Cobit 4.1 framework, Management Information Sys

Assignment Help:

CobiT 4.1

CobiT 4.1 is a very popular framework which mission is: "To research, develop, publicise and promote an authoritative, up-to-date, internationally accepted IT governance control framework for adoption by organizations and day-to-day use by business managers, IT professionals and assurance professionals" (CobiT 4.1 2007). CobiT 4.1 does not intend to offer a recipe to solve a particular problem, but instead, it intends to offer an internationally accepted framework for IT governance control (Ibid.).

CobiT 4.1 framework:

CobiT 4.1 provides processes, metrics and controls to achieve business goals. CobiT 4.1 is business-focused which means that it follows business goals and that IT respond to the business strategy. For example, some goals state: "Respond to business requirements in alignment with the business strategy" or "Provide a good return on investment of IT-enabled business investments" (CobiT 4.1 2007). CobiT 4.1 is "process-oriented" (34 processes) and "measurement-driven" (it works with metrics). Processes need control and, therefore, CobiT 4.1 is also control-based: "Control is defined as the policies, procedures, practices and organisational structures designed to provide reasonable assurance that business objectives will be achieved and undesired events will be prevented or detected and corrected. IT control objectives provide a complete set of high-level requirements to be considered by management for effective control of each IT process" (Ibid.). In figure 4, the main components of CobiT 4.1 can be appreciated.

624_CobiT4.1.png

Figure 1: CobiT 4.1 Framework (CobiT 4.1 2007)

Next, the focus areas for IT governance will be presented. ISACA promises to guarantee that IT is aligned with the business, that IT delivery business benefits, that IT resources are used correctly and in a disciplined way, and that IT risks are managed properly (Ibid.).

  • "Strategic alignment focuses on ensuring the linkage of business and IT plans; defining, maintaining and validating the IT proposition; and aligning IT operations with organization operations" (CobiT 4.1 2007).
  • "Value delivery is about executing the value proposition throughout the delivery cycle, ensuring that IT delivers the promised benefits against the strategy, concentrating on optimizing costs and proving the intrinsic value of IT" (Ibid.).
  • "Resource management is about the optimal investment in, and the proper management of, critical IT resources: applications, information, infrastructure and people. Key issues related to the optimization of knowledge and infrastructure" (Ibid.). 
  • "Risk management requires risk awareness by senior corporate officers, a clear understanding of the organization's appetite for risk, understanding of compliance requirements, transparency about the significant risks to the organization and embedding of risk management responsibilities into the organization" (Ibid.).
  • "Performance measurement tracks and monitors strategy implementation, project completion, resource usage, process performance and service delivery, using, for example, balanced scorecards that translate strategy into action to achieve goals measurable beyond conventional accounting" (Ibid.).

CobiT 4.1 is able to address different IT governance focus areas with individual CobiT processes (in total 34 generic processes). By putting all the focuses together, it is possible to obtain a holistic view of the IT governance processes and to embody a visual framework for maximizing benefits from information technology. For instance, each process addresses a certain focus of the IT governance which, in turn, is divided in primary and secondary perspectives.  The five focus areas are graphically represented in the CobiT 4.1's diamond.

1078_CobiT4.1a.png

Figure 2: CobiT Diamond in the process AI5 Procure IT Resources

CobiT 4.1 defines IT activities in 34 processes within four domains: Plan and Organise (PO), Acquire and Implement (AI), Deliver and Support (DS) and Monitor and Evaluate (ME). In the text below, the typical questions corresponding the four domains are extracted from the CobiT 4.1Executive Summary are shown (CobiT 4.1 2007). The four domains are:

Plan and Organise

  • Are IT and the business strategy aligned?
  • Is the organization achieving optimum use of its resources?
  • Does everyone in the organisation understand the IT objectives?
  • Are IT risks understood and being managed?
  • Is the quality of IT systems appropriate for business needs?

