Covering the Enterprise from End to End

Video Activity

This lesson covers the second principle in the COBIT 5, which is Covering the Enterprise End-to-End. This principle encompasses all functions and processes required to govern and manage enterprise information and related technologies, both internal and external.

Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

51 minutes
Video Description

This lesson covers the second principle in the COBIT 5, which is Covering the Enterprise End-to-End. This principle encompasses all functions and processes required to govern and manage enterprise information and related technologies, both internal and external.

Video Transcription
Our next module is, ah, principle to covering the enterprise into end. So when we talk about that, first of all, Kobe it refers, refers to this as the governance approach,
and it includes most governance and management, and we'll get further into the discrepancies or the differences between the two and just a little bit.
Ah, but ultimately what that allows us to do is have the same philosophy in general direction from goat, both governance and management. Very important. So it aligns the governance of the enterprise. Ah, to the I t department. Essentially. So what that means is
I t falls under the place
under the level of governance as all other non i t related service is so ultimately co bit control objectives for I t really are control objectives for the Organization for the Enterprise and include i t. As part of that.
Now, Kobe, it five is gonna align with any of the current standards, whether it's ite ill or any of the others will talk about that because it gives us that single integrated framework which is gonna follow in,
uh, principles in just a few minutes. But ultimately, this idea of covering from end to end means that all of our objectives are in alignment and we treat I t as just another business asset which it is.
And I mentioned earlier for so long we look att business goals and then I t gold.
Well, I t goals have to support the goals of the business. Otherwise, we are butting heads, so to speak. And so with I t goals, the idea cost benefit analysis How do we support the business? How we balance security
with the needs for performance and reliability and all of those elements
fall under the structure off the enterprise and has managed is such so all processes within the organization all functions within everything that's required to govern the organization both internal and external. So whether it's for us in house or
our contractors, providers, whatever that is,
we're all looking to manage these entities as one. So when you look at the four main elements off the governance approach,
you start with the 1st 1 which is governance objective of creating value with actually already looked at this chart to the left. Where we look at the job of governance is to take the stakeholders names
balance the benefits versus the risks and look at the resource is that are available. So that's the job of governance to help us prioritize and figure out what the needs of stakeholders are and ultimately
where we put our priorities in our effort.
Okay, then the next element are enablers.
We've talked about the seven and $8 at least at a high level, will get into those in more depth. But of course, the principles are processes that we haven't plays. Organizational structure. We talked about culture and ethics,
being one that's often overlooked very important. Their information, as well as the service is and applications. We have to take advantage of our information
and then people skills and competencies. So governance says, here are the priorities for our stakeholders. Enablers. You're gonna help us be successful or the flip side of that maybe prevent us from being successful.
All right, we then move to the stove.
But Kobe is designed in such a way that it can apply to the organization, individual individual departments,
how much of the organization is using coping. I guess maybe it's a way to define the scope, or really, we can say to what elements of the business with Disa ply, maybe is a better way to say it. And then the last element rolls and activities. We're going to talk about the importance of
making sure everybody performs their function.
So the owners of the stakeholders delegate the governance of the governing body. And I think this is a really good little chart down here at the bottom will come back to it because it really helps us kind of see where everybody fits in the governance the governing body sets the direction, sets the tone for the organization
management than figures out
what instructions have to be carried out to align activities to the direction that governance is set and that's gonna lead us to have our operation and execution of those operations
will then report to management.
Monitoring happens that we make sure what we're doing happens. The governing body is accountable to the owners and stakeholders, and I don't know if you're familiar with other management techniques, but there's a little bit of this idea of plan Do Check
Act, which comes to us from ah sure was popularized by Debbie Deming
and ultimately this idea of what kind of have the planning piece here? Then we do. We monitor and then we act upon what we learn. So the four main elements of the governance approach which falls under the principal managing the enterprise from into end
governance helps us figure out how we can accomplish or what our stakeholder needs are and how they're prioritized are enablers. You're gonna dictate whether or not we're successful, the scope to what portion of the enterprise does this apply? And then the rolls and relationships between
all of our organization is involved,
making sure that everybody understands what their roles are and that we don't take on more or less than what we need to.
So, ah, when we look at the elements of governance,
we talk about governance enablers specific to governance. There are elements are enablers that are very particular. The framework in principles, the structures of processes, all of these air elements of the government
they're gonna give us The resource is that we have the structure.
And of course, like always, we have to have those enablers in place
the scope,
you know, again Kobe could be applied, you know, is that the enterprise is it a specific asset
and then rolls in relationships and activities. Those elements are critical again, understanding where everybody belongs. And that comes to us from the slide before the governance and a one of the roles and relationships are really, you know. And of course, the scope, though, has to be dictated. But
thes air the rial three elements that were most concerned with.
Up Next
Security Architecture Fundamentals

A framework for applying a comprehensive method of describing the current and future structure for an organization?s security processes so that they align with the company?s overall strategic direction

Instructed By