Cobit 4.1 framework, Management Information Sys

CobiT 4.1

CobiT 4.1 is a very popular framework which mission is: "To research, develop, publicise and promote an authoritative, up-to-date, internationally accepted IT governance control framework for adoption by organizations and day-to-day use by business managers, IT professionals and assurance professionals" (CobiT 4.1 2007). CobiT 4.1 does not intend to offer a recipe to solve a particular problem, but instead, it intends to offer an internationally accepted framework for IT governance control (Ibid.).

CobiT 4.1 framework:

CobiT 4.1 provides processes, metrics and controls to achieve business goals. CobiT 4.1 is business-focused which means that it follows business goals and that IT respond to the business strategy. For example, some goals state: "Respond to business requirements in alignment with the business strategy" or "Provide a good return on investment of IT-enabled business investments" (CobiT 4.1 2007). CobiT 4.1 is "process-oriented" (34 processes) and "measurement-driven" (it works with metrics). Processes need control and, therefore, CobiT 4.1 is also control-based: "Control is defined as the policies, procedures, practices and organisational structures designed to provide reasonable assurance that business objectives will be achieved and undesired events will be prevented or detected and corrected. IT control objectives provide a complete set of high-level requirements to be considered by management for effective control of each IT process" (Ibid.). In figure 4, the main components of CobiT 4.1 can be appreciated.

624_CobiT4.1.png

Figure 1: CobiT 4.1 Framework (CobiT 4.1 2007)

Next, the focus areas for IT governance will be presented. ISACA promises to guarantee that IT is aligned with the business, that IT delivery business benefits, that IT resources are used correctly and in a disciplined way, and that IT risks are managed properly (Ibid.).

  • "Strategic alignment focuses on ensuring the linkage of business and IT plans; defining, maintaining and validating the IT proposition; and aligning IT operations with organization operations" (CobiT 4.1 2007).
  • "Value delivery is about executing the value proposition throughout the delivery cycle, ensuring that IT delivers the promised benefits against the strategy, concentrating on optimizing costs and proving the intrinsic value of IT" (Ibid.).
  • "Resource management is about the optimal investment in, and the proper management of, critical IT resources: applications, information, infrastructure and people. Key issues related to the optimization of knowledge and infrastructure" (Ibid.). 
  • "Risk management requires risk awareness by senior corporate officers, a clear understanding of the organization's appetite for risk, understanding of compliance requirements, transparency about the significant risks to the organization and embedding of risk management responsibilities into the organization" (Ibid.).
  • "Performance measurement tracks and monitors strategy implementation, project completion, resource usage, process performance and service delivery, using, for example, balanced scorecards that translate strategy into action to achieve goals measurable beyond conventional accounting" (Ibid.).

CobiT 4.1 is able to address different IT governance focus areas with individual CobiT processes (in total 34 generic processes). By putting all the focuses together, it is possible to obtain a holistic view of the IT governance processes and to embody a visual framework for maximizing benefits from information technology. For instance, each process addresses a certain focus of the IT governance which, in turn, is divided in primary and secondary perspectives.  The five focus areas are graphically represented in the CobiT 4.1's diamond.

1078_CobiT4.1a.png

Figure 2: CobiT Diamond in the process AI5 Procure IT Resources

CobiT 4.1 defines IT activities in 34 processes within four domains: Plan and Organise (PO), Acquire and Implement (AI), Deliver and Support (DS) and Monitor and Evaluate (ME). In the text below, the typical questions corresponding the four domains are extracted from the CobiT 4.1Executive Summary are shown (CobiT 4.1 2007). The four domains are:

Plan and Organise

  • Are IT and the business strategy aligned?
  • Is the organization achieving optimum use of its resources?
  • Does everyone in the organisation understand the IT objectives?
  • Are IT risks understood and being managed?
  • Is the quality of IT systems appropriate for business needs?

Acquire and Implement

  • Are new projects likely to deliver solutions that meet business needs?
  • Are new projects likely to be delivered on time and within budget?
  • Will the new systems work properly when implemented?
  • Will changes be made without upsetting current business operations?

Deliver and Support

  • Are IT services being delivered in line with business priorities?
  • Are IT costs optimised?
  • Is the workforce able to use the IT systems productively and safely?
  • Are adequate confidentiality, integrity and availability in place for information security?

Monitor and Evaluate

  • Is IT's performance measured to detect problems before it is too late?
  • Does management ensure that internal controls are effective and efficient?
  • Can IT performance be linked back to business goals?
  • Are adequate confidentiality, integrity and availability controls in place for information security?

For illustrative purposes, all the processes with the corresponding IT governance focus areas are presented in the appendix 3a (Ibid.).

Maturity model:

ISACA developed for CobiT 4.1 a maturity model based on the Capability Maturity Model (CMM) Scale from the Software Engineering Institute. While many concepts of the CMM model were used, the CobiT implementation differs from the original oriented toward software product engineering principles CMM. According to ISACA, the Capability Maturity Model in CobiT 4.1 focuses on strategic issues and high level IT Management processes (FAQ ISACA).

Val IT  in CobiT 4.1

For a better management of benefits, CobiT 4.1 can be applied in combination with other complementary approaches. For example, Val IT and CobiT improve the power of decision makers for the creation of value from the delivery of IT services. Val IT takes a pure business perspective by examining strategic and value issues, while CobiT takes an IT perspective by focusing on the architecture and the delivery. (Val IT ISACA 2008; Fujitsu Consulting et al. 2007). Val IT sets good practices for the outcomes by measuring, monitoring and optimizing financial and non-financial value for IT-enabled investments. In the following figure, the so called 'Four Ares' from Val IT are shown.

1508_CobiT4.1b.png

Figure 3: The 'Four Ares' adapted from Val IT ISACA (2008)

Posted Date: 9/25/2012 5:28:50 AM | Location : United States







Related Discussions:- Cobit 4.1 framework, Assignment Help, Ask Question on Cobit 4.1 framework, Get Answer, Expert's Help, Cobit 4.1 framework Discussions

Write discussion on Cobit 4.1 framework
Your posts are moderated
Related Questions

Question: a) List four powerful worldwide changes that have altered the business environment and brought about the deployment of Information Systems in organisations? b) B

Question: i) Briefly describe the major ICT infrastructure components. ii) Discuss the tools available to protect from Information Security breaches. iii) Describe the ma

CHARACTERISTICS OF MANAGEMENT  INFORMATION SYSTEM  It is important to note here that Management Information System captures data and information from the environment as well a

Management Information System Alvin Toffier, in his' celebrated work 'Third Wave' mentions that the world is accelerating towards an information softy. People, no matter where

Dean Kamen holds more than 150 US and foreign patents related to medical devices, climate control systems, and helicopter design. In 2001 he developed a business to manufacture and

Question : The nature of the Web, with its two-way communication features and traceable connection technology, allows firm to gather much more information about customer behavi

Subject Bibliographies: Subject bibliographies are useful selection tools for  retrospective books. If they are compiled by professionals with a  subject background of  the fi

Describe the Industrial Relations in India. Discuss the current development in the field of Industrial Relations in any organization you are familiar with. Briefly explain the orga

Discuss the development of Trade Union in India. Explain the functions of Trade Union of any organization you are acquainted with. Briefly define the organization you are referring