Importance Of It Governance In Aviation 10 Essay

3253 words - 14 pages

What is COBIT? - Significance and Framework
COBIT stands for Control Objectives for Information and Related Technology. It is a framework created by the ISACA (Information Systems Audit and Control Association) for IT governance and management. It was designed to be a supportive tool for managers—and allows bridging the crucial gap between technical issues, business risks, and control requirements. COBIT is a thoroughly recognized guideline that can be applied to any organization in any industry. Overall, COBIT ensures quality, control, and reliability of information systems in organization, which is also the most important aspect of every modern business.
Today, COBIT is used globally by all IT business process managers to equip them with a model to deliver value to the organization and practice better risk management practices associated with the IT processes. The COBIT control model guarantees the integrity of the information system.
Check out our video on Introduction to COBIT 5 Foundation Training.
What is The COBIT Framework?
The COBIT business orientation includes linking business goals with its IT infrastructure by providing various maturity models and metrics that measure the achievement while identifying associated business responsibilities of IT processes. The main focus of COBIT 4.1 was illustrated with a process-based model subdivided into four specific domains, including:
· Planning & Organization
· Delivering and Support
· Acquiring & Implementation
· Monitoring & Evaluating
All of this is further understood under 34 processes as per specific line of responsibilities. COBIT has a high position in business frameworks and has been recognized under various international standards including ITIL, CMMI, COSO, PRINCE2, TOGAF, PMBOK, TOGAF, and ISO 27000. COBIT basically acts as a guideline integrator—merging all solutions under one umbrella.
The latest COBIT version 5 came out in April 2012 and consolidates the principles of COBIT 4.1, Risk IT Frameworks, and Val IT 2.0. This version draws reference form IT Assurance Framework (ITAF) from ISACA and the revered BMIS (Business Model for Information Security).
The various components of COBIT include:
· Framework – IT helps organizing the objectives of IT governance and bringing in the best practices in IT processes and domains, while linking business requirements.
· Process Descriptions – It is a reference model and also acts as a common language for every individual in the organization. The process descriptions include planning, building, running, and monitoring of all IT processes.
· Control Objectives – This provides a complete list of requirements that has been considered by the management for effective IT business control.
· Maturity Models – Accesses the maturity and the capability of every process while addressing the gaps.
· Management Guidelines – Helps in better assigning responsibilities, measuring performances, agreeing on common objectives and illustrating better interrelationships with every other process.
COBIT is being used by all organizations whose primary responsibilities happen to be business processes and related technologies—all organizations and business that depend on technology for reliable and relevant information. COBIT is used by both government and private sector organizations, because it helps in increasing the sensibility of IT processes.
Why is COBIT 5.0 the Most Celebrated Version?
All previous versions of COBIT faced a variety of criticism; they were thought to facilitate limited opportunities—and sometimes even adverse results. A major IT firm found that COBIT practices can actually lead to a “Hot Potato” situation wherein all stakeholders had passed on the tasks down the line. Critics maintained that COBIT 5.0 encouraged paperwork and rote rules rather than merely promoting IT governance engagements and improving accountability. 
COBIT 5.0 addressed all the criticisms in a sustainable manner. It now encourages all organizations to govern and manage information in the most holistic and integrated manner. The guiding principles of COBIT 5.0 are:
1. Meeting the needs of stakeholders
2. Covering the whole enterprise from end to end
3. Application of a single integrated framework
4. Ensuring a holistic approach to business decision making
5. Separating the governance from the management
In several cases, COBIT 5.0 has been appreciated for its ability to reduce the risk of IT implementations. IT initiatives typically require quick, agile adaptations that simultaneously need regular buy-ins from stakeholders and other users. The COBIT 5.0 framework has been able to bring about a collaborative culture within the organization and this better met the needs, risks and benefits of all IT initiatives.
The Advantages of COBIT 5.0 Certification
A COBIT 5.0 Certification not only prepares professionals for the global challenges to the business IT process, but also delivers substantial amount of expertise information on:
1. IT management issues and how they can affect organizations
2. Principles of IT governance and enterprise IT while establishing the differences between management and governance
3. Accessing the ways in which COBIT 5.0 processes can help the establishment of the five basic principles along with other enablers
4. Discussing COBIT 5.0 with respect to its process reference model and goal cascade
Who Benefits from COBIT Course?
