COBIT 2019 Framework: Basic Concepts and Key Components, Exams of Advanced Education

A comprehensive overview of the cobit 2019 framework, outlining its core model, governance and management objectives, design factors, and alignment goals. It delves into the key components of a governance system, including processes, organizational structures, principles, policies, and frameworks. The document also explores the cascading effect of cobit goals, starting from stakeholder drivers and needs to the selection and prioritization of governance and management objectives.

Typology: Exams

2024/2025

Available from 12/26/2024

AcademicMinds
AcademicMinds 🇺🇸

2.3K documents

1 / 7

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
COBIT 2019 Basic Concepts
A governance or management objective always relates to - One process (with an identical
or similar name) and a series of related components of other types to help achieve the
objective.
A governance objective relates to - a governance process
A management objective relates to - a management process
Boards and executive management are accountable for ____________ while __________ are the
domain of senior and middle management. - 1. governance processes
2.management processes
COBIT Core Model: Five COBIT domains - 1. Evaluate, Direct and Monitor (EDM)
2. Align, Plan and Organize (APO)
3. Build, Aquire, and Implement (BAI)
4. Deliver, Service and Support (DSS)
5. Monitor, Evaluate and Assess (MEA)
Governance Objective Domain: Evaluate, Direct and Monitor (EDM) - Governing body
evaluates strategic options, directs senior management on the chosen strategic options and
monitors achievement of strategy.
Management Objective Domain: Align, Plan and Organize (APO) - Addresses the overall
organization, strategy and supporting activities for IT.
Management Objective Domain: Build, Acquire and Implement (BAI) - Addresses the
definition, acquisition and implementation of IT solutions and their integration in business
processes.
Management Objective Domain: Deliver, Service and Support (DSS) - Addresses the
operational delivery and support of IT services including security
Management Objective Domain: Monitor, Evaluate and Assess (MEA) - Addresses
performance monitoring and conformance of IT with internal performance targets, internal
control objectives and external requirements.
Types of governance system components - 1. Processes
2. Organizational structures
3. Principles, policies and frameworks
4. Information
5. Culture, ethics and behavior
6. People, skills and competencies
7. Service, infrastructure and applications
pf3
pf4
pf5

Partial preview of the text

Download COBIT 2019 Framework: Basic Concepts and Key Components and more Exams Advanced Education in PDF only on Docsity!

COBIT 2019 Basic Concepts

A governance or management objective always relates to - One process (with an identical or similar name) and a series of related components of other types to help achieve the objective. A governance objective relates to - a governance process A management objective relates to - a management process Boards and executive management are accountable for ____________ while __________ are the domain of senior and middle management. - 1. governance processes 2.management processes COBIT Core Model: Five COBIT domains - 1. Evaluate, Direct and Monitor (EDM)

  1. Align, Plan and Organize (APO)
  2. Build, Aquire, and Implement (BAI)
  3. Deliver, Service and Support (DSS)
  4. Monitor, Evaluate and Assess (MEA) Governance Objective Domain: Evaluate, Direct and Monitor (EDM) - Governing body evaluates strategic options, directs senior management on the chosen strategic options and monitors achievement of strategy. Management Objective Domain: Align, Plan and Organize (APO) - Addresses the overall organization, strategy and supporting activities for IT. Management Objective Domain: Build, Acquire and Implement (BAI) - Addresses the definition, acquisition and implementation of IT solutions and their integration in business processes. Management Objective Domain: Deliver, Service and Support (DSS) - Addresses the operational delivery and support of IT services including security Management Objective Domain: Monitor, Evaluate and Assess (MEA) - Addresses performance monitoring and conformance of IT with internal performance targets, internal control objectives and external requirements. Types of governance system components - 1. Processes
  5. Organizational structures
  6. Principles, policies and frameworks
  7. Information
  8. Culture, ethics and behavior
  9. People, skills and competencies
  10. Service, infrastructure and applications

A focus area describes - a certain governance topic, domain or issue that can be addressed by a connection of governance and management objectives and their components. The number of focus areas is unlimited. A design factor describes - factors that can influence the design of an enterprise's governance system and position it for success in the use of IT. Governance systems must have at least _______ design factors. - At least 4 satellite design factors COBIT Design Factors - 1. Enterprise strategy

