COBIT features
Business orientation |
COBIT Framework organizes IT governance objectives and good practices by IT domains and processes and link them to business requirements |
- |
Links business goals to IT goals |
- |
Uses metrics and maturity models to measure achievement |
- |
Responsibilities |
Process sub domains (IT focus) |
Process descriptions provide a reference process model and common language for everyone in an organisation |
- |
Plan and Organize (plan) |
- |
Acquire and Implement (build) |
- |
Deliver and Support (run) |
- |
Monitor and Evaluate (monitor) |
The processes map to responsibility areas of plan, build, run, and monitor |
Total 34 processes |
Control objectives |
Provides a complete set of high-level requirements to be considered by management for effective control of each IT process |
Management guidelines |
Helps assign responsibility, agree on objectives, measure performance, and illustrate interrelationship with other processes |
Maturity models |
Assesses maturity and capability per process and helps to address gaps |
What is COBIT?
Control Objectives for Information and Related Technologies |
Good practice framework |
First released in 1996 |
High level detail standard |
By the International professional association ISACA |
For IT management & IT governance |
COBIT provides |
- |
Implementable set of controls over information technology |
- |
Organizes these controls around a logical framework of IT-related processes and enablers |
- |
A set of generic processes for IT management |
- |
Recommended best practices for governance and control process |
Process definitions include |
- |
Inputs and outputs |
- |
Key activities |
- |
Objectives of the process |
- |
Performance measures |
- |
Maturity model |
COBIT is an integrator
Acts as an umbrella framework |
Aligns and harmonises other more detailed IT standards including: |
- |
COSO |
- |
ITIL |
- |
BiSL |
- |
ISO 27000 |
- |
CMMI |
- |
TOGAF |
- |
PMBOK |
- |
Val IT 2.0 (COBIT 5) |
- |
Risk IT frameworks (COBIT 5) |
- |
ISACA's IT Assurance Framework (COBIT 5) |
Links good practice models with governance and business requirements |
Integrates these different guidance materials |
Summarises key objectives of each |
Help ensure regulatory compliance |
COBIT benefits
Less wasteful information management |
Improve retention schedules |
Increase business agility |
Lower costs |
Better compliance with data retention and management regulations |
The consequences of not using COBIT are the opposite of these
Information and technology (IT) governance
IT governance is the responsibility of the board of directors and executive management. It is an integral part of enterprise governance and consists of the leadership and organisational structures and processes that ensure that the organisation’s IT sustains and extends the organization’s strategies and objectives |
AS8015-2005 Australian Standard for Corporate Governance of Information and Communication Technology. AS8015 was adopted as ISO/IEC 38500 in May 2008
Roles of a CIO
Business leader. CIO must make executive decisions regarding |
- |
Purchase of IT equipment from suppliers |
- |
Creation of new systems |
- |
Workforce requirements |
Gain a competitive advantage |
Balance interests of employees |
Map out the ICT strategy, covering: |
- |
Future proofing |
- |
Procurement |
- |
External standards |
- |
Internal standards |
Map out the ICT policy, covering: |
- |
How ICT is utilized |
- |
How ICT is applied |
IT governance |
Clarifying accountability |
Clarifying the role of commitees |
Manage systems and functions |
Places great emphasis on internal customers |
Focuses on technology applications in the business and how this can be managed |
How does an ERP support agility?
Integrated business processes are faster and more efficent |
One central database with no duplication of data reduces workload and potential for data errors |
One single ‘view of the truth’ means faster more accurate decision making |
Easy-to-use, powerful reporting across the whole suite (and therefore the whole organization) |
All applications have same look-and-feel across the whole system, making training and using the ERP very straightforward. |
Facilitates the flow of information between all business functions |
Links to outside stakeholders (supplier and customer systems) |
Key objective = bring together business functions to make operations run more efficiently |
Deliver real-time business intelligence |
Encourage business process improvements |
Leverage mobile technology |
Offer end-to-end automation |
Utilise cloud architecture and modular design |
Example: Business intelligence - previously senior leaders would have to wait days–sometimes weeks for analysts to process and present data. Common for these reports to have errors caused by manual data
extraction and manipulation. Within ERP fast and relevant data can be extracted from ERP database, and then manipulated as desired. everything is in the one place. Extraction and analyses functions are offered in a user-friendly way.
