COBIT Foundation Student Handbook
-
Upload
itpreneurs -
Category
Documents
-
view
283 -
download
8
description
Transcript of COBIT Foundation Student Handbook
COBIT is a registered trademark of the Information Systems Audit and Control Association © Copyright 2010 by ITpreneurs Nederland B.V. All rights reserved
STUDENT HANDBOOKversion 1.0
Sample
Mate
rial -
Not for
Rep
rint
The information contained in this classroom material is subject to change without notice. This material contains proprietary information that is protected by copyright. No part of this material may be photocopied, reproduced, or translated to another language without the prior consent of ITpreneurs Nederland B.V.
© Copyright 2010 by ITpreneurs Nederland B.V. All rights reserved.
COBIT is a registered trademark of ISACA and the IT Governance Institute. The course content is based on COBIT V4.1
The language used in this course is US English. Our sources of reference for grammar, syntax, and mechanics are The Chicago Manual of Style, The American Heritage Dictionary, and the Microsoft Manual of Style for Technical Publications.
Sample
Mate
rial -
Not for
Rep
rint
3
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
F O U N D A T I O N
4.1 Student Handbook
Contents
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
Module 1: Course Introduction 1
Module 2: Why COBIT: Context in organizations, and the need for IT Governance 11
Module 3: COBIT: An Introduction 51
Assignment I: IT Challenges for Callwick 77
Module 4: The COBIT Cube 81
Assignment II: Video on Demand is Launched 111
Module 5: The COBIT Components - Part 1 117
Assignment III: Preparing for the Management Meeting 149
Module 6: The COBIT Components - Part 2 155
Assignment IV: The Resolution for Callwick 189
Module 7: Assurance Guidance 197
Module 8: COBIT Resources 219
Module 9: Inter-relationships with other IT Frameworks, Standards and Regulations 247
Module 10: Exam Preparation Guide 285
Appendix I: Case Study: Callwick 311
Appendix II: Glossary 315
Appendix III: COBIT Foundation Exam Requirements 321
Appendix VI: Process Description of AI4 and ME1 331
Appendix V: Process Description of P010 and DS2 341
Appendix VI: COBIT Processes and Their Objectives 351
Appendix VII: Linking Business Goals and IT Goals 357
Appendix VIII: Mapping IT Process to IT Governance Focus Areas 361
Appendix IX: Answers 363
Feedback Form 383
Contents
Sample
Mate
rial -
Not for
Rep
rint
Sample
Mate
rial -
Not for
Rep
rint
F O U N D A T I O N
4.1
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
Module 1: Course Introduction
Sample
Mate
rial -
Not for
Rep
rint
F O U N D A T I O N
2Student Handbook4.1
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
Sample
Mate
rial -
Not for
Rep
rint
F O U N D A T I O N
3Student Handbook4.1
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
Sample
Mate
rial -
Not for
Rep
rint
F O U N D A T I O N
4Student Handbook4.1
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
Sample
Mate
rial -
Not for
Rep
rint
F O U N D A T I O N
5Student Handbook4.1
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
Sample
Mate
rial -
Not for
Rep
rint
F O U N D A T I O N
6Student Handbook4.1
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
Sample
Mate
rial -
Not for
Rep
rint
F O U N D A T I O N
7Student Handbook4.1
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
Sample
Mate
rial -
Not for
Rep
rint
F O U N D A T I O N
8Student Handbook4.1
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
Sample
Mate
rial -
Not for
Rep
rint
F O U N D A T I O N
9Student Handbook4.1
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
Sample
Mate
rial -
Not for
Rep
rint
Sample
Mate
rial -
Not for
Rep
rint
F O U N D A T I O N
4.1
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
Module 2: Why COBIT: Context in organizations, and the need for IT Governance
Sample
Mate
rial -
Not for
Rep
rint
F O U N D A T I O N
12Student Handbook4.1
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
Sample
Mate
rial -
Not for
Rep
rint
F O U N D A T I O N
13Student Handbook4.1
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
Reading PointsThis module focuses on the need for and the context of an IT governance and control framework, such as COBIT. You will learn about:
y The key challenges encountered in IT and the business impact of those challenges.
y What governance is in the first place, followed by a discussion on what enterprise governance is
y IT governance, its key principles and business focus areas
y Stakeholders for IT governance implementation, their roles and responsibilities, and their specific concerns
Sample
Mate
rial -
Not for
Rep
rint
F O U N D A T I O N
14Student Handbook4.1
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
Sub Topics: Overview Keeping IT Running Aligning IT with Business Value Security Regulatory Compliance Mastering Complexity CostsSam
ple M
ateria
l - Not
for R
eprin
t
F O U N D A T I O N
15Student Handbook4.1
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
Most organizations also operate in a dynamic marketplace, with varying levels of business demands. It is no surprise, therefore, that managing complex technologies in the modern-day business environment is a complex and challenging task. We will look at some examples as we go.
Reading PointsOrganizations today commit heavily to IT. As a result, they invest significant amounts of money and resources in IT. Their dependency on IT to run normal business operations and enable new, strategic objectives has never been as high as it is today.
Sample
Mate
rial -
Not for
Rep
rint
F O U N D A T I O N
16Student Handbook4.1
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
Here is some context: In 1969, mainframes were used to perform calculations and processing. It often took an entire day to complete one task. Today, we talk of processing millions of complex transactions within seconds. Without this, customer support departments would have looked very different than they do today; providing 24/7 on-demand support would be unimaginable.
Consequently, a single breakdown can incur losses to the tune of millions. As a result, fast computers and the Internet have now become a necessity rather than a luxury, as during the mainframe age.
Reading PointsModern organizations rely heavily on IT. The impact of any IT systems failure is huge. Take power failure for example. The business impact of power failure is almost unimaginable today.
Business-as-usual would come to a standstill if internal IT systems fail, for example, e-mail, document processing, tracking, reporting and so on
A seemingly simple failure, such as a server exceeding its storage capacity, can bring an entire department to a halt.
In even more critical business processes, such as Internet banking and order processing, the impact is, of course, far greater, and negatively impacts revenues and reputation.
Sample
Mate
rial -
Not for
Rep
rint
F O U N D A T I O N
17Student Handbook4.1
Copyright © 2010, ITpreneurs Nederland B.V. All rights reserved.
The role of CIO, in several enterprises, is undergoing a change; CIOs are increasingly acting as a bridge between the business and IT.
ExampleTake the example of a builder. The builder constructs according to requirements and budgets. If requirements aren’t clear at the beginning and there is no coordination between budgets and eventual costs, the cost of construction will shoot up. The bottom line is that if an organization’s reliance on IT increases, the challenge lies in ensuring that IT meets business needs.
Reading PointsAligning IT with business is more important than ever these days.
In most organizations, business and IT are usually not aligned with the same goals. Consequently, their decisions and actions are not always synchronized, leading to failed IT projects, loss of money and time, and a sense of overall discouragement in undertaking larger IT projects.
Sample
Mate
rial -
Not for
Rep
rint