6. Comparison of IT Frameworks Source: CobiT Mapping, Overview of International IT Guidance, 2nd Edition

7. Components of IT Governance (CObIT v4.1) Source: Control Objectives for Information and related Technology (CObIT) One of the responsibilities of management is to ensure that the IT department has adequate resources to evaluate and implement new technologies as well as determining when to abandon obsolete technologies. This requires educating IT personnel and keeping their skills current to ensure they have the capabilities to do so. Resource Management To ensure that the previous four objectives can be managed, the organization must have a methodology to evaluate and track progress of the firm's IT governance. This includes the use of tools such as ROI measurement, IT performance benchmarks and balanced scorecards. Performance Measurement The IT function must effectively identify threats and vulnerabilities to the organization's IT infrastructure and then take steps to effectively mitigate the impact of those items. Risk Management IT must be able to respond to strategic objectives of adding value to the organization’s processes while at the same time maintaining fiscal responsibility and adhering to implementation time frames including measuring and achieving the expected return on the IT investment. Value Proposition Information technology must be in alignment with the evolving strategic objectives of the organization. As organizations evaluate their future strategies and new opportunities present themselves, it is critical that the IT function’s ability to address and deliver these opportunities is considered. Strategic Alignment

8. IT Supporting Strategic Objectives Source: Board Briefing on IT Governance, IT Governance Institute

9. From: Aligning COBIT®, ITIL® and ISO 17799 for Business Benefit

10. Components of ITIL Service Management (v3) Source: OGC Focuses on the activities required to operate the services and maintain their functionality as defined in the Service Level Agreements with the customers. Key areas of this volume are Incident Management, Problem Management and Request Fulfillment. Service Operation Focuses on the ability to deliver continual improvement to the quality of the services that the IT organization delivers to the business. Key areas of this volume are Service Reporting, Service Measurement and Service Level Management. Continual Service Improvement Focuses on the implementation of the output of the service design activities and the creation of a production service or modification of an existing service. There is an area of overlap between Service Transition and Service Operation. Key areas of this volume are Change Management, Release Management, Configuration Management and Service Knowledge Management. Service Transition Focuses on the activities that take place in order to develop the strategy into a design document which addresses all aspects of the proposed service, as well as the processes intended to support it. Key areas of this volume are Availability Management, Capacity Management, Continuity Management and Security Management. Service Design Focuses on the identification of market opportunities for which services could be developed in order to meet a requirement on the part of internal or external customers. The output is a strategy for the design, implementation, maintenance and continual improvement of the service as an organizational capability and a strategic asset. Key areas of this volume are Service Portfolio Management and Financial Management. Service Strategy

12. Process Ratings on Spider Chart (example, 1 of 4)