. Determine Budget 15. Plan Quality 5. Manage Project Team 6. Manage Communications 7. Conduct 8. Manage Stakeholder Engagement 6. Schedule 7. Cost 8. Quality 9. Communications 10. Risk 11. 12. Stakeholder Engagement 3 P a g e

Process Groups Initiating Planning Executing ling Closing 16. Plan Human Resources 17. Plan Communications 18. Plan Risk 19. Identify Risk 20. Perform Qualitative Risk Analysis 21. Perform Quantitative Risk Analysis 22. Plan Risk Responses 23. Plan 24. Plan Stakeholder The processes are also grouped into 10 knowledge areas as described in figure 5. Figure 5 Knowledge Areas and Associated Processes Knowledge Areas Processes Integration Develop Project Charter Develop Project Plan Direct and Manage Project Execution Monitor and Project Work Perform Integratio n Change Close Project or Phase Scope Plan Scope Collect Requirements Create Work Breakdown Structure Define Scope Verify Scope Scope Time Plan Schedule Define Activities Definition and Sequence Activities Estimate Activity Resources Estimate Activity Durations Develop Schedule Schedule 4 P a g e

Knowledge Areas Processes Cost Plan Cost Estimate Cost and Determine Budget Cost Quality Plan Quality Perform Quality Assurance Quality Human Resources Plan Human Resources Acquire Project Team Development Project Team Manage Project Team Communica tions Plan Communicat ions Manage Communicati ons Communicati ons Risk Plan Risk Identify Risk Perform Qualitative Risk Analysis Perform Quantitative Risk Analysis Plan Risk Response s Risk Procuremen t Plan Procurement s Conduct Close Figure 6 describes the relationship of project, program and portfolio management required at the organization level. Figure 6 Project at the Organization Level Projects Program Portfolio Scope Projects have defined objectives. Scope is progressively elaborated throughout the project life cycle. Programs have a larger scope and provide more significant benefits. Portfolios have an organizational scope that changes with the strategic objectives of the organization. Change Project managers expect change and implement processes to keep change managed and controlled. Program managers expect change from both inside and outside the program and are prepared to manage it. Portfolio managers continuously monitor changes in the broader internal and external environment. Planning Project managers progressively elaborate high-level information into detailed plans Program managers develop the overall program plan and create high-level plans to guide Portfolio managers create and maintain necessary processes and communication relative to the 5 P a g e

throughout the project life cycle. detailed planning at the component level. aggregate portfolio. Project managers manage the project team to meet the objectives. Program managers manage the program staff and project managers. They provide vision and leadership. Portfolio managers manage or coordinate portfolio staff (or program/project staff) responsible for the aggregate portfolio. Success Success is measured by product and project quality, timeliness, budget compliance and degree of customer satisfaction. Success is measured by the degree to which the program satisfies the needs and benefits for which it was undertaken. Success is measured in terms of the aggregate investment performance and benefit realization of the portfolio. Monitoring Project managers monitor and control the deliverables of the project as per objectives. Program managers monitor the progress of program components to ensure that the overall goals, schedule, budget and benefits shall be met. Portfolio managers monitor strategic changes and aggregate resource allocation, performance results and risk of the portfolio. Source: Adapted from PMI, A Guide to the Project Body of Knowledge 5 th Edition, p. 8 The PMI standards and body of knowledge describe the processes and activities in detail in the publications mentioned earlier. Mapping With COBIT 5 COBIT 5 is a comprehensive IT governance framework. Project management is a subset of overall IT governance. Figure 7 shows the overall framework of IT governance. Figure 7 ISO/IEC 38500:2008 IT Governance Model 6 P a g e

Source: Adapted from International Organization for Standardization ISO 38500 COBIT 5 can be used as a benchmark for reviewing and implementing governance and management of enterprise IT. It has a set of 5 principles and 7 enablers that are the building blocks of the framework. These principles and enablers make COBIT 5 an effective tool for implementing governance of enterprise IT (GEIT) and help enterprises in various ways, such as simplifying complex issues, delivering trust and value, managing risk, reducing potential public embarrassment, protecting intellectual property, and maximizing opportunities. The 5 principles of COBIT 5 (figure 8) are applicable to program and project management: 1. Meeting stakeholder needs The programs and projects are part of enterprise ecosystems and are initiated considering stakeholder needs from the enterprise. 2. Covering enterprise end-to-end The program and project management framework is common for the entire enterprise, including IT. COBIT 5 is also a framework that covers enterprise IT. 3. Applying a single integrated framework COBIT 5 addresses program and project management. 4. Enabling a holistic approach This principle covers 7 enablers, including governance resources and management resources, which are also part of the program and project management framework. 5. Separating governance from management This helps in differentiating portfolio management, which is more a governance function, from program and project management, which are more operational. Figure 8 Five Principles of COBIT 5 7 P a g e

