Implementing better governance for information technology comprises many tasks at various levels within the organization aimed at supporting the business achieve its strategic goals. Organizing and managing the people, process and technology is crucial. In large distributed environments this can be difficult. The CobiT framework is a popular source of good practice for IT governance. It has a strong business-focus, process-orientation and measurement base.
Process models like CobiT, ITIL and ISO 27001(17799) provide structure on which to arrange the necessary IT activities and build the capability necessary to deliver the performance expected by the business. They help organize and leverage IT processes and IT resources so that IT strategic planning is translated into actions that are followed throughout the organization so that the outcomes expected are actually achieved.
Our CobiT Implementation System is designed to ensure that the execution of the IT strategy is managed at the process level throughout the organization so that IT at every level delivers against business’ expectations. Our CobiT Implementation System provides a single information portal to govern the IT processes at company, regional, divisional and subsidiary levels. It is designed to drive commonality across the organization but also caters for the flexibility needed when variation is necessary.
The CobiT Implementation Management System implements that latest release of CobiT including the generic and specific process objectives. Process owners are identified together with the roles and responsibilities needed to execute the work practices. Capability is developed in each process through ongoing review of the workflow and alignment of IT activities.
The CobiT Implementation Management System comprises three components: Planning, Execution and Assurance. The first step is to plan what needs to be done to achieve the outcome expected. Execution is planned, communicated and managed at every level in the organization through a strong focus on the outcomes expected. In the early stages, current practices might be quite different across the business units. Over time, as organizational maturity grows, business units are encouraged to use common processes to address "what" what is required resulting in greater efficiency and effectiveness across the enterprise.
The assurance component is integrated with the execution component. This ensures that assurance activities are process orientated so that risk management, value creation and compliance are specific to the processes actually implemented in the organization and the outcomes that these processes are expected to achieve.
- Selecting a framework or frameworks
- Deciding which portions of the framework are applicable and beneficial
- Aligning IT procedures to meet objectives consistent with the new framework
- Training staff and management
- Integrating your outsourced providers into your compliance framework
- Establishing metrics to measure performance
- Plan and implement IT process improvements (i.e. value add, risk and/or compliance)
- Direct the implementation of CobiT for better IT governance across all business units
- Build bottom up, incorporating existing practices, experience and culture
- Empowerment staff and build optimal capability for the organization.
- Customizable to the specific organization
- Design to maximize efficiency and minimize repetitive and time-consuming tasks