ISACA パブコメ COBIT 5 Design (Exposure Draft)
こんにちは、丸山満彦です。ISACAがCOBIT 5 Design (Exposure Draft)を公表していますね。。。
Seven key practical issues are recognised that need to be addressed in the development of the COBIT 5
• There is a need to integrate COBIT and ISACA’s research and developments in other areas such as value, risk, security and assurance into a single framework to overcome a complex mix of frameworks and supporting publications.
• There is a need for consistency in the concepts and terminology used and in the level of detail provided.
• COBIT 4.1 users have already made an investment in implementing COBIT and would have an easy migration from prior versions to COBIT 5.
• There are users of COBIT 4.1 who wish to focus on certain topics and find it difficult to navigate and identify the specific content relevant to their needs.
• There are areas where further guidance is needed, e.g., enterprise architecture, people skills, decision making, organisational structures, change enablement and sustainability.
• Given the pervasiveness of IT there is a need to ensure that governance and management processes integrate both business and IT responsibilities.
• COBIT 5 will be more complete and easier to navigate, bringing together under one integrated framework all of ISACA’s guidance relating to the enterprise governance of IT.
The proposed COBIT 5 improvements are summarised below and described further in the next section.
COBIT 5 will:
• Align with ISACA’s TGF initiative as well as recent global governmental and market-driven enterprise
and IT governance initiatives, such as sustainability and green IT
• Be consolidated into a single overarching framework and knowledge base, providing one consistent and
integrated source of guidance
• Be described in a high-level framework publication, providing an explanation of the objectives, scope,
format and usage of COBIT 5 and enabling enterprises to strategically plan adoption of COBIT 5 and
how to migrate to the new framework
• Consist of a set of publications providing:
– The content of COBIT 5 required for enterprise implementation and assurance activities
– Focussed guidance publications on functional, responsibility and organisational views to help
COBIT users with a specific area of interest to better understand how COBIT can support their role
• Clarify the distinction between governance and management with a revised process model that
distinguishes between these domains while also showing how they relate to each other, and with
processes integrating both business and IT responsibilities
• Align with the latest management practices as well as strengthening areas such as decision making,
organisational structures, skill requirements, human factors, culture and change enablement. The new
structure will be flexible, allowing future ISACA and non-ISACA standards, frameworks, regulations,
etc., to be factored in.