What do you think?
Rate this book
COBIT 2019 Framework: Governance and Management Objectives
COBIT is a framework for the governance and management of enterprise information and technology, aimed at the whole enterprise. Enterprise I&T means all the technology and information processing the enterprise puts in place to achieve its goals, regardless of where this happens in the enterprise. In other words, enterprise I&T is not limited to the IT department of an organization, but certainly includes it. This publication, COBIT 2019 Governance and Management Objectives, contains a detailed description of the COBIT Core Model and its 40 governance and management objectives. A description of each objective, its purpose, and its connection with enterprise and alignment goals along with sample metrics are provided. For each objective, the process, practices, activities, and related guidance to other standards and frameworks are also provided. COBIT defines the components to build and sustain a governance processes, organizational structures, policies and procedures, information flows, culture and behaviors, skills, and infrastructure. This publication also includes detailed information about each of the components relevant to each governance and management objective.
300 pages, Perfect Paperback
Published November 14, 2018
2 people are currently reading
16 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 2 of 2 reviews
August 19, 2019
I am extremely torn on this review and as you read it I hope you the reader understand why.
The Five Stars Part
The book breaks the Cobit process down into detailed guidance. It starts with Domain and the management objectives. It lists Enterprise Goals and Alignment goals to go along with. It suggests metrics to accompany the goals and even helps with a capability maturity model. Following this up is a RACI chart with key roles and a Input / Output of processes. Finally it even lists some references on where the pulled the information from as this is based on numerous other frameworks and industry best practices. If you want to know how to do Assurance, its right there on mage 289.
The One Star Part
Its not really a book to read cover to cover. It is literally like reading an instruction model. So at best, you should, unlike me, not read it cover to cover, but read it for an area that you are impacted by and have some vested interest in. I can definitely see that if your company has embraced COBIT and you need to write some policies on the Information Security Program, how you can tie it in. Whats lacking though, in this book and there other I read, is why do it? Where is a case study or something that shows how it has added value at company X. How claiming the maturity model has increased governance and ultimately something the board wants. NOTE: I say something the Board wants as today I read an article that increasing shareholder value is not the end all be all.
Do I recommend this book? Yes as a reference book. Treat it like reading a dictionary cover to cover. You could do it, but why?
The Five Stars Part
The book breaks the Cobit process down into detailed guidance. It starts with Domain and the management objectives. It lists Enterprise Goals and Alignment goals to go along with. It suggests metrics to accompany the goals and even helps with a capability maturity model. Following this up is a RACI chart with key roles and a Input / Output of processes. Finally it even lists some references on where the pulled the information from as this is based on numerous other frameworks and industry best practices. If you want to know how to do Assurance, its right there on mage 289.
The One Star Part
Its not really a book to read cover to cover. It is literally like reading an instruction model. So at best, you should, unlike me, not read it cover to cover, but read it for an area that you are impacted by and have some vested interest in. I can definitely see that if your company has embraced COBIT and you need to write some policies on the Information Security Program, how you can tie it in. Whats lacking though, in this book and there other I read, is why do it? Where is a case study or something that shows how it has added value at company X. How claiming the maturity model has increased governance and ultimately something the board wants. NOTE: I say something the Board wants as today I read an article that increasing shareholder value is not the end all be all.
Do I recommend this book? Yes as a reference book. Treat it like reading a dictionary cover to cover. You could do it, but why?
May 28, 2020
The COBIT 2019 series of books continues here, listing in excruciating detail the governance and management objectives, and managing to spend over 300 pages on it. The level of detail provided is admirable, but mind-numbing. I spent about an hour just on the EDM domain, then leaved through the rest.
References to other frameworks are of random quality :as before, old versions of ISO/IEC 20000-1 and ITIL are used. Oddly, in the quality management area, reference to ISO 9001 is not made at all.
If you want to implement COBIT 2019 thoroughly (and have the time for it), this is your telephone directory. For the average passer-by, it feels like reading DSM-V (Diagnostical and Statistical Manual for mental diseases) again.
References to other frameworks are of random quality :as before, old versions of ISO/IEC 20000-1 and ITIL are used. Oddly, in the quality management area, reference to ISO 9001 is not made at all.
If you want to implement COBIT 2019 thoroughly (and have the time for it), this is your telephone directory. For the average passer-by, it feels like reading DSM-V (Diagnostical and Statistical Manual for mental diseases) again.
Displaying 1 - 2 of 2 reviews