COBIT® 5 Enabler 2 Tutorial

This lesson provides a detailed understanding of the second enabler of COBIT® 5 (part of COBIT® 5 Foundation Certification Course).
Let us begin with the objectives of this lesson.

Objectives

By the end of 'COBIT® 5 Enabler 2' lesson, you will be able to:

  • Explain enabler 2 of COBIT® 5 

  • Describe COBIT® 5 Process Reference Model structure

  • Discuss process goals and their categories 

  • Explain the relationship between enabler 2 and others

Let us move on to the next section to discuss the second enabler of COBIT® 5.

Enabler 2—Processes

The image below depicts the second enabler of COBIT®5, which is processes.
COBIT 5 Enabler 2
The processes enabler complements COBIT® 5 by providing a detailed reference guide, called ‘COBIT® 5: Enabling Processes’, to the processes defined in the COBIT® 5 Process Reference Model or PRM.
In the processes enabler: 

  • the COBIT® 5 goals cascade is recapitulated and complemented with a set of example metrics for the enterprise goals and the IT-related goals. 

  • the COBIT® 5 process model is explained, and its components are defined. 

  • the detailed process information is given for all 37 COBIT® 5 processes shown in the PRM. 

In the next section, we will understand some of the key terms related to a process.

Curious about the COBIT® 5 Course? Check out our Course Preview!

Process—Key Terms

The following are some of the key terms associated with a process. 

  • Process
    - A process is defined as a collection of practices influenced by the enterprise’s policies and procedures that takes inputs from a number of sources, including other processes, manipulates the inputs and produces outputs, for example, products and services. 

  • Process Practices
    - Process practices are defined as the guidance required to achieve the process goals. 

  • Process Activities
    - Process Activities are defined as the guidance to achieve the management practices for successful governance and management of enterprise IT. 

  • Inputs and Outputs
    - Inputs and Outputs are the process work products or artifacts which are considered necessary to support the operation of the process. 

In the next section, let us look into the lifecycle and good practices dimensions of the processes enabler.

Processes—Life Cycle and Good Practices

The image shown below depicts the lifecycle and good practices dimensions of the processes enabler.
Lifecycle and Good Practices Dimension
Each process has a lifecycle, where process has to be created, executed, monitored and adjusted when required, and eventually, the process will cease to exist.

The main activities or phases of each process in the lifecycle dimension are plan, design, build or acquire, create or implement, use or operate, evaluate or monitor and update or dispose.

Good practice is a proven activity or process that has been successfully used by multiple enterprises. It has been shown to produce reliable results. The good practices for each enabler contain the practices, work, and products including both inputs and outputs.

In the next section, we will focus on the COBIT® 5 PRM domains.

COBIT® 5 PRM Domains

The processes enabler complements COBIT® 5 and includes a detailed reference guide to the processes that are defined in the COBIT® 5 Process Reference Model. 

  • The COBIT® 5 goals cascade is recapitulated and complemented with a set of example metrics for the enterprise goals and the IT-related goals. 

  • The COBIT® 5 process model is explained and its components are defined. 

The image shown below depicts the 37 COBIT® 5 processes.
37 COBIT 5 Processes
The enabler process guide contains the detailed information on all 37 COBIT® 5 processes as shown in the Process Reference Model.
In the next section, we will understand the COBIT® 5 Process Reference Model structure.


COBIT® 5 Process Reference Model Structure

The structure of the PRM Template, based on the ISO/IEC 15504 process definitions and structure, is described here. The COBIT® 5 process reference model subdivides the IT-related practices and activities of the enterprise into two main areas, namely, governance and management.

Governance

Management

  • The governance domain contains five governance processes. 

  • Within each process, the Evaluate, Direct and Monitor or EDM (read as E-D-M) practices are defined

  • The management includes four management domains which are in line with the responsibility areas of Plan, Build, Run and Monitor or PBRM

  • The four management domains are:

- Align, Plan and Organise or APO, which contains 13 processes

- Build, Acquire and Implement or BAI, which contains 10 processes

- Deliver, Service and Support or DSS, which contains 6 processes

- Monitor, Evaluate and Assess or MEA, which contains 3 processes

All these processes add up to the 37 processes, out of which 32 relates to management and 5 relates to governance.
In the next section, we will discuss the components of a process.

Components of a Process

The image shown below depicts the various components of a process. 
Components of a Process

Each process is divided into:

  • process description

  • process purpose statement

  • IT-related goals and 

  • process goals which are also referred to as enabler goals in the goals cascade.

Each IT-related goal is associated with a set of generic related metrics. Each process goal is associated with a set of generic metrics, and each process contains a set of management practices. 

  • These are associated with a generic Responsible, Accountable, Consulted and Informed or RACI (read as one word ‘RACY’) chart. 

  • Each management practice contains a set of inputs and outputs called work products. 

  • Each management practice is associated with a set of activities. 

In the next section, let us understand the process goals and its categories.

Want to check course preview of our COBIT® 5? Click here to watch!

Process Goals

Process goals are defined as a statement describing the desired outcome of a process. An outcome can be an artifact, a significant change of state or a significant capability improvement of other processes.

Process goals are a part of the goals cascade in which they are linked to the IT-related goals. The IT-related goals are further linked to the enterprise goals.
The three categories of process goals are as follows. 

  • The first category is intrinsic goals
    - They ensure that the processes are in line with the good practices applied. 
    - They also ensure that the processes are complying with the internal and external rules specified in and applied to the enterprise respectively. 
    - These are addressed by raising the following questions: ‘Is the process accurately in line with good practice?’; and  ‘Is it compliant with internal and external rules?’. 

  • The second category is contextual goals
    - They ensure that the processes are flexible to cater to the needs of the enterprise. 
    - They also ensure that the processes are relevant, understandable to all and easy to apply in the entire enterprise. 
    - These are addressed by raising the following questions: ‘Is the process customized and adapted to the enterprise’s specific situation?’ and 'Is it relevant, understandable and easy to apply?’. 

  • The third category is accessibility and security goals:
    - The process remains confidential when required and is accessible to those who need it.
    - These are addressed by raising the following questions: ‘Do the Processes remain confidential when required?’ and ‘Are the processes accessible to those who need it?’ 

We will focus on stakeholders in the following section.

Internal and External Stakeholders

The internal stakeholders consist of:

  • Management;

  • Staff;

  • business executives;

  • business process owners;

  • business managers;

  • risk managers;

  • security managers;

  • service managers;

  • HR;

  • internal audit teams;

  • IT users; and

  • IT managers.

The external stakeholders consist of:

  • customers, 

  • business partners, 

  • suppliers, 

  • shareholders, 

  • regulators, 

  • external users, 

  • external auditors and 

  • consultants to the enterprise

A RACI (read as one word RACY) chart may be used for the different management practices to identify more stakeholders.
In the next section, we will understand the relationship between processes and other enablers.

What are you waiting for? Interested in taking up a COBIT® 5 Course? Check out our Course Preview!

What is the relationship between the Second Enabler and Other Enablers?

The relationship between processes and other enablers is as follows: 

  • Processes need information as one form of input. 

  • Processes need organizational structure as it provides the backbone for the processes to function smoothly. 

  • Processes produce and require services, infrastructure and applications.

  •  Processes are dependent on other processes. 

  • Processes need policies and procedures to ensure consistent implementation. 

In the next section, let us understand the concept of ‘processes’ enabler with the help of an example.

Processes - Problem Statement

The IT department of Nutri Worldwide Inc. has set up a single universal service desk to handle all the queries related to password reset except the Windows login password resets. For resetting the Windows login passwords, the service desk offered the employees a self-help tool with the aim of reducing the number of calls directed to the service desk.

However, only a few end-users used the self-help tool, and the rest found it easier to call the service desk to reset their passwords. 
How can the organization encourage the employees to use the self-help tool for system login password resets instead of calling the service desk?

Solution

The measures that the organization could implement to encourage the employees to use the self-help tool for system login password resets, instead of calling the service desk, are as follows:

  • Define the process that the users have to follow to reset passwords on their own. 

  • Draw attention to the fact that calling the service desk to reset the password would take the users longer time than resetting the passwords on their own.

Summary

Let us summarise what we have learned in this lesson:

  • The processes enabler complements COBIT® 5 by providing a detailed reference guide called ‘COBIT® 5: Enabling Processes’, to the processes defined in the COBIT® 5 PRM. 

  • COBIT® 5 Process Reference Model subdivides the IT-related practices and activities of the enterprise into two main areas, governance (five governance processes) and management (four management domains). 

  • Process goals are defined as a statement describing the desired outcome of a process, and the three categories are intrinsic goals, conceptual goals and accessibility and security goals. 

  • Processes produce and require services, infrastructure and applications. 

The next lesson is all about Enablers 3 and 4 of COBIT® 5

  • Disclaimer
  • PMP, PMI, PMBOK, CAPM, PgMP, PfMP, ACP, PBA, RMP, SP, and OPM3 are registered marks of the Project Management Institute, Inc.

We use cookies on this site for functional and analytical purposes. By using the site, you agree to be cookied and to our Terms of Use. Find out more

Request more information

For individuals
For business
Name*
Email*
Phone Number*
Your Message (Optional)

By proceeding, you agree to our Terms of Use and Privacy Policy

We are looking into your query.
Our consultants will get in touch with you soon.

A Simplilearn representative will get back to you in one business day.

First Name*
Last Name*
Email*
Phone Number*
Company*
Job Title*

By proceeding, you agree to our Terms of Use and Privacy Policy