COBIT 5 Framework Relationship of Components and Content (cont.)
Relating the COSO Internal Control—Integrated Framework and COBIT11Reservation of Rights©2014 ISACA. All rights reserved.COSO FRAMEWORK OBJECTIVES“The Framework provides for three categories of objectives, which allow organizations to focus on differing aspects of internal control:• Operations Objectives—These pertain to effectiveness and efficiency of the entity’s operations, including operational and financial performance goals, and safeguarding assets against loss.• Reporting Objectives—These pertain to internal and external financial and non-financial reporting and may encompass reliability, timeliness, transparency, or other terms as set forth by regulators, recognized standard setters, or the entity’s policies.• Compliance Objectives—These pertain to adherence to laws and regulations to which the entity is subject.”77 Op citCOSO, May 2013
Relating the COSO Internal Control—Integrated Framework and COBIT12Reservation of Rights©2014 ISACA. All rights reserved.The 17 generic enterprise goals that are defined in COBIT 5 (figure 7) cover all aspects of operations goals across the four BSC dimensions. Enterprise reporting goals include financial transparency and information-based strategic decision making. Enterprise compliance goals include compliance with external laws and regulations and with internal policies.Figure 7—COBIT 5 Enterprise GoalsBSC DimensionEnterprise GoalRelation to Governance ObjectivesBenefits RealisationRisk OptimisationResourceOptimisationFinancial1. Stakeholder values of business investmentPS2. Portfolio of competitive products and servicesPPS3. Managed business risk (safeguarding of assets)PS4. Compliance with external laws and regulations P5. Financial transparencyPSSCustomer6. Customer-oriented service culturePS7. Business service continuityP8. Agile responses to a changing business environment PS9. Information-based strategic decision makingPPP10. Optimisation of service delivery costs PPInternal11. Optimisation of business process functionalityPP12. Optimisation of business process costsPP13. Managed bueinss chage programmes PPS14. Operational and staff productivity PP15. Compliance with internal policiesPLearning and Growth 16. Skilled and motivated peopleSPP17. Product and business innovation culturePThe COBIT 5 framework relates to the COSO framework categories of objectives, as follows:• Operations—COBIT is widely accepted as a best practice for governance and management of IT-related processes.• Reporting—The COBIT 5 goals cascade and MEA domain processes support the COSO framework Reporting objective category.• Compliance—The COBIT 5 process MEA03 external compliance-focused process and the COBIT 5 alignment with several relevant standards and frameworks9support the COSO framework Compliance objective category.
- Spring '14