C**** COBIT. Nootdorp

Similar documents
2012 ISACA. All rights reserved. No part of this publication may be used, copied, reproduced, modified, distributed, displayed, stored in a retrieval

September 17, 2012 Pittsburgh ISACA Chapter

and COBIT 5 ISACA STRATEGIC ADVISORY BOARD VICE PRESIDENT STRATEGY & INNOVATION CA TECHNOLOGIES 2012 ISACA. All Rights Reserved.

COBIT 5: IT is complicated. IT governance does not have to be

Teijin Aramid. Onze route naar duurzaamheid een (energie) transitie. Danielle van Woerden CSR officer

Eat. Research Lotte Vos & Sophie van Werven

Samenvattingen Technische Bedrijfskunde. Supply Chain Management H1, 3 & 10

Enterprise Governance of IT

Audit Research Summaries

COBIT 5. COBIT 5 Online Collaborative Environment

COBIT 5 for Information Security. Dr. Derek J. Oliver Co-Chair, COBIT 5 Task Force

COBIT 5. COBIT 5 Online Collaborative Environment

ISACA All Rights Reserved.

ADVANCED ANALYTICS & OPTIMIZATION IS KEY TO INNOVATE AND OUTPERFORM QUANTS ANALYTICS TECHNOLOGY ACADEMY

Cobit 5! Not just for your Auditor!! Fusion (Cobit as an approach to Business & IT Alignment)! Integra(on

IT and Security Governance. Jacqueline Johnson

Achieving Business/IT Alignment through COBIT 5

ISO Sustainable Procurement. Karin van IJsselmuide

Audit Research Summaries

3PM²: an integrated approach to enable the execution of organisational strategy

Turnover intention during organizational change

Selftestengine COBIT5 36q

Introduction to COBIT 5

COBIT 5. COBIT 5 Online Collaborative Environment

De berekening op basis van stikstofemissies gaat uit van de componenten ammoniak (NH3) en/of stikstofoxide (NOx).

Utilizing natural qualities for regional economic development

Nooit meer bang voor de auditor!

THE NEW ISO STANDARDS ON MANAGEMENT SYSTEMS & THE EFQM EXCELLENCE MODEL

Report Builder and PerformancePoint 2013 Combo Pack

CRISP-DM METHODOLOGY CRISP-DM METHODOLOGY. A structured approach for data mining projects

WHEN WILL THE COST REDUCTION KICK IN?

Molecular mechanisms and gene targeting therapies for the Foxp1 syndrome

Annex 1 (Integrated frameworks on Business/IT alignment) Annex 2 Goals Cascade, adapted from COBIT5

Braindumps COBIT5 50q

Audit Research Summaries

Changes Reviewed by Date. JO Technology Manager - Samer Huwwari JO Manager, Risk & Control Technology: Issa Laty. CIO, Jordan- Mohammad Aburoub

Interactive design of regional adaptation strategies. Tessa Eikelboom, Ron Janssen. June Appendix 1 Results Experimental workshops Friesland

Citation for published version (APA): Ab, G. (1968). Eiwitsynthese in een celvrij leversysteem. Groningen: s.n.

ISO/PC 302. Secretariat: ANSI Guidelines for auditing management systems

CGEIT QAE ITEM DEVELOPMENT GUIDE

Information Booklet Naturalization Test (NATEX)

Cegeka Group Company background

MSD Biotech Upstream Processing (USP) Oss Instrument Asset Management IIoT Cloud Analytics Out of the Box

ISO/IEC Process Mapping to COBIT 4.1 to Derive a Balanced Scorecard for IT Governance

Praktijkcase: Integratie Agile en portfoliomanagement

COBIT 5. COBIT 5 Online Collaborative Environment

Creating an Information Delivery Manual to facilitate future cost estimations

The joint influence of personality traits and individual absorptive capacity on innovation activities in SME s

If It s not a Business Initiative, It s not COBIT 5

COBIT 5.0: Capability Level of Information Technology Directorate General of Treasury

Aardappelen Groenten Fruit

Evidence Management for the COBIT 5 Assessment Programme By Jorge E. Barrera N., CISA, CGEIT, CRISC, COBIT (F), ITIL V3F, PMP

CGEIT Certification Job Practice

Translate stakeholder needs into strategy. Governance is about negotiating and deciding amongst different stakeholders value interests.

IT Management & Governance Tool Assess the importance and effectiveness of your core IT processes

JALC User Needs: External Evaluation Report Version 2. Work Package 8

DOWNLOAD PDF SIAM PRINCIPLES AND PRACTICES FOR SERVICE INTEGRATION AND MANAGEMENT

A Case Study Implementing COBIT 5

Voorbeeld. Preview ISO INTERNATIONAL STANDARD

ISO QUALITY MANUAL GIZA SYSTEMS

Chatbot Conference - Utrecht 2018 Building Bots that work

Workshop: Logistiek Informatie Platform Samenwerken in het digitale tijdperk

Price. strategies. the role of. congruence

Voorbeeld. Preview ISO INTERNATIONAL STANDARD

Chapter 4 Results of research

IN REKENING BRENGEN VAN WETTELIJKE VEREISTEN IN HET KADER VAN CERTIFICATIE VOLGENS ISO 14001:2015

Driving Enterprise IT Strategy Alignment and Creating Value Using the COBIT 5 Goals Cascade

Ready for the future? Els Overbergh Office Business Group Lead for Belux

DIGITAL TRANSFORMATION

Feature. Unlocking Hidden Value in ERP System Acquisitions Using Risk Management. Risk. Monitoring. Residual Risk Acceptance.

Implementation of Service Integration in a Multiprovider Environment Using COBIT 5

Service management. The future. Colin Rudd FBCS, CITP, CEng, FLPI, (Copenhagen September 2013)

Assessment of IT Operations. Frameworks* An Overview

An Innovative Test Automation Approach without Making Test Cases

COBIT 5: a bridge too far or a giant leap forward? A view from the field

Portfolio, Program and Project Management Using COBIT 5

Voorbeeld. Preview ISO 930 INTERNATIONAL STANDARD. Spices and condiments Determination of acid-insoluble ash

Voorbeeld. Preview ISO INTERNATIONAL STANDARD. Wood-based panels Wet-process fibreboard Part 2: Requirements

WaterTech and MicroCredit. a perfect match for delivering volume in improving rural economies worldwide

Voorbeeld. Preview. Collaborative business relationship management systems Requirements and framework

Principles, Policies and Frameworks. Processes. Organisational Structures. Culture, Ethics and Behaviour. Information

Meer dan groene chemie

STAMP A SIMPLE GUIDE TO HAZARD ANALYSIS. Michael Killaars Ruby Weener Thom van den Engel Oktober 2016

Voorbeeld. Preview ISO INTERNATIONAL STANDARD. Cranes Stiffness Bridge and gantry cranes

Determinants of risk culture and risk behavior in non-financial organizations.

Procurement Trends 2018

TORWASH sewage sludge treatment

Wageningen UR Livestock Research

CGEIT ITEM DEVELOPMENT GUIDE

IT Audit Process. Prof. Mike Romeu. February 13, IT Audit Process. Prof. Mike Romeu

Establishing a Competitive Intelligence Capability VSB

GEBRUIK VAN DATA IN EN ROND HET ONDERWIJS JOOST N. KOK ELECTRICAL ENGINEERING, MATHEMATICS AND COMPUTER SCIENCE

Log of Changes Implemented to the COBIT 5 Product Family

The psychological contract of low educated unemployed individuals

TOWARDS SUSTAINABLE PARKING: decision making of governmental and commercial stakeholders

Verse moet weer kan herbeset raak as hulle op 2 jaar gekalf het

Voorbeeld. Preview IS I INTERNATIONAL STANDARD. Cranes - Condition monitoring - Part 1: General

Governance and Management of Information and Related Technologies Guide. Prepared for Jordan Ahli Bank

The IT Management Mistakes Report 2016

Startup solutions. En werken we graag samen met u aan de uitdaging hun innovatieve oplossingen een plek te geven in het ambitieuze klimaatbeleid.

