CobiT™: Using the Framework for IT Governance

CobiT™:  Using the Framework for IT Governance

The following course CobiT™:  Using the Framework for IT Governance – looks at Governance which is a “hot-topic”. Failure to address governance needs is an unacceptable risk for both the business and a personal risk to managers with governance responsibilities.

Corporate governance is dependent on IT systems to provide the transparency required for compliance monitoring.

Many frameworks describe best practices in the management of IT. CobiTtm consolidates the world’s leading frameworks under an integrated umbrella of control objectives with maturity models, process goals and metrics.

Attendance on this course provides a complete appreciation of IT Governance issues, their integration into corporate governance and the steps to match IT Governance to existing IT controls within the organisation, identify and fill gaps.

You Will Learn To

Apply the CobiT™ Governance framework to your IT organisation or section.

Interpret CobiT™’s process model, maturity model, roles, measures and indicators.


Available in a variety of formats to suit different audiences in an enterprise rolling-out of CobiT™.

  • The four day comprehensive overview.
  • Lightening senior management Overview ½ Day
  •  Standard Full Course 4 Days

Course Benefits

Tailored and focused sessions for all the role-holders in an IT function seeking to implement the CobiT™ IT Governance Framework.

Who Should Attend

Three levels of typical attendee:

  • Executive Management with responsibilities under legislation.
  • Line management with delegated responsibility for organisational service levels.
  • Technical management with day-to-day operational responsibilities.

Enterprise IT Governance ITGI’s CobiT® Framework

  • What is Corporate Governance?, COSO Definition of Internal Control, COSO Effective Internal Controls, Governance Framework.
  • Governance Driven by Business Rests on IT, Translation of Policy to Procedure, Growth in Governance, CobiT® Context, “The Business Comes First”.
  • 5 Drivers of CobiT®’s Content, 5.1 Strategic Alignment, 5.2 Value & 5.3 Risk, 5.4 Resource Management, 5.5 Performance Management Balanced Scorecard, Development & Strategy BSC.
  • What is IT Governance (as expressed by CobiT®)?
  • The CobiT® Mission, IT Governance according to CobiT®, What is it?, A Process Area, Domains & their Focus, CobiT®’s Structure for IT Governance, Attributes of a Control Process, Inside the CobiT® Framework, CobiT®, Control Objective, Terms Explained.
  • Document Structure Part 1, High Level Control Objective, Information Criteria (Business Requirements for Information), CobiT® Controls, Data Origination/Authorisation Controls, Data Input Controls, Data Processing Controls, Data Output Controls, Boundary Controls.
  • Summary, Actions & Measures, Resources Identified in CobiT®, Resources Driven by Business Goals, Detailed Control Objectives, Part 2, Responsibilities & Data Needs, Information Needs, Responsibilities, Measuring the Processes, Goals & Metrics, Mapping from business to metric, Information needs & metrics, KPIs & KGIs.

Maturity Modelling

The Maturity Model, Maturity Model, Goal of Maturity Models, Maturity Attributes (p.22), Maturity Model, A Generic Maturity Model (p19), Control Maturity Model (p177), Maturity Questions to Ask, How well, Answering the questions.

Implementing CobiT®

Route Map According to CobiT®, Where to Start Implementation, Two Models for Assessing Control, Example Process Area from Audit Guidelines , Implementation: Board Actions.

The Domains

CobiT®’s Structure for IT Governance, CobiT® Based on Lower Level Detail, Heritage, CobiT® Source Documents, ITIL Framework Documents , ITIL Publications, Service Management, BS15000, ITIL Core Structure.

Plan and Organise

PO1 Strategic plan, PO1 Define a Strategic IT Plan, PO2 Information Architecture, PO3 Determine Technological Direction, PO4 Define the IT Processes, Organisation and Relationships, PO4 Define the IT Processes, Organisation and Relationships, PO5 Manage the IT Investment, PO5 Manage the IT Investment, PO6 Communicate Management Aims and Direction, PO7 Manage IT Human Resources, PO7 Manage IT Human Resources, PO8 Manage Quality, Key ISO 9000:2000 Sections, Quality Awards, Example Baldridge Criteria, 6s, PO9 Assess and Manage IT Risks, Risk , PO10 Manage Projects, Project Management, PMI®’s PMBOK® – Structure & Content.

Acquire And Implement

AI1 Identify Automated Solutions, AI2 Acquire and Maintain Application Software, AI3 Acquire and Maintain Technology Infrastructure, AI3 Acquire and Maintain Technology Infrastructure, AI4 Enable Operation and Use, AI5 Procure IT Resources, AI6 Manage Changes, AI6 Manage Changes, SS8 Change Management, AI7 Install and Accredit Solutions and Changes, SS9 Release Management.

Deliver And Support

DS1 Define and Manage Service Levels, SD4 Service Level Management (SLM), DS2 Manage Third-party Services, DS3 Manage Performance and Capacity, SD6 Capacity Management, DS4 Ensure Continuous Service, SD7 IT Service Continuity Management, SD8 Availability Management, DS5 Ensure Systems Security, Security Frameworks, 7799 Security, DS6 Identify and Allocate Costs, SD5 Financial Management, DS7 Educate and Train Users, DS8 Manage Service Desk and Incidents, SS4 Service Desk, SS5 Incident Management, DS9 Manage the Configuration, SS7 Configuration Management, DS10 Manage Problems, SS6 The Problem Management, DS11 Manage Data, DS12 Manage the Physical Environment, DS13 Manage Operations.

Monitor And Evaluate

ME1 Monitor and Evaluate IT Performance, ME2 Monitor and Evaluate Internal Control, ME3 Ensure Regulatory Compliance, ME4 Provide IT Governance.


The course uses a variety of exercises and workshop sessions depending on the format selected.

In general: tools and techniques are introduced and practiced via multiple exercises.
Concepts and application is clarified through application to a case-study.