How Your Clients Can Use COBIT and BiSL to Manage Their Information
According to ISACA, “COBIT® 5 is the only business framework for the governance and management of enterprise IT. The fifth, evolutionary, version incorporates the latest thinking in enterprise governance and management techniques and provides globally accepted principles, practices, analytical tools and models to help increase the trust in, and value from, information systems.
COBIT 5 helps enterprises of all sizes to:
- Maintain high-quality information to support business decisions;
- Achieve strategic goals and realize business benefits through the effective and innovative use of IT;
- Achieve operational excellence through reliable, efficient application of technology;
- Maintain IT-related risk at an acceptable level;
- Optimize the cost of IT services and technology;
- Support compliance with relevant laws, regulations, contractual agreements and policies.”
COBIT is an effective overarching framework for governance and management of IT. It guides enterprises in rigorous governance and management of processes—and other enablers related to demand, supply and use of information and technology. It provides guidance for assurance of benefits realization, risk optimization and resource optimization. It refers to various frameworks and standards for further specific guidance.
The Business Information Services Library (BiSL®) is a useful reference framework to consult for more detailed management of demand and use of information.
The COBIT 5 Enabling Information publication
According to its owner, the ASL BiSL Foundation,
BiSL establishes a bridge between IT and business processes, and between business information administrators and information managers. The BiSL process model provides insight into all of the primary processes within their field of operations and into the relationship between the different processes. It offers a starting point for the improvement of these processes using best practices among other things. It also provides uniform terminology.
The domain that BiSL addresses is referred to as business information management, which is defined as the means by which an organization efficiently plans, collects, organizes, uses, controls, disseminates and disposes of its information; and through which it ensures that the value of that information is identified and exploited to the fullest extent. It is a corporate responsibility that needs to be addressed and followed—from the most senior levels of management to the front-line worker. Organizations must be held, and must hold, their employees accountable to manage information appropriately and responsibly.
Implementation of business information management requires insight into:
- Activities to be executed.
- Measures to manage the activities and risks; and to ensure benefits realization, risk optimization and resource optimization.
Most of BiSL’s guidance addresses the first point, whereas COBIT is stronger in the second area. Many COBIT practices apply to business information management and contribute to providing assurance that business information management processes are executed effectively. Business information managers who want to use COBIT key practices, to assure themselves and stakeholders that the information systems (in the broadest sense of the word) are under control, can use BiSL to help them decide how to implement the key practices. BiSL does not provide specific guidance as to how to comply with the key practices, but gives an extensive description of the content of the processes.
You can help your clients get the most out of their investments in frameworks by recommending that they adopt and adapt them selectively to create a way of working that suits their organization. You can, wholeheartedly, recommend COBIT to fulfill the role of an overarching framework for governance and management of information and related technology; and BiSL for additional guidance in the specific area of managing demand and use of information.
Need more information? Please contact ITpreneurs.