IT becomes a liability instead of a strategic asset 6 COBIT 5 covers both IT

It becomes a liability instead of a strategic asset 6

This preview shows page 6 - 9 out of 12 pages.

the organizational capabilities. IT becomes a liability instead of a strategic asset.” 6 COBIT 5 covers both IT and IT-related business accountabilities and responsibilities. Specifically, charts that show who is responsible, accountable, consulted and informed (RACI) for both business and IT function roles are provided in the COBIT ® 5: Enabling Processes guide (figure 3) . RACI charts indicate that, for every COBIT 5 process, both business and IT function roles have accountabilities and responsibilities. COVERING THE ENTERPRISE END-TO-END PRINCIPLE 2
Image of page 6
APO01 RACI Chart Key Management Practice Board Chief Executive Officer Chief Financial Officer Chief Operating Officer Business Executives Business Process Owners Strategy Executive Committee Steering (Programmes/Projects) Committee Project Management Office Value Management Office Chief Risk Officer Chief Information Security Officer Architecture Board Enterprise Risk Committee Head Human Resources Compliance Audit Chief Information Officer Head Architect Head Development Head IT Operations Head IT Administration Service Manager Information Security Manager Business Continuity Manager Privacy Officer APO01.01 Define the organisational structure. C C C C I C R I I A C C C R C C C APO01.02 Establish roles and responsibilities. I C C C C C A C C C R C C C C APO01.03 Maintain the enablers of the management system. C A C R C C I C C C C C C R R APO01.04 Communicate management objectives and direction. A R R R I R I I I R R I I I I I R I I I I I I I I APO01.05 Optimise the placement of the IT function. C C C C A C C C C R C C C R C C C APO01.06 Define information (data) and system ownership. I I C A R C C C C C C C APO01.07 Manage continual improvement of processes. A R R C I C C R R R R R R R R APO01.08 Maintain compliance with policies and procedures. A R R R R C I R R R R R R R R Business roles IT Function roles 7 © 2014 ISACA. All rights reserved. COBIT ® 5 Principles: Where Did They Come From? Figure 3—COBIT 5 RACI Chart Example Source: COBIT ® 5: Enabling Processes , ISACA, USA, 2012, page 52 COVERING THE ENTERPRISE END-TO-END (CONT.) PRINCIPLE 2
Image of page 7
8 © 2014 ISACA. All rights reserved. COBIT ® 5 Principles: Where Did They Come From? 7 ISO, “ISO/IEC 38500:2008 Corporate governance of information technology,” Switzerland, 2008, 8 ISO, “ISO/IEC:27001:2013 Information technology—Security techniques—Information security management systems – Requirements,“ Switzerland, 2013, 9 ISO, “ISO/IEC 20000-1:2011 Information technology—Service management—Part 1: Service management system requirements,” Switzerland, 2011, 10 ISO, “ISO 31000:2009 Risk management – Principles and guidelines,“ Switzerland, 2009, 11 ISO, “ISO 9001:2008 Quality management systems—Requirements,” Switzerland, 2008, 12 Committee of Sponsoring Organizations of the Treadway Commission (COSO), “Internal Control—Integrated Framework (2013),” USA, 2013, 13 ITIL ® Home, “Welcome to the Official ITIL ® Website,” UK,” 14 Project Management Institute,
Image of page 8
Image of page 9

You've reached the end of your free preview.

Want to read all 12 pages?

  • Fall '16
  • Management, COBIT, ISACA, Information technology governance

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

Stuck? We have tutors online 24/7 who can help you get unstuck.
A+ icon
Ask Expert Tutors You can ask You can ask You can ask (will expire )
Answers in as fast as 15 minutes