I am impressed with Cobit 5. The leap from 4.1 to 5 is significant and useful. Points to note:
– the level of detail has been REDUCED!
– Cobit has discovered POLICIES! The framework is no longer a purely process perspective, but recognizes a defined set of enablers including people, principles, policies etc.
– the structure is deliberately constrained to framework level. There is no attempt to define policies, just the processes and objectives.
– alignment with TOGAF and ITIL has brought Cobit some way into the real world
The framework therefore encourages users to develop the enablers. I started by re-examining Principles. Interestingly there is (to my mind) no single good source of Principles. I have therefore attempted a set, below. My next task is to review the SAE Policy hierarchy and to develop the hierarchy and our existing set of CBDI-SAE policy instances within the Cobit framework. We already have a good set of instances and this will be an interesting exercise. I anticipate evolving the Principles – inevitable when you do mapping I guess . . .
| Primary Principles | Supporting Principles |
|---|---|
| Maximizes Business Value | Affordable, Sustainable |
| Enables Agile Business | Responsive, Just in Time Solutions, Incremental Delivery, Continuous Release |
| Secure | Business Continuity, Risk, Reliability, IP protected |
| Compliant | Compliance with Law and regulatory requirements |
| Ensures High Quality Information | Data is an Asset, Shared, Accessible, with defined accountability for quality |
| Ease of Use | Transparent technology, minimum training requirement |
| Business Driven | Requirements based Change, Pull/Demand System, Business is fully Accountable |
| Service Oriented Architecture | Interoperable, Componentized, IT Services directly support Business Services |
| Innovating | Accommodate Diversity |
| Managed standardization | Technology independence, Shared services and components |
Feedback welcome. I shall continue very shortly.
See also: Using Cobit 5 – Part 2: Policy Nomenclature
Using Cobit 5 – Part 3 – The Policy Hierarchy
