COBIT

COBIT is an Information Technology Management Framework developed by ISACA (Information Systems Audit and Control Association) and itgi (IT Governance Institute) in 1996.

COBIT enables managers, auditors and information technology (it) users to transform business goals into computing goals, combine the resources and processes needed to achieve these goals, as well as effectively use information technology infrastructures.

 

Administrators, auditors, and users benefit from COBIT developments because COBIT helps them understand IT systems and decide the levels of security and control required by the IT governance model to protect companies ' assets. The reason managers benefit from COBIT can be to make more effective decisions in the IT field and make the right investments for the organization. It users benefit from COBIT because it guarantees control, security and process management. It helps auditors identify problems within the IT infrastructure within the framework of control principles.

 

Its strategic IT plan, Information Architecture, IT hardware and software needed to operate the strategy, continuous service provision and IT performance monitoring system make COBIT decision-making more effective.

 

CobiT (control objectives for Information Technologies) was designed as an audit tool by The Information Systems Audit and control association (ISACA). It is based on ISO and ITIL with The Capability Maturity Model (CMM) of the Institute of software engineers. It aims to use information processing resources to provide services in line with business goals and ensures that the services provided meet the desired quality, security and legal needs.

 

CobiT is based on control, not process, so it's interested in what institutions should do, but not how they should do it.

 

COBIT's development consisted of 5 main publications. These:

 

1996, COBIT 1
1998, COBIT 2
2000, COBIT 3
2005, COBIT 4 and 2007, COBIT 4.1
2012, COBIT 5


COBIT 1 was published in 1996. The scope of COBIT 1 was basically limited to audit.
COBIT 2 introduced the concept of” control". However, COBIT was still an IT audit and control framework at this stage.
With COBIT 3,” management " came under the scope of the framework, and COBIT became the IT management framework.
Along with COBIT 4 and COBIT 4.1, the concept of “IT governance” was now included in the framework.
COBIT 4.1 has 34 high-level processes. 210 control objectives covered by them has four main categories: planning and organization, acquisition and implementation, delivery and support, monitoring and evaluation.

COBIT 5 highlights the concept of” enterprise IT governance". A new chapter in IT governance has been opened with COBIT 5.  The most basic innovation is that the concepts of management and governance are separated from each other and addressed in different processes. The new process model introduces a new process model that enables an integrated approach to corporate governance and IT governance. In this context, COBIT 5 gives two views on the terms” governance ”and” governance " as follows::


* Governance provides an assessment of stakeholders ' needs, situations and preference rights in determining business goals; directs them through prioritization and decision-making; monitors compliance and performance with agreed directions and goals.

* Management performs planning, building, processing and monitoring activities in accordance with the direction set by governance to achieve business goals.

 

In this framework, we can define the five basic principles of COBIT 5 as follows:

* Meeting the needs of stakeholders.

* Covering business end-to-end.

* Implement a single integrated framework.

* Demonstrate an integrated approach.

* Separating governance and management.

 

As can be seen clearly from these principles, COBIT has now ceased to be the subject of it and become a framework that concerns the entire business and its stakeholders.

 

New COBIT, the previous COBIT 4.1, Val it 2.0 (key management practices to obtain the best value from IT investments) and Risk it (it risk management frameworks by consolidating into a single integrated framework brings. In doing so, it also seems to be in touch with standards and best practices such as ITIL and ISO 27001. “Everything you need for corporate IT governance is here,” says ISACA. Another innovation introduced by COBIT 5 is that it contains more detailed and guiding information in the target/ measure and input/output concepts. Enterprise, process and Control goal in the new COBIT (or new

management and governance practice). However, inputs and outputs are defined for each management application.

 

Perhaps one of the most interesting and interesting issues of COBIT 5 was the subject of change brought to the process maturity model (PCM). The new COBIT switched to a new model based on ISO/ IEC 15504, completely abandoning the earlier CMM-based maturity model approach.

 

The CobiT framework consists of a total of 5 main principles.

Principle 1: COBIT 5 INTEGRATOR FRAMEWORK—ARCHITECTURE
Principles 2 & 3: STAKEHOLDER VALUE-DRIVEN and BUSINESS‐FOCUSSED
Principle 4: COBIT 5 ENABLERS FOR government AND MANAGEMENT
Principle 5: government-AND MANAGEMENT‐STRUCTURED
Integrative Framework (Framework Integrator)

 

It describes the creation of a structure that includes Val it, Risk it, BMIS and ITAF standards and is integrated with other IT standards (ISO, TOGAF, PMBOK and ITIL).

 

 

Stakeholder Values-Oriented (Stakeholder Value Driven)

 

The purpose of the organization's existence is to create value for stakeholders. So one of the objectives of governance is to create value. Value creation should be in the form of realizing the benefits, optimizing resources and optimizing risks.

 

Focus On Stakeholder Values:

 

Risk Optimization
Resource Optimization
Benefit Awareness


Business and Context focused)

 

Being a business oriented means focusing on corporate goals and objectives. The realization of these benefits is related to the purpose of each business for risk optimization and resource optimization. COBIT 5 covers critical business elements, i.e. processes, organizational structures, principles and policies, culture, skills and service capabilities. In addition, the new information model provides a connection between simple business information and IT function.

 

Enabler-Based (Based Enabler)

 

Organizational tools (frameworks, principles, structures, processes, and practices) used for governance are defined as governance facilitators. Governance can be applied to all organizations, and can be applied to all assets of the enterprise, tangible or intangible.

 

Governance and Management Structured)

 

CobiT 5 clearly distinguishes governance and management concepts. It is one of the first features that stands out as a novelty.

 

Governance ( Governance): the senior management team offers sponsorship to achieve corporate goals and ensures that the right decisions are made.

 

Management (Management) : it is responsible for ensuring the effective use of resources, human resources, processes and practices in accordance with the working strategy determined by governance.

 

Let's examine the 5 principles that make up the CobiT framework in a nutshell:

 

Integrative Framework (Framework Integrator)

 

It describes the creation of a structure that includes Val it, Risk it, BMIS and ITAF standards and is integrated with other IT standards (ISO, TOGAF, PMBOK and ITIL).

 

 

 

Stakeholder Values-Oriented (Stakeholder Value Driven)

 

The purpose of the organization's existence is to create value for stakeholders. So one of the objectives of governance is to create value. Value creation should be in the form of realizing the benefits, optimizing resources and optimizing risks.

 

Focus On Stakeholder Values:

 

Risk Optimization
Resource Optimization
Benefit Awareness


Business and Context focused)

 

Being a business oriented means focusing on corporate goals and objectives. The realization of these benefits is related to the purpose of each business for risk optimization and resource optimization. COBIT 5 covers critical business elements, i.e. processes, organizational structures, principles and policies, culture, skills and service capabilities. In addition, the new information model provides a connection between simple business information and IT function.

 

Enabler-Based (Based Enabler)

 

Organizational tools (frameworks, principles, structures, processes, and practices) used for governance are defined as governance facilitators. Governance can be applied to all organizations and applied to all assets of the enterprise, tangible or intangible.

 

Governance and Management Structured)

 

CobiT 5 clearly distinguishes governance and management concepts. It is one of the first features that stands out as a novelty.

 

Governance ( Governance): the senior management team offers sponsorship to achieve corporate goals and ensures that the right decisions are made.

 

Management (Management) : it is responsible for ensuring the effective use of resources, human resources, processes and practices in accordance with the working strategy determined by governance.

  

Changes have been made to the names/scopes of existing processes, and a new corporate governance process has been created over these four processes.

 

Subject

Your phone number

Your message

Subject

Your phone number

Your message