Geeks With Blogs
Keep It Simple Simple Solutions for Complex Scenarios

Control Objectives for Information and Related Technologies (COBIT)is a governance framework widely used by many enterprises to supports information and technology assets, defining process, areas and controls to successful delivery of IT Governance practices.

First Question: "What is IT Governance?"

IT governance is the responsibility of executives and the board of directors, and consists of the leadership, organisational structures and processes that ensure that the enterprise’s IT sustains and extends the organisation’s strategies and objectives.
IT governance integrates and institutionalizes good practices to ensure that the enterprise’s IT supports the business objectives, enabling to the enterprise to take full advantage of its information, identifying opportunities and gaining competitive advantage
COBIT defines a Maturity Model across a scale of 5 steps
  • 0 - Non-existent
  • 1 - Initial / Ad-Hoc
  • 2 - Repeatable but intuitive
  • 3 - Defined
  • 4 - Managed and Measurable
  • 5 - Optimized

Each Control Objective is evaluated using this scale to identifies the current maturity level of the business and create a "simple" roadmap to accomplish this objective.

Second Question: "How to COBIT refers to IT Architects or IT Architecture?"

COBIT defines its plans and activities based on RACI (Responsible, Accountable, Consulted, Informed) model, this model identifies 10 control objectives where IT Architects have a "R" for Responsible, these controls are:
  • 1.- Define the Information Architecture
  • 2.- Determine Technological Direction
  • 3.- Acquire and Maintain Technology Infrastructure
  • 4.- Acquire and Maintain Application Software
  • 5.- Manage Data
  • 6.- Manage the Configuration
  • 7.- Ensure Continuous Service
  • 8.- Ensure Compliance With External Requirements
  • 9.- Provide IT Governance
  • 10.- Define the IT Processes, Organisation and Relationships

I'm looking into the first two points to create a strategy to get these controls implemented successfully and establish a simple roadmap to adoption, let me detail the first two points:

1.- Define the Information Architecture

Have a Information Architecture Model is a real challenge for many companies, the main benefits of this are provide reliable and consistent information and to seamlessly integrate applications into business processes, this control owned the following activities:
  • Create an Enterprise Information Architecture Model
  • Create an Enterprise Data Dictionary and Data Syntax Rules
  • Create an Data Classification Scheme
  • Implement procedures to assure the Integrity Management

2.- Determine Technological Direction

This control aims to analyse existing and emerging technologies, and plan which technological direction is appropriate to realize the IT strategy and the business systems architecture. Also identify in the plan which technologies have the potential to create business opportunities. The plan should address systems architecture, technological direction, migration strategies and contingency aspects of infrastructure components, the activities for this control are
  • Define a Technological Direction Plan
  • Define a Technology Infrastructure Plan
  • Implement procedures to Monitor Future Trends and Regulations
  • Define Technology Standards
  • Establish an IT Architecture Board
    • I would love hear your comments and experiences about this topic, I'll posting about my work with COBIT in the near

      See u
Posted on Monday, September 26, 2011 5:28 PM IT Architecture , COBIT | Back to top

Comments on this post: How architects talk about COBIT

No comments posted yet.
Your comment:
 (will show your gravatar)

Copyright © Juan Mestas J. (aka gotchas) | Powered by: