COBIT 5 implementation in your organisation makes business sense if you have the following internal challenges (not exhaustive)!
- Is IT strategy aligning with the business strategy?
- Are we measuring IT’s performance?
- Can we assure investors and shareholders that a ‘standard of due care’ around mitigating IT risks is being met by the organisation?
- Do we have a framework to meet regulatory requirements for IT controls in
areas such as privacy and financial reporting (e.g., the US Sarbanes-Oxley Act, Basel II) and in specific sectors such as finance, pharmaceutical and
- Is IT likely to achieve its objectives?
- Is IT resilient enough to learn and adapt?
- Is IT appropriately recognizing opportunities and acting upon them?
- Are we obtaining value from IT investments?
- Are we in control of the selection of service providers and the management of service outsourcing and acquisition?
- Are we managing the increasingly complex IT-related risks, such as network security?
- Are we as an enterprise performing against generally accepted standards and our peers (benchmarking)?
Coral has helped several organizations fulfill their compliance objectives. This includes organizations in Banking, Software Development, Manufacturing, Data center and business process outsourcing.
How Coral can help?
Coral has a structured methodology to deliver best of class consulting delivery. This would typically involve hand-holding the organisation through a life-cycle of assessment, rating, advising and review process. Key steps are listed below:
- Gap Analysis against COBIT 34 control processes and 210 controls.
- Rating each of the 34 processes on 6-point maturity scale.
- Organisation specific towards higher maturity incorporating Coral’s years of expertise to top management, IT development, IT operations, project office and other critical functions of your organisation.
- Help the organisation define which processes are core and which can be supportive.
- Define implementation milestones for review
- Train staff to conduct internal audits.
- Review the maturity scale on an agreeable time period.and our peers
Figure 1 shows how COBIT control processes are aligned with the best practices of several other standards. It also shows that although each of the individual practices are part of the COBIT framework, there is also an element of these standards which are outside COBIT framework, thereby implying that the scope of any of these individual standards’ implementation is defined by the organisation based on their business requirement.