The professionals best suited for COBIT methodologies are those who are already in a position to understand the nuances of IT governance in business management practices. The course will be especially beneficial for:
· CIOs / IT Managers / IT Directors
· Risk Committee
· Process Owners
· Audit Committee Members
· COBIT 4.1 and earlier users
· IT Professionals in audit, risk, security, governance and assurance sectors
While the modern world is gearing towards an environment of several emerging technologies, including Consumerisation, Cloud Computing, Social Media, Big Data and Mobility, information and IT is easily the new currency. Technology ensues massive volumes of information chunks to be easily supported and managed. This raises the success rate of businesses, but at the same time raises other challenging and complex management and governance concerns for the security professionals, enterprise leaders, and governance specialists. New businesses demand that risk scenarios are better met with the power of information. COBIT 5.0 is the exact solution the modern businesses are asking for.
Conclusion
While the modern world is gearing towards an environment of several emerging technologies, including consumerization, cloud computing, social media, big data, and mobility, information and IT is easily the new currency. This raises the success rate of many organizations, but at the same time raises other challenging and complex management and governance concerns for security professionals, enterprise leaders, and governance specialists. New businesses demand that risk scenarios are better met with the power of information. COBIT 5.0 is the exact solution the modern businesses are asking for.
COBIT
COBIT is a framework for developing, implementing, monitoring and improving information technology (IT) governance and management practices.
The COBIT framework is published by the IT Governance Institute and the Information Systems Audit and Control Association (ISACA). The goal of the framework is to provide a common language for business executives to communicate with each other about goals, objectives and results. The original version, published in 1996, focused largely on auditing. The latest version, published in 2013, emphasizes the value that information governance can provide to a business' success. It also provides quite a bit of advice about enterprise risk management.
The name COBIT originally stood for "Control Objectives for Information and Related Technology," but the spelled-out version of the name was dropped in favor of the acronym in the fifth iteration of the framework.
COBIT 5 is based on five key principles for governance and management of enterprise IT:
Principle 1: Meeting Stakeholder Needs
Principle 2: Covering the Enterprise End-to-End
Principle 3: Applying a Single, Integrated Framework
Principle 4: Enabling a Holistic Approach
Principle 5: Separating Governance From Management
With ISACA describing the benefits of COBIT as helping enterprises to:
· “Maintain high-quality information to support business decisions
· Achieve strategic goals and realize business benefits through the effective and innovative use of IT
· Achieve operational excellence through reliable, efficient application of technology
· Maintain IT-related risk at an acceptable level
· Optimize the cost of IT services and technology
· Support compliance with relevant laws, regulations, contractual agreements and policies”
Thus COBIT is now very much a multi-headed beast.
 “There’s a COBIT for that”
There are numerous flavors of COBIT 5 for different corporate audiences and needs. So beyond governance it provides focused guidance on areas such as security, assurance, and risk. And practical books such as:
· Controls and Assurance in the Cloud: Using COBIT 5
· Securing Mobile Devices Using COBIT 5 for Information Security
· Transforming Cybersecurity: Using COBIT 5
· Configuration Management Using COBIT 5
Or “Vendor Management: Using COBIT 5” which provides practical advice for a variety of stakeholders involved in the vendor-management process, from the board and C-level executives to the legal department and IT. It outlines:
· Life cycle stages and stakeholders
· Good practices to manage threats and risk
· How to manage a cloud service provider
· Practical service level agreement (SLA) templates, checklists and examples (available for download in an online toolkit)
· A case study outlining the consequences of ineffective vendor management
· A high-level mapping of COBIT 5 and ITIL V3 for vendor management.
Using COBIT in Government Departments
By Panduranga Bichal, COBIT Implementer, ISO 27001 LI, ITIL Expert, PRINCE2 Practitioner, TOGAF
COBIT Focus | 30 October 2017
The government of India is focused on ensuring the effective delivery of government services to its customers who consist of citizens, businesses, tourists or anyone who may require interaction with government departments at different levels for their day-to-day activities. The government of India’s aim is to improve the lives of the nation’s citizens by doing much more than simply implementing technology.
The prime minister is addressing challenges such as sanitation, health care and urbanization through a mission approach. For example, financial inclusion, the delivery of financial services at affordable costs to vast sections of disadvantaged and low-income groups, has several missions, as illustrated in figure 1.
Figure 1—Government Schemes to Achieve Financial Inclusion
