Upload
nguyentram
View
213
Download
0
Embed Size (px)
Citation preview
Capitolo di Milano
COBIT 5 l’evoluzione rispetto CobiT 4.1
MIlano, 2 aprile 2012
COBIT 5 COBIT 5 l’evoluzione rispetto CobiT 4.1
MIlanoMIlano, 2 , 2 aprileaprile 20122012
Presentato da:
Alberto Piamonte
2
Capitolo di Milano
COBIT 5
Nel 2011 sono usciti:
• COBIT 5 Framework (85 pp)
– Principi
– Architettura
– Enablers
• COBIT 5 Process Reference Guide (218 pp)
• COBIT Assessment Program (per CobiT 4.1
ma usato anche da COBIT 5)
– COBIT Assessment Model (PAM) 73pp
– COBIT Assessor Guide 47pp
– COBIT Self-assessment Guide 31pp
A valle delle prime esperienze di utilizzo, alcune note . . .
4
Capitolo di Milano
�
Information Information
CriteriaCriteria
Risorse IT
Processi IT
Business Strategy
CobiT 4.1
5
Capitolo di Milano
Information Criteria
IT Resources
IT Processes
Business Strategy
CobiT 4.1
•Efficacia
•Efficienza
•Riservatezza
•Integrità
•Disponibilità
•Conformità
•Affidabilità
6
Capitolo di Milano
Information Criteria
• Efficacia
• Efficienza
• Riservatezza
• Integrità
• Disponibilità
• Conformità
• Affidabilità
• Efficacia
• Efficienza
• Riservatezza
• Integrità
• Disponibilità
• Conformità
• Affidabilità
Acquire and maintain skilled and motivated people.17
Manage product and business innovation.16Learning
Improve and maintain operational and staff productivity.15
Manage business change.14
Provide compliance with internal policies.13
Provide compliance with external laws, regulations and contracts.12
Lower process costs.11
Improve and maintain business process functionality.10
Internal
Obtain reliable and useful information for strategic decision making.9
Achieve cost optimalisation of service delivery.8
Create agility in responding to changing business requirements (time to market).7
Establish service continuity and availability.6
Offer competitive products and services.5
Improve customer orientation and service.4
Customer
Improve corporate governance and transparancy.3
Manage IT-related business risk.2
Provide a good return on investment of IT-enabeled business investments.1
Financial
Balanced Score Cards (BSC)
7
Capitolo di Milano
Criteri BSC
Business
Goals
IT Resources
IT Processes
Business Strategy
COBIT5 : architettura
Service
Capabilities
Processes
Culture,
Ethics,
Behaviour
Organisational
Structures
InformationPrinciples &
Policies
Skills &
Competencies
Importanza
relativa
COBIT 5 Enablers
9
Capitolo di Milano
Meeting Stakeholder Needs
• Stakeholder needs have to be
transformed into an enterprise’s
actionable strategy.
• The COBIT 5 goals cascade
translates stakeholder needs
into specific, actionable and
customised goals within the
context of the enterprise, IT-
related goals and enabler goals.
© 2012 ISACA. All rights reserved. 9
Stakeholder Value and Business Objectives
10
Capitolo di MilanopProduct and business innovation culture
pssSkilled and motivated peopleLearning & Growth
pCompliance with internal policies
ppOperational and staff productivity
sppManaged business change programmes
ppOptimisation of business process costs
ppOptimisation of business process functionality
Internal
spOptimisation of service delivery costs
pppInformation‐‐‐‐based strategic decision making
spAgile responses to a changing business
environment
pBusiness service continuity and availability
spCustomer‐‐‐‐oriented service culture
Customer
sspFinancial transparency
pStakeholder value of business investments
spPortfolio of competitive products and services
spManaged business risks (safeguarding of assets)
pCompliance with external laws and regulations
Financial
Resource
optimizati
on
Risk
optimizati
on
Benefits
realisatio
n
Governance Objectives
Enterprise Goals
Stakeholder Value driven and Business focussed
11
Capitolo di MilanopProduct and business innovation culture
pssSkilled and motivated peopleLearning & Growth
pCompliance with internal policies
ppOperational and staff productivity
sppManaged business change programmes
ppOptimisation of business process costs
ppOptimisation of business process functionality
Internal
spOptimisation of service delivery costs
pppInformation‐‐‐‐based strategic decision making
spAgile responses to a changing business
environment
pBusiness service continuity and availability
spCustomer‐‐‐‐oriented service culture
Customer
sspFinancial transparency
pStakeholder value of business investments
spPortfolio of competitive products and services
spManaged business risks (safeguarding of assets)
pCompliance with external laws and regulations
Financial
Resource
optimizati
on
Risk
optimizati
on
Benefits
realisatio
n
Governance Objectives
Enterprise Goals
Importanza
Relativa (P/S)
dei :
COBIT
Processes
e
degli altri
Enablers !
Stakeholder Value driven and Business focussed
12
Capitolo di Milano
Enablers based
• Per raggiungere gli obiettivi di business, bisogna considerare un insieme di Enablers tra loro interconnessi:
1. Processi
2. Cultura, etica e comportamenti
3. Strutture organizzative
4. Informazioni
5. Principi e Politiche
6. Skill e competenze
7. Capacità di erogare Servizi
Service
Capabilities
Processes
Culture,
Ethics,
Behaviour
Organisational
Structures
InformationPrinciples &
Policies
Skills &
Competencies
Systemic Governance
Stakeholder needs
13
Capitolo di Milano
• Information, infrastructure, applications (services) and people (people, skills and competencies) were COBIT 4.1 resources.
• Principles, policies and frameworks were mentioned in a few COBIT 4.1 processes.
• Processes were central to COBIT 4.1 use.
• Organisational structure was implied through the responsible, accountable, consulted or informed (RACI) roles and their definitions.
• Culture, ethics and behaviour were mentioned in a few COBIT 4.1 processes.
© 2012 ISACA. All rights reserved. 13
Enablers
15
Capitolo di Milano
Process Enabler Model
Relazioni:
•Informazioni in input o in output
•Strutture organizzative,
•Servizi
•Producono o necessitano di Policy e procedure
•Gli aspetti ambientali e/o culturali influenzano le
modalità di esecuzione del processo
16
Capitolo di Milano
• Nuovo Dominio : Governance
• Nuovo Processi
• COBIT 5 consolida COBIT 4.1, Val IT and Risk IT in un singolo framework, aggiornato con current best
practices—e.g., ITIL, TOGAF aggiornate.
© 2012 ISACA. All rights reserved. 16
COBIT 5 : Process Reference Model
18
Capitolo di Milano
• COBIT 5 introduces five new governance processes that have leveraged and improved COBIT 4.1, Val IT and Risk IT governance approaches.
• This guidance:
– Helps enterprises to further refine and strengthen executive management-level GEIT practices and activities
– Supports GEIT integration with existing enterprise governance practices and is aligned with ISO/IEC 38500
© 2012 ISACA. All rights reserved. 18
4. New and Modified Processes
20
Capitolo di Milano
Process Reference Guide
• A separate publication that expands on the
process-enabler model
• Contains full details of the COBIT processes in
a similar way to the process documentation in
COBIT 4.1
21
Capitolo di Milano
Information Enabler Model
Un’evoluzione degli Information Criteria CobiT 4.1 …..
27
Capitolo di Milano
5 - Governance e Management
Governance definizione e controllo delle
strategie
Management esecuzione e gestione delle
risorse
Nel Process Model del COBIT 5 viene fatta una chiara distinzione tra le due discipline