COBIT® 5 Principles 4 and 5 Tutorial

This lesson is a part of COBIT® 5 Foundation Certification Course and covers the fourth and the fifth principles of COBIT® 5, which are - enabling a holistic approach and separating governance from management respectively. Let us begin with the objectives of this lesson.

Objectives

By the end of this lesson you will be able to:

  • Explain principles 4 and 5 of COBIT® 5 

  • Identify the COBIT® 5 enablers and enabler dimensions 

  • Describe the governance-management interaction for each enabler 

Let us move on to the next section to discuss the fourth principle of COBIT® 5.

Principle 4—Enabling a Holistic Approach

COBIT® 5 defines a set of enablers to support the implementation of a comprehensive governance and management system for enterprise IT.
COBIT® 5 enablers are: 

  • defined as factors that, individually and collectively, influence the success of an initiative; 

  • driven by the goals cascade and 

  • described by the COBIT® 5 framework in seven categories. 

Any enterprise should always consider an interconnected set of enablers. Each enabler:

  • needs the input of other enablers to be fully effective. 

- Example: Processes need information, and organizational structures need enablers such as skills and behavior. 

  • delivers output for the benefit of other enablers. 

- Example: Processes deliver information, skills, and behavior to make processes efficient. 

In the next section, we will look into the COBIT® 5 Enablers image.

Preparing to become an expert in COBIT 5? Take this test to know where you stand!

COBIT® 5 Enablers

The image shown below depicts the seven enablers of COBIT® 5. 
COBIT 5 Enablers
The seven enablers can thus be listed as following:

  • Principles, Policies, and Frameworks 

  • Processes 

  • organizational Structures 

  • Culture, Ethics, and behavior 

  • Information 

  • Services, Infrastructure, and Applications 

  • People, Skills, and Competencies 

Let us proceed to the next section to understand the COBIT® 5 Enabler dimensions.

COBIT® 5 Enabler Dimensions

All enablers have a set of standard dimensions that provide a common, simple and structured way to deal with other enablers and allow an entity to manage its complex interactions and facilitate successful outcomes of the enablers. 
The image shown below depicts the various enabler dimensions.
COBIT % Enabler Dimensions
Enabler dimension consists of: 

  • Stakeholder dimension

- Each enabler has stakeholders; for example, processes have different parties who execute process activities and have an interest in the process outcomes. They can be internal or external stakeholders. Their needs translate into enterprise goals which in turn translate into IT-related goals.

  • Goals dimension

- Each enabler has a number of goals, and values are achieved when these goals are met. Goals can be defined as expected outcomes. The application and operation of the enabler and enabler goals are the final steps in the goals cascade. Enabler goals can also be divided into intrinsic quality, contextual quality, access, and security.

  • Lifecycle dimension

- Each enabler has a lifecycle of plan, design, build, acquire, create, implement, use, operate, evaluate, monitor, update, and dispose.

  • Good practices dimension

- These practices support the achievement of enabler goals. They are also defined for each enabler. This dimension contains the practices, work products including both inputs and outputs. 

In the next section, we will look into the COBIT® 5 enabler performance management.

COBIT® 5 Enabler Performance Management

The image shown below depicts the various elements of enabler performance management.
COBIT % Enabler Dimensions
For performance management to be effective, the following questions must be asked: 

  • Are stakeholder needs addressed? 

  • Are enabler goals achieved? 

  • Is the enabler lifecycle managed? 

  • Are good practices applied?

The first two questions deal with the actual outcome of the enabler and the metrics for the achievement of goals are called Lag Indicators. A Lag Indicator is one that follows an event. The importance of a Lag Indicator is its ability to confirm that something, which maybe a pattern, has occurred. Let us understand the concept of lag indicator metrics with the help of the following example:

The Cost Efficiency Ratio or CER target for the financial year is equal to below 50%. The ratio is calculated as a percentage of the revenue or expenses divided by revenue. If expenses are $1 million and revenue is $2 million, then the CER is 0.5 or 50%, that is, $1million divided by $2million. As per the calculated CER, a target return of 5% increase for every $1 increase in the stock prices is provided to the investors.
 
The next two questions deal with the actual functioning of the enabler and the metrics for the application of practice are called Lead Indicators. Let us understand the concept of lead indicator metrics with the help of the following example. 

Lead indicator metrics can be used based on the reports generated on the number of unreported compliance breaches and incidents open, for example, a total number of compliance breaches not reported within 2 hours of occurrence and the total number of incidents open beyond 2 days. 
In the next section, let us focus on separating governance from management, which is the fifth principle of COBIT® 5.


Principle 5—Separating Governance from Management

The COBIT® 5 framework makes a clear distinction between governance and management. 
Governance and management:

  • encompass different types of activities, 

  • require different organizational structures and serve different purposes. 

’COBIT® 5: Enabling Processes’ differentiates the activities associated with governance and management.
In the next section, let us look into the differences between governance and management.

Governance vs. Management

The basic differences between governance and management are as follows:

Governance

Management

Governance includes the Evaluate, Direct, and Monitor or EDM processes Governance has the following objectives: 

  • It ensures that stakeholder needs, conditions, and options are evaluated to determine balanced, agreed-on enterprise objectives be achieved.

  •  It sets direction through prioritization and decision-making. 

  • It monitors performance, compliance, and progress against the agreed direction and objectives.

Management includes the Plans, Builds, Runs, and Monitors or PBRM (read as P-B-R-M) processes.

  • The management aligns its activities with the direction set by the governance body to achieve the enterprise objectives using the PBRM processes.

In the next section, we will focus on the interaction between the governance and management entities.

The Interaction between Governance and Management Entities

The image shown below depicts the interaction between governance and management entities that consist of EDM processes for governance and PBRM (read as P-B-R-M) processes for management.
 Interaction between Government and Management Entities
The governing body evaluates the business needs, directs, and monitors the management to cater to the business needs. The management in turn plans, builds, runs, and monitors to fulfill the business needs directed by the governing body. The governing body then evaluates the management feedback. 
In the next section, we will look into the Process Reference Model that consists of the EDM and PBRM processes.

Looking to learn more about COBIT 5, why not enroll for Our COBIT 5 Course?

COBIT® 5 Process Reference Model (PRM)

The image shown depicts the Process Reference Model or PRM (read as P-R-M).
COBIT 5 Process Reference Model
As evident from the image, there are various processes for governance and management of enterprise IT. There are a total of five EDM (read as E-D-M) or governance processes and thirty-two PBRM (read as P-B-R-M) or management processes.

It is easy to relate the five EDM or governance processes to the initial steps in the Goals Cascade. EDM is about setting the governance framework and maintaining it.

It helps to deliver value to stakeholders by ensuring the delivery of benefits, optimizing risks and resources, and ensuring transparency among stakeholders. There is no requirement to know the thirty-two PBRM management processes in-depth for the COBIT 5 Foundation Exam.

However, it is recommended to go through the processes to briefly understand the activities, the names of which are self-explanatory. 
In the next section, we will understand the governance-management interaction for each of the seven enablers.

Governance-Management Interaction for Each Enabler

The following table depicts the governance-management interaction for the seven enablers of COBIT® 5. 

Enabler

Governance Management Interaction

Principles, policies, and frameworks

These are the vehicles by which the governance decisions are institutionalized within the enterprise. They are also an interaction between the governance decisions and management.

Processes

In the illustrative COBIT® 5 process model, a distinction is made between governance and management, including the practices and activities for each. The process model also includes Responsible, Accountable, Consulted and Informed or RACI charts describing the responsibilities of different organizational structures and roles within the enterprise

Organizational Structure

The various organizational structures defined in an enterprise can be put together in the governance space or the management space, depending on their composition and scope of decisions. Interactions take place between the decisions taken by the governance structures and the decisions and operations implementing the former.

Culture, Ethics, and behavior

This is also a key enabler of good governance and management of the enterprise. It is set at the top and is an important interaction between the governance and management.

Information

Information used for evaluating, directing and monitoring enterprise IT is exchanged between the governance and management as described in the process model inputs and outputs.

Services, Infrastructure, and Applications

Services, supported by the applications and infrastructure, are required to provide the governance body with adequate information and to support the EDM activities.

People, Skills, and Competencies

The governance and management activities require different skill sets, but an essential skill for both is to understand sets of tasks and how they differ.

Mapping Enterprise Goals to Governance and Management

The COBIT® 5 enterprise goals are mapped to questions related to governance and management as shown in the table below. 

Are you curious to know, what COBIT 5 Certification is all about? Watch our Course Preview for free!

Summary 

Let us summarise what we have learned in this lesson: 

  • The fourth and fifth principles of COBIT® 5 are enabling a holistic approach and separating governance from management. 

  • The COBIT® 5 enablers are principles, policies, and frameworks; processes; organizational structures; culture, ethics and behavior; information; services, infrastructure and applications; and people, skills and competencies. 

  • The COBIT® 5 enabler dimensions are stakeholders, goals, lifecycle and good practices dimensions. 

  • Under information enabler, the Information used for evaluating, directing and monitoring enterprise IT is exchanged between the governance and management as described in the process model inputs and outputs.

In the following lesson, we will explore Overview of enablers of COBIT® 5 and Enabler 1.

  • Disclaimer
  • PMP, PMI, PMBOK, CAPM, PgMP, PfMP, ACP, PBA, RMP, SP, and OPM3 are registered marks of the Project Management Institute, Inc.

Request more information

For individuals
For business
Name*
Email*
Phone Number*
Your Message (Optional)
We are looking into your query.
Our consultants will get in touch with you soon.

A Simplilearn representative will get back to you in one business day.

First Name*
Last Name*
Email*
Phone Number*
Company*
Job Title*