Mission
Objective
Target
Jan Dhan Yojana
A financial inclusion mission to provide access to financial services to all sections of Indian society
To ensure that all Indian households have at least 1 bank account
Pradhan Mantri Suraksha Bima Yojana
To create a universal social security system for the poor and the underprivileged who do not have any insurance coverage
To provide an accidental death-cum-disability coverage of INR 2 lakh in the age group of 18-70 years
Pradhan Mantri Jeevan Jyoti Bima Yojana
Creating a universal social security system, targeted especially at the poor and the underprivileged who do not have any insurance coverage
To provide life insurance coverage of INR 2 lakh to Indian citizens in the age group of 18-50 years
Atal Pension Yojana
To address old-age security needs
To provide people in the age group 18-40 years a fixed monthly payment after attaining the age of 60 years
Mudra
To provide capital to small/micro units to encourage entrepreneurship
To provide easy funding to 57 million small businesses
Pradhan Mantri Awas Yojana
To address the housing requirements of urban poor
To enable 20 million urban poor to own houses by the year 2022
Source: www.narendramodi.in. Reprinted with permission.
To achieve their objectives, various departments are using IT to create systems for implementing various activities, then monitoring performance to track progress and reporting back to top management who are responsible for these missions. This clearly shows that IT is playing a big role at all levels to enable officials to deliver and fulfil the objectives of these missions.
The departments have domain experts with little or no IT knowledge and have to depend largely on external consultants (IT companies) to meet their IT needs. Hence, a gap is being created between the business and IT, which results in the creation of IT assets that create little to no value for the stakeholders. The result is dissatisfied users.
The Need for IT Governance
The primary goals of IT governance are to ensure that the investments in IT generate business value and to mitigate the risk that is associated with IT. This can be done by implementing an organizational structure with well-defined roles for those responsible for information, business processes, applications and infrastructure.
IT governance should be viewed as how IT creates value that fits into the overall strategy of the organization and never be seen as a discipline on its own. In taking this approach, all stakeholders should be required to participate in the decision-making process. This creates a shared acceptance of responsibility for critical systems and ensures that IT-related decisions are made and driven by the business.
Despite efforts of the software industry to identify and adopt best practices in the development of IT projects, there is still a high rate of failure and missed objectives. Most IT projects do not meet the organization’s objectives.
A key best practice is implementing an organizational structure, including an effective governance framework, with well-defined roles and responsibilities for IT stakeholders. Such a framework ensures that IT investments are aligned and delivered in accordance with corporate objectives and strategies.
Without this framework, IT projects are more susceptible to failure. However, many organizations fail to consider the importance of IT governance. They take on IT projects without fully understanding the organization’s requirements for the project and how the project links to the organization’s objectives.
To be successful, an organization should consider all of the following factors, which are incorporated in best practices: high-level framework, independent assurance, performance management reporting, resource management, risk management, strategic alignment and value delivery.
Among the available frameworks for IT governance and management, the COBIT 5 framework is especially well suited because it permits managers to bridge the gaps between control requirements, technical challenges and business risk. COBIT empowers clear policy development and good practice for IT control all through the organization. COBIT emphasizes regulatory compliance, helps organizations to enhance the value acquired from IT, enables alignment, and simplifies application of enterprises' IT governance and control framework.
The 5 principles of COBIT 5, depicted in figure 2, help organizations to adopt IT in a different perspective than is commonly done. That is, IT is often perceived as just a cost center that provides little to no help to the organization in fulfilling its objectives.
Figure 2—COBIT 5 Principles
Source: ISACA, COBIT 5, USA, 2012
Meeting Stakeholder Needs
In the case of government departments, the main stakeholders are the government itself, other departments, citizens and the employees of the department.
The needs of all the stakeholders must be analyzed, using the COBIT 5 goals cascade. Stakeholder needs must be mapped to IT needs, which, in turn, are mapped to enabler needs. This helps convert the needs into a more practical and achievable strategy. COBIT helps to maintain a balance between the use of available resources and the realization of the benefits by keeping in consideration the related risk.
This principle focuses on governance, negotiation and decision-making about the various conflicting needs of the stakeholders.
Covering the Enterprise End-to-End
Information plays a major role in decision-making at the government level. The timely access to information helps to frame the laws more accurately, thereby delivering benefits to the citizens.
COBIT covers the use of information and IT throughout the whole of the enterprise rather than just the IT function.
COBIT performs the integration of IT governance and enterprise governance and includes all the processes used to manage information and technology.
Applying a Single Integrated Framework
The continuous changes in technology and added pressure from stakeholders and suppliers have made the lives of various government department staffs complicated. The department staff, which has limited knowledge of technology, faces the herculean task of managing and governing its information and related technology.
COBIT 5 aligns at a high level with a number of other frameworks and methodologies, such as the IT Infrastructure Library (ITIL) and the International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC) ISO/IEC 27001 standard. It can act as a single integrated framework providing enterprise coverage and consistency, and it can be customized to meet the needs of the department.
The department staff with little IT knowledge can benefit by adopting COBIT to deliver its IT solutions as per IT industry standards.
Enabling a Holistic Approach
The higher-level management of the departments makes important decisions that have a huge impact on the department staff and the department’s beneficiaries, and that will result in meeting the government’s missions. To achieve that, management needs to have a complete view of the department, including the management and governance structures and processes.
COBIT 5 facilitates effective management and governance of IT across the department by means of enablers. Enablers are the factors driving the outcome of activities that are governance- and management-related.
Enablers can be applied across the entire department, including all the internal and external resources relevant to the governance and management of IT.
There are 5 enablers defined in COBIT 5:
· Principles, policies and frameworks—Perform day-to-day activities of translating required behavior into logical guidance
· Processes—Consist of applications required to achieve objectives that, in turn, produce outputs required to achieve IT-related goals
· Organizational structures—Responsible for making informed decisions in an organization
· Information—The key product of the enterprise itself; keeps the enterprise well governed and operating successfully
· People, skills and competencies—Link people with the right skills to the right tasks, and includes taking corrective steps and making corrective decisions
Separating Governance From Management
Governance and management are not the same thing. Governance says what needs to be done, while management focuses on how it will be done.
The teams handling governance and management are different. They need to demarcate their responsibilities but work in tandem to deliver on the organization’s objectives.
Governance is understanding the needs of the organization, defining the direction through prioritization and decision-making, and monitoring compliance against objectives. Management is the mechanism through which plans are created and run in line with the agreed upon objectives.
COBIT 5 clarifies that governance and management each serve different purposes, have different responsibilities, require different types of activities and need different supportive organizational structures.
COBIT 5 uses the Evaluate, Direct, and Monitor (EDM) domain for governance, and plan-build-run-monitor (PBRM) processes for management.
Governance (or EDM) ensures that the needs of the stakeholders are evaluated by identifying and agreeing on objectives to be achieved, an activity that is directed by prioritization and is monitored for performance against objectives. Management (or PBRM) ensures monitoring of the activities and confirms that they are in alignment with those described in the governance set.
Conclusion
COBIT can be implemented in every organization, corporate or government, to help improve IT performance. Its flexibility is because it can be customized to the needs of the organization. It starts from understanding stakeholder needs and business challenges and then utilizing the goals cascade guidelines (enterprise goals to IT goals to enabler goals). This process is not only important, but also extremely helpful and productive. It is always critical to gain senior management buy-in by showing the business benefit of using the COBIT framework.
One of the keys to successful implementation is choosing the required controls (key practices) rather than blindly following the framework and implementing the process. Ensuring that roles and responsibilities within an organization are clearly defined and shared with the team (using the responsible, accountable, consulted, informed [RACI] charts) is also critical. Dividing the improvement project into small phases helps keep the project going while the organization continues to reap the benefits, and ISACA’s COBIT 5 Implementation can be used to assist with this.
The process of adopting the COBIT framework is well supported by a number of guides from ISACA, but one should not hesitate to seek help from experts. It is important to focus more on people than on documentation. Documentation is not implementation. It is about people and educating them to behave in a new way.

