For complaints, use another form. Study lib. Upload document Create flashcards. Documents Last activity. Flashcards Last activity. Add to
|Published (Last):||13 October 2004|
|PDF File Size:||1.33 Mb|
|ePub File Size:||6.84 Mb|
|Price:||Free* [*Free Regsitration Required]|
But if you wade through the detail of the mappings you can make your own assessment based on what proportion of COBIT controls for which it shows equivalent ITIL coverage. Maybe you and I know that, but there are an awful lot of people out there still thinking ITIL is a comprehensive framework for IT operations. The white paper diplomatically tiptoes around a direct benchmarking of the two frameworks against each other, unlike the earlier white paper published only by ISACA which bravely made the measurement and graphically depicted the holes.
It just lines up selections of statements from each framework. Some of the choices are pure B. Nevertheless I took them at their word and rated whether there was a complete -ish , partial or no match for each COBIT practice in order to come to the conclusions above. My result is based on some subjective decisions and on the extremely debatable proposition that none of the paper's correlations should be challenged.
So my detailed results are not important here: if this is of interest to you, I think you should use this white paper to make your own calls and come up with your own bake-off between the two. If you do, tell us your result OK? Most sites don't have the money to employ expensive consultants to hand-craft a framework for them drawing from five others. The world is ripe for one ring to rule them all.
How is it for the geek-in-the-streeet? Nothing important in that lot is there? You can see here the ones it totally omits. If you want to run a service desk, ITIL is great. If you want to do ITSM it is dodgy.
If you want to run IT it sucks. Se that other post :. ISACA membership has tripled in six years to over 90, The fastest growing sector is non-audit general IT professionals. The new growth in the body of knowledge will be driven by an open source model where volunteers contribute Since it will include professional certifications and more importantly organisational certification, this must be seen as competitive.
Because they are a 90,strong, respected, vendor-independent, international body with a strong and enthusiastic user base for COBIT. More importantly, COBIT will still be edited and reviewed by a big group of international experts to filter out all the drivel that open content attracts, and to ensure consistency, accuracy and structure in the result. First a few comments on the numbers. Triple is not bad but in the meantime the aggregate number of people who have taken an ITIL exam by EXIN has grown by a factor of 12 and the people taking exams annually has grown by a factor of ISO certifications double in 12 months, in three years the number has grown by factor of 9.
One ring to rule them all may sound nice but is actually as bad idea as in the original. Modern society runs on specialization. Only way we can manage in the complex world is by being specialized. Everybody who reads this is a prime example of niche specialization. Running a road building company is quite different from actual road building. Anybody who wants to build a road in Finland needs solid guidance how to handle ground frost, otherwise the road will be a mess come next summer.
On the other hand this knowledge is useless unless the company can handle financial matters so that there is money available, labor issues, sub-contractor control etc. So if CobiT 5 materializes as solid one meter thick book silver bullet?
A lot of the area covered by CobiT has already sound guidance in other standards and frameworks as Support Thought wrote. The CobiT 5 authors cannot copy existing materials so they would have to make it different. That would not be a good idea. A combination is not an impossibility.
Let's watch developments over the next year or two. ITIL is by definition common practice drawn from industry, so the concepts of ITIL are not defensible under copyright, only the exact wording is. It would be in the best interests of both parties. I read the market demand differently Aale. Everyone who objects to the one-ring concept are paid consultants.
I think the marketplace would be delighted by a one-stop-shop. Okay, tea leaves aside. ISO has a number of standards for specific or specialized areas for a reason. One standard to fit everything may end up being a tad large. ITIL is almost a concept and philosophy; and different audience. But it takes a great deal of time years?
Cobit needs a GUI interface to assist in its navigation. My preference is to use both. I find that CobiT gives me far more traction in the boardroom, and with senior management.
ITIL resonates in the operational side of the house. As an aside, I like Zachman for brainstorming work flow. Horses for Courses.
In the audit world, CobiT is already established as the standard to use. It is written so that business auditors and accountants people can understand what the heck is going on in IT. The controls indicate what outputs to look for from a People, Process and Technology perspective. That being said, I think that it may be a moot point. CobiT came out of the boardrooms.
It's specific intent was to assess that the necessary controls were in place to guarantee the necessary IS and IT resources were under control. In my experience, CobiT does not When that happens, ITIL may be taking a knife to a gun fight. Glenn, I totally agree with you on this. Each has a set of different objectives and trying to marry these into one shouldn't be done. I like one stop shopping but with variety and specialty at my shop. We are losing the concept that ITIL is a framework not a standard.
My work context. I will be aiming to stand up a centralised CSI function in my workplace that will cover services, processes and work very closely with our HR Dept and of course our customers and the punters within our company where I need to. We will be an ICT Infrastructure shared services shop supporting circa users. I understand that "quality" programs can take years to become part of the culture, business planning and performance mgt cycles can be as long as a year and checked as often as people can be bothered.
Honestly, I'm actually AOK to stay broad and shallow for the medium-term so maybe I'm answering my own question. Depending on where you judge the current maturity of IT services to be I would also highly recommend getting at least part of the organisation ISO certified to establish a relatively trustworthy baseline.
Take from all of them what they have to offer, and don't get hung up on whether this bit or that is compatible - in the real world they all are, and all reinforce the same basic messages.
They're all useful but where does it end? How much IP does a guy like Tom have to wade through to "take from all of them"? It's Ok for process geeks like us but for the real world it is utterly ridiculous. I'm reading through it now. Nice work James and co. And thanks Ralph for recommending it. I still haven't managed to download my copy of Pt 5 from the committee member website, thanks for reminding me.
As for "where doe it all end", well who knows? For most organisations the major challenge is still getting to a safe and stable place, not refining process documentation to the nth degree.
Even if the pudding is over-egged, at least it is one pudding. Charles T. COBIT5 is a way off yet. Glen, I'm confused. That argument ignores the third - dark - horse in this race, ISO, which has a guidance section and other steadily growing supporting content. If a standard can expand into ITIL's domain, why can't an assessment framework?
We'll have to break ISO up too I guess as it is obviously too big and unspecialised I'm a member. I said one standard for everything would be a tad large.
An aside, I keep getting Tolkien in my head, with apologies Shouldn't a framework leverage existing work? ISO and Cobit point to other elements and standards where possible. ITIL has always frustrated me because it "Borrows" other approaches with limited accreditation, or reference.
Is ITIL too big? The user community take up the pieces that add value or relevance; ignore the rest.
Mapping of ITIL v3 - With COBIT 4.1
ITGI was established by the non-profit membership association ISACA in to help ensure that IT delivers value and its risks are mitigated through alignment with enterprise objectives, IT resources are properly allocated, and IT performance is measured. ITGI makes no claim that use of any of the Work will assure a successful outcome. The Work should not be considered inclusive of any proper information, procedures and tests or exclusive of other proper information, procedures and tests that are reasonably directed to obtaining the same results. In determining the propriety of any specific information, procedure or test, control professionals should apply their own professional judgement to the specific control circumstances presented by the particular systems or information technology environment. All rights reserved. No part of this publication may be used, copied, reproduced, modified, distributed, displayed, stored in a retrieval system or transmitted in any form by any means electronic, mechanical, photocopying, recording or otherwise without the prior written authorisation of ITGI. No other right or permission is granted with respect to this work.
Mapping of ITIL v3 With COBIT® 4.1
ITIL can be described as a set of books documenting best practice for ITSM, providing guidance on the provision of quality IT services and the facilities needed to support them. Organisations need to understand that ITIL has never been nor was intended to be a complete, out-of-the-box solution and does not have to stand alone; in fact, an organisation may struggle to effectively implement ITIL without some form of IT governance framework. Importantly, COBIT can help guide an organisation in what should be covered in processes and procedures whereas ITIL provides guidance on how the processes or procedures should be designed. This should then be built upon to establish business-aligned IT objectives. It has the additional ability to ensure that ITIL-based Continual Service Improvement is focused on appropriate processes and activities to deliver the greatest positive impact in respect of business goals. Even if an organisation is not designing ITSM processes from scratch, alternatively adopting and adapting from consultant-provided best practices say, it is still worth checking existing process control points against COBIT to ensure the adequacy of internal controls and highlight control-based activities for future corporate compliance initiatives. Each RACI chart highlights the key activities in the process and the responsibilities of individual roles or role types to provide an essential element of IT governance.
Freely subscribe to our NEWSLETTER