Fadak - ITSM ITIL COBIT - Concept of Best Management Practice (ITSM ITIL COBIT)
: 2018-02-28Visitor Count : 159

Concept of Best Management Practice (ITSM ITIL COBIT)


  1. IT service management
  2. ITIL
  3. COBIT
    1. The COBIT framework
    2. Framework and components

Best management practice (BMP): Methods or techniques found to be the most effective and practical means in achieving an objective (such as preventing or minimizing pollution) while making the optimum use of the firm's resources.

IT service management

IT service management (ITSM) refers to the entirety of activities – directed by policies, organized and structured in processes and supporting procedures – that are performed by an organization to design, plan, deliver, operate and control information technology (IT) services offered to customers.[1] It is thus concerned with the implementation of IT services that meet customers' needs, and it is performed by the IT service provider through an appropriate mix of people, process and information technology.[2]

Differing from more technology-oriented IT management approaches like network management and IT systems management, IT service management is characterized by adopting a process approach towards management, focusing on customer needs and IT services for customers rather than IT systems, and stressing continual improvement. The CIO WaterCoolers' annual ITSM report states that business use ITSM "mostly in support of customer experience (35%) and service quality (48%).

IT service management

ITIL

ITIL, formally an acronym for Information Technology Infrastructure Library, is a set of detailed practices for IT service management (ITSM) that focuses on aligning IT services with the needs of business. In its current form (known as ITIL 2011), ITIL is published as a series of five core volumes, each of which covers a different ITSM lifecycle stage. Although ITIL underpins ISO/IEC 20000 (previously BS 15000), the International Service Management Standard for IT service management, there are some differences between the ISO 20000 standard and the ITIL framework.

ITIL describes processes, procedures, tasks, and checklists which are not organization-specific, but can be applied by an organization for establishing integration with the organization's strategy, delivering value, and maintaining a minimum level of competency. It allows the organization to establish a baseline from which it can plan, implement, and measure. It is used to demonstrate compliance and to measure improvement. (It is to be noted that there is no formal independent 3rd Party Compliance Assessment available for ITIL compliance in an organisation, Certification in ITIL is only available to individuals and relates to their knowledge of the 5 books)

Since July 2013, ITIL has been owned by AXELOS, a joint venture between Capita and the UK Cabinet Office. AXELOS licenses organisations to use the ITIL intellectual property, accredits licensed examination institutes, and manages updates to the framework. Organizations that wish to implement ITIL internally do not require this license.

ITIL

COBIT

COBIT (Control Objectives for Information and Related Technologies) is a good-practice framework created by international professional association ISACA for information technology (IT) management and IT governance. COBIT provides an implementable "set of controls over information technology and organizes them around a logical framework of IT-related processes and enablers.

The COBIT framework

COBIT was initially "Control Objectives for Information and Related Technologies," though before the release of the framework people talked of "CobiT" as "Control Objectives for IT"[8] or "Control Objectives for Information and Related Technology."[9] The framework defines a set of generic processes for the management of IT, with each process defined together with process inputs and outputs, key process-activities, process objectives, performance measures and an elementary maturity model. COBIT also provides a set of recommended best practices for governance and control process of information systems and technology with the essence of aligning IT with business. COBIT 5 consolidates COBIT 4.1, Val IT and Risk IT into a single framework acting as an enterprise framework aligned and interoperable with other frameworks and standards.[1]

Framework and components

The business orientation of COBIT consists of linking business goals to IT goals, providing metrics and maturity models to measure their achievement, and identifying the associated responsibilities of business and IT process owners.
The process focus of COBIT is illustrated by a process model that subdivides IT into four domains (Plan and Organize; Acquire and Implement; Deliver and Support; and Monitor and Evaluate) and 34 processes inline with the responsibility areas of plan, build, run, and monitor. It is positioned at a high level and has been aligned and harmonized with other, more detailed IT standards and good practices such as COSO, ITIL, BiSL, ISO 27000, CMMI, TOGAF and PMBOK. COBIT acts as an integrator of these different guidance materials, summarizing key objectives under one umbrella framework that link the good practice models with governance and business requirements.[1] COBIT 5 further consolidated and integrated the COBIT 4.1, Val IT 2.0 and Risk IT frameworks and drew from ISACA's IT Assurance Framework (ITAF) and the Business Model for Information Security (BMIS).
The framework and its components can, when utilized well, also contribute to ensuring regulatory compliance. It can encourage less wasteful information management, improve retention schedules, increase business agility, and lower costs while better complying with data retention and management regulations.[10]
COBIT components include:
- Framework: Organizes IT governance objectives and good practices by IT domains and processes and link them to business requirements.
    Process descriptions: A reference process model and common language for everyone in an organization. The processes map to responsibility areas of plan, build, run, and monitor.
- Control objectives: Provides a complete set of high-level requirements to be considered by management for effective control of each IT process.
- Management guidelines: Helps assign responsibility, agree on objectives, measure performance, and illustrate interrelationship with other processes.
- Maturity models: Assesses maturity and capability per process and helps to address gaps.

COBIT


        

2000-2016 CMS Fadak. ||| Version : 4.2-b1 ||| This page was produced in : 0.002 Seconds