Académique Documents
Professionnel Documents
Culture Documents
Process Attributes
Level 1 to 5
EDM05 Ensure
Stakeholder
Transparency
Monitor,
Evaluate
and Assess
APO13 Manage
Security
BAI08 Manage
Knowledge
BAI09 Manage
Assets
BAI010 Manage
Configuration
BAI04 Manage
Availability
and Capacity
BAI05 Manage
Organizational
Change
Enablement
BAI06 Manage
Changes
MEA02 Monitor,
Evaluate and Assess
the System of Internal
Control
DSS03 Manage
Problems
DSS04 Manage
Continuity
DSS05 Manage
Security
Services
MEA03 Monitor,
Evaluate and Assess
Compliance With
External Requirements
DSS06 Manage
Business
Process Controls
Cascade to
5. Seperating
Governance
from
Management
Key Areas
Management Feedback
Monitor
4. Enabling a
Holistic
Approach
5. Information
Build
(BAI)
Run
(DSS)
7. People,
Skills and
Competencies
Existing ISACA
Guidance
(COBIT,Val IT,
Risk IT, BMIS...)
Stakeholders
Goals
Life Cycle
Good Practices
Internal
Stakeholders
External
Stakeholders
Intrinsic Quality
Contextual Quality
(Relevance,
Effectiveness)
Accessibility and
Security
Plan
Design
Build/Acquire/
Create/Implement
Use/Operate
Evaluate/Monitor
Update/Dispose
Practices
Work Products
(Inputs/Outputs)
Principles
and Policies
Culture,
Ethics,
Behaviour
Organizational
Structures
Information
Delegate
Owners and
Stakeholders
Set Direction
Governing
Body
Accountable
Management
Monitor
Instruct and
Align
Report
Are Stakeholders
Needs Addressed?
Are Enabler
Goals Achieved?
tain
COBIT 5
te
era e
Op d us
an
COBIT 5:
Enabling Information
Other Enabler
Guides
COBIT 5 Implementation
COBIT 5
for Information
Security
COBIT 5
for Assurance
COBIT 5
for Risk
pro
Implementation
Life Cycle
gram
me
Esta
blis
to c h desir
e
han
ge
Reco
r
gn
nito
need ise
Mo nd
to
a
luate act
eva
Identify role
players
Management plans, builds, runs and monitors activities in alignment with the direction set
by the governance body to achieve the enterprise objectives
iate
Sus
Product Family
Governance ensures that stakeholder needs, conditions and options are evaluated to
determine balanced, agreed-on enterprise objectives to be achieved; setting direction
through prioritization and decision making; monitoring performance, compliance and
progress against agreed direction and objectives.
Init
iew s
Rev enes
ctiv
effe
se be
nefits
Is Life Cycle
Managed?
nd
ms a
roble
ne p tunities
r
oppo
Enabler Performance
Management
Single
Integrated
Framework
Programme management
(outer ring)
Change enablement
(middle ring)
Continual improvement life cycle
(inner ring)
Other Professional
Guides
Plan programme
Knowledge
Create
Operations
and
Execution
Content Filter
for Knowledge Base
pla
Value
Relevancy
Completeness
Appropriateness
Conciseness
Consistency
Understandability
Ease of Manipulation
Skills and
Competencies
te
Information
Processes
Service
Capabilities
u
ec
Ex
Transform
Information
Cycle
Contextual Goals
IT Processes
Data
COBIT 5
Enablers
Enablers provide
structure to the
COBIT 5
knowledge base
Defi
Drive
Governance
Scope
Form tation
men
imple team
Business Process
Resource
Optimization
Other
Standards
and
Frameworks
New ISACA
Guidance
Materials
Assess
t
curren
state
Risk
Optimization
Enablers: Generic
COBIT 5
3. Applying a
Single
Integrated
Framework
Governance
Enablers
Resources
Benefits
Realization
Monitor
(MEA)
4. Culture, Ethics
and Behaviour
6. Services,
Infrastructure
and Applications
Plan
(APO)
Enabler Dimension
3. Organizational
Structures
2. Processes
COBIT 5
Principles
Reali
Enablers
Enabler Goals
Evaluate
Management
Organizational structures
are the key decision-making
entities in an enterprise.
