Question

a) Explain how ONE (1) of the COBIT 5 key principles assists in delivering information technology governance in an organisation.

Answer 1

The COBIT 5 is a framework for governance and management of enterprise IT. It consists of best practices and incorporates many widely accepted concepts and theories from general management and academic IT literature. Released in 2012, COBIT 5 builds on and integrates 20 years of development in this field. Information technology has become increasingly crucial in the sustainability, growth and management of value and risk in most enterprises. As a result, IT has moved from a support role to a central position within enterprises. COBIT 5 provides a comprehensive framework that assists enterprises to achieve their goals and deliver value through effective governance and management of enterprise IT. The key principles of COBIT 5 are as follows:

1.Meeting Stakeholder Needs

2.Covering the Enterprise End-to-end

3.Applying a Single Integrated Framework

4.Enabling a Holistic Approach

5.Separating Governance From Management

Here, we shall discuss in detail about the 1st principle and how it assists in delivering information technology governance in an organisation.

Principle 1. Meeting Stakeholder Needs

Enterprises exist to create value for their stakeholders.

Principle one (meeting stakeholder needs) implies that COBIT 5 provides all the required processes and other enablers to support business value creation through the use of IT. Enterprises have many stakeholders, and ‘creating value’ means different—and sometimes conflicting—things to each of them. Governance is about negotiating and deciding amongst different stakeholders’ value interests. The governance system should consider all stakeholders when making benefit, resource and risk assessment decisions.

The COBIT 5 goals cascade translates stakeholder needs into specific, practical and customised goals within the context of the enterprise, IT-related goals and enabler goals. These relevant and tangible goals and objectives define various levels of responsibility. They also filter the knowledge base of COBIT 5, based on enterprise goals to extract relevant guidance for inclusion in specific implementation, improvement or assurance projects.

To conclude, the benefits of the COBIT 5 goals cascade are that they allow the definition of priorities for implementation, improvement and assurance of enterprise governance of IT based on (strategic) objectives of the enterprise and the related risk.