COBIT®5 - Foundation

COBI

T® is

a tr

adem

ark o

f ISA

CA®

regi

ster

ed in

the

Uni

ted

Stat

es a

nd o

ther

coun

trie

s.

Start and finish Course style

LunchCoffee and breaks

2/12 | 2/246M00 - Course introduction

Understand the concepts relating to the structure and format of the framework, the drivers and business benefits of using the COBIT 5 framework

To know facts, terms and concepts relating to the Process Capability Model

To understand the Process Capability Model and the basic ISO 15504 concepts

Known facts and terms relating to the COBIT 5 Enablers

Understand that COBIT enables IT to be governed and managed in a holistic manner for the entire enterprise.

To know facts, terms and concepts relating to the Implementation of COBIT 5

Main goal:

Attempt Foundation exam with confidence

Secondary goal:

Benefits and value of IT Governance and COBIT 5


Please share with the class: Your name and surname Your organization Your profession (title, function, job

responsibilities) Your familiarity with:

Project management

IT management

IT service management (ITSM)

Enterprise architecture Your experience with IT Governance Your personal session expectations



Foundation Exam

Paper based and closed book exam Only pencil and eraser are allowed Simple multiple (ABCD) choice exam Only one answer is correct 50 questions, pass mark is 25 (50%) No negative points, no “Tricky Questions”

No pre-requisite for Foundation exam

Sample, one (official) mock exam is provided to you

Candidates completing an examination in a language that is not their mother tongue, will receive additional time


Target Audience

Consultants, IT practitioners, Business managers

Apply the COBIT 5 good practice continual improvement lifecycle approach to GEIT, tailored to suit the needs of a specific enterprise. In particular



Target Audience

Internal and external (Lead) Auditors

Perform a process capability assessment using the Assessor Guide: using COBIT 5

Apply the Process Assessment Model

Identify and assess the roles and responsibilities



COBIT5 main publication is COBIT 5 - A Business Framework for the Governance and Management of Enterprise IT:• ISBN-13: 978-1604202373

COBIT5 syllabus section code and title

OV Overview and Key Features of COBIT 5

PR The COBIT 5 Principles

EN The COBIT 5 Enablers

IM Introduction to COBIT 5 Implementation

PC Process Capability Assessment Model

Syllabus Handbook Page

Module slide number / total module slides

Slide number / total slides

Module number and name

COBIT5handbook page

COBIT5 syllabus section code



quizlet.com/67599656/


twitter.com/mirodabrowski

linkedin.com/in/miroslawdabrowskigoogle.com/+miroslawdabrowski

miroslaw_dabrowski

www.miroslawdabrowski.com

Mirosław DąbrowskiAgile Coach, Trainer, Consultant(former JEE/PHP developer, UX/UI designer, BA/SA)

Creator Writer / Translator Trainer / Coach

• Creator of 50+ mind maps from PPM and related topics (2mln views): miroslawdabrowski.com

• Lead author of more than 50+ accredited materials from PRINCE2, PRINCE2 Agile, MSP, MoP, P3O, ITIL, M_o_R, MoV, PMP, Scrum, AgilePM, DSDM, CISSP, CISA, CISM, CRISC, CGEIT, TOGAF, COBIT5 etc.

• Creator of 50+ interactive mind maps from PPM topics: mindmeister.com/users/channel/2757050

• Product Owner of biggest Polish project management portal: 4PM: 4pm.pl (15.000+ views each month)

• Editorial Board Member of Official PMI Poland Chapter magazine: “Strefa PMI”: strefapmi.pl

• Official PRINCE2 Agile, AgilePM, ASL2, BiSL methods translator for Polish language

• English speaking, international, independenttrainer and coach from multiple domains.

• Master Lead Trainer• 11+ years in training and coaching / 15.000+ hours• 100+ certifications• 5000+ people trained and coached• 25+ trainers trained and coached

linkedin.com/in/miroslawdabrowski

Agile Coach / Scrum Master PM / IT architect Notable clients

• 8+ years of experience with Agile projects as a Scrum Master, Product Owner and Agile Coach

• Coached 25+ teams from Agile and Scrum• Agile Coach coaching C-level executives • Scrum Master facilitating multiple teams

experienced with UX/UI + Dev teams• Experience multiple Agile methods• Author of AgilePM/DSDM Project Health Check

Questionnaire (PHCQ) audit tool

• Dozens of mobile and ecommerce projects• IT architect experienced in IT projects with budget

above 10mln PLN and timeline of 3+ years• Experienced with (“traditional”) projects under high

security, audit and compliance requirements based on ISO/EIC 27001

• 25+ web portal design and development and mobile application projects with iterative,incremental and adaptive approach