Transcription:

C**** COBIT Nootdorp 1

2

APMG accredited APMG accredited Cobit Independent Trainer 3

COBIT5 COBIT5 = 4

Business Proces IT services en infrastructuur 5

6

GEIT 7

COBIT beantwoord belangrijke bedrijfsvragen Is mijn informatie technologie organisatie de juiste dingen aan het doen? Doen we de dingen op de juiste manier? Krijgen we de dingen voor elkaar? Zien we de resultaten wel goed? * Based on the Four Ares as described by John Thorp in his book The Information Paradox, written jointly with Fujitsu, first published in 1998 and revised in 2003

Business Proces IT services en infrastructuur Leunen op IT

COBIT Business voordelen COBIT geeft inzicht aan executive management om governance uit te voeren over de IT in het bedrijf Effectievere wegen om de IT de bedrijfsdoelen te laten ondersteunen Meer transparantie en voorspelbare IT kosten over de hele life-cycle Meer informatie over IT die betrouwbaar en op tijd is Hogere kwaliteit uit IT services en meer succesvolle projecten Effectiever management van IT-gerelateerde risico s

Stakeholder Value Delivering enterprise stakeholder value requires good governance and management of information and technology (IT) assets. Enterprise boards, executives and management have to embrace IT like any other significant part of the business. External legal, regulatory and contractual compliance requirements related to enterprise use of information and technology are increasing, threatening value if breached. COBIT 5 provides a comprehensive framework that assists enterprises to achieve their goals and deliver value through effective governance and management of enterprise IT

12

Overview COBIT5 5 Principles 7 Enablers Process Reference Model Life Cycle model voor Implementation Process Assessment Model Dimensies 13

Evolution The Evolution of COBIT 5 14 Governance of Enterprise IT IT Governance Management Control Audit BMIS (2010) Val IT 2.0 (2008) Risk IT (2009) COBIT1 COBIT2 COBIT3 COBIT4.0/4.1 COBIT 5 1996 1998 2000 2005/7 2012 2012 ISACA. All Rights Reserved.

Meeting Stakeholder Needs Principle 1. Meeting Stakeholder Needs Enterprises exist to create value for their stakeholders

Regulators Laws ISO Auditors 16

Waar begint COBIT5? EERST moet een bedrijf zijn doelen gesteld hebben Hoe bemoeit COBIT zich niet mee SWOT, COSO, BSC, ERM, DMW, JFW Stakeholder analyse! Doelen En dan Governance, supported by COBIT5 17

Daar begint COBIT5! Uw bedrijf heeft zijn doelen gesteld en wil ze goed in beeld houden Doelen zijn altijd in beweging Regelmatige Stakeholder analyse! Vertaling van Stakeholder needs naar Doelen naar IT gerelateerde doelen en naar Enabling doelen en weer terug en dat is Governance, supported by COBIT5! 18

COBIT5 Goals Cascade 2012 ISACA. All Rights Reserved.

COBIT5 Goals Cascade + 2012 ISACA. All Rights Reserved.

Start met de BSC categorie in stap 1 Balanced Scorecard Financial Customer Internal Learning Enterprise Goals IT Related Goal (ITRG) COBIT Process Customer 6. Customer-oriented service culture 7. Business service continuity and availability 8. Agile responses to a changing business environment 9. Information-based strategic decision making 10. Optimisation of service delivery costs 2012 ISACA. All rights reserved.

Figure 24 Mapping COBIT 5 Enterprise Goals to Governance and Management Questions Stap 1 Appendix D Stakeholder Needs en BSC dimensies

Cascade stap 1 Figure5: BSC dimensies en Enterprise Goals plotten op BRR

Stap 2 Selecteer Enterprise Goal, IT related Goals en Processen Customer 6. Customer-oriented service culture 7. Business service continuity and availability ITRG 07 Delivery of IT services in line with business requirements ITRG 08 Adequate use of applications, information and technology solutions ITRG 01 Alignment of IT and business strategy ITRG 04 Managed IT-related business risk ITRG 10 Security of information, processing infrastructure and applications ITRG 14 Availability of reliable and useful information for decision making PROCESSES APO09 Manage Service Agreements APO13 Manage Security BAI04 Manage Availability and Capacity BAI08 Manage Knowledge BAI10 Manage Configuration DSS03 Manage Problems DSS04 Manage Continuity PRIMARY IMPORTANCE OR IMPACT P P P P P P P 2012 ISACA. All rights reserved.

Enterprise Goals To IT Related Goals There are also 17 generic IT related goals as shown in Figure 6 (shown below) that are also categorised into the Balanced Score Card (BSC) categories. The relationship of enterprise goals to IT related Goals are shown in Appendix B Figure 22 page 50

Stap 2 Appendix B Enterprise Goals naar IT Related Goals in BSC dimensies Figure 22 Mapping COBIT 5 Enterprise Goals to IT-related Goals

Stap 2 het laatste deel: de processen Customer 6. Customer-oriented service culture 7. Business service continuity and availability ITRG 07 Delivery of IT services in line with business requirements ITRG 08 Adequate use of applications, information and technology solutions ITRG 01 Alignment of IT and business strategy ITRG 04 Managed IT-related business risk ITRG 10 Security of information, processing infrastructure and applications ITRG 14 Availability of reliable and useful information for decision making PROCESSES APO09 Manage Service Agreements APO13 Manage Security BAI04 Manage Availability and Capacity BAI08 Manage Knowledge BAI10 Manage Configuration DSS03 Manage Problems DSS04 Manage Continuity PRIMARY IMPORTANCE OR IMPACT P P P P P P P 2012 ISACA. All rights reserved.

Stap 2 Appendix C IT Related Goals naar processen Figure 23 Mapping COBIT 5 IT-related Goals to Processes (cont.)

Step.3 Example APO09 Examine Metrics Process ID Process Name Process Description APO09 Manage Service Agreements Align IT-enabled services and service levels with enterprise needs and expectations, including identification, specification, design, publishing, agreement, and monitoring of IT services, service levels and performance indicators. Process Purpose Ensure that IT services and service levels meet current and future enterprise needs. Outcomes (OS) Number APO09-O1 APO09-O2 APO09-O3 Description RELATED METRICS The number of business processes with unidentified service IT services are identified, defined and catalogued according to enterprise needs. agreements % of live IT services covered by service Agreements Service agreements reflect enterprise needs and the capabilities of IT. % of Customers satisfied that service delivery meets agreed-on IT services perform as stipulated in service agreements. levels Number & severity of service breaches % of services being monitored to service levels % of service targets being met 2012 ISACA. All rights reserved.

Concepts CSF to Measurement Van Visie naar meten Crown copyright 2011. Reproduced under license from Axelos. Figure 4.1 Continual Service Improvement, page 50 30

Een voorbeeld van Governance en doelen 31

Heeft u vragen (tot zover) over het omzetten van uw bedrijfsdoelen naar.. processen? 2012 ISACA. All Rights Reserved. 32

COBIT 5 Principles 2012 ISACA All rights reserved.

COBIT 5 Mapping Summary 2012 ISACA. All rights reserved.

Key components of a governance system 2012 ISACA. All Rights Reserved. 35

Governing Body 36

control is important especially when you don t have it! 37

COBIT 5 Process Reference Model 2012 ISACA. All Rights Reserved.

The COBIT5 Enterprise Enablers 2012 ISACA. All Rights Reserved.

COBIT 5 Implementation Life Cycle 2012 ISACA. All Rights Reserved.

My view on Governance Of Enterprise IT with COBIT5 Manage before you can Govern Controls are needed Stakeholders must be involved IT helps the enterprise Organizations are helped to find out what they really want 41

42

afterthought All Models are wrong, but some are useful George Box Thank you! Erik van Eeden 43

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback