Interdependency indicator -
Cobit5 Process Description EXAMPLE OF IMPLEMENTATION
Ensure Benefits Delivery
Cobit5 Goal ID:
IT-05
Cobit5 Process ID:
EDM02
Domain:
IT Goal
Balanced Scorecard (BSC):
Financial
Sample Metrics:
• Percent of IT-enabled investments where benefit realisation is monitored through the full economic
life cycle
• Percent of IT services where expected benefits are realised
• Percent of IT-enabled investments where claimed benefits are met or exceeded
Count the number of strategic IT issues such as dependence on IT, dependence on specific components or services, congestion , single points of failure etc.
Manage Risk
Cobit5 Goal ID:
IT-04
Cobit5 Process ID:
APO12
Domain:
IT Goal
Balanced Scorecard (BSC):
Financial
Sample Metrics:
• Percent of critical business processes, IT services and IT-enabled business programmes covered by
risk assessment
• Number of significant IT-related incidents that were not identified in risk assessment
• Percent of enterprise risk assessments including IT-related risk
• Frequency of update of risk profile
Review the risk assessment results and count the cases where the underlying vulnerability is related to increased system complexity.
Manage requirements Definition
Cobit5 Goal ID:
IT-07
Cobit5 Process ID:
BAI02
Domain:
IT Goal
Balanced Scorecard (BSC):
Customer
Sample Metrics:
• Number of business disruptions due to IT service incidents
• Percent of business stakeholders satisfied that IT service delivery meets agreed-on service levels
• Percent of users satisfied with the quality of IT service delivery
Review the record of requirement change requests per project per service. Identify the services that have the highest number of related change requests.
Monitor, Evaluate and Assess the System of Internal Control
Cobit5 Goal ID:
IT-15
Cobit5 Process ID:
MEA02
Domain:
IT Goal
Balanced Scorecard (BSC):
Internal
Sample Metrics:
• Number of incidents related to non-compliance to policy
• Percent of stakeholders who understand policies
• Percent of policies supported by effective standards and working practices
• Frequency of policies review and update
Review the external and internal assessment reports focusing on identified vulnerabilities regarding the coupling of services.
Manage the IT Management Framework
Cobit5 Goal ID:
IT-01
Cobit5 Process ID:
APO01
Domain:
IT Goal
Balanced Scorecard (BSC):
Financial
Sample Metrics:
• Percent of enterprise strategic goals and requirements supported by IT strategic goals
• Level of stakeholder satisfaction with scope of the planned portfolio of programmes and services
• Percent of IT value drivers mapped to business value drivers
Identify enterprise goals related to complexity and coupling. Measure the compliance to these objectives
Manage Assets
Cobit5 Goal ID:
E-10
Cobit5 Process ID:
BAI09
Domain:
Enterprise Goal
Balanced Scorecard (BSC):
Customer
Sample Metrics:
• Frequency of service delivery cost optimisation assessments
• Trend of cost assessment vs. service level results
• Satisfaction levels of board and executive management with service delivery costs
Review the results of cost optimisation reviews focusing on identified opportunities for decoupling services.
Manage Security Services
Cobit5 Goal ID:
IT-10
Cobit5 Process ID:
DSS05
Domain:
IT Goal
Balanced Scorecard (BSC):
Internal
Sample Metrics:
• Number of security incidents causing financial loss, business disruption or public embarrassment
• Number of IT services with outstanding security requirements
• Time to grant, change and remove access privileges, compared to agreed-on service levels
• Frequency of security assessment against latest standards and guidelines
Identify and count all systems whose access is contolled through the access control policy.
Manage Configuration
Cobit5 Goal ID:
IT-02
Cobit5 Process ID:
BAI10
Domain:
IT Goal
Balanced Scorecard (BSC):
Financial
Sample Metrics:
• Cost of IT non-compliance, including settlements and fines, and the impact of reputational loss
• Number of IT-related non-compliance issues reported to the board or causing public comment
or embarrassment
• Number of non-compliance issues relating to contractual agreements with IT service providers
• Coverage of compliance assessments
Review the reports on the evaluation for design weaknesses (e.g., inconsistencies, lack of clarity, potential flaws) throughout the life cycle focusing on those related to coupling and increased complexity. Count the number of identified weaknesses per service.
Manage Assets
Cobit5 Goal ID:
IT-11
Cobit5 Process ID:
BAI09
Domain:
IT Goal
Balanced Scorecard (BSC):
Internal
Sample Metrics:
• Frequency of capability maturity and cost optimisation assessments
• Trend of assessment results
• Satisfaction levels of business and IT executives with IT-related costs and capabilities
Review the asset inventory focusing on asset interdepencies and count the number of interdependent assets per service.
Manage Entreprise Architecture
Cobit5 Goal ID:
E-11
Cobit5 Process ID:
APO03
Domain:
Enterprise Goal
Balanced Scorecard (BSC):
Internal
Sample Metrics:
• Frequency of business process capability maturity assessments
• Trend of assessment results
• Satisfaction levels of board and executives with business process capabilities
Review the architecture for providing the services focusing on areas where high complexity exists (e.g. Many complicated processess, processes depending on critical processes, existance of single-point-of-failure points, etc). Count the number of such areas.
Manage Continuity
Cobit5 Goal ID:
E-07
Cobit5 Process ID:
DSS04
Domain:
Enterprise Goal
Balanced Scorecard (BSC):
Customer
Sample Metrics:
• Number of customer service interruptions causing significant incidents
• Business cost of incidents
• Number of business processing hours lost due to unplanned service interruptions
• Percent of complaints as a function of committed service availability targets
Review the business impact analysis focusing on dependencies to services and components. Count the number of dependencies per service.
Manage the IT Management Framework
Cobit5 Goal ID:
E-04
Cobit5 Process ID:
APO01
Domain:
Enterprise Goal
Balanced Scorecard (BSC):
Financial
Sample Metrics:
• Cost of regulatory non-compliance, including settlements and fines
• Number of regulatory non-compliance issues causing public comment or negative publicity
• Number of regulatory non-compliance issues relating to contractual agreements with
business partners
Review the maping of organisational structure and functions. Count the number of services that are dependent from a high number of services, functions and compponents.
Ensure Resource Optimisation
Cobit5 Goal ID:
E-12
Cobit5 Process ID:
EDM04
Domain:
Enterprise Goal
Balanced Scorecard (BSC):
Internal
Sample Metrics:
• Frequency of business process cost optimisation assessments
• Trend of cost assessment vs. service level results
• Satisfaction levels of board and executive management with business processing costs
Review principles related to safeguarding resources. Identify resources that are not fullfiling these principles in relation to consupmtion and utilization.
Manage Portfolio
Cobit5 Goal ID:
E-02
Cobit5 Process ID:
APO05
Domain:
Enterprise Goal
Balanced Scorecard (BSC):
Financial
Sample Metrics:
• Percent of products and services that meet or exceed targets in revenues and/or market share
• Ratio of products and services per life cycle phase
• Percent of products and services that meet or exceed customer satisfaction targets
• Percent of products and services that provide competitive advantage
Review the overall investment portfolio mix and relevant investment proposals. Summarize the value of investments per service.
Ensure Risk Optimisation
Cobit5 Goal ID:
E-05
Cobit5 Process ID:
EDM03
Domain:
Enterprise Goal
Balanced Scorecard (BSC):
Financial
Sample Metrics:
• Percent of investment business cases with clearly defined and approved expected costs
and benefits
• Percent of products and services with defined and approved operational costs and expected benefits
• Satisfaction survey of key stakeholders regarding the transparency, understanding and accuracy of
enterprise financial information
• Percent of service cost that can be allocated to users
Review the risk assessment results and count the cases where the underlying vulnerability is related to increased system complexity.
Manage Quality
Cobit5 Goal ID:
E-01
Cobit5 Process ID:
APO11
Domain:
Enterprise Goal
Balanced Scorecard (BSC):
Financial
Sample Metrics:
• Percent of investments where value delivered meets stakeholder expectations
• Percent of products and services where expected benefits are realised
• Percent of investments where claimed benefits are met or exceeded
Set and measure quality criteria related to the complexity of the service.
Manage Change Acceptance and Transitioning
Cobit5 Goal ID:
IT-12
Cobit5 Process ID:
BAI07
Domain:
IT Goal
Balanced Scorecard (BSC):
Internal
Sample Metrics:
• Number of business processing incidents caused by technology integration errors
• Number of business process changes that need to be delayed or reworked because of technology
integration issues
• Number of IT-enabled business programmes delayed or incurring additional cost due to technology
integration issues
• Number of applications or critical infrastructures operating in silos and not integrated
Review the post-implementation reviews focusing on the time needed to implement each step of the change. Identify the slowest step of the process. Count these steps per service.
Manage Entreprise Architecture
Cobit5 Goal ID:
E-08
Cobit5 Process ID:
APO03
Domain:
Enterprise Goal
Balanced Scorecard (BSC):
Customer
Sample Metrics:
• Level of board satisfaction with enterprise responsiveness to new requirements
• Number of critical products and services supported by up-to-date business processes
• Average time to turn strategic enterprise objectives into an agreed-on and approved initiative
Review the target architecture value propositions, goals and metrics focusing on the ones connected with complexity and coupling. Count the number of services not reaching relevant targets.
Manage Risk
Cobit5 Goal ID:
E-03
Cobit5 Process ID:
APO12
Domain:
Enterprise Goal
Balanced Scorecard (BSC):
Financial
Sample Metrics:
• Percent of critical business objectives and services covered by risk assessment
• Ratio of significant incidents that were not identified in risk assessments vs. total incidents
• Frequency of update of risk profile
Identify in the risk managament methodology, risk factors related to complexity and coupling. For each identified risk calculate these risk factors.

We use cookies on our website to support technical features that enhance your user experience.
We also use analytics. To opt-out from analytics, click for more information.

I've read it More information