YaSM and COBIT: Difference between revisions
No edit summary |
No edit summary |
||
(9 intermediate revisions by 2 users not shown) | |||
Line 2: | Line 2: | ||
<meta name="keywords" content="yasm and cobit, yasm vs. cobit, yasm cobit differences, yasm cobit similarities" /> | <meta name="keywords" content="yasm and cobit, yasm vs. cobit, yasm cobit differences, yasm cobit similarities" /> | ||
<meta name="description" content="The following tables highlight which YaSM processes are related to specific COBIT® enabling processes, to illustrate that YaSM and COBIT share many basic principles." /> | <meta name="description" content="The following tables highlight which YaSM processes are related to specific COBIT® enabling processes, to illustrate that YaSM and COBIT share many basic principles." /> | ||
<meta property="og:url" content="https://yasm.com/wiki/en/index.php/YaSM_and_COBIT" /> | |||
<meta property="og:title" content="YaSM and COBIT® | YaSM Service Management Wiki" /> | |||
<meta property="og:description" content="The following tables highlight which YaSM processes are related to specific COBIT® enabling processes, to illustrate that YaSM and COBIT share many basic principles." /> | |||
<meta property="og:site_name" content="YaSM Service Management"> | |||
<meta property="og:type" content="article" /> | |||
<meta property="og:image" content="https://yasm.com/wiki/en/img/yasm-frameworks/cobit/cobit-enabling-processes-and-the-YaSM-model.jpg" /> | |||
<meta property="og:image:width" content="1200" /> | |||
<meta property="og:image:height" content="900" /> | |||
<link href="https://plus.google.com/104150539756444616711/posts" rel="publisher" /> | |||
</itpmch> | </itpmch> | ||
<html | <html> | ||
<p> </p> | <p> </p> | ||
<p> </p> | <p> </p> | ||
<p><b>Comparison:</b | <p><b>Comparison:</b> YaSM and COBIT® (Control Objectives for Information and Related Technologies)</p> | ||
<p><b>Part of</b>: <a | <p><b>Part of</b>: <a href="https://yasm.com/wiki/en/index.php/What_is_YaSM#yasm-other-service-management-frameworks" title="YaSM and other service management frameworks and standards">YaSM vs. other service management frameworks and standards</a></html> | ||
<p> </p> | |||
[[What is YaSM|YaSM]]® was developed with <b><span style="color:#465674;">COBIT® (Control Objectives for Information and Related Technologies)</span></b> [[#COBIT|[1]]] in mind, but YaSM is not a "COBIT process model". | |||
<p> </p> | <p> </p> | ||
YaSM® | <html><div itemid="https://yasm.com/wiki/en/img/yasm-frameworks/cobit/cobit-enabling-processes-and-the-YaSM-model.jpg" itemscope itemtype="https://schema.org/ImageObject"> | ||
<meta itemprop="caption" content="COBIT® enabling processes and how they relate to YaSM service management processes." /> | |||
<meta itemprop="width" content="1200" /> | |||
<meta itemprop="height" content="900" /> | |||
<meta itemprop="representativeOfPage" content="true"/> | |||
<span itemprop="thumbnail" itemscope itemtype="https://schema.org/ImageObject"> | |||
<meta itemprop="url" content="https://yasm.com/wiki/en/img/yasm-frameworks/cobit/480px/cobit-enabling-processes-and-the-YaSM-model.jpg" /> | |||
<meta itemprop="width" content="480" /> | |||
<meta itemprop="height" content="360" /> | |||
<meta itemprop="dateCreated" content="2022-10-03" /> | |||
<meta itemprop="datePublished" content="2022-10-03" /> | |||
</span> | |||
<meta itemprop="keywords" content="COBIT processes" /> | |||
<meta itemprop="keywords" content="COBIT enabling processes" /> | |||
<meta itemprop="keywords" content="IT governance YaSM" /> | |||
<figure class="mw-halign-right" typeof="mw:File/Thumb"><a itemprop="contentUrl" href="https://yasm.com/wiki/en/img/yasm-frameworks/cobit/cobit-enabling-processes-and-the-YaSM-model.jpg" title="COBIT® enabling processes and the YaSM model"><img srcset="https://yasm.com/wiki/en/img/yasm-frameworks/cobit/480px/cobit-enabling-processes-and-the-YaSM-model.jpg 480w, https://yasm.com/wiki/en/img/yasm-frameworks/cobit/cobit-enabling-processes-and-the-YaSM-model.jpg 1200w" sizes="100vw" src="https://yasm.com/wiki/en/img/yasm-frameworks/cobit/cobit-enabling-processes-and-the-YaSM-model.jpg" fetchpriority="high" decoding="async" width="480" height="360" class="mw-file-element" alt="COBIT® enabling processes and how they relate to YaSM service management processes - cross-reference." /></a> | |||
<figcaption><span style="font-variant:small-caps;"><b>Fig. 1: What is COBIT® (Control Objectives for Information and Related Technologies)?</b><br /><a href="https://yasm.com/wiki/en/img/yasm-frameworks/cobit/cobit-enabling-processes-and-the-YaSM-model.jpg" title="COBIT® enabling processes and the YaSM service management model">COBIT enabling processes and YaSM service management</a>.</span></figcaption></figure></div></html> | |||
< | __TOC__ | ||
<br style="clear:both;"/> | |||
==<span id="about-cobit">About COBIT®</span>== | ==<span id="about-cobit">About COBIT®</span>== | ||
According to its authors, COBIT is an "overarching framework" for IT governance that is "aligned with other relevant standards and frameworks at a high level" [[#ISACA-2012|[ISACA, 2012]]]. | According to its authors, [https://www.isaca.org/resources/cobit/ COBIT] is an "overarching framework" for IT governance that is "aligned with other relevant standards and frameworks at a high level" [[#ISACA-2012|[ISACA, 2012]]]. | ||
COBIT describes seven categories of "enablers" for the governance and management of enterprise IT: | COBIT describes seven categories of "enablers" for the governance and management of enterprise IT: | ||
Line 33: | Line 61: | ||
Because of its complete set of goals and metrics for IT processes, many organizations use COBIT to improve governance of their information technology operations. | Because of its complete set of goals and metrics for IT processes, many organizations use COBIT to improve governance of their information technology operations. | ||
==<span id="combining-yasm-and-cobit">Using YaSM and COBIT® in combination</span>== | |||
==<span id="combining-yasm-and-cobit">Using | |||
COBIT is less helpful for designing | COBIT is less helpful for designing the [[Service Management Processes|service management processes of an organization]]. Although COBIT defines a process model complete with suggested process activities, its authors concede that "the activities may not be at a sufficient level of detail for implementation, and further guidance may need to be obtained from specific relevant standards and good practice such as ITIL®, ..." [[#ISACA-2012|[ISACA, 2012]]]. | ||
This is where YaSM comes into the picture | This is where YaSM comes into the picture. | ||
[[YaSM and ITIL]] [[#ITIL|[2]]] are well aligned but YaSM is somewhat easier to implement, so using YaSM and COBIT in combination is quite conceivable when setting up a set of service management processes, including a suitable governance framework. We expect, however, that a number of enhancements to the [[Service Management Processes|YaSM service management processes]] will be needed, depending on which particular sets of COBIT goals an organization intends to fulfill. The ITIL® publications and other service management guidance may also be consulted if additional advice is needed for specific topics. | |||
'''''Note:''''' ''YaSM is an independent framework and is not endorsed by the authors of COBIT.'' <br /> | '''''Note:''''' ''YaSM is an independent framework and is not endorsed by the authors of COBIT.'' <br /> | ||
==<span id="cobit-yasm-processes">COBIT® enabling processes and how they relate to YaSM processes</span>== | ==<span id="cobit-yasm-processes">COBIT® enabling processes and how they relate to YaSM processes</span>== | ||
<span id="md-webpage-description" itemprop="description">The following tables highlight which [[Service_Management_Processes|YaSM service management processes]] are related to specific COBIT® enabling processes, to illustrate that YaSM and COBIT share many basic principles:</span> | |||
*[[#domain-edm|Domain: Evaluate, Direct and Monitor (EDM)]] | *[[#domain-edm|Domain: Evaluate, Direct and Monitor (EDM)]] | ||
*[[#domain-apo|Domain: Align, Plan and Organize (APO)]] | *[[#domain-apo|Domain: Align, Plan and Organize (APO)]] | ||
*[[#domain-bai| | *[[#domain-bai|Domain: Build, Acquire and Implement (BAI)]] | ||
*[[#domain-dss| | *[[#domain-dss|Domain: Deliver, Service and Support (DSS)]] | ||
*[[#domain-mea|Domain: Monitor, Evaluate and Assess (MEA)]] | *[[#domain-mea|Domain: Monitor, Evaluate and Assess (MEA)]] | ||
Please note that the aim is not to provide a detailed and scientifically correct cross-reference between the two service management frameworks. | |||
==<span id="domain-edm">Domain: Evaluate, Direct and Monitor (EDM)</span>== | ===<span id="domain-edm">Domain: Evaluate, Direct and Monitor (EDM)</span>=== | ||
{| class="wikitable" style="background: white;" | {| class="wikitable" style="background: white;" | ||
| | |+style="background:#465674;"|<span style="color:#ffffff; font-size: 110%">COBIT domain 'Evaluate, Direct and Monitor (EDM)' and related YaSM processes</span> | ||
|-style="vertical-align:top" | |||
!style="background:# | !style="background:#eeeeee;"|COBIT® enabling pro­cesses | ||
!style="background:# | !style="background:#eeeeee;"|Related YaSM processes | ||
!style="background:#eeeeee;"|Notes | |||
|-style="vertical-align:top" | |-style="vertical-align:top" | ||
|EDM01 Ensure | |EDM01 Ensure Gover­nance Frame­work Setting and Mainte­nance | ||
|style="vertical-align:top" rowspan="5"| | |style="vertical-align:top" rowspan="5"| | ||
*[[LP1: Set the strategic direction]] | *[[LP1: Set the strategic direction]] | ||
*[[SP1: Set up and maintain the service management system]] | *[[SP1: Set up and maintain the service management system|SP1: Set up and maintain the service mgmt. system]] | ||
|style="vertical-align:top" rowspan="5"| | |style="vertical-align:top" rowspan="5"| | ||
*These COBIT processes cannot be related directly to specific YaSM processes. | *These COBIT processes cannot be related directly to specific YaSM processes. | ||
Line 83: | Line 105: | ||
|- | |- | ||
| | | | ||
EDM03 Ensure Risk | EDM03 Ensure Risk Optimi­sation | ||
|- | |- | ||
| | | | ||
EDM04 Ensure Resource | EDM04 Ensure Resource Optimi­sation | ||
|- | |- | ||
| | | | ||
EDM05 Ensure Stake-holder | EDM05 Ensure Stake-holder Transpa­rency | ||
|} | |} | ||
<p> </p> | <p> </p> | ||
< | ===<span id="domain-apo">Domain: Align, Plan and Organize (APO)</span>=== | ||
{| class="wikitable" style="background: white;" | {| class="wikitable" style="background: white;" | ||
| | |+style="background:#465674;"|<span style="color:#ffffff; font-size: 110%">COBIT domain 'Align, Plan and Organize (APO)' and related YaSM processes</span> | ||
|-style="vertical-align:top" | |||
!style="background:# | !style="background:#eeeeee;"|COBIT® enabling pro­cesses | ||
!style="background:# | !style="background:#eeeeee;"|Related YaSM processes | ||
!style="background:#eeeeee;"|Notes | |||
|-style="vertical-align:top" | |-style="vertical-align:top" | ||
|APO01 Manage the IT | |APO01 Manage the IT Manage­ment Frame­work | ||
| | | | ||
*[[SP1: Set up and maintain the service management system]] | *[[SP1: Set up and maintain the service management system|SP1: Set up and maintain the service mgmt. system]] | ||
| | | | ||
*The YaSM process for setting up the SMS is in charge of defining and maintaining a set of suitable service management processes and policies. This includes aspects such as communicating the service provider's objectives, establishing responsibilities, tracking compliance with the defined policies and processes, and continually improving the processes. | *The YaSM process for setting up the SMS is in charge of defining and maintaining a set of suitable service management processes and policies. This includes aspects such as communicating the service provider's objectives, establishing responsibilities, tracking compliance with the defined policies and processes, and continually improving the processes. | ||
|-style="vertical-align:top" | |-style="vertical-align:top" | ||
|APO02 Manage Strategy | |<span id="COBIT-Manage-Strategy">APO02 Manage Strategy</span> | ||
| | | | ||
*[[LP1: Set the strategic direction]] | *[[LP1: Set the strategic direction]] | ||
Line 117: | Line 137: | ||
*-/- | *-/- | ||
|-style="vertical-align:top" | |-style="vertical-align:top" | ||
|APO03 Manage | |APO03 Manage Enter­prise Archi­tecture | ||
| | | | ||
*[[LP1: Set the strategic direction]] | *[[LP1: Set the strategic direction]] | ||
*[[SP1: Set up and maintain the service management system]] | *[[SP1: Set up and maintain the service management system|SP1: Set up and maintain the service mgmt. system]] | ||
*[[SP4: Manage configuration information]] | *[[SP4: Manage configuration information|SP4: Manage config. infor­mation]] | ||
| | | | ||
*This COBIT process cannot be related directly to specific YaSM processes. | *This COBIT process cannot be related directly to specific YaSM processes. | ||
*A number of YaSM processes maintain information which is generally under-stood to be part of the enterprise architecture, for example: | *A number of YaSM processes maintain information which is generally under-stood to be part of the enterprise architecture, for example: | ||
**The process for setting up the SMS maintains a model of the organization's processes. | **The process for setting up the SMS maintains a model of the organization's processes. | ||
**The configuration management process maintains a configuration model, which typically includes information about applications and their | **The configuration management process maintains a configuration model, which typically includes information about applications and their inter­relationships. | ||
**The strategic process contains activities to produce a roadmap for the future development of the technical infrastructure. | **The strategic process contains activities to produce a roadmap for the future development of the technical infrastructure. | ||
|-style="vertical-align:top" | |-style="vertical-align:top" | ||
|APO04 Manage | |APO04 Manage Inno­vation | ||
| | | | ||
*[[LP1: Set the strategic direction]] | *[[LP1: Set the strategic direction]] | ||
*[[SP3: Manage customer relationships]] | *[[SP3: Manage customer relationships|SP3: Manage customer relation­ships]] | ||
*[[SP11: Manage suppliers]] | *[[SP11: Manage suppliers]] | ||
| | | | ||
Line 142: | Line 162: | ||
*[[LP1: Set the strategic direction]] | *[[LP1: Set the strategic direction]] | ||
*[[SP2: Maintain the service portfolio]] | *[[SP2: Maintain the service portfolio]] | ||
*[[SP4: Manage configuration information]] | *[[SP4: Manage configuration information|SP4: Manage config. infor­mation]] | ||
*[[SP12: Manage service financials]] | *[[SP12: Manage service financials]] | ||
| | | | ||
Line 160: | Line 180: | ||
*[[LP2: Design new or changed services]] | *[[LP2: Design new or changed services]] | ||
*[[LP4: Operate the services]] | *[[LP4: Operate the services]] | ||
*[[SP1: Set up and maintain the service management system]] | *[[SP1: Set up and maintain the service management system|SP1: Set up and maintain the service mgmt. system]] | ||
*[[SP10: Manage human resources]] | *[[SP10: Manage human resources]] | ||
| | | | ||
Line 167: | Line 187: | ||
*Once services and processes are implemented, tracking of human resources usage and planning of staffing levels is done as part of service and process operation. | *Once services and processes are implemented, tracking of human resources usage and planning of staffing levels is done as part of service and process operation. | ||
|-style="vertical-align:top" | |-style="vertical-align:top" | ||
|APO08 Manage | |APO08 Manage Relation­ships | ||
| | | | ||
*[[SP3: Manage customer relationships]] | *[[SP3: Manage customer relationships|SP3: Manage customer relation­ships]] | ||
| | | | ||
*-/- | *-/- | ||
|-style="vertical-align:top" | |-style="vertical-align:top" | ||
|APO09 Manage Service | |APO09 Manage Service Agree­ments | ||
| | | | ||
*[[LP2: Design new or changed services]] | *[[LP2: Design new or changed services]] | ||
Line 179: | Line 199: | ||
*[[LP5: Improve the services]] | *[[LP5: Improve the services]] | ||
*[[SP2: Maintain the service portfolio]] | *[[SP2: Maintain the service portfolio]] | ||
*[[SP3: Manage customer relationships]] | *[[SP3: Manage customer relationships|SP3: Manage customer relation­ships]] | ||
| | | | ||
*The service portfolio process identifies the services, maintains the service portfolio and publishes service catalogues, as appropriate. | *The service portfolio process identifies the services, maintains the service portfolio and publishes service catalogues, as appropriate. | ||
Line 207: | Line 227: | ||
*[[LP1: Set the strategic direction]] | *[[LP1: Set the strategic direction]] | ||
*[[SP7: Ensure security]] | *[[SP7: Ensure security]] | ||
*[[SP8: | *[[SP8: Ensure continuity]] | ||
| | | | ||
*Risks affecting the service provider's business model as a whole are assessed during strategic reviews. This may lead to the definition and implementation of suitable responses to the identified strategic risks. | *Risks affecting the service provider's business model as a whole are assessed during strategic reviews. This may lead to the definition and implementation of suitable responses to the identified strategic risks. | ||
*A number of other YaSM processes are tasked with managing risks of particular types, for example security risks or risks associated with | *A number of other YaSM processes are tasked with managing risks of particular types, for example security risks or risks associated with critical, disruptive events. | ||
|-style="vertical-align:top" | |-style="vertical-align:top" | ||
|APO13 Manage Security</span> | |APO13 Manage Security</span> | ||
Line 219: | Line 239: | ||
|} | |} | ||
<p> </p> | <p> </p> | ||
==<span id="domain-bai">Domain: Build, Acquire and Implement (BAI)</span>== | ===<span id="domain-bai">Domain: Build, Acquire and Implement (BAI)</span>=== | ||
{| class="wikitable" style="background: white;" | {| class="wikitable" style="background: white;" | ||
| | |+style="background:#465674;"|<span style="color:#ffffff; font-size: 110%">COBIT domain 'Build, Acquire and Implement (BAI)' and related YaSM processes</span> | ||
|-style="vertical-align:top" | |||
!style="background:# | !style="background:#eeeeee;"|COBIT® enabling pro­cesses | ||
!style="background:# | !style="background:#eeeeee;"|Related YaSM processes | ||
!style="background:#eeeeee;"|Notes | |||
|-style="vertical-align:top" | |-style="vertical-align:top" | ||
|BAI01 Manage | |BAI01 Manage Pro­grammes and Projects | ||
| | | | ||
*[[SP6: Manage projects]] | *[[SP6: Manage projects]] | ||
Line 238: | Line 256: | ||
*-/- | *-/- | ||
|-style="vertical-align:top" | |-style="vertical-align:top" | ||
|BAI02 Manage | |BAI02 Manage Require­ments Definition | ||
| | | | ||
*[[LP2: Design new or changed services]] | *[[LP2: Design new or changed services]] | ||
Line 244: | Line 262: | ||
*-/- | *-/- | ||
|-style="vertical-align:top" | |-style="vertical-align:top" | ||
|BAI03 Manage Solutions | |BAI03 Manage Solutions Identi­fication and Build | ||
| | | | ||
*[[LP2: Design new or changed services]] | *[[LP2: Design new or changed services]] | ||
Line 255: | Line 273: | ||
*The service portfolio process is responsible for updating the service portfolio. | *The service portfolio process is responsible for updating the service portfolio. | ||
|-style="vertical-align:top" | |-style="vertical-align:top" | ||
|BAI04 Manage | |<span id="Manage-Availability-and-Capacity">BAI04 Manage Availa­bility and Capacity</span> | ||
| | | | ||
*[[LP2: Design new or changed services]] | *[[LP2: Design new or changed services]] | ||
Line 264: | Line 282: | ||
*Both YaSM and COBIT stipulate that service availability and capacity must be managed, but YaSM does not contain specific capacity and availability management processes. Rather, service capacity and availability is treated as an aspect of services to be managed through the service lifecycle processes. | *Both YaSM and COBIT stipulate that service availability and capacity must be managed, but YaSM does not contain specific capacity and availability management processes. Rather, service capacity and availability is treated as an aspect of services to be managed through the service lifecycle processes. | ||
|-style="vertical-align:top" | |-style="vertical-align:top" | ||
|BAI05 Manage | |BAI05 Manage Organi­sational Change Enable­ment | ||
| | | | ||
*[[LP1: Set the strategic direction]] | *[[LP1: Set the strategic direction]] | ||
*[[LP2: Design new or changed services]] | *[[LP2: Design new or changed services]] | ||
*[[LP3: Build new or changed services]] | *[[LP3: Build new or changed services]] | ||
*[[SP1: Set up and maintain the service management system]] | *[[SP1: Set up and maintain the service management system|SP1: Set up and maintain the service mgmt. system]] | ||
| | | | ||
*This COBIT process cannot be related directly to specific YaSM processes. | *This COBIT process cannot be related directly to specific YaSM processes. | ||
Line 281: | Line 299: | ||
*-/- | *-/- | ||
|-style="vertical-align:top" | |-style="vertical-align:top" | ||
|BAI07 Manage Change | |BAI07 Manage Change Accep­tance and Transi­tioning | ||
| | | | ||
*[[LP2: Design new or changed services]] | *[[LP2: Design new or changed services]] | ||
Line 290: | Line 308: | ||
*The actual implementation of new services is performed by the service build process. | *The actual implementation of new services is performed by the service build process. | ||
|-style="vertical-align:top" | |-style="vertical-align:top" | ||
|BAI08 Manage | |BAI08 Manage Knowledge | ||
| | | | ||
*-/- | *-/- | ||
Line 302: | Line 320: | ||
*[[LP3: Build new or changed services]] | *[[LP3: Build new or changed services]] | ||
*[[LP4: Operate the services]] | *[[LP4: Operate the services]] | ||
*[[SP4: Manage configuration information]] | *[[SP4: Manage configuration information|SP4: Manage config. infor­mation]] | ||
*[[SP11: Manage suppliers]] | *[[SP11: Manage suppliers]] | ||
*[[SP12: Manage service financials]] | *[[SP12: Manage service financials]] | ||
Line 313: | Line 331: | ||
*Licenses are managed by the supplier management process, supported by the configuration management process. | *Licenses are managed by the supplier management process, supported by the configuration management process. | ||
|-style="vertical-align:top" | |-style="vertical-align:top" | ||
|BAI10 Manage | |BAI10 Manage Configu­ration | ||
| | | | ||
*[[SP4: Manage configuration information]] | *[[SP4: Manage configuration information|SP4: Manage config. infor­mation]] | ||
| | | | ||
*-/- | *-/- | ||
|} | |} | ||
<p> </p> | <p> </p> | ||
==<span id="domain-dss">Domain: Deliver, Service and Support (DSS)</span>== | ===<span id="domain-dss">Domain: Deliver, Service and Support (DSS)</span>=== | ||
{| class="wikitable" style="background: white;" | {| class="wikitable" style="background: white;" | ||
| | |+style="background:#465674;"|<span style="color:#ffffff; font-size: 110%">COBIT domain 'Deliver, Service and Support (DSS)' and related YaSM processes</span> | ||
|-style="vertical-align:top" | |||
!style="background:# | !style="background:#eeeeee;"|COBIT® enabling pro­cesses | ||
!style="background:# | !style="background:#eeeeee;"|Related YaSM processes | ||
!style="background:#eeeeee;"|Notes | |||
|-style="vertical-align:top" | |-style="vertical-align:top" | ||
|DSS01 Manage Operations | |DSS01 Manage Operations | ||
Line 353: | Line 371: | ||
|DSS04 Manage Continuity | |DSS04 Manage Continuity | ||
| | | | ||
*[[SP8: | *[[SP8: Ensure continuity]] | ||
| | | | ||
*-/- | *-/- | ||
Line 369: | Line 387: | ||
*[[LP3: Build new or changed services]] | *[[LP3: Build new or changed services]] | ||
*[[LP4: Operate the services]] | *[[LP4: Operate the services]] | ||
*[[SP1: Set up and maintain the service management system]] | *[[SP1: Set up and maintain the service management system|SP1: Set up and maintain the service mgmt. system]] | ||
*[[SP7: Ensure security]] | *[[SP7: Ensure security]] | ||
| | | | ||
Line 376: | Line 394: | ||
|} | |} | ||
<p> </p> | <p> </p> | ||
==<span id="domain-mea">Domain: Monitor, Evaluate and Assess (MEA)</span>== | ===<span id="domain-mea">Domain: Monitor, Evaluate and Assess (MEA)</span>=== | ||
{| class="wikitable" style="background: white;" | {| class="wikitable" style="background: white;" | ||
| | |+style="background:#465674;"|<span style="color:#ffffff; font-size: 110%">COBIT domain 'Monitor, Evaluate and Assess (MEA)' and related YaSM processes</span> | ||
|-style="vertical-align:top" | |||
!style="background:# | !style="background:#eeeeee;"|COBIT® enabling pro­cesses | ||
!style="background:# | !style="background:#eeeeee;"|Related YaSM processes | ||
!style="background:#eeeeee;"|Notes | |||
|-style="vertical-align:top" | |-style="vertical-align:top" | ||
|MEA01 Monitor, Evaluate and Assess | |MEA01 Monitor, Evaluate and Assess Per­formance and Con­formance | ||
| | | | ||
*[[SP1: Set up and maintain the service management system]] | *[[SP1: Set up and maintain the service management system|SP1: Set up and maintain the service mgmt. system]] | ||
| | | | ||
*Process performance management and monitoring of conformance to the defined processes is the responsibility of YaSM's process for maintaining the SMS. This includes, in particular, the definition of process goals and metrics, collection of data and initiation of corrective action if required. | *Process performance management and monitoring of conformance to the defined processes is the responsibility of YaSM's process for maintaining the SMS. This includes, in particular, the definition of process goals and metrics, collection of data and initiation of corrective action if required. | ||
Line 397: | Line 413: | ||
|MEA02 Monitor, Evaluate and Assess the System of Internal Control | |MEA02 Monitor, Evaluate and Assess the System of Internal Control | ||
| | | | ||
*[[SP1: Set up and maintain the service management system]] | *[[SP1: Set up and maintain the service management system|SP1: Set up and maintain the service mgmt. system]] | ||
| | | | ||
*This COBIT process cannot be related directly to specific YaSM processes. | *This COBIT process cannot be related directly to specific YaSM processes. | ||
*The system of internal control is effectively defined by specifying a number of suitable processes and policies. This means the YaSM process for maintaining the SMS is predominantly in charge of monitoring and assessing the system of internal control. | *The system of internal control is effectively defined by specifying a number of suitable processes and policies. This means the YaSM process for maintaining the SMS is predominantly in charge of monitoring and assessing the system of internal control. | ||
|-style="vertical-align:top" | |-style="vertical-align:top" | ||
|MEA03 Monitor, Evaluate and Assess | |MEA03 Monitor, Evaluate and Assess Com­pliance with External Require­ments | ||
| | | | ||
*[[LP4: Operate the services]] | *[[LP4: Operate the services]] | ||
*[[SP1: Set up and maintain the service management system]] | *[[SP1: Set up and maintain the service management system|SP1: Set up and maintain the service mgmt. system]] | ||
*[[SP9: Ensure compliance]] | *[[SP9: Ensure compliance]] | ||
| | | | ||
Line 415: | Line 431: | ||
**Technical mechanisms. | **Technical mechanisms. | ||
|} | |} | ||
==References== | ==References== | ||
*<span id="ISACA-2012">[ISACA, 2012]. - Information Systems Audit and Control Association (ISACA): COBIT 5: Enabling Processes. - Rolling Meadows, IL, USA, 2012.</span> | *<span id="ISACA-2012">[ISACA, 2012]. - Information Systems Audit and Control Association (ISACA): COBIT 5: Enabling Processes. - Rolling Meadows, IL, USA, 2012.</span> | ||
==External links== | ==External links== | ||
*[COBIT browsing page]. -- ISACA International ("ISACA"): [https:// | *[COBIT browsing page]. -- ISACA International ("ISACA"): [https://www.isaca.org/resources/cobit/ https://www.isaca.org/resources/cobit/]. -- The COBIT resource center for governance and management of enterprise IT. - ISACA; Rolling Meadows, IL 60008, USA. | ||
== Notes == | |||
<span id="COBIT">[1] COBIT® is a registered trademark of ISACA (Information Systems Audit and Control Association).</span><br /> | |||
[2] <span id="ITIL">ITIL® is a registered trade mark of AXELOS Limited.</span> | |||
Is based on: The [https://yasm.com/en/products/yasm-process-map YaSM Process Map]. - Document: "YaSM and COBIT®". | |||
== | <html>By:  Stefan Kempter <a href="https://www.linkedin.com/in/stefankempter"><img style="margin:0px 0px 0px 0px;" src="/wiki/en/img/yasm-wiki/bookmarking/linkedin.jpg" width="16" height="16" title="By: Stefan Kempter | Profile on LinkedIn" alt="Author: Stefan Kempter, IT Process Maps GbR" /></a>  and  Andrea Kempter <a href="https://www.linkedin.com/in/andreakempter"><img style="margin:0px 0px 0px 0px;" src="/wiki/en/img/yasm-wiki/bookmarking/linkedin.jpg" width="16" height="16" title="By: Andrea Kempter | Profile on LinkedIn" alt="Contributor: Andrea Kempter, IT Process Maps GbR" /></a>, IT Process Maps. | ||
< | <p> </p> | ||
</ | |||
<p><small> | <p><small> | ||
<span itemscope="itemscope | <span itemprop="breadcrumb" itemscope itemtype="http://schema.org/BreadcrumbList"> | ||
<a href="https://yasm.com/wiki/en/index.php/YaSM_and_COBIT# | <span itemprop="itemListElement" itemscope itemtype="http://schema.org/ListItem"> | ||
</span> | <a itemprop="item" href="https://yasm.com/wiki/en/index.php/YaSM_and_COBIT#COBIT.C2.AE_enabling_processes_and_how_they_relate_to_YaSM_processes"> | ||
<span | <span itemprop="name">COBIT® and related YaSM processes</span></a> | ||
<a href="https://yasm.com/wiki/en/index.php/YaSM_and_COBIT# | <meta itemprop="position" content="1" /></span> › | ||
</span> | <span itemprop="itemListElement" itemscope itemtype="http://schema.org/ListItem"> | ||
<span | <a itemprop="item" href="https://yasm.com/wiki/en/index.php/YaSM_and_COBIT#Domain:_Align.2C_Plan_and_Organize_.28APO.29"> | ||
<a href="https://yasm.com/wiki/en/index.php/YaSM_and_COBIT# | <span itemprop="name">Domain APO</span></a> | ||
</span> | <meta itemprop="position" content="2" /></span> › | ||
<span | <span itemprop="itemListElement" itemscope itemtype="http://schema.org/ListItem"> | ||
<a href="https://yasm.com/wiki/en/index.php/YaSM_and_COBIT# | <a itemprop="item" href="https://yasm.com/wiki/en/index.php/YaSM_and_COBIT#Domain:_Build.2C_Acquire_and_Implement_.28BAI.29"> | ||
</span> | <span itemprop="name">Domain BAI</span></a> | ||
<span | <meta itemprop="position" content="3" /></span> › | ||
<a href="https://yasm.com/wiki/en/index.php/YaSM_and_COBIT# | <span itemprop="itemListElement" itemscope itemtype="http://schema.org/ListItem"> | ||
<a itemprop="item" href="https://yasm.com/wiki/en/index.php/YaSM_and_COBIT#Domain:_Deliver.2C_Service_and_Support_.28DSS.29"> | |||
<span itemprop="name">Domain DSS</span></a> | |||
<meta itemprop="position" content="4" /></span> › | |||
<span itemprop="itemListElement" itemscope itemtype="http://schema.org/ListItem"> | |||
<a itemprop="item" href="https://yasm.com/wiki/en/index.php/YaSM_and_COBIT#Domain:_Monitor.2C_Evaluate_and_Assess_.28MEA.29"> | |||
<span itemprop="name">Domain MEA</span></a> | |||
<meta itemprop="position" content="5" /></span> | |||
</span> | </span> | ||
</small></p> | </small></p> | ||
</ | |||
<!-- define schema.org/WebPage --> <span itemid="https://yasm.com/wiki/en/index.php/YaSM_and_COBIT" itemscope itemtype="https://schema.org/WebPage" itemref="md-webpage-description"> | |||
<meta itemprop="educationalUse" content="Which YaSM service management processes are related to specific COBIT® enabling processes." /> | |||
<meta itemprop="name Headline" content="YaSM and COBIT" /> | |||
<meta itemprop="alternativeHeadline" content="YaSM and COBIT® (Control Objectives for Information and Related Technologies)" /> | |||
<link itemprop="url" href="https://yasm.com/wiki/en/index.php/YaSM_and_COBIT" /> | |||
<link itemprop="primaryImageOfPage" href="https://yasm.com/wiki/en/img/yasm-frameworks/cobit/cobit-enabling-processes-and-the-YaSM-model.jpg" /> | |||
<link itemprop="isPartOf" href="https://yasm.com/wiki/en/index.php/What_is_YaSM#yasm-other-service-management-frameworks" /> | |||
<meta itemprop="isBasedOnUrl" content="https://yasm.com/en/products/yasm-process-map" /> | |||
<meta itemprop="inLanguage" content="en" /> | |||
<link itemprop="publisher" href="https://yasm.com/en/#YaSMBrand" /> | |||
<link itemprop="copyrightHolder creator" href="https://yasm.com/en/contact#ITProcessMapsOrg" /> | |||
<link itemprop="author" href="https://yasm.com/en/misc/team#StefanKempter" /> | |||
<link itemprop="contributor" href="https://yasm.com/en/misc/team#AndreaKempter" /> | |||
</span><p></html> | |||
<!-- This page is assigned to the following categories: --> | <!-- This page is assigned to the following categories: --> | ||
[[Category:Service management frameworks and standards]] | [[Category:Service management frameworks and standards]] | ||
<!-- --- --> | <!-- --- --> |
Latest revision as of 10:57, 10 August 2024
Comparison: YaSM and COBIT® (Control Objectives for Information and Related Technologies)
Part of: YaSM vs. other service management frameworks and standards
YaSM® was developed with COBIT® (Control Objectives for Information and Related Technologies) [1] in mind, but YaSM is not a "COBIT process model".
About COBIT®
According to its authors, COBIT is an "overarching framework" for IT governance that is "aligned with other relevant standards and frameworks at a high level" [ISACA, 2012].
COBIT describes seven categories of "enablers" for the governance and management of enterprise IT:
- Principles, policies and frameworks
- Processes
- Organizational structures
- Culture, ethics and behavior
- Information
- Services, infrastructure and applications
- People, skills and competencies.
COBIT's "enabling processes" are defined in the COBIT Process Reference Model. For each process in the reference model, COBIT specifies a number of dimensions such as a set of goals, metrics, inputs, outputs, management practices and activities. The COBIT product set also includes a process capability model which can be used to assess the maturity of an organization's IT-related processes, as well as an implementation guide.
Because of its complete set of goals and metrics for IT processes, many organizations use COBIT to improve governance of their information technology operations.
Using YaSM and COBIT® in combination
COBIT is less helpful for designing the service management processes of an organization. Although COBIT defines a process model complete with suggested process activities, its authors concede that "the activities may not be at a sufficient level of detail for implementation, and further guidance may need to be obtained from specific relevant standards and good practice such as ITIL®, ..." [ISACA, 2012].
This is where YaSM comes into the picture.
YaSM and ITIL [2] are well aligned but YaSM is somewhat easier to implement, so using YaSM and COBIT in combination is quite conceivable when setting up a set of service management processes, including a suitable governance framework. We expect, however, that a number of enhancements to the YaSM service management processes will be needed, depending on which particular sets of COBIT goals an organization intends to fulfill. The ITIL® publications and other service management guidance may also be consulted if additional advice is needed for specific topics.
Note: YaSM is an independent framework and is not endorsed by the authors of COBIT.
COBIT® enabling processes and how they relate to YaSM processes
The following tables highlight which YaSM service management processes are related to specific COBIT® enabling processes, to illustrate that YaSM and COBIT share many basic principles:
- Domain: Evaluate, Direct and Monitor (EDM)
- Domain: Align, Plan and Organize (APO)
- Domain: Build, Acquire and Implement (BAI)
- Domain: Deliver, Service and Support (DSS)
- Domain: Monitor, Evaluate and Assess (MEA)
Please note that the aim is not to provide a detailed and scientifically correct cross-reference between the two service management frameworks.
Domain: Evaluate, Direct and Monitor (EDM)
COBIT® enabling processes | Related YaSM processes | Notes |
---|---|---|
EDM01 Ensure Governance Framework Setting and Maintenance |
| |
EDM02 Ensure Benefits Delivery | ||
EDM03 Ensure Risk Optimisation | ||
EDM04 Ensure Resource Optimisation | ||
EDM05 Ensure Stake-holder Transparency |
Domain: Align, Plan and Organize (APO)
COBIT® enabling processes | Related YaSM processes | Notes |
---|---|---|
APO01 Manage the IT Management Framework |
| |
APO02 Manage Strategy |
| |
APO03 Manage Enterprise Architecture |
| |
APO04 Manage Innovation |
| |
APO05 Manage Portfolio |
| |
APO06 Manage Budget and Costs |
| |
APO07 Manage Human Resources |
| |
APO08 Manage Relationships |
| |
APO09 Manage Service Agreements |
| |
APO10 Manage Suppliers |
| |
APO11 Manage Quality |
| |
APO12 Manage Risk |
| |
APO13 Manage Security |
|
Domain: Build, Acquire and Implement (BAI)
COBIT® enabling processes | Related YaSM processes | Notes |
---|---|---|
BAI01 Manage Programmes and Projects |
| |
BAI02 Manage Requirements Definition |
| |
BAI03 Manage Solutions Identification and Build |
| |
BAI04 Manage Availability and Capacity |
| |
BAI05 Manage Organisational Change Enablement |
| |
BAI06 Manage Changes |
| |
BAI07 Manage Change Acceptance and Transitioning |
| |
BAI08 Manage Knowledge |
|
|
BAI09 Manage Assets |
| |
BAI10 Manage Configuration |
|
Domain: Deliver, Service and Support (DSS)
COBIT® enabling processes | Related YaSM processes | Notes |
---|---|---|
DSS01 Manage Operations |
| |
DSS02 Manage Service Requests and Incidents |
| |
DSS03 Manage Problems |
| |
DSS04 Manage Continuity |
| |
DSS05 Manage Security Services |
| |
DSS06 Manage Business Process Controls |
|
Domain: Monitor, Evaluate and Assess (MEA)
COBIT® enabling processes | Related YaSM processes | Notes |
---|---|---|
MEA01 Monitor, Evaluate and Assess Performance and Conformance |
| |
MEA02 Monitor, Evaluate and Assess the System of Internal Control |
| |
MEA03 Monitor, Evaluate and Assess Compliance with External Requirements |
|
References
- [ISACA, 2012]. - Information Systems Audit and Control Association (ISACA): COBIT 5: Enabling Processes. - Rolling Meadows, IL, USA, 2012.
External links
- [COBIT browsing page]. -- ISACA International ("ISACA"): https://www.isaca.org/resources/cobit/. -- The COBIT resource center for governance and management of enterprise IT. - ISACA; Rolling Meadows, IL 60008, USA.
Notes
[1] COBIT® is a registered trademark of ISACA (Information Systems Audit and Control Association).
[2] ITIL® is a registered trade mark of AXELOS Limited.
Is based on: The YaSM Process Map. - Document: "YaSM and COBIT®".
By: Stefan Kempter and Andrea Kempter , IT Process Maps.
COBIT® and related YaSM processes › Domain APO › Domain BAI › Domain DSS › Domain MEA