What are Cobit 5 Enablers? – Comprehensive Guide
Last updated on 15th Jul 2020, Blog, General
Enablers are factors that, individually and collectively, influence whether something will work—in this case, governance and management over enterprise IT. Enablers are driven by the goals cascade, whereby higher-level IT-related goals define what the different enablers should achieve.
COBIT 5 defines 7 enablers which are ordered as follows:
- Principles, policies and frameworks which translate the desired behavior into practical guidance for day to day management.
- Processes which describe an organized set of practices and activities to achieve certain objectives. These also produce a set of outputs that support the achievement of IT-related goals.
- Organizational structures which are key decision-making entities in an enterprise
- The Culture, ethics and behavior, of individuals and of the enterprise, are very often underestimated as a success factor in governance and management activities
- Information is pervasive throughout any organization and includes all information produced and used by the enterprise. Information is required for keeping the organization running and well governed, but at the operational level, information is very often the key product of the enterprise itself
- Services, infrastructure and applications provide the enterprise with information technology processing and services
- And finally, people, skills and competencies are linked to people and are required for successful completion of all activities and for making correct decisions taking corrective actions.
- Enablers must be considered in terms of inter contentedness as each Enabler needs the input of other Enablers to be fully effective. For instance processes need information and organisational structures need skills and behavior. They also and deliver output to benefit other Enablers for example processes deliver information, skills and behavior of individuals to make processes efficient
COBIT 5 Enabler – Principles, Policies and Frameworks
The ‘Principles, Policies and Frameworks’ is the communication mechanisms necessary to convey the governing body and management’s direction and instructions for the organisation, in support of governance objectives.
Each enabler, including Principles, policies and frameworks, is broken down into four generic enabler dimensions. Each of these dimensions contain enabler specific information.
The Principles, policies and frameworks specific enabler dimensions are:
Stakeholders can be internal or external to the organisation and include the board and executive management, compliance officers, risk managers, internal and external auditors, service providers and customers, and regulatory agencies. Some stakeholders define and set policies and others have to comply with policies.
Goals and metrics:
Principles need to be limited in number and should express as clearly as possible the core values of the enterprise. Good policies are effective, meaning they achieve the stated purpose, efficient, meaning they are implemented using the minimum amount of resources and non-intrusive, meaning they appear logical for those who have to comply with them. Governance and management frameworks should provide management with structure, guidance, tools, etc., that support the proper governance and management of IT. So frameworks should be comprehensive, open and flexible, current and available and accessible to all stakeholders.
Frameworks provide a structure to define consistent guidance, navigation, creation, and maintenance of policies.
Good practices require that policies be part of an overall governance and management framework, providing a structure into which all policies should fit and clearly make the link to the underlying principles. Specifically good practices for policies require that we consider their scope and validity, the consequences of failing to comply with the policy, how to handle exceptions and how they will be monitored.