Explain COBIT5 Principles.
Answers
COBIT is created by international professional association (ISACA), which is a non-profit independent association. The COBIT (Control Objectives for Information and Related Technologies) provide a business framework for the governance and management of IT. COBIT supplies globally accepted principles, practices, and analytical tools, and a growth road map that influences proven practices. All of these are encompassed within a logical framework of IT-related processes. COBIT 5 consolidates COBIT 4.1, and following are the reasons for the transition from COBIT 4.1 to COBIT 5:
• There was a need to have an all-through scope of business/organisation that covers all the IT and business functions.
• There was a need to have a rational understanding of analysing the existing standards, methods, tools, and practices that relate and supplement each other.
• There was a need for COBIT to be rigidly assimilated with other ISACA frameworks.
• There was a need to have an improvised guidance on emerging technologies and enterprise architecture.
• There was a need for COBIT to be closely bound by the external standards and frameworks.
COBIT 5 is generic and proves to be useful for all the enterprises, whether small-scale or large-scale and whether commercial or non-profit. Wherever there is a dependency on technology for reliable information or a need to provide quality and control of information, COBIT 5 is used exclusively for all the business processes. COBIT 5 benefits organization and is majorly used by top-level executives and consultants in an enterprise covering the following areas of business:
• IT Operations
• Security and Risk Management
• Audit
• Governance
• Compliance
Following are the principles of COBIT 5:
COBIT 5 Principle 1: Meeting the Needs of the Stakeholder
COBIT 5 enables the transformation of the needs of the stakeholders into a more practical and achievable strategy. COBIT 5 strives to maintain a balance between the use of available resources and the realisation of the benefits of keeping in consideration the associated risks. This principle focuses on the governance, negotiation, and decision making about the various conflicting needs of the stakeholders. This assures that whenever the benefit, resources, and risk-assessment decisions are made for delivering the value, the needs of the stakeholders is taken into consideration. It uses a mechanism called the COBIT 5 Goals Cascade, which translates the needs of the stakeholder into more specific and manageable approach which are then mapped to specific processes and practices.
COBIT 5 Principle 2: Covering the entirety of the Project
In this approach, COBIT performs the integration of IT governance and enterprise governance and includes all the processes used to manage information and technology. Considering the latest views and developments in the governance and with the integration of IT governance into the enterprise governance, COBIT can combine both the form of governance at the same time. The overall business processes and IT services are included in the COBIT 5. The four main elements of this end-to-end approach are as
Answer: In order to achieve this balance, COBIT 5 has outlined five principles. These principles are designed to be generic and versatile, meeting the needs of any business, regardless of size or unique IT requirements.
Explanation: