Part 1 of the whole presentation on Business IT Management. This slide touches on the CobiT Framework. This framework is mainly used as a framework for IT Governance and as a Control Methodology on an organization's IT. But, for those who have never heard of CobiT, it can be a great reference material for understanding what aspects of IT should we know about when it comes to managing IT. CobiT is a public and highly customizable framework. Business owners do not need to follow everything that has been spelled out in the framework. They can pick and choose the processes that are relevant to them and even customize the bits and parts to suit their needs.

1. IT Management
Intro to CobiT & ITIL

2. Self Introduction
 Partner Owner of Mirae Kaze Consulting
 Specializes in Business IT Management, Open
Source Solutions & Systems Development
 Based in Tanjung Aru Plaza, Kota Kinabalu

3. Short Background
 Microsoft .Net Developer for Tricubes Suria Sdn
Bhd since 2005
 IT Internal Auditor for Suria Capital Holdings Bhd in
2009
 Attained Graduate Diploma in Business Information
Systems from Auckland University of Technology in
2010

4. How do we value technology?

5. Geek's Point of View

6. Laupan's Point of View

7. Business' Priorities
 Getting from Point A to Point B
 Most economical
 Storage Space for carrying Goods
 Passenger Space for carrying Staff

8. Mathematical Formula for
Perceived Value of Technology
 Formula used by Business
 B=(T-30D, Q@80% & $-50%)
 Formula used by IT
 IT=(T+30D, Q@120% & $=120%)
 By Dean Compton, ANZ Bank, New Zealand – IT Department

9. “Virtually everything in business today is an
undifferentiated commodity, except how a
company manages its information. How you
manage your information determines whether
you win or lose. How you use information may
be the one factor that determines its failure or
success – or runaway success”
Bill Gates (2000)

10. Business' Long Term Goals
 Increasing the value of shareholder's investment
 Increase Profit
 Growing the Business
 Increase Revenue Streams (Penetrating into New
Markets)
 Survival

11. Business' Problems in Managing
IT
 What is IT?
 Which IT should I use?
 What value will I gain from my IT?
 What parts of IT should I manage?
 How do I manage my IT?
 How do I ensure that IT delivers the value it promised?

12. IT Management Frameworks –
CobiT & ITIL
 Public Management Framework
 Guidelines that explains the “What” and the “How” in
managing IT
 Collection of Good Practices
 Derived from Industry Standards
 Adopted World Wide

13. Higher Management
What to manage?

14. Middle & Lower
Management
How to manage?

15. CobiT & IT Governance

16. What is Control?
 CobiT defines Control as;
“The policies, procedures, practices and
organizational structures, designed to provide
reasonable assurance that business objectives
will be achieved and that undesired events will
be prevented or detected and corrected.”

17. IT Governance
 Provide the information that the Enterprise needs
to meet its objectives, IT resources need to be
managed by a set of naturally grouped processes
 Integrates and institutionalizes good practices to
ensure that the enterprise's IT supports the
business objectives

18. IT Governance
 IT Governance is the responsibility of executives
and the board of directors and consists of the
leadership, organizational structures and
processes that ensure that the enterprise's IT
sustains and extends the organization's
strategies and objectives.

19. CobiT
 Control Objectives for Information & Related
Technologies
 Created by ISACA as a framework for IT
Management and IT Governance
 First released in 1996
 Complies with Sarbanes-Oxly Act (SOX) 2002

20. CobiT
 Bridge gaps between business risk, control
needs and technical issues
 Starts from business requirements
 Is process-oriented, organising IT activities into
a generally accepted process model.
 Identifies the major IT resources to be leveraged

21. CobiT
 Defines the management control objectives to
be considered
 Incorporates major international standards
 Became the de facto standard for overall control
of IT

22. CobiT as a framework
 As an IT framework for control & governance,
CobiT focuses on 2 key areas;
◦ Providing the information required to support
business objectives and requirements
◦ Treating information as the result of the
combined application of IT-related resources
that need to be managed by IT processes

23. CobiT as a framework
 Focused on 4 main characteristics
◦ Business - Focused
◦ Process - Oriented
◦ Controls - Based
◦ Measurement – Driven

24. IT Processes
Ef
fe
ct
Activities
iv e
ne
Domains (4)
Ef ss
fic
Processes (34)
ie
Co nc
nf y
id
en
tia
In lit y
te
The CobiT Cube
gr
ity
Av
ai
la
bi
li t y
Re
lia
bi
lit y
Co
m
Business Requirements
Applications pl
ia
IT Information nc
Re e
so Infrastructure
ur
ce People
s

25. CobiT Cube – IT Processes
 Describes the IT life cycle with the help of 4 domains
◦ Plan and Organize
◦ Acquire and Implement
◦ Deliver and Support
◦ Monitor and Evaluate
 There are 34 processes across the 4 domain. The processes
specify what the business needs to achieve its objectives.

26. IT Domain – Plan & Organize
(PO)
 Objectives
◦ Formulating Strategy & Tactics
◦ Identifying how IT can best contribute to
achieving business objectives
◦ Planning, Communication and managing the
realization of the strategic vision.

27. IT Domain – Plan & Organize
(PO)
 The IT Processes
◦ PO1 Define a strategic IT plan
◦ PO2 Define the information architecture
◦ PO3 Determine technological direction
◦ PO4 Define the IT processes, organizations and relationships
◦ PO5 Manage the IT investment
◦ PO6 Communicate management aims and directions
◦ PO7 Manage IT human resources
◦ PO8 Manage Quality
◦ PO9 Assess and manage IT risks
◦ PO10 Manage Projects

28. IT Domain – Acquire &
Implement (AI)
 Objectives
◦ Identifying, developing or acquiring,
implementing and integrating IT solutions
◦ Changes in and maintenance of existing
systems

29. IT Domain – Acquire &
Implement (AI)
 The IT Processes
◦ AI1 Identify automated solutions
◦ AI2 Acquire and maintain application software
◦ AI3 Acquire and maintain technology
infrastructure
◦ AI4 Enable operation and use
◦ AI5 Procure IT resources
◦ AI6 Manage Changes
◦ AI7 Install and accredit solutions and
changes

30. IT Domain – Delivery & Support
(DS)
 Objectives
◦ The actual delivery of required services,
including service delivery.
◦ The management of security, continuity, data
and operational facilities.
◦ Service support for users

31. IT Domain – Delivery & Support
(DS)
 The IT Processes
◦ DS1 Define and manage service levels
◦ DS2 Manage third-party services
◦ DS3 Manage performance and capacity
◦ DS4 Ensure continuous service
◦ DS5 Ensure systems security
◦ DS6 Identify and allocate costs
◦ DS7 Educate and train users
◦ DS8 Manage service desk and incidents
◦ DS9 Manage the configuration
◦ DS10 Manage Problems
◦ DS11 Manage Data
◦ DS12 Manage the physical environment
◦ DS13 Manage Operations

32. IT Domain – Monitor & Evaluate
(ME)
 Objectives
◦ Performance management
◦ Monitoring of internal control
◦ Regulatory compliance
◦ Governance

33. IT Domain – Monitor & Evaluate
(ME)
 The IT Processes
◦ ME1 Monitor and evaluate IT performance
◦ ME2 Monitor and evaluate internal control
◦ ME3 Ensure compliance with external
requirements
◦ ME4 Provide IT governance

34. Next Presentation
ITIL Service Management