When every line of business (LoB) depends on how IT industry governs how they make decisions, are you really governing the use of information and technology, or is it just the internal controls?
COBIT - Principles That Govern How You Make Decisions
COBIT® 5 is ISACA's framework for governance and management of enterprise information technology.
The COBIT 5 Integrator Framework
Includes Val IT, Risk IT, the Business Model for Information Security (BMIS) and the IT Assurance Framework (ITAF) plus integration with other frameworks, standards and practices ISO, TOGAF, PMBOK and ITIL.
The Governance Objective (Value Creation)
Enterprises exist to create value for their stakeholders, so the governance objective for any enterprise is value creation. Value creation means realizing benefits at an optimal resource cost whilst optimizing risk.
Business and Context Focus:
Having a business focus means focusing on enterprise goals and objectives. This relates to every enterprises objective for benefits realization, risk optimization and resource optimization.
COBIT 5 covers all of the critical business elements, i.e. processes, organizational structures, principles & policies, culture, skills and service capabilities. In addition, a new information model provides a simple link between business information and the IT function.
The COBIT 5 Governance Approach (Enabler Based)
The main elements of the governance approach are as follows: Governance enablers are the organizational resources for governance, such as frameworks, principles, structure, processes and practices.
Governance can be applied to the whole enterprise, an entity, a tangible or intangible asset, etc.
Roles, Activities and Relationships:
It defines who is involved in governance, how they are involved, what they do and how they interact, within the scope of any governance system.
Governance and Management structured:
The COBIT 5 framework makes a clear distinction between governance and management. Governance is about the Senior Management team providing a steer and making, sponsoring and enforcing the right decisions to meet enterprise objectives.
Management is responsible for execution by making effective use of resources, people, processes, practices in line with the direction set by the governing body.