|
|
Knowledge management strategies
Codification |
- |
Actively managing knowledge |
- |
Collecting and storing codified knowledge in electronic databases to make it accessible |
- |
Might be tacit or explicit knowledge |
- |
Also involves retrieving knowledge they need that other individuals have provided |
Personalization |
- |
Encourages individuals to share their knowledge directly |
- |
Making knowledge requests of experts associated with a particular subject on an ad hoc basis |
- |
Expert individuals provide insights to requestor |
Instruments |
- |
Intentional knowledge sharing |
- |
Stprytelling |
- |
Cross-project learning |
- |
After action reviews |
- |
Knowledge mapping (a map of knowledge repositories within a company accessible by all) |
- |
Communities of practice |
- |
Expert directories (to enable knowledge seeker to reach to the experts) |
- |
Expert Systems (knowledge seeker responds to one or more specific questions to reach knowledge in a repository) |
- |
Best practice transfer |
- |
Knowledge fairs |
- |
Competence management (systematic evaluation and planning of competences of individual organisation members) |
- |
Proximity & architecture (the physical situation of employees can be either conducive or obstructive to knowledge sharing) |
- |
Master-apprentice relationship |
- |
Collaborative software technologies (wikis, shared bookmarking, blogs, social software, etc.) |
- |
Knowledge repositories |
- |
Measuring and reporting intellectual capital |
Competative advantages |
- |
Making available increased knowledge content in the development and provision of products and services |
- |
Achieving shorter new product development cycles |
- |
Facilitating and managing innovation and organisational learning |
- |
Leveraging the expertise of people across the organisation |
- |
Increasing network connectivity between internal and external individuals |
- |
Managing business environments and allowing employees to obtain relevant insights and ideas appropriate to their work |
- |
Solving intractable or wicked problems |
- |
Managing intellectual capital and intellectual assets in the workforce (such as the expertise and know-how possessed by key individuals or stored in repositories) |
Knowledge management technologies
Groupware |
facilitate collaboration and sharing of organizational information |
Workflow tools |
Representation of processes associated with the creation, use, and maintenance of organizational knowledge |
Content/Document Management |
Automate the process of creating web content and/or documents |
Enterprise Portals |
Web sites that aggregate information |
eLearning |
create customized training and education software |
Scheduling and planning |
Automate schedule creation and maintenance |
Telepresence |
Virtual "face-to-face" meetings without assembling at one locatio |
Profession vs professional
Profession |
Disciplined group of individuals who adhere to ethical standards |
Members possess special knowledge and skills |
Utelise a recognised body of learning derived from research, education and training at a high level |
Applies this knowledge and exercise these skills in the interest of others |
Is recognised by the public as the above |
Professional |
A member of a profession |
Governed by codes of ethics |
Profess commitment to competence, integrity and morality, altruism, and the promotion of the public good within their expert domain |
Are accountable to those served and to society |
Professionalism |
Personally held beliefs about one’s own conduct as a professional |
Often linked to the upholding of the principles, laws, ethics and conventions of a profession as a way of practice |
Management
Classical approach |
based on the belief that employees have only economical and physical needs and that the social needs & need for job satisfaction either does not exist or are unimportant |
Three categories |
Scientific |
“one best way” to do a job |
Administrative |
focuses on the manager & basic managerial functions |
Bureaucratic |
Guidelines for structuring with formalisation of rules, procedures and a clear division of labour |
Government information
Within liberal democracies there is the expectation that public information should be publicly available |
Challenges |
- |
Definition of public sector information |
- |
Who owns public information |
- |
May impact economic and social value |
- |
Technology is shifting |
- |
Depends on citizens attitudes, attitudes change |
- |
Uses |
- |
Decision-making |
- |
Informing the public of decisions |
- |
Analysis of policy decisions |
- |
Assessment of governments, governance |
- |
Social and economic reuse |
There is a notion that all government information belongs to its citizens because it is derived through governmental processes and therefore should be freely accessible and re-useable by them/ |
Access to public information is considered of fundamental importance for the effective functioning of democratic systems, as it enhances governments' and public officials' accountability |
