1. 3. Governance and Management Objectives
1.1. Consists of Process and Componenets
1.1.1. 40 Processes and 7 Components
1.2. Always relate to 1 process and a series of related components
1.3. Goverenance Objj relates to a Gov process. Mgmt Obj relates to a Mgmt process
1.3.1. Read through the GMOs for each Gov and Mgmt objectives from the guide - specifically pay attention to the focus areas of each
1.4. Gov Objectives - 5 : EDM - Evaluate, Direct, Monitor
1.5. Management Objectives - 35
1.5.1. APO (14 process) - Align, Plan and Organize
1.5.2. BAI (11) - Build, Acquire, Implement
1.5.3. DSS (6) - Deliver, Service and Support
1.5.4. MEA (4) - Monitor, Evaluate, Assess
1.6. Components
1.6.1. They satisfy governance, management objectives enterprises need to build systems
1.6.2. Components Interact with each other
1.6.3. 7 Components in all
1.6.3.1. PPOCISP (Poor Paul Ott Came In Second Place)
1.6.3.1.1. Process,
1.6.3.1.2. Procedures and Policies
1.6.3.1.3. Organization
1.6.3.1.4. Culture and Ethics
1.6.3.1.5. Information
1.6.3.1.6. Services, Infra and application
1.6.3.1.7. People
1.6.3.2. Components are factors that individually and collectively contribute to the good operations of the enterprises' Gov System over I&T
2. 4. Design Factors
2.1. 11 Design factors in all
2.2. Enterprise Strategy
2.2.1. They are further classified in to 4 balance score card dimensions
2.2.1.1. Financial, Customer, Internal, Growth
2.3. Enterprise Goals
2.3.1. 13 EGs - Read through them from the manual
2.4. A couple of questions around the balance socre card will be asked
2.5. Risk Profile
2.5.1. Talks about the current risk profile of the enterprise - there are 19 different risk areas
2.6. I&T Related Issues
2.6.1. Talks about the possibility of any risk area that has turned in to an issue - 20 different issue profiles
2.7. Threat landscape
2.7.1. Normal, High
2.8. Compliance Requirements
2.8.1. high, Normal, Low - Talks about external compliance requirements that the enterprise has to adhere to
2.9. Role of IT
2.9.1. One question will be asked on this
2.9.2. Support - IT not critical for biz continuity
2.9.3. Factory - Immediate impact on biz cont when IT fails
2.9.4. Turnaround - IT seen as a driver for innovation but no impact on RUN
2.9.5. Strategic - Important for both Innovation and RUn
2.10. Sourcing model for IT
2.10.1. Outsourcing, Cloud, Insourced, Hybrid
2.11. IT Implementation methods
2.11.1. Agile, DevOps, Traditional, Hybrid
2.12. Technology adoption strategy
2.12.1. First Mover, Follwer, Slow adopter
2.13. Enterprise Size
2.13.1. Large, Small, Medium
3. 5. Goals Cascade
3.1. Is used to align Stakeholder Needs to Enterprise Goals to Alignment Goals to GMOs
3.2. Alignment Goals - Read about them from the manual
4. 6. Performance Management
4.1. Cobit has its own performance management system (Cobit Per Mgmet) based on CMMI5
4.2. Each GMO and Component has a capability score
4.2.1. score are from 0 -5
4.2.1.1. 0 - lack of basic capability
4.2.1.2. 1 - Process more or less achieves results but through incomplete applicaiton of process
4.2.1.3. Should align to major relevant standards
4.2.1.4. 2 - Process achieves but through basic set of activities
4.2.1.5. 3 - Process achieves results through well defined set of activities
4.2.1.6. 4 - Process achieves results and they are measurable
4.2.1.7. 5 - COntinuous Improvements are driven through measurements and learnings
4.3. Each focus area (collection of GMOs / Components ) have a maturity score
4.3.1. The maturity score is same as the capability score if all the GMOs and components of the focus area have the same capability score
4.3.1.1. Maturity scores are same as capabilty socres
4.4. Measuring Subjective components
4.4.1. Some components such as Information, People, Culture cannot be measured objectively - they are measured subjectively. COBIT provides guidance on how they can be measured
5. 7 - Designing a tailored governance system
5.1. 3 factors impact design
5.1.1. Management Obj and priority
5.1.2. Specific focus areas
5.1.3. Component variations
5.2. Follows a 4 step process
5.2.1. 1. Understand enterprise context and strategy
5.2.2. 2. Determine initial scope of the governance system
5.2.3. 3. Refine the scope of the governance system
5.2.4. 4. Conclude the Gov System design
6. 9. Business Case for Implementation
6.1. Business cases have the following sections
6.1.1. Executive Summary
6.1.2. Background
6.1.3. Business Challenges
6.1.4. Gap Analysis and Goal
6.1.5. Alternatives considered
6.1.6. Proposed SOlution
7. 7. How to keep the momentum gooing
8. 1. Introduction
8.1. EGIT - Enterprise Governance for I&T
8.1.1. Outcomes of adoption of EGIT
8.1.1.1. Benefits Realization
8.1.1.2. Risk Optimization
8.1.1.3. Resource Optimization
8.1.2. Distinction between Governance & Mgmt
8.1.2.1. Gov
8.1.2.1.1. Stakeholder needs, conditions and options are evaluated to determine balanced, agreed on Enterprise objectives
8.1.2.1.2. Sets direction, prioritization and decision making
8.1.2.1.3. Monitors performance and compliance against agreed objectives
8.1.2.2. Mgmt
8.1.2.2.1. Plan, buiild, run, monitor activities in alignment with the direction set by governance body to achieve enterprise objectives
9. 2. COBIT Principles
9.1. Distinction between Governance System and Gov Framework
9.1.1. Gov System
9.1.1.1. Is the system that helps govern I&T
9.1.1.2. Value creation from the use of I&T
9.1.1.3. Components should work in a holistic way
9.1.1.4. Should be dynamic - allow for changes
9.1.1.5. Distinguish Governance and management activities
9.1.1.6. Tailored to the enterprise's needs
9.1.2. Gov Framework
9.1.2.1. Used to create a Governance system
9.1.2.2. Based on a conceptual model
9.1.2.3. Should cover the enterprise end to end
9.1.2.4. Should be open and flexible
10. 8. Implementing Governance
10.1. 1. What are the drivers
10.2. 7 Stages of implementation
10.2.1. 2. Where are we now
10.2.2. 3. Where do we want to be
10.2.3. 4. What needs to be done
10.2.4. 5. How do we get there
10.2.5. 6. Did we get there
10.3. 3 rings of the roadmap
10.3.1. Program Roadmap (outermost ring)
10.3.2. Change enablement (Middle ring)
10.3.3. COntinous improvement (inner ring)
10.3.4. The seven stages are mapped to activities under each of these 3 rings