  1. Enterprise goals
  2. Risk profile
  3. IT related issues
  4. Threat landscape
  5. Compliance requirements
  6. Role of IT
  7. Sourcing model for IT
  8. IT implementation methods
  9. Technology Adoption Strategy
  10. Enterprise size Design Factor: Enterprise Strategy - Enterprises can have different strategies, which can be expressed as one or more of the following archetypes:
  11. Growth and acquisition
  12. Innovation / Differentiation
  13. Cost leadership
  14. Client Service/ Stability Design Factor: Enterprise goals - Enterprise strategy is realized by achieving enterprise goals which are structured along the balanced scorecard (BSC) dimensions. There are 13 goals and 4 BSC dimensions. Enterprise goals: Balanced Score Card: Financial - EG01 - Portfolio of competitive products or services EG02 - Managed business risk EG03 - Compliance with external laws and regulations EG04 - Quality of financial information Enterprise goals: Balanced Score Card: Customer - EG05 - Customer-oriented service culture EG06 - Business service continuity and availability EG07 - Quality of management information

Design Factor: IT implementation methods - methods adopted can be classified as: Agile DevOps Traditional/waterfall Hybrid Design Factor: Technology adoption strategy - technology adoption strategy can be classified as: First mover Follower Slow adapter Design Factor: Enterprise size - Categories for design of an enterprise governance system: Large enterprise - more than 250 FTEs Small or medium enterprise - 50 - 250 FTEs COBIT goals cascade - Stakeholder drivers and needs identified - Enterprise goals determined leading to - Alignment goals align IT and business objectives - Governance and management objectives are selected and prioritized. Alignment goals - Each governance or management objective supports the achievement of alignment goals that are related to larger enterprise goals. There are 13 alignment goals and 4 BSC domains. Alignment goals: Balanced Score Card: Financial - AG01 - IT compliance and support for business compliance with external laws and regulations AG02 - Managed IT related risk AG03 - Realized benefits from IT enabled investments and service portfolio AG04 - Quality of technology-related financial information Alignment goals: Balanced Score Card: Customer - AG05 - Delivery of IT services in line with business requirements AG06 - Agility to turn business requirements into operational solutions Alignment goals: Balanced Score Card: Internal - AG07 - Security of information, processing infrastructure and applications, and privacy. AG08 - Enabling and supporting business processes by integrating applications and technology. AG09 - Delivering programs on time, on budget and meeting requirements and quality standards. AG10 - Quality of IT management information AG11 - IT compliance with internal policies Alignment goals: Balanced Score Card: Learning and growth - AG12 - Competent and motivated staff with mutual understanding of technology and business

AG13 - Knowledge, expertise and initiatives for business innovation Governance objective: Evaluate, Direct and Monitor (EDM): EDM01 - Ensure governance framework setting and maintenance Governance objective: Evaluate, Direct and Monitor (EDM): EDM02 - Ensured benefits delivery Governance objective: Evaluate, Direct and Monitor (EDM): EDM03 - Ensure risk optimization Governance objective: Evaluate, Direct and Monitor (EDM): EDM04 - Ensure resource optimization Governance objective: Evaluate, Direct and Monitor (EDM): EDM05 - Ensure stakeholder engagement Management objective: Align Plan and Organize (APO): APO01 - Managed IT management framework Management objective: Align Plan and Organize (APO): APO02 - Managed Strategy Management objective: Align Plan and Organize (APO): APO03 - Managed enterprise architecture Management objective: Align Plan and Organize (APO): APO04 - Managed innovation Management objective: Align Plan and Organize (APO): APO05 - Managed portfolio Management objective: Align Plan and Organize (APO): APO06 - Managed budget and costs Management objective: Align Plan and Organize (APO): APO07 - Managed human resources Management objective: Align Plan and Organize (APO): APO08 - Managed relationships Management objective: Align Plan and Organize (APO): APO09 - Managed service agreements Management objective: Align Plan and Organize (APO): APO1 0 - Managed vendors Management objective: Align Plan and Organize (APO): APO11 - Managed quality Management objective: Align Plan and Organize (APO): APO12 - Managed risk Management objective: Align Plan and Organize (APO): APO13 - Managed Security

Management objective: Monitor, evaluate and assess (MEA): MEA02 - Managed system of internal control Management objective: Monitor, evaluate and assess (MEA): MEA03 - Managed compliance with external requirements Management objective: Monitor, evaluate and assess (MEA): MEA04 - Managed assurance