Itil-Cobit Mapping Eng by prudentneo

VIEWS: 1,861 PAGES: 16

									Glenfis AG

ITIL zu COBIT Prozess Mapping

Seite 1 von 17

COBIT’s Golden Rule
In order to provide the information that the organisation needs to achieve its objectives, IT resources need to be managed by a set of naturally grouped processes.

(c) Glenfis AG

www.glenfis.ch

Datum: 8/13/2008

Glenfis AG

ITIL zu COBIT Prozess Mapping

Seite 2 von 17

(c) Glenfis AG

www.glenfis.ch

Datum: 8/13/2008

Glenfis AG

ITIL zu COBIT Prozess Mapping

Seite 3 von 17

PO AI DS MO

Key Performance Indicators
Guidance for measurement can be obtained from the Balanced Business Scorecard concepts, where goals and measures from the financial, customer, process and innovation perspective are set and monitored

Critical Success Factors
Th e con trol of

•Management oriented IT control implementation guidance •Most important things that contribute to the IT process
achieving its goal
(c) Glenfis AG www.glenfis.ch

IT Processes
wh ich satisfy

Business Requirements

is enab led b y

Cont rol St at ement s

Datum: 8/13/2008

an d considers

Cont rol

Th e con trol of

Glenfis AG

ITIL zu COBIT IT Prozess Mapping Processes

Seite 4 von 17

wh ich satisfy

achieving its goal •Strategically •Technically •Organisationally •Process or Procedure •Control Statement and Considerations of the ‘Waterfall’ •Visible and measurable signs of success •Short, focussed and action oriented •Leveraging the resources of primary importance in this process

Business Requirements

is enab led b y

Cont rol St at ement s

an d considers

Cont rol Practices

Generic Process Guideline
Control over an IT process and its activities with specific business goals

is determined by the delivery of information to the business that addresses the required information criteria and is measured by KGIs

is enabled by creating and maintaining a system of process and control excellence appropriate for the business

considers CSFs that leverage specific IT resources and is measured by KPIs

The Framework’s Principles
To link Management’s IT Expectations with Management’s IT Responsibilities
(c) Glenfis AG www.glenfis.ch Datum: 8/13/2008

Glenfis AG

ITIL zu COBIT Prozess Mapping

Seite 5 von 17

To link Management’s IT Expectations with Management’s IT Responsibilities

(c) Glenfis AG

www.glenfis.ch

Datum: 8/13/2008

Glenfis AG

ITIL zu COBIT Prozess Mapping
ITIL Process Process
DS DS DS DS DS DS DS PO PO PO DS DS DS DS 1 1 1 1 1 1 1 5 5 5 6 6 6 6

Seite 6 von 17

Control Objective
DS DS DS DS DS DS DS PO PO PO DS DS DS DS 1.0 1.1 1.2 1.2 1.5 1.2 1.4 5.0 5.1 5.1 6.2 6.1 6.0 6.3

COBIT Process
Define and Manage Service Levels Service Level Agreement Framework Aspects of Service Level Agreements Aspects of Service Level Agreements Review of Service Level Agreements and Contracts Aspects of Service Level Agreements Monitoring and Reporting Manage the IT Investment Annual IT Operating Budget Annual IT Operating Budget Costing Procedures Chargeable Items Identify and Allocate Costs User Billing and Chargeback Procedures Manage Third-Party Services Manage Performance and Capacity Capacity Management of Resources Capacity Management of Resources Manage Performance and Capacity Monitoring and Reporting n.a. Ensure Continuous Service IT Continuity Framework IT Continuity Framework IT Continuity Framework IT Continuity Framework n.a. Ensure Continuous Service IT Continuity Plan Strategy and Philosophy Ensure Continuous Service Assess Risks Availability Plan Minimising IT Continuity Requirements Monitoring and Reporting Modeling Tools Manage Performance and Capacity Assist and Advise Customers Help Desk Help Desk n.a. Roles and Responsibilities Personnel Training External Requirements Review

SERVICE LEVEL MANAGEMENT The SLM Process Planning the Process Implementing the Process The On-going Process SLA contents and key targets Key Performance Indicators and metrics for SLM efficiency and effectiveness FINANCIAL MANAGEMENT FOR IT SERVICES Budgeting Developing the IT Accounting system Developing the Charging System Planning for IT Accounting and Charging Implementation Ongoing management and operation CAPACITY MANAGEMENT The Capacity Management process Activities in Capacity Management Costs, benefits and possible problems Planning and implementation Review of the Capacity Management process Interfaces with other SM processes IT Service Continuity Management Scope of ITSCM The Business Continuity Lifecycle Management Structure Generating awareness Interfaces with other SM processes AVAILABILITY MANAGEMENT Basic concepts The Availability Management Process The Cost of (Un)Availability Availability Planning Availability improvement Availability measurement and reporting Availability Management tools Availability Management methods and techniques THE SERVICE DESK Overview Implementing a Service Desk infrastructure Service Desk technologies Service Desk responsibilities, functions, staffing levels etc Service Desk staffing skill set Setting up a Service Desk environment