Source: ISACA, COBIT 5, USA, 2012 The 7 enablers of COBIT 5 are also associated with the program and project management (figure 9): Principles, policies and frameworks Organizations need to define policies, procedures and guidelines for program and project management based on the organizations principles. Processes COBIT 5 defines 37 generic processes. Although process BAI01 Manage programs and projects is directly associated with program and project management, there are other processes also required for establishing a framework. Organizational structures This refers to the key decision-making entities in an enterprise, including portfolio, program and project management. Culture, ethics and behavior The culture, ethics and behavior of individuals and of the enterprise are very often underestimated as a success factor in governance and management activities. Information It is pervasive throughout any organization and includes all information produced and used by the enterprise. Information is required for keeping the organization running and well governed, including portfolio, program and project management. Services, infrastructure and applications These include the infrastructure, technology and applications that are required for executing projects, and often projects outcomes generate services and applications that shall be hosted for the benefit of organizations. People, skills and competencies These are linked to people and are required for the successful completion of programs and projects. Figure 9 Seven Enablers of Governance 8 P a g e

Source: ISACA, COBIT 5, USA, 2012 COBIT 5 Process Reference Model COBIT 5 contains a process reference model (figure 10) consisting of 37 generic processes required for the governance and management of enterprise IT. These processes are organized in 5 groups: 1. Evaluate Direct and Monitor (EDM) 2. Align, Plan and Organize (APO) 3. Build, Acquire and Implement (BAI) 4. Deliver, Service and Support (DSS) 5. Monitor, Evaluate and Assess (MEA) Figure 10 COBIT 5 Process Reference Model 9 P a g e

Source: ISACA, COBIT 5, USA, 2012 These processes are described in detail in COBIT 5: Enabling Processes. The COBIT 5 process reference model subdivides the IT-related practices and activities of the enterprise into 2 main areas governance and management with management further divided into domains of processes: The governance domain contains 5 governance processes. Within each process, Evaluate, Direct and Monitor (EDM) practices are defined. The management domains are in line with the responsibility areas of Plan, Build, Run and Monitor (PBRM). COBIT 5: Enabling Processes consists of: A process description, which describes the process function A process purpose statement, which describes the objectives of the process IT-related goals, which are applicable for the process and are derived from business goals. Each ITrelated goal is associated with a set of generic measurement metrics for measuring performance. Process goals, which are derived from process goals cascaded from IT and business goals. Each process goal is associated with or related to a set of generic metrics. Each process contains a set of management practices that may be considered as subprocesses. These are associated with a generic responsible, accountable, consulted and informed (RACI) chart. The RACI charts of COBIT 5 use functional descriptions to define generic positions. Organizations should customize these to reflect the positions preidentified in their own organization chart. Each management practice contains a set of inputs and outputs required for the process and associated with a set of activities. Governance processes are common across the organization and are applicable for portfolio, program and project management areas. From other process groups (excluding BAI01), other processes are partially applicable for program and project management. Mapping COBIT 5 and PMI Standards Although it may not be possible to cover an entire mapping in the scope of this article, the following approach has been adopted to carry out mapping. The steps to be followed for mapping are: 1. Identify the processes from the COBIT 5 process reference model that are required for portfolio, program and project management. This can be done by looking into the activities defined by the different processes. 2. Identify the matching activities from the PMI standards (figure 1) for portfolio, program and project management. 3. Map these activities with the activities of the identified COBIT processes. 4. Identify work products (input and output). 5. Prepare a RACI chart for each. 6. Identify gaps, i.e., activities of PMI that do not match with COBIT 5 and COBIT 5 activities that do not have a matching activity in the PMI standards. This approach will help ensure that all activities defined by PMI standards are getting mapped within COBIT 5. A word of caution: These frameworks need to be adapted to the organization s ways of working, which are dictated by its customers needs. Care must be taken to not let the framework jeopardize business. Conclusion Mapping of COBIT 5 with PMI standards is useful in providing assurance that the COBIT 5 framework can be used as an single integrated framework across organizations. This is an initial article; more will follow as different processes are mapped. Sunil Bakshi, CISA, CRISC, CISM, CGEIT, ABCI, AMIIB, BS 25999 LI, CEH, CISSP, ISO 27001 10 P a g e

LA, MCA, PMP Has worked in IT, IT governance, IS audit, information security and IT risk management. He has 40 years of experience in various positions in different industries. Currently, he is a freelance consultant and visiting faculty member at the National Institute of Bank, India. 11 P a g e

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback