When governance and management of enterprise IT (GEIT) is needed, COBIT 5 is frequently the framework of choice for organizations all over the world. With an increased focus on business, COBIT 5 offers a major strategic change in how the framework is structured and organized.
However, the depth, innovation and extent of COBIT 5 could be somewhat overwhelming for anyone who has never come in contact with previous editions of the framework. With his book, Governance of Enterprise IT Based on COBIT 5: A Management Guide, Geoff Harmer’s goal is to fill this gap. And for those who are acquainted with previous versions of COBIT, this book also provides assistance to quickly gain access to the new concepts and characteristics of COBIT 5.
In fact, as the author states, the book is a guide to GEIT and, specifically, how it may be implemented using COBIT 5. Consequently, key concepts of COBIT 5, such as IT governance and management, the goals cascade, the five principles, and the seven enablers, are presented in an easy-to-understand way. The publication also includes several tables and figures that clarify the contents and main concepts of COBIT 5.
With text organized into nine chapters, the author successfully introduces the framework’s key elements, the structure of the 37 processes, the implementation of GEIT using COBIT 5 and the COBIT Process Assessment Model (PAM). The first two chapters present the concept of IT governance and the main international frameworks and standards supporting it. The next four chapters provide an overview of COBIT 5, its enablers and principles, and how domains and processes are organized. The following chapters describe the central aspects of the framework implementation and the PAM. The last chapter explains how COBIT 5 documentation is organized and the official COBIT 5 training courses and certifications available.
Professionals working in IT management, governance, assurance, security, risk and control roles could take advantage of this book as a shortcut to understanding COBIT, as this book helps readers gain quick access to COBIT 5’s basic concepts.
This book provides a head start for anyone interested in using the framework. Readers working in a small enterprise or a large multinational corporation will increase their COBIT 5-related knowledge base and skill set. For newcomers to the framework who do not know where to start or those needing a quick overview of COBIT 5, this book offers a simple and clear way to learn about the characteristics of this unique framework.
Reviewed by Maria Patricia Prandini, CISA, CRISC, who has a long career as a public official in different positions related to information technology in the Argentine Government. Prandini was involved in the development of the National PKI and the foundation of ARCERT, the first governmental computer security incident response team (CSIRT) in Argentina. She is the immediate past president of the ISACA Buenos Aires (Argentina) Chapter.