DS 2 DS 3 DS 3 DS 3 DS 3 DS 3 n.a. DS 4 DS 4 DS 4 DS 4 DS 4 n.a. DS DS DS PO DS DS DS DS DS 4 4 4 9 3 4 3 3 3

DS 2.0 DS 3.0 DS 3.7 DS 3.7 DS 3.0 DS 3.3 n.a. DS 4.0 DS 4.1 DS 4.1 DS 4.1 DS 4.1 n.a. DS DS DS PO DS DS DS DS DS 4.0 4.2 4.0 9.4 3.2 4.4 3.3 3.4 3.0

DS 8 DS 8 DS 8 n.a. PO 4 PO 7 PO 8

DS 8.0 DS 8.1 DS 8.1 n.a. PO 4.4 PO 7.4 PO 8.1

(c) Glenfis AG

www.glenfis.ch

Datum: 8/13/2008

Glenfis AG
Service Desk education and training Service Desk processes and procedures Incident reporting and review INCIDENT MANAGEMENT Goal of Incident Management Scope of Incident Management Basic concepts Benefits of Incident Management Planning and implementation Incident Management activities Handling of major Incidents Roles of the Incident Management process Key Performance Indicators Tools PROBLEM MANAGEMENT Goal of Problem Management Scope of Problem Management Basic concepts Benefits of Problem Management Planning and implementation Problem control activities Error control activities Proactive Problem Management Providing information to the support organisation Metrics Roles within Problem Management CONFIGURATION MANAGEMENT Goal of Configuration Management Scope of Configuration Management Basic concepts Benefits and possible problems Planning and implementation Activities Process control Relations to other processes Tools specific to the Configuration Management process Impact of new technology Guidance on Configuration Management CHANGE MANAGEMENT Goal of Change Management Scope of Change Management Basic concepts Benefits, costs and possible problems Activities Planning and implementation

ITIL zu COBIT Prozess Mapping
PO 7 DS 8 DS 5 DS DS DS DS DS DS DS DS DS DS DS 10 10 10 10 10 10 10 10 10 10 10 PO 7.4 DS 8.0 DS 5.10 DS DS DS DS DS DS DS DS DS DS DS 10.0 10.0 10.1 10.1 10.1 10.1 10.3 10.2 10.0 10.3 10.1 Personnel Training Assist and Advise Customers Violation and Security Activity Reports Manage Problems and Incidents Manage Problems and Incidents Problem Management System Problem Management System Problem Management System Problem Management System Problem Tracking and Audit Trail Problem Escalation Manage Problems and Incidents Problem Tracking and Audit Trail Problem Management System Manage Problems and Incidents Manage Problems and Incidents Problem Management System Problem Management System Problem Management System Problem Management System Problem Tracking and Audit Trail Problem Tracking and Audit Trail Trend Analysis and Reporting Trend Analysis and Reporting Manage Problems and Incidents Manage Problems and Incidents Manage the Configuration Manage the Configuration Manage the Configuration Configuration Recording Configuration Recording Configuration Recording Manage the Configuration Manage the Configuration n.a. n.a. n.a. n.a. Manage Changes Manage Changes Manage Changes Change Request Initiation and Control Impact Assessment Manage Changes Manage Changes

Seite 7 von 17

DS 10 DS 10 DS 10 DS 10 DS 10 DS 10 DS 10 DS 10 DS 8 DS 8 DS 10 DS 10 DS 9 DS 9 DS 9 DS 9 DS 9 DS 9 DS 9 DS 9 n.a. n.a. n.a. n.a. AI AI AI AI AI AI AI 6 6 6 6 6 6 6

DS 10.0 DS 10.0 DS 10.1 DS 10.1 DS 10.1 DS 10.1 DS 10.3 DS 10.3 DS 8.5 DS 8.5 DS 10.0 DS 10.0 DS 9.0 DS 9.0 DS 9.0 DS 9.1 DS 9.1 DS 9.1 DS 9.0 DS 9.0 n.a. n.a. n.a. n.a. AI AI AI AI AI AI AI 6.0 6.0 6.0 6.1 6.2 6.0 6.0