RELATED

Discuss the role of global governance in areas of conflic - Geography - Essay

844 words - 4 pages Discuss the role of global governance in areas of conflict Global governance involves the movement towards political cooperation among transnational actors, aimed at negotiating responses to problems that affect more than one state or region, meaning it is necessary in areas of conflict which are states of opposition between ideas and interests etc. Global governance is necessary in maintaining peace in areas of conflict and because of this

The importance of hydrogen bonds in living organisms - Biology - Essay

636 words - 3 pages The importance of hydrogen bonds in living organisms Hydrogen bonds are of great importance throughout living organisms. They are weak and formed between hydrogen atoms and other atoms, normally oxygen, which are nevertheless cumulatively strong. An example of hydrogen bonds is between water molecules in the process of cohesion tension which occurs in plants during transpiration. As water evaporates from mesophyll cells in the leaf into air

The importance of Environment in mental illness - Psychology - Essay

1209 words - 5 pages The Importance of Environment in Mental Illness One in every four people experience mental health issues yet there is still a large stigma around the issue, when in fact it could happen to anyone. A major false perceptions of mental health is that a person is born with it or is predisposed due to family history. Although this is true in some cases, mental health predominantly occurs because of one's experiences throughout their life. They often

The Importance of Imagery in Macbeth - Woodroffe/English - Essay

1383 words - 6 pages expansion. The image of sleep is often used in the play and it helps emphasize how the ambition can corrupt one's mind. The first time Shakespeare shows this is when Macbeth is paranoid about killing Duncan, the King. He becomes so weak and vulnerable that he hears auditory hallucinations that say , “...[he] hath murder'd sleep: and therefore Cawdor shall sleep no more: Macbeth shall sleep no more!”(2.2.54-56) Macbeth from this point on is unable to

Essay on the morality of capital punishment and why it is wrong - English 10 honors - Essay

822 words - 4 pages which I had always been taught as good was in direct conflict with the idea that killing is wrong. This to me has always been very confusing. I live in a very liberal family and I am sure this has greatly affected my view of the world and my morals. Nonetheless, I believe that no matter your political view, you should be able to see that killing is unacceptable. The Death Penalty is wrong most importantly because murder is wrong. It is also a

what is an american? the details of what it means - english 10 - essay

642 words - 3 pages American To be an American means to have privileges, rights, and freedom. America isn’t perfect, but it is one of the only countries that have rights given to people of different diversities and gender. America does not have tremendous poverty. Instead we have choices given to us by the people who have fought and died for the American people. Without the patriots who planted the first seed in the ground and help plant the American nation we live

