COBIT and ITIL® lead to effective and better IT program. Control Objectives for Information Technology or COBIT is an over-arching framework that standardizes all IT activities. Whereas Information Technology Infrastructure Library or ITIL® is a set of standards for IT service management. Therefore, COBIT ITIL® allows generic control objectives for each IT processes.
COBIT ITIL® provides management guidelines in such a way the management can align with IT processes and business requirements. For this purpose a team of experts at The Art of Service provides comprehensive COBIT ITIL® consultancy and management training. Moreover, COBIT has recognized data management as key to running IT and ITIL® is increasingly being employed to set up effective data centers. Therefore, COBIT ITIL® can be efficiently used to build new data center architecture.
COBIT is concerned with
COBIT provides an over-arching framework covering all IT activities. ITIL® is focused mostly on service management (COBIT’s Delivery & Support domain). ITIL® is more detailed and process oriented. COBIT ITIL® helps link ITIL® best practices to real business requirements and IT process owners. COBIT’s metrics help define SLA & OLA criteria. COBIT ITIL® and other standards e.g. ISO17799 provide a more complete set of best practices.
Background to COBIT:
• Development by ISACA started in 1992
• Derived from original “Control Objectives” – aim was to provide a set of best practices meaningful to IT people, auditors, and users
• First version launched in 1996 containing a new Framework, control objectives and audit guidelines
• Based on major research study into all relevant existing standards and best practices
• In 2000 management guidelines added providing maturity models, performance indicators and critical success factors
What does COBIT ITIL® Provide?
• Framework for IT governance aligning IT with business requirements
• An IT process classification scheme
• Generic control objectives for each IT process
• Management guidelines enabling management to align IT activities and priorities with business requirements:
o Consider critical success factors
o Set metrics (“Goal Indicators- KGIs” and “Performance Indicators – KPIs”)
o Assess “as-is” and “to-be” capability using maturity models
To help IT organizations understand how to use COBIT ITIL® for improving the performance of their operations. COBIT provides organizations with a way to determine whether they are exercising proper governance over their IT operations. COBIT consists of 34 control objectives with greater detail to explain how each one can be objective, can be implemented, and its performance evaluated. ITIL® is a collection of best practices in such areas as service delivery, service support, service security, infrastructure management, and application management. Although ITIL® attempts to cover all areas of IT, its guidance is stronger in areas of service delivery and support than in application development.
COBIT has been developed as a generally applicable and accepted standard for good Information Technology (IT) security and control practices that provides a reference framework for management, users, and IS audit, control and security practitioners. COBIT, issued by the IT Governance Institute and now in its third edition, is increasingly internationally accepted as good practice for control over information, IT and related risks. Its guidance enables an enterprise to implement effective governance over the IT that is pervasive and intrinsic throughout the enterprise. In particular, COBIT’s Management Guidelines component contains a framework responding to management’s need for control and measurability of IT by providing tools to assess and measure the enterprise’s IT capability for the 34 COBIT IT processes. The tools include: Performance measurement elements (outcome measures and performance drivers for all IT processes) A list of critical success factors that provides succinct, non-technical best practices for each IT process Maturity models to assist in benchmarking and decision-making for capability improvements Much of COBIT is available for download on a complimentary basis. Hard copies are available for purchase from the ISACA Bookstore. COBIT components include:
• Executive Summary
• Control Objectives
• Audit Guidelines
• Implementation Tool Set
• Management Guidelines
The IT Infrastructure Library (ITIL®) refers to a set of comprehensive, consistent and coherent codes of best practice for IT Service Management. It comprises a library developed by the Central Computer & Telecommunications Agency (CCTA) in the United Kingdom. Since April 2001 the CCTA is renamed into OGC (Office of Government Commerce). The library describes a number of related processes.
ITIL® was developed in the late 1980’s in response to the recognition that organizations were becoming increasingly dependent on Information Systems (IS). The objective of the OGC in developing ITIL® is to promote business effectiveness in the use of IS due to increasing organizational demands to reduce costs while maintaining or improving IT services.
The ITIL® concepts for best practices, through the involvement of leading industry experts, consultants and practitioners remain the only holistic, non-proprietary best practice framework available. As a result, it has quickly become the global benchmark by which organizations measure the quality of IT service management.
Each described process in the Infrastructure Library covers a specific part of IT Service Management and its relationship to other processes. Each book can be read, and the process implemented, independently of the others. The overall provision of IT services, however, can be optimized by considering each process as part of the whole, such that the whole is greater than the sum of its parts. This holistic approach suggests that organizations are likely to gain the most benefit from implementing all processes rather than some processes discretely.
The most popular ITIL® processes are contained in the two sets representing key elements of IT Service Management. The Service Support and Service Delivery sets describe the processes that any IT service provider must address to enhance the provision of quality IT services for its customers. In addition, these sets form the basis of the certifications granted by the Netherlands Examination Institute for IT (EXIN) and the Information Systems Examinations Board (ISEB).
Many organizations have embraced the ITIL® concept because it offers a systematic and professional approach to the management of IT service provision. There are many benefits to be reaped by adopting the guidance provided by ITIL®. Such benefits include but are not limited to:
• Improved customer satisfaction
• Reduced cost in developing practices and procedures
• Better communication flows between IT staff and customers
• Greater productivity and use of skills and experience
ITIL® provides IT professionals with the knowledge and resources they need to run and maintain an effective and efficient IT Infrastructure that meets the needs of their clients while keeping costs at a minimum.
Of the three major frameworks getting a lot of mindshare nowadays – ITIL® and CMM being the other two – COBIT is the only one to recognize data management as key to running IT. (I’ve been quite disappointed in CMM and ITIL® for this reason; neither one seems to have any awareness of the particular disciplines and issues around data architecture and management.) If your company is trying to address SOX and looking for a framework, I highly recommend COBIT. Not that it’s mutually exclusive with ITIL® or CMM; they all cover somewhat different areas – but again, only COBIT really pays attention to data. They even mention data models, repositories, and data dictionaries!