ABB, AGH, Aiton Caldwell, Asseco, Capgemini, Deutsche Bank, Descom, Ericsson, Ericpol, Euler Hermes, General Electric, Glencore, HP Global Business Center, Ideo, Infovide-Matrix, Interia, Kemira, Lufthansa Systems, Media-Satrun Group, Ministry of Defense (Poland), Ministry of Justice (Poland), Nokia Siemens Networks, Oracle, Orange, Polish Air Force, Proama, Roche, Sabre Holdings, Samsung Electronics, Sescom, Scania, Sopra Steria, Sun Microsystems, Tauron Polish Energy, Tieto, University of Wroclaw, UBS Service Centre, Volvo IT…miroslawdabrowski.com/about-me/clients-and-references/

Accreditations/certifications (selected): CISA, CISM, CRISC, CASP, Security+, Project+, Network+, Server+, Approved Trainer: (MoP, MSP, PRINCE2, PRINCE2 Agile, M_o_R, MoV, P3O, ITIL Expert, RESILIA), ASL2, BiSL, Change Management, Facilitation, Managing Benefits, COBIT5, TOGAF 8/9L2, OBASHI, CAPM, PSM I, SDC, SMC, ESMC, SPOC, AEC, DSDM Atern,DSDM Agile Professional, DSDM Agile Trainer-Coach, AgilePM, OCUP Advanced, SCWCD, SCBCD, SCDJWS, SCMAD, ZCE 5.0, ZCE 5.3, MCT, MCP, MCITP, MCSE-S, MCSA-S, MCS, MCSA, ISTQB, IQBBA, REQB, CIW Web Design / Web Development / Web Security Professional, Playing Lean Facilitator, DISC D3 Consultant, SDI Facilitator, Certified Trainer Apollo 13 ITSM Simulation …


1. Defining IT Governance and COBIT5

2. COBIT 5 principles

3. COBIT 5 enablers

4. The Lifecycle approach

5. COBIT 4.1 differences to COBIT 5

6. COBIT 5 Process Capability Model (PCM)

2/22 | 14/246M01 - Defining IT Governance and COBIT 5

1. The Reasons for the Development of COBIT 52. The History of COBIT 3. The Drivers for developing a Framework4. The Benefits of using COBIT 55. The COBIT 5 Format and product Architecture6. COBIT 5 and Other Frameworks


ISACA Board of Directors directive: “Tie together and reinforce all ISACA knowledge

assets with COBIT”

Provide a renewed and authoritative governance and management framework for enterprise information and related technology

Integrate all other major ISACA frameworks and guidance

Align with other major frameworks and standards

© 2

013

ISAC

A. A

ll Ri

ghts

Res

erve

d.


Governance of Enterprise IT

COBIT 5

IT Governance

COBIT4.0/4.1

Management

COBIT3

Control

COBIT2

Audit

COBIT1

2005/720001998

Evo

lutio

n

1996 2012

Val IT 2.0(2008)

Risk IT(2009)

BMIS(2010)

© 2

013

ISAC

A. A

ll Ri

ghts

Res

erve

d.

COBIT 5 ties together all ISACA knowledge assets, i.e.• COBIT 4.1• Val IT™• Risk IT• Business Model for

Information Security™ (BMIS™)

• ITAssuranceFramework™ (ITAF™);

• Taking Governance orward (TGF),

• Board Briefing on IT Governance, 2nd Edition.


Provide guidance in: Enterprise architecture Asset and service management Emerging sourcing and organization

models Innovation and emerging

technologies

End to end business and IT responsibilities

Controls for user-initiated and user-controlled IT solutions

A need for the enterprise to: Achieve increased value creation Obtain business user satisfaction Achieve compliance with relevant

laws, regulations and policies Improve the relation between

business and IT Increase the return of governance

over enterprise IT Connect and align with other major

frameworks and standards

© 2

013

ISAC

A. A

ll Ri

ghts

Res

erve

d.


Information is the business currency of the 21st Century

Information has a life cycle: it is created, used, retained, disclosed and destroyed

Technology plays a key role in these actions

Technology is becoming pervasive in all aspects of business and personal life

Every form of enterprise needs to be able to rely on quality information to support quality executive decisions!

© 2

013

ISAC

A. A

ll Ri

ghts

Res

erve

d.


Not simply IT; not only for big business! COBIT 5 is about governing and managing information

Whatever medium is used

End to end throughout the enterprise Information is equally important to:

Global, multinational business

National and local government

Charities and not for profit enterprises

Small to medium enterprises

Clubs and associations

© 2

013

ISAC

A. A

ll Ri

ghts

Res

erve

d.


Enterprises and their executives strive to:

Maintain quality information to support business decisions

Generate business value from IT-enabled investments, i.e., achieve strategic goals and realise business benefits through effective and innovative use of IT

Achieve operational excellence through reliable and efficient application of technology

Maintain IT-related risk at an acceptable level Optimise the cost of IT services and technology

© 2

013

ISAC

A. A

ll Ri

ghts

Res

erve

d.


Delivering enterprise stakeholder value requires good governance and management of information and technology (IT) assets

Enterprise boards, executives and management have to embrace IT like any other significant part of the business

External legal, regulatory and contractual compliance requirements related to enterprise use of information and technology are increasing, threatening value if breached

COBIT 5 provides a comprehensive framework that assists enterprises to achieve their goals and deliver value through effective governance and management of enterprise IT

© 2

013

ISAC

A. A

ll Ri

ghts

Res

erve

d.


Enterprises are under constant pressure to: Increase benefits realization through effective and innovative use of enterprise

IT: Generate business value from new enterprise investments with a supporting IT

investment

Achieve operational excellence through application of technology

Maintain IT related risk at an acceptable level Contain cost of IT services and technology Ensure business and IT collaboration, leading to business user satisfaction with

IT engagement and services Comply with ever increasing relevant laws, regulations and policies

© 2

013

ISAC

A. A

ll Ri

ghts

Res

erve

d.


COBIT 5 is initially in 3 volumes: COBIT 5: A Business Framework for

the Governance and Management of Enterprise IT

COBIT 5: Enabling Processes COBIT 5: Implementation

Several guides acts as extension COBIT 5: for Information Security COBIT 5: for Risk

Simplified: COBIT 5 directly addresses the

needs of the viewer from different perspectives.

Development continues with specific practitioner guides

COBIT 5 is based on: 5 principles 7 enablers

© 2

013

ISAC

A. A

ll Ri

ghts

Res

erve

d.


© 2

013

ISAC

A. A

ll Ri

ghts

Res

erve

d.


COBIT

ISO 9000ISO/EIC 27002

ITIL

COSO

WHAT HOW

SCOPE OF COVERAGE

© 2

013

ISAC

A. A

ll Ri

ghts

Res

erve

d.


PERFORMANCE: Business Goals

CONFORMANCEBasel III, Sarbanes-

Oxley Act, etc.

Enterprise Governance

IT Governance

ISO 9001:2000

ISO/EIC27002

ISO/EIC 20000Best Practice Standards

QAProceduresProcesses and Procedures

Drivers

COSO

Security Principles

ITIL

Balanced Scorecard

© 2

013

ISAC

A. A

ll Ri

ghts

Res

erve

d.


© 2

013

ISAC

A. A

ll Ri

ghts

Res

erve

d.


ISO/IEC 38500:

ISO’s 6 principles map to COBIT 5 (appendix E).

ITIL - the following 5 areas and domains are covered by ITIL:

A subset of process in the DSS and BAI domain Some process in the APO domain

ISO/IEC 27000:

Security and IT-related processes in domains EDM, APO and DSS

Some monitoring of security monitoring activities in MEA

ISO/IEC 31000:

Risk management related activities in EDM and APO

© 2

013

ISAC

A. A

ll Ri

ghts

Res

erve

d.


TOGAF (The Open Group Architecture Framework):

Resource-related processes in EDM TOGAF components of the architecture board and

governance areas Enterprise architecture processes of APO

PRINCE2:

Project management processes in the BAI domain Portfolio related processes in the APO domain

CMMI:

Some organisational and quality-related processes in the APO domain

Application - building and acquisition related processes in BAI

© 2

013

ISAC

A. A

ll Ri

ghts

Res

erve

d.


Defines the starting point of governance and management activities with the stakeholder needs related to enterprise IT

Creates a more holistic, integrated and complete view of enterprise governance and management of IT that is consistent, provides an end-to-end view on all IT-related matters and provides a holistic view

Creates a common language between IT and business for the enterprise governance and management of IT

Is consistent with generally accepted corporate governance standards, and thus helps to meet regulatory requirements ©

201

3 IS

ACA.

All

Righ

ts R

eser

ved.


COBIT 5 Scope

Benefits

Enterprise Benefits

Stakeholder Value

The COBIT 5 Volumes

COBIT 5 Product Family

COBIT 5 Mapping

COBIT and Other IT Governance Frameworks



I hope you enjoyed this presentation. If so, please like, share and

leave a commentbelow.

Endorsements on LinkedIn are also

highly appreciated! (your feedback = more free stuff)

MIROSLAWDABROWSKI.COM/downloads

Education

COBIT®5 - Foundation