Governance and Management
These two disciplines encompasses different types of
Activities
Requires difference Organizational Structure
Serve different purposes
So, COBIT 5 framework makes a clear distinction between them
2. Governance
and
Management
Governance and Management
These two disciplines encompasses different types of
Activities
Requires difference Organizational Structure
Serve different purposes
So, COBIT 5 framework makes a clear distinction between them
3. Governance
and
Management
COBIT 5 view on this key distinction between
Governance and Management
Governance, ensures that stakeholder needs, conditions and options
are
Evaluated to determine balanced, agreed-on enterprise objectives to be
achieved;
Setting Direction through prioritisation and decision making;
Monitoring performance and compliance against agreed-on direction and
objectives.
In most enterprises, governance is the responsibility of the board of
directors under the leadership of the chairperson.
4. Governance
and
Management
Management
Plans,
Builds,
Runs
Monitors
activities in alignment with the direction set by the governance body to achieve
the enterprise objectives.
In most enterprises, management is the responsibility of the executive
management under the leadership of the CEO.
5. Interactions
Between
Governance
and
Management
Governance and Management have different types of Activities with different
responsibilities
Given the role of governance a set of interactions is required between Governance
and Management to result in an efficient and effective governance system.
Using Enabler structure the following may be an example of that interactions.
6. Interactions
Between
Governance
and
Management
Enabler Governance-Management Interaction
Principles,
policies
and
frameworks
Principles, policies and frameworks are the vehicle by which
governance decisions are institutionalised within the enterprise,
and for that reason are an interaction between governance
decisions (direction setting) and management (execution of
decisions).
Organisational
structures
A number of organisational structures are defined in each
enterprise; structures can sit in the governance space or the
management space, depending on their composition and scope
of decisions. Because governance is about setting the direction,
interaction takes place between the decisions taken by the
governance structures—e.g., deciding about the investment
portfolio
and setting risk appetite—and the decisions and operations
implementing the former.
People, skills
and
competencies
Governance and management activities require different skill
sets, but an essential skill for both governance body members
and
management is to understand both tasks and how they are
different.
8. COBIT 5
Process
Reference
Model
An enterprise can organise its processes as it sees fit, as long as all
necessary governance and management objectives are covered.
COBIT 5 includes a process reference model, which defines and
describes in detail a number of governance and management
processes.
It represents all of the processes normally found in an enterprise
relating to IT activities
Providing a common reference model understandable to
operational IT and business managers
Each enterprise must define its own process set, taking into
account its specific situation.
9. COBIT 5 Process
Reference
Model
The COBIT 5 process reference model divides the governance and
management processes of enterprise IT into two main process
domains:
Governance—Contains five governance processes; within each
process, Evaluate, Direct and Monitor (EDM)5 practices are defined.
Management—Contains four domains, in line with the responsibility
areas of Plan, Build, Run and Monitor (PBRM), and provides end-to-
end coverage of IT.
10. COBIT 5
Process
Reference
Model
The names of the domains (Management) are chosen in line with
these main area designations:
Align, Plan and Organize (APO)
Build, Acquire and Implement (BAI)
Deliver, Service and Support (DSS)
Monitor, Evaluate and Assess (MEA)
11. COBIT 5 Process
Reference Model
Each domain contains a number of processes which require
‘planning’, ‘implementation’, ‘execution’ and ‘monitoring’
activities within the process or within the specific issue being
addressed (e.g., quality, security),
Figure 16 shows the complete set of 37 governance and
management processes within COBIT 5.
The details of all processes, according to the process model
described previously, are included in COBIT 5: Enabling Processes.