(c) Glenfis AG

www.glenfis.ch

Datum: 8/13/2008

Glenfis AG
Metrics and management reporting Software tools Impact of new technology RELEASE MANAGEMENT Goal of Release Management Scope of Release Management Basic concepts Benefits and possible problems Planning and implementation Process control Relations to other processes Tools specific to the Release Management process Guidance for successful Release Management

ITIL zu COBIT Prozess Mapping
AI 6 AI 6 n.a. AI 6 AI 6 AI 6 AI 6 AI 6 AI 6 AI 6 n.a. n.a. AI 6 AI 6.2 AI 6.3 n.a. AI 6.0 AI 6.7 AI 6.7 AI 6.7 AI 6.7 AI 6.7 AI 6.7 n.a. n.a. AI 6.7 Impact Assessment Control of Changes n.a. Manage Changes Software Release Software Release Software Release Software Release Software Release Software Release n.a. n.a. Software Release

Seite 8 von 17

Policy Policy Policy Policy Policy Policy Policy

(c) Glenfis AG

www.glenfis.ch

Datum: 8/13/2008

Glenfis AG

ITIL zu COBIT Prozess Mapping
Planning & Organisation ITIL Process
Design and Planning: Strategic Management Design and implementing a Plan Setting goals and objectives Developing a strategy Design and implementing a Plan Design and implementing a Plan Deployment: Communication Plan Review and evaluating progress of the plan Review the current position (SWOT) Design and Planning: the ICT Architecture Technology Architecture Technology Architecture n.a. n.a. Design and Planning: the ICT Architecture Technology Architecture Management Architecture (Selecting) Technology Architecture & Environmental design Design and implementing a Plan The design and development of ICT standards and policies generic generic generic Roles, responsibilities and interfaces Roles, responsibilities and interfaces Roles, responsibilities and interfaces Infrastructure Design (Ownership issues) Infrastructure Design (Ownership issues) Roles, responsibilities and interfaces generic ICT Operational Roles ICT Operational Roles ICT Operational Roles Suppliers and Procurement Suppliers and Procurement ITIL Financial Mgmt for IT Services ITIL Financial Management ITIL Financial Management ITIL Service Management generic Communication the vision generic generic Roles for implementation (Authority Matrix) generic generic generic generic generic generic n.a. n.a. Roles, responsibilities and interfaces; Training Roles, responsibilities and interfaces Training Training

Seite 9 von 16

PO
PO1 PO 1.1 PO 1.2 PO 1.3 PO 1.4 PO 1.5 PO 1.6 PO 1.7 PO 1.8 PO2 PO 2.1 PO 2.2 PO 2.3 PO 2.4 PO3 PO 3.1 PO 3.2 PO 3.3 PO 3.4 PO 3.5 PO4 PO 4.1 PO 4.2 PO 4.3 PO 4.4 PO 4.5 PO 4.6 PO 4.7 PO 4.8 PO 4.9 PO 4.10 PO 4.11 PO 4.12 PO 4.13 PO 4.14 PO 4.15 PO5 PO 5.1 PO 5.2 PO 5.3 PO6 PO 6.1 PO 6.10 PO 6.11 PO 6.2 PO 6.3 PO 6.4 PO 6.5 PO 6.6 PO 6.7 PO 6.8 PO 6.9 PO7 PO 7.1 PO 7.2 PO 7.3 PO 7.4 PO 7.5

ITIL Book
ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management

Define a Strategic IT Plan IT as Part of the Organisation's Long- and Short-Range Plan IT Long-Range Plan IT Long-Range Planning-Approach and Structure IT Long-Range Plan Changes Short-Range Planning for the IT Function Communication of IT Plans Monitoring and Evaluating of IT Plans Assessment of Existing Systems Define the Information Architecture Information Architecture Model Corporate Data Dictionary and Data Syntax Rules Data Classification Scheme Security Levels Determine Technological Direction Technological Infrastructure Planning Monitor Future Trends and Regulations Technological Infrastructure Contingency Hardware and Software Acquisition Plans Technology Standards Define the IT Organisation and Relationships IT Planning or Steering Committee Organisational Placement of the IT Function Review of Organisational Achievements Roles and Responsibilities Responsibility for Quality Assurance Responsibility for Logical and Physical Security Ownership and Custodianship Data and System Ownership Supervision Segregation of Duties IT Staffing Job or Position Descriptions for IT Staff Key IT Personnel Contracted Staff Policies and Procedures Relationships Manage the IT Investment Annual IT Operating Budget Cost and Benefit Monitoring Cost and Benefit Justification Communicate Management Aims and Direction Positive Information Control Environment Management's Responsibility for Policies Communication of Organisation Policies Policy Implementation Resources Maintenance of Policies Compliance with Policies, Procedures and Standards Quality Commitment Security and Internal Control Framework Policy Intellectual Property Rights Issue-Specific Policies Communication of IT Security Awareness Manage Human Resources Personnel Recruitment and Promotion Personnel Qualifications Roles and Responsibilities Personnel Training Cross-Training or Staff Back-up

ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Service Delivery & Service Support & ICT IM ITIL Service Delivery & Service Support & ICT IM ITIL Service Delivery & Service Support & ICT IM ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL Service Delivery & Service Support & ICT IM ITIL Security Management ITIL Service Delivery & Service Support & ICT IM ITIL Service Delivery & Service Support & ICT IM ITIL Service Delivery & Service Support & ICT IM ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Security Management ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Planning to implement Service Management n.a. ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Service Delivery & Service Support & ICT IM ITIL Service Delivery & Service Support & ICT IM ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management

(c) Glenfis AG

www.glenfis.ch

Datum: 8/13/2008

Glenfis AG

ITIL zu COBIT Prozess Mapping
Planning & Organisation ITIL Process
generic Where are we now: People n.a. n.a. n.a. n.a. generic n.a. n.a. ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL Business Business Business Business Business Business Business Business Continuity Continuity Continuity Continuity Continuity Continuity Continuity Continuity Management Management Management Management Management Management Management Management

Seite 10 von 16

PO
PO 7.6 PO 7.7 PO 7.8 PO8 PO 8.1 PO 8.2 PO 8.3 PO 8.4 PO 8.5 PO 8.6 PO9 PO 9.1 PO 9.2 PO 9.3 PO 9.4 PO 9.5 PO 9.6 PO 9.7 PO 9.8 PO10 PO 10.1 PO 10.10 PO 10.11 PO 10.12 PO 10.13 PO 10.2 PO 10.3 PO 10.4 PO 10.5 PO 10.6 PO 10.7 PO 10.8 PO 10.9 PO11 PO 11.1 PO 11.2 PO 11.3 PO 11.4 PO 11.5 PO 11.6 PO 11.7 PO 11.8 PO 11.9 PO 11.10 PO 11.11 PO 11.12 PO 11.13 PO 11.14 PO 11.15 PO 11.16 PO 11.17 PO 11.18 PO 11.19

ITIL Book
ITIL Security Management ITIL ICT Infrastructure Management n.a. n.a. n.a. n.a. n.a. ITIL Security Management n.a. n.a. ITIL The Business Perspective ITIL The Business Perspective ITIL The Business Perspective ITIL The Business Perspective ITIL The Business Perspective ITIL The Business Perspective ITIL The Business Perspective ITIL The Business Perspective ITIL The Business Perspective n.a. n.a. ITIL Application ITIL Application ITIL Application ITIL Application ITIL Application ITIL Application n.a. n.a. n.a. n.a. ITIL Application ITIL Application

Personnel Clearance Procedures Employee Job Performance Evaluation Job Change and Termination Ensure Compliance with External Requirements External Requirements Review Practices and Procedures for Complying with External Requirements Safety and Ergonomic Compliance Privacy, Intellectual Property and Data Flow Electronic Commerce Compliance with Insurance Contracts Assess Risks Business Risk Assessment Risk Assessment Approach Risk Identification Risk Measurement Risk Action Plan Risk Acceptance Safeguard Selection Risk Assessment Commitment Manage Projects Project Management Framework User Department Participation in Project Initiation Project Team Membership and Responsibilities Project Definition Project Approval Project Phase Approval Project Master Plan System Quality Assurance Plan Planning of Assurance Methods Formal Project Risk Management Test Plan Training Plan Post-Implementation Review Plan Manage Quality General Quality Plan Quality Assurance Approach Quality Assurance Planning Quality Assurance Review of Adherence to IT Standards and Procedures System Development Life Cycle Methodology System Development Life Cycle Methodology for Major Changes to Existing Technology Updating of the System Development Life Cycle Methodology Coordination and Communication Acquisition and Maintenance Framework for the Technology Infrastructure Third-Party Implementor Relationships Programme Documentation Standards Programme Testing Standards System Testing Standards Parallel/Pilot Testing System Testing Documentation Quality Assurance Evaluation of Adherence to Development Standards Quality Assurance Review of the Achievement of IT Objectives Quality Metrics Reports