COBIT2019 - Foundation Course - PG - V1.1

COBIT 2019 Foundation Course
Participant Guide
1
Participant Guide
COBIT Foundation Course

CONTENTS
COBIT Foundation Course 2
Course Overview 4
Course Delivery ........................................................................................................................ 4
Course Description ................................................................................................................... 4
Target Audience ....................................................................................................................... 4
Training and Certification Scheme ........................................................................................... 5
Exam Requirements ................................................................................................................. 5
Learning Objectives.................................................................................................................. 5
Framework Introduction 7
Topics and Objectives .............................................................................................................. 7
Group Discussion Questions .................................................................................................... 7
Principles 8
Governance System and Components 9

Group Exercise ......................................................................................................................... 9
Governance Management Objectives 11

Topics and Objectives ............................................................................................................ 11
Practical Walkthrough ............................................................................................................ 11
Group Exercise – Goals Cascade .......................................................................................... 11
Group Scenario ...................................................................................................................... 13
Performance Management 14
Designing a Tailored Governance System 14

2
Participant Guide
COBIT Business Case 14

Introduction to the COBIT Business Case ............................................................................. 15
The COBIT Business Case Component ................................................................................ 15
Example Scenario – ACME Corporation ................................................................................ 15
Implementing Enterprise Governance Over IT 17

Course Summary 17
3
Participant Guide
Course Overview
COURSE DELIVERY
This is a two-day instructor led course.
COURSE DESCRIPTION
COBIT ® is a framework for the enterprise governance and management of information and technology
(I&T) that supports enterprise goal achievement.
This Foundation Course is intended for current COBIT 5 Foundation Certificate holders as well as those
new to COBIT who are interested in achieving the latest foundation certificate.
This two-day course highlights the concepts, models and key definitions of the COBIT framework and
helps prepare learners to take the COBIT 2019 Foundation Exam.
TARGET AUDIENCE
Current COBIT 5 Foundation Certificate holders who are interested in achieving the COBIT 2019
Foundation Certificate.
Individuals with no previous COBIT training or certifications interested in learning the COBIT 2019
framework essentials.
4
Participant Guide
TRAINING AND CERTIFICATION SCHEME
As shown on there are three different paths:

1. The first path is the 2019 Bridge Course which is intended to transition current COBIT 5
accredited training organizations and trainers or COBIT 5 certificate holders seeking to
understand the key differences between COBIT 2019 and COBIT 5.
2. The second path, 2019 COBIT Foundation course and exam is intended for those new to COBIT
or those who wish to gain a deeper understanding of the COBIT 2019 Framework and or prepare
for the COBIT 2019 foundation exam.
3. The third path is the COBIT 2019 Design and Implementation course which is designed to help
learners understand how to design and implement a governance system using COBIT 2019 –
prior to taking the COBIT 2019 design and implementation certificate exam, candidates must first
successfully pass the COBIT 2019 Foundation course.
EXAM REQUIREMENTS
This COBIT Foundation exam is designed to test the candidate’s knowledge of the framework as
opposed to memorization.
• Online proctored exam
• 75 multiple-choice questions
• Closed-book
• One correct answer for each question, using three choices (A, B or C)
• Two-hour duration
• Pass rate is 65% or 49 correct answers out of 75
LEARNING OBJECTIVES
When participants complete this course, they will be able to:
• Recognize the target audience of COBIT 2019.
• Recognize the context, benefits and key reasons COBIT is used as an information and technology
governance framework.
• Recognize the descriptions and purposes of the COBIT product architecture.
• Recall the alignment of COBIT with other applicable frameworks, standards and bodies of knowledge.
• Understand and describe the governance “system” and governance “framework” principles.
• Describe the components of a governance system.
• Understand the overall structure and contents of the Goals Cascade.
• Recall the 40 Governance and Management Objectives and their purpose statements.
5
Participant Guide
• Understand the relationship between Governance and Management Objectives and Governance
Components.
• Differentiate COBIT based performance management using maturity and capability perspectives.
• Discover how to design a tailored governance system using COBIT.
• Explain the key points of the COBIT business case.
• Understand and recall the phases of the COBIT implementation approach.
• Describe the relationships between the COBIT Design and Implementation Guides.
• Prepare for the COBIT 2019 Foundation exam.
6
Participant Guide
Framework Introduction
TOPICS AND OBJECTIVES
Topics
• Enterprise Governance of I&T
• Intended Audience for the COBIT 2019 Framework
• COBIT as an I&T Framework
• COBIT format and product architecture
• Major differences
• COBIT and other standards
• Training and certification
Learning Objectives
• Recognize the target audience of COBIT 2019.
GROUP DISCUSSION QUESTIONS

How is EGIT implemented at your organization today?
What are the differences between Benefits realization, Risk optimization and Resource optimization?
Which one is receiving more attention?
What other industry frameworks or standards are being used?
How can COBIT assist in the distinction between governance and management?
Pick one or more questions to discuss as a group or pick additional topics/questions that are relevant to
this module.
7
Participant Guide
Principles
In this module, we will be discussing principles, which is one of the changes we see in COBIT 2019.
In COBIT5, there were COBIT5 principles, and COBIT 2019 expands to these.

The topics for this module include:
• Governance “system” principles
• Governance “framework” principles
The learning objectives for this module include:
8
Participant Guide
Governance System and Components

This is new to COBIT and is probably one of the most significant positive changes in COBIT 2019.

Our topics for this module are:
• Governance and management objectives
• Components of the governance system
• Focus areas
• Design factors
• Goals cascade
• Exercise
And our learning objectives include:
• Understand and describe the components of a governance system
• Understand the overall structure and contents of the Goals Cascade
• Prepare for the COBIT 2019 Foundation exam
.
GROUP EXERCISE
NAMECO is an IT Managed Service Provider in North America. They are an aggressive, for profit
organization that strives to aggressively grow revenues while providing a stable client base. NAMECO is
considered one of the top five MSPs in the industry and operates in a high threat environment with
multiple competitors who are constantly attempting to challenge their position in the market.
With over 400 tenet clients and 15,000 end users, each one has a very unique set of compliance
requirements: 1) 30% of their clients are publicly traded entities, 2) 7% are heath care related, 3) 87%
process credit cards, and 4) 6% have private information regarding EU citizens.
The enterprise risk management group has identified multiple risk scenarios that have the potential of
inhibiting the aggressive growth goals identified by the governing body. These include: 1) recruiting and
maintaining qualified and skilled staff, 2) the threat of competitors, 3) complex compliance requirements
from multiple requirements (NAMECO has private information from users across the globe, including EU
citizens), and 4) the unknown risks of vendors who provide critical services to NAMECO.
The IT organization also supports the company’s staff of 300 FTEs and is currently considered a
“necessity” which has caused some issues. Due to the nature of its business, NAMECO cannot continue
with its strategy unless IT is seen as a key success factor. Most of the services provided by IT are a mix
of insourced, cloud, and outsourced services and IT generally adopts new technologies once they have
been proven in the market. Although the organization is primarily a waterfall model for delivery, there are
two full time agile teams that support the core applications of the business. This model has worked up to
this point, but there are pressures from the business to deploy services faster.
With the aggressive growth of the company, the IT organization has experienced multiple issues that
have resulted in unsatisfactory client reviews. The key concerns include: 1) failure to meet Service Level
Agreements (many of these failures are due to suppliers), 2) multiple audit findings of non-compliance of
data privacy, and 3) Insufficient IT resources/knowledge required to support the goals of the enterprise.
Other key observations include: 1) there are no documented or well-understood decision matrices in the
organization, 2) policies exist, but have not been updated in the last 3 years, 3) the leadership of the
organization endorse a ‘risk taking’ culture, but do not support risky decisions that fail, 4) no skills matrix
exists that identifies the skills and competencies required to support IT services, 5) an IT service catalog
exists, but is not acknowledged or followed, 6) there is no formal recognition of IT processes, they are ad
hoc and not well documented, and 7) there is no real understanding of the data/information architectures
or flows and there is an absence of information classification.
9
Participant Guide
Using the NAMECO scenario, discuss which COBIT Design Factors would be relevant for the governance
system of NAMECO, and identify which values you would assign to the relevant design factors.
This exercise will last approximately one hour.
10
Participant Guide
Governance Management Objectives

Governance and management objectives provide more clear and achievable results. For information and
technology to contribute to enterprise goals, a number of governance and management objectives should
be achieved. In this module, we will take a closer look at these.

Our topics for this module are:
• Overview of the COBIT core model
• Governance and management objectives
• Group exercise
Our learning objectives are:
Components.
• Prepare for the COBIT 2019 Foundation Exam
PRACTICAL WALKTHROUGH
Have the students open up to chapter 4 of the COBIT Governance and Management Objectives -Detailed
Guidance book. Review the examples in the section highlighting the importance of each section of the
table.
Refer to Chapter 4 in the COBIT Governance and Management Objectives – Detailed Guidance.
GROUP EXERCISE – GOALS CASCADE

For each Enterprise Goal, circle the appropriate Balanced Scorecard dimension.
11
Participant Guide
For each Alignment Goal, circle the appropriate Governance or Management Objective that has a
PRIMARY relationship.
Match each purpose statement with the appropriate Governance or Management objective.
Match each description with the appropriate Governance Component as it applies to Governance and
Management Objectives.
12
Participant Guide
GROUP SCENARIO
This is an optional exercise.
Using information from the NAMECO scenario, use the goals cascade to determine the most appropriate
Governance or Management Objectives.
NAMECO has determined that the two most critical enterprise goals for the upcoming year include the
following:
• Enterprise goal 2 (EG02) Managed business risk
• Enterprise goal 3 (EG03) Compliance with external laws and regulations
• Enterprise goal 8 (EG08) Optimization of internal business process functionality
• Enterprise goal 10 (EG10) Staff skills, motivation and productivity
13
Participant Guide
Performance Management
Building on the previous versions COBIT 2019 has updated the performance management aspect of the
framework.

The topics we will cover in this module include:
• Performance management definition, principles and overview
• Managing Performance of processes
• Managing performance of other governance system components
In line with the learning objectives for this course, this module will focus on
Designing a Tailored Governance System

This module contains information that is totally new to COBIT 2019. In this section we will discuss design
factors as well as how to design a tailored governance system.
The topics we will cover in this module include:

• Introduction to designing a tailored governance system
• Impact of design factors
• Designing a tailored system
• Module summary
Consistent with the course objectives, we will address the following:
• Discover how to design a tailored governance system using COBIT
• Prepare for the COBIT 2019 Foundation exam
COBIT Business Case

INSTRUCTORS – You may recognize that this module comes before the implementation module which is
not the order in the framework book. This business case module is before implementation in this course,
so that “making the case” is addressed before addressing the implementation approach.

Our topics for this module include:
• Making a case for getting started
• Overview of the COBIT business case
• Example scenario
• Module summary
And objectives are:
14
Participant Guide
INTRODUCTION TO THE COBIT BUSINESS CASE

Common business practices dictate preparing a business case to analyze and justify the initiation of a
large project and/or financial investment. The concept of a business case is not new, but this guidance is
new to COBIT 2019. COBIT provides a nonprescriptive, generic guide to encourage preparation of a
business case. Every enterprise has its own reasons for improving EGIT and its own approach to
preparing business cases. The COBIT 2019 Framework and Methodology publication provides an
example scenario.
THE COBIT BUSINESS CASE COMPONENT

The Framework Introduction and Methodology publication provides an example business case scenario
using a fictitious company using the following outline. Although the example is derived from actual
situations, it does not reflect a specific, existing enterprise. The example and guidance is provided to help
focus on the issues that should be addressed in a business case. Of course, you can modify this
business case based on your specific needs. However, it is absolutely paramount that a business case be
developed and monitored through its entire economic lifecycle.
EXAMPLE SCENARIO – ACME CORPORATION

The example scenario is Acme Corporation, a large multinational enterprise with a mixture of traditional,
well-established business units as well as new Internet-based businesses adopting the very latest
technologies. Many of the business units have been acquired and exist in various countries with different
local political, cultural and economic environments. The central group’s executive management team has
been influenced by the latest enterprise governance guidance, including COBIT, which they have used
centrally for some time. They want to make sure that rapid expansion and adoption of advanced IT will
deliver the value expected; they also intend to manage significant new risk. They have, therefore,
mandated enterprise wide adoption of a uniform EGIT approach. This approach includes involvement by
the audit and risk functions and internal annual reporting by business unit management of the adequacy
of controls in all entities.
Refer to the Introduction and Methodology publication, Pages 53-61:

• This example and the guidance in this publication in provided to help focus on the issues that should
be addressed in a business case.
• Although the example is derived from actual situations, it does not reflect a specific, existing
enterprise.
• Review this business case with the class directly from the COBIT 2019 Framework:
Introduction and Methodology Chapter 9 The COBIT Business Case on pages 53 – 61
• Review this scenario and discuss key points with the class directly from the publication
This is an optional exercise.
The intent of this exercise is to gain an understanding of the key areas of a business case and how an
enterprise can make the case for an enterprise governance system.
15
Participant Guide
16
Participant Guide
Implementing Enterprise Governance

Over IT
In this module we will discuss implementing enterprise governance over IT. You may recognize a few of
these concepts from COBIT 5

Our topics for this module include:
• Implementation guide purpose and scope
• Implementation phases
• Design guide and implementation guide relationships
• Module summary
Objectives are:
• Describe the relationships between the COBIT Design and Implementation Guides
Course Summary
Here is a summary of what we have learned:
• Describe the components of a governance system.
• Understand the overall structure and contents of the Goals Cascade.
Components.
• Discover how to design a tailored governance system using COBIT
• Describe the relationships between the COBIT Design and Implementation Guides.
17

COBIT2019 - Foundation Course - PG - V1.1

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

COBIT2019 - Foundation Course - PG - V1.1

Uploaded by

Copyright:

Available Formats

COBIT 2019 Foundation Course

COBIT Foundation Course

COBIT Foundation Course 2

Governance System and Components 9

Governance Management Objectives 11

Designing a Tailored Governance System 14

COBIT Business Case 14

Implementing Enterprise Governance Over IT 17

TRAINING AND CERTIFICATION SCHEME

As shown on there are three different paths:

GROUP DISCUSSION QUESTIONS

TOPICS AND OBJECTIVES

Governance System and Components

TOPICS AND OBJECTIVES

This exercise will last approximately one hour.

Governance Management Objectives

TOPICS AND OBJECTIVES

GROUP EXERCISE – GOALS CASCADE

TOPICS AND OBJECTIVES

Designing a Tailored Governance System

TOPICS AND OBJECTIVES

The topics we will cover in this module include:

COBIT Business Case

TOPICS AND OBJECTIVES

INTRODUCTION TO THE COBIT BUSINESS CASE

THE COBIT BUSINESS CASE COMPONENT

EXAMPLE SCENARIO – ACME CORPORATION

Refer to the Introduction and Methodology publication, Pages 53-61:

Implementing Enterprise Governance

TOPICS AND OBJECTIVES

You might also like