2. Covering the
Enterprise
End-to-end
Governance
IT-related Goals
Direct
A process describes an
organized set of practices and
activities to achieve certain
objectives and produce a set of
outputs in support of achieving
overall IT-related goals.
Cascade to
1. Meeting
Stakeholder
Needs
COBIT 5 Processes
Business Needs
COBIT 5
Principles
BAI07 Manage
Change
Acceptance and
Transitioning
Resource
Optimisation
ap
BAI03 Manage
Solutions
Identification
and Build
Risk
Optimisation
Enterprise Goals
BAI02 Manage
Requirements
Definition
Risk
Optimisation
Process Dimension
BAI01 Manage
Programmes and
Projects
Resource
Optimisation
Cascade to
DSS01 Manage
Operations
Benefits
Realisation
dm
APO12 Manage
Risk
MEA01 Monitor,
Evaluate and Assess
Performance and
Conformance
Level 0
Benefits
Realisation
ro
a
APO11 Manage
Quality
APO07 Manage
Human Resources
Stakeholder Needs
ne
APO10 Manage
Suppliers
APO06 Manage
Budget and Costs
Level 1
Influence
De
fi
APO09 Manage
Service
Agreements
APO05 Manage
Portfolio
Level 2
m
ou mun
tco ica
me te
APO08 Manage
Relationships
APO04 Manage
Innovation
Level 3
Stakeholder Drivers
(Environment, Technology Evolution, ...)
De
tar fine
sta get
te
APO02 Manage
Strategy
APO03 Manage
Enterprise
Architecture
Level 4
Stakeholder
Needs
COBIT 5 PCAIs
GP : Generic Practice (Levels 2 to 5 only)
GR : Generic Resource (Not defined)
GWP : Generic Work Product (Levels 2 to 5 only)
Co
APO01 Manage
the IT Management
Framework
Level 5
Oper
ate
and
mea
sure
EDM04 Ensure
Resource
Optimization
EDM03 Ensure
Risk Optimization
Goals
Cascade
Embed
appro new
aches
EDM02 Ensure
Benefits Delivery
Capability Dimension
EDM01 Ensure
Governance
Framework Setting
and Maintenance
Value Creation
Drive
5
IT n
B io
O it
C Ed
Financial
Internal
Customer
Financial
IT-related Goal
Customer
01
02
03
Commitment of executive
management for making IT-related
decisions
04
05
06
07
08
09
IT agility
10
11
Optimization of IT assets,
resources and capabilities
12
13
14
15
16
17
S
S
S
S
P
S
S
S
S
S
S
P
P
P
S
P
Learning
and
Growth
Internal
S
S
P
P
P
S
S
S
P
P
P
P
Manage Continuity
DSS04
DSS05
DSS06
MEA01
MEA02
MEA03
S
P
S
S
Mange Problems
Manage Operations
DSS01
DSS03
Manage Configuration
BAI10
S
S
Manage Assets
BAI09
DSS02
Manage Knowledge
BAI08
P
S
BAI07
Manage Changes
Manage Security
APO13
BAI06
Manage Risk
APO12
Manage Quality
APO11
S
S
Monitor,
Evaluate and
Assess
BAI05
Manage Suppliers
APO10
BAI04
Manage Relationships
APO08
S
P
BAI03
APO06
17
Manage Portfolio
16
APO05
15
Manage Innovation
14
APO04
13
12
APO03
11
Manage Strategy
10
APO02
APO01
EDM05
EDM04
Financial transparency
EDM03
Process Goals
Secondary
Relationship
Cascade to
EDM02
IT-related Goals
Primary
Relationship
Cascade to
EDM01
Enterprise Goals
Learning and
Growth
COBIT 5 Processes
Enterprise Goal
S
S