Benefits of access |
accountability, participation and efficiency |
|
|
Aligning IT and Business
Refers to using information technology (IT) effectively to achieve business objectives - typically improved financial performance or marketplace competitiveness |
Goal is to improve the business value of IT investments |
Integrates the information technology to the strategy, mission, and goals of the organization |
Common business problems |
IT and business professionals gaps in: |
- |
Objectives |
- |
Culture |
- |
Incentives |
- |
Understanding of the other group's body of knowledge |
Gaps often result in expensive IT systems that do not provide adequate ROI |
Six requirements to achieve IT/Business alignment |
1 |
View information technology as an instrument to transform the business. |
2 |
Hold customer service, both externally and internally, as priority. Communication is key. |
3 |
Rotate IT and business professionals across different departments and job functions. Knowledge, experience, understanding and communication between functions must be achieved. |
4 |
Provide clear and specific goals to both the IT and business employees. This will create an integration of both entities to achieve a common goal. |
5 |
Ensure that IT and business employees understand how the company makes or loses money. So that money is not carelessly poured into the IT department with no return on that investment |
6 |
Create a vibrant and inclusive company culture. There must not only be informational unity, but a company as whole. |
Be careful |
Business and IT professionals often experience conflict and in-fighting as lack of mutual understanding, failure to produce desired results leads to blaming and mistrust |
Establish trust between these two groups and a mechanism for consensus decision-making |
How to support evolving business needs
Ability to scale |
- |
To meet growing customer demand |
- |
Globally in compliance across subsidiaries without scaling headcount |
- |
Easily manage a distributed workforce |
- |
Automate wherever possible to replace manual processes |
- |
Infrastructure that can flex with growth without complex integrations bogging it down |
Responsive to |
- |
Market dynamics |
- |
Customers |
- |
Ability to execute - outrun competitors |
Is data driven |
- |
Real-time visibility anytime, anywhere, across geographies and subsidiaries |
- |
Maintains one version of 'the truth' or 'the facts' about customers, financials and compliance |
- |
Growth as a science |
- |
Culture of rapid testing to determine what works |
- |
Intentionally generates data |
Is Innovative |
- |
Understands customer needs |
- |
Understands customer pain points |
- |
Is able to generate customer insights based on customer understanding |
- |
Able to bring multiple disciplines together to design a unique solution and to differentiate itself from competitors |
Leadership
A set of skills and attitudes for: |
Influencing |
Motivating |
Persuading |
Strategic leadership |
Ability to anticipate, envision, maintain flexibility and empower others to create strategic change as nessessary |
Manage business on behalf of stakeholders |
Provide direction |
Formulate and implement change to corporate strategy |
Monitor and control operations especially |
- |
Financial results |
- |
Productivity |
- |
Quality |
- |
Customer service |
- |
Innovation |
- |
Technology |
- |
New products and services |
- |
Staff development |
Leadership styles: |
- |
Autocratic: punish and control |
- |
Bureaucratic: rules are enforced without challenge or questions |
- |
Charismatic: make people want to follow and believe |
- |
Participative: Everyone gets a say, leader gets final say |
- |
Peoplecentric: Based on thoughts and actions, serve the people they serve |
- |
Task/Function/Process: Do it exactly like this and it will work |
What is an ERP?
Enterprise resource planning (ERP) is business process management software that allows an organization to use a system of integrated applications to manage the business and automate many back office functions related to technology, services and human resources |
Suite of integrated applications |
Use to collect, store, manage and interpret data from many business activities |
Activities: |
- |
product planning, purchase |
- |
manufacturing or service delivery |
- |
marketing and sales |
- |
inventory management |
- |
shipping and payment |
- |
finance |
An ERP software package generally includes: |
Core functions |
- |
Financial accounting |
- |
Distribution |
- |
Human Resources |
- |
Product lifecycle management |
- |
Advanced applications |
- |
Customer Relationship Management (CRM) |
- |
Mobile application for account and sales management |
- |
Warehouse Management System |
- |
Supply chain management software |
| |
* |
Purchasing |
| |
* |
Manufacturing |
| |
* |
Distribution |
|
Created By
https://www.jchmedia.com
Metadata
Favourited By
Comments
No comments yet. Add yours below!
Add a Comment
Related Cheat Sheets
More Cheat Sheets by NatalieMoore