Acquire and Implement

  • Are new projects likely to deliver solutions that meet business needs?
  • Are new projects likely to be delivered on time and within budget?
  • Will the new systems work properly when implemented?
  • Will changes be made without upsetting current business operations?

Deliver and Support

  • Are IT services being delivered in line with business priorities?
  • Are IT costs optimised?
  • Is the workforce able to use the IT systems productively and safely?
  • Are adequate confidentiality, integrity and availability in place for information security?

Monitor and Evaluate

  • Is IT's performance measured to detect problems before it is too late?
  • Does management ensure that internal controls are effective and efficient?
  • Can IT performance be linked back to business goals?
  • Are adequate confidentiality, integrity and availability controls in place for information security?

For illustrative purposes, all the processes with the corresponding IT governance focus areas are presented in the appendix 3a (Ibid.).

Maturity model:

ISACA developed for CobiT 4.1 a maturity model based on the Capability Maturity Model (CMM) Scale from the Software Engineering Institute. While many concepts of the CMM model were used, the CobiT implementation differs from the original oriented toward software product engineering principles CMM. According to ISACA, the Capability Maturity Model in CobiT 4.1 focuses on strategic issues and high level IT Management processes (FAQ ISACA).

Val IT  in CobiT 4.1

For a better management of benefits, CobiT 4.1 can be applied in combination with other complementary approaches. For example, Val IT and CobiT improve the power of decision makers for the creation of value from the delivery of IT services. Val IT takes a pure business perspective by examining strategic and value issues, while CobiT takes an IT perspective by focusing on the architecture and the delivery. (Val IT ISACA 2008; Fujitsu Consulting et al. 2007). Val IT sets good practices for the outcomes by measuring, monitoring and optimizing financial and non-financial value for IT-enabled investments. In the following figure, the so called 'Four Ares' from Val IT are shown.

1508_CobiT4.1b.png

Figure 3: The 'Four Ares' adapted from Val IT ISACA (2008)


Related Discussions:- Cobit 4.1 framework

What would you do to achieve the above quality attributes, QUESTION A g...

QUESTION A group of UTM students are participating in a competition to develop innovative mobile services for an international operator. The mobile services will be developed b

The ChoicePoint Attack Case Study, It is a case study The ChoicePoint Att...

It is a case study The ChoicePoint Attack ChoicePoint, a Georgia-based corporation, provides risk-management and fraud-prevention data. Traditionally, ChoicePoint provided motor

Managerial Applications of Technology, AsBusiness Problem: The order fulfil...

AsBusiness Problem: The order fulfillment team has been using several legacy technology systems to manage inventory and distribution. The current systems do not work together, requ

HTML , Create, Edit and Display the Contents of Simple Form You are to wri...

Create, Edit and Display the Contents of Simple Form You are to write two versions of this assignment. One using HTML and VBScript and one using HTML and Javascript. In both, you

MIS in an organization of the industry., • Choose an industry of your choic...

• Choose an industry of your choice and evaluate the past and present state of MIS in an organization of the industry. • Elaborate how the evolution have brought about the reductio

What is business process reengineering, Question : i) What is Business ...

Question : i) What is Business Process Reengineering and describe its relevance to an organization. ii) What are Net marketplaces and explain how do they operate iii) Wha

Explain briefly any five benefits of using multimedia, Problem: (a) Des...

Problem: (a) Describe the term ‘Multimedia'. (b) Briefly describe two main reasons to use ‘Compression' in Multimedia. (c) All Multimedia development teams should have

Define moore''s law and describe why it is significant, QUESTION (a) Us...

QUESTION (a) Using integrated software to manage all functional areas of a business seems obvious today, however it was not technically feasible until the 1990s. Describe three

What is the significance of telecommunications deregulation, Problem: (...

Problem: (a) Distinguish between a virus, a worm, and a Trojan horse. (b) A computer can be a target of a crime or an instrument of a crime. State three examples of each.

Multiole choice, system integration and infrastructure development is the--...

system integration and infrastructure development is the-------- -----is characterized as the development and management of relationships with external service providers

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd