Interdependency indicator -
Cobit5 Process Description EXAMPLE OF IMPLEMENTATION
Manage Risk
Cobit5 Goal ID:
IT-04
Cobit5 Process ID:
APO12
Domain:
IT Goal
Balanced Scorecard (BSC):
Financial
Sample Metrics:
• Percent of critical business processes, IT services and IT-enabled business programmes covered by
risk assessment
• Number of significant IT-related incidents that were not identified in risk assessment
• Percent of enterprise risk assessments including IT-related risk
• Frequency of update of risk profile
Review the risk assessment and count the number of risks that have different risk scenarios based on time progression.
Ensure Stakeholder Transparency
Cobit5 Goal ID:
IT-07
Cobit5 Process ID:
EDM05
Domain:
IT Goal
Balanced Scorecard (BSC):
Customer
Sample Metrics:
• Number of business disruptions due to IT service incidents
• Percent of business stakeholders satisfied that IT service delivery meets agreed-on service levels
• Percent of users satisfied with the quality of IT service delivery
Review reporting to releant stakeholders. Count the cases per service where reporting did not fulfil the agreed on time targets.
Ensure Resource Optimisation
Cobit5 Goal ID:
IT-11
Cobit5 Process ID:
EDM04
Domain:
IT Goal
Balanced Scorecard (BSC):
Internal
Sample Metrics:
• Frequency of capability maturity and cost optimisation assessments
• Trend of assessment results
• Satisfaction levels of business and IT executives with IT-related costs and capabilities
Review benefits from implemented programmes and initiatives. Count the number of cases where the benefits were less from the ones envisioned.
#N/A
Cobit5 Goal ID:
IT-09
Cobit5 Process ID:
Domain:
IT Goal
Balanced Scorecard (BSC):
Internal
Sample Metrics:
• Level of satisfaction of business executives with IT’s responsiveness to new requirements
• Number of critical business processes supported by up-to-date infrastructure and applications
• Average time to turn strategic IT objectives into an agreed-on and approved initiative
Review the initiatives implemented by the organisation and count the amount of time from the time that a change has appeared in the environment of the organisation to the time that the relevant change has been absorbed by the organisation.
Manage Availability and Capacity
Cobit5 Goal ID:
IT-14
Cobit5 Process ID:
BAI04
Domain:
IT Goal
Balanced Scorecard (BSC):
Internal
Sample Metrics:
• Level of business user satisfaction with quality and timeliness (or availability) of
management information
• Number of business process incidents caused by non-availability of information
• Ratio and extent of erroneous business decisions where erroneous or unavailable information
was a key factor
Review post incident reports. Count the number of cases where the information provided during an incident was wrong, incomplete or significantly delayed.
Manage Suppliers
Cobit5 Goal ID:
E-11
Cobit5 Process ID:
APO10
Domain:
Enterprise Goal
Balanced Scorecard (BSC):
Internal
Sample Metrics:
• Frequency of business process capability maturity assessments
• Trend of assessment results
• Satisfaction levels of board and executives with business process capabilities
Review incidents that required involment from suppliers. Count the mean amount of time for supplier's response.
Manage Budget and Costs
Cobit5 Goal ID:
E-10
Cobit5 Process ID:
APO06
Domain:
Enterprise Goal
Balanced Scorecard (BSC):
Customer
Sample Metrics:
• Frequency of service delivery cost optimisation assessments
• Trend of cost assessment vs. service level results
• Satisfaction levels of board and executive management with service delivery costs
Review the cost allocation and reporting communications. Count the mean amount of time used for the cost reporting of an incident.
Manage Changes
Cobit5 Goal ID:
E-13
Cobit5 Process ID:
BAI06
Domain:
Enterprise Goal
Balanced Scorecard (BSC):
Internal
Sample Metrics:
• Number of programmes on time and within budget
• Percent of stakeholders satisfied with programme delivery
• Level of awareness of business change induced by IT-enabled business initiatives
Review the service requests classified as problems or incidents. Measure the mean amount of time for the response of the organisation.
Ensure Resource Optimisation
Cobit5 Goal ID:
E-12
Cobit5 Process ID:
EDM04
Domain:
Enterprise Goal
Balanced Scorecard (BSC):
Internal
Sample Metrics:
• Frequency of business process cost optimisation assessments
• Trend of cost assessment vs. service level results
• Satisfaction levels of board and executive management with business processing costs
Review the resource allocation plan and the actual performance. Count the cases where deviations where identified (in comparison to the plan) during an incident.
Manage Human Resources
Cobit5 Goal ID:
E-14
Cobit5 Process ID:
APO07
Domain:
Enterprise Goal
Balanced Scorecard (BSC):
Internal
Sample Metrics:
• Number of programmes/projects on time and within budget
• Cost and staffing levels compared to benchmarks
Identify the roles having skills related to response to information security events. Count the number of personnel where there is a gap between identified skills and actual skills of the relevant personnel.
Manage Availability and Capacity
Cobit5 Goal ID:
E-07
Cobit5 Process ID:
BAI04
Domain:
Enterprise Goal
Balanced Scorecard (BSC):
Customer
Sample Metrics:
• Number of customer service interruptions causing significant incidents
• Business cost of incidents
• Number of business processing hours lost due to unplanned service interruptions
• Percent of complaints as a function of committed service availability targets
Count the number of activations of the business continuity plans because of the evolution over time of an incident.
Manage Innovation
Cobit5 Goal ID:
E-09
Cobit5 Process ID:
APO04
Domain:
Enterprise Goal
Balanced Scorecard (BSC):
Customer
Sample Metrics:
• Degree of board and executive management satisfaction with decision making
• Number of incidents caused by incorrect business decisions based on inaccurate information
• Time to provide supporting information to enable effective business decisions
Review changes implemented by the organisation and measure the mean amount of time from the inception of the concept to the implementation of the initiative.
Manage Organisational Change Enablement
Cobit5 Goal ID:
E-08
Cobit5 Process ID:
BAI05
Domain:
Enterprise Goal
Balanced Scorecard (BSC):
Customer
Sample Metrics:
• Level of board satisfaction with enterprise responsiveness to new requirements
• Number of critical products and services supported by up-to-date business processes
• Average time to turn strategic enterprise objectives into an agreed-on and approved initiative
Review changes implemented by the organisation and measure the mean amount of time from the inception of the concept to the implementation of the initiative.
Manage Risk
Cobit5 Goal ID:
E-03
Cobit5 Process ID:
APO12
Domain:
Enterprise Goal
Balanced Scorecard (BSC):
Financial
Sample Metrics:
• Percent of critical business objectives and services covered by risk assessment
• Ratio of significant incidents that were not identified in risk assessments vs. total incidents
• Frequency of update of risk profile
Review the risk assessment and count the number of risks that have as vulnerabilities the lack or failure of monitoring mechanisms.

We use cookies on our website to support technical features that enhance your user experience.
We also use analytics. To opt-out from analytics, click for more information.

I've read it More information