Symbols in the lord of the flies - Grade 10 - Essay

563 words - 3 pages Lord of the Flies Essay- William Golding Lord of the Flies is set on a deserted island where a group of boys were stranded due to a plane crash. In the novel, “Lord of the Flies” by William Golding, the author uses a lot of symbols to help portray the destruction and deterioration of the boys. The destruction of the island can be understood using various symbols, the symbols that I will be examining are the conch, painted faces, and the beast

The Importance Of Psychology in Everyday Life

517 words - 3 pages To discuss the importance of Psychology in our everyday lives we must first understand what Psychology is. The definition of Psychology is the scientific study of behavior and mental process; however, it can be applied to many other things in life. Everything we do in life is related to Psychology. Psychology is basically the study of who we are, why we are that way, and also what we can become.Psychology is important in many different ways, one

Music : The Importance Of Uniqueness In Success

720 words - 3 pages A certain image or style is associated with all types of musical artists. A country singer would be expected to wear a cowboy hat, a rock star might never been seen without a guitar nearby, and a classical musician usually will be wearing a tuxedo during a performance. But, when it comes to music such as rap, one artist has definitely defined a unique style for himself. Lil’ Jon’s image is incomparable and consists of wild clothes, flashy

Importance of Research Findings in Counselling work - Lvl 3 Counselling Certificate - Essay

989 words - 4 pages Essay: The importance of research findings in counselling work – learning outcome 6.6 The oxford English dictionary defines research as “The systematic investigation into and study of materials and sources in order to establish facts and reach new conclusions”. Research has played a vital role in counselling and its importance cannot be overemphasised. It has given evidence that counselling changes lives and has helped demonstrate in a range of

The Title in The Importance of Being Earnest - AS Level - Essay

768 words - 4 pages Q) Explore the significance of the title The Importance of Being Earnest. (25 marks) Response: Wilde purposefully sculpts the contrast between the title’s implied seriousness and morality and the farcical characters with an inverted sense of values in the play to portray the English hypocrisy and veneer inherent amongst the elite upper class and also, more ambiguously, to portray the need of a ‘permanent invalid’ to endure the high-demanding

Describes the importance of magic in ancient cultures - Heros and Mythology - essay

640 words - 3 pages gods. Their common use of spells and charms show the daily importance magic held. The power of their gods magic shows what kind of feats they believed magic could achieve. Magic was so important to ancient Egyptians that they did not think life was possible without it. Works Cited Mark, Joshua J. “Magic in Ancient Egypt.”, 2/24/17, https://www.ancient.eu/article/1019/magic-in-ancient-egypt/, Accessed 12/6/17. Seawright, Caroline

The Importance of Marketing and Customer Value, in reference to T2 - Monash University - Essay

1702 words - 7 pages increase customer retention and satisfaction. The marketing team at T2 have managed to secure their place at the forefront of modern marketing intelligence, and it is clear to see why. The Importance of Marketing The essence of marketing is different to in every organisation across the globe. Some marketers believe it involves building brand equity by establishing a sufficient branch network, whilst others are convinced it primarily exists to solve

The Importance of Gender Equality in the Workplace - research college paper - rearch paper/essay

980 words - 4 pages Isaacs !1 The Importance of Gender Inclusivity in the Workplace By: Antonio Isaacs Organizational Behaviour - MGMT-1500-0LD Emily Gaszynski Due date: Friday, March 2, 2018 Isaacs !2 Despite many laws put in place to allow a workers right to gender identity and gender expression, organizations still lack the right policies to protect its transgender workers. Companies cater their work environment for cisgender males and females, making

Importance of being in uniform and being on time - military - essay

627 words - 3 pages to take us to school, I took it upon myself to take initiative to gather the rest of my battle buddies and march us single file to our respective training sites. Once we got there we reported to our drill sergeant and she told us that our actions were not right. Even though I thought I was doing the right thing by not staying in the barracks until lunch chow like some of my battle buddies wanted to do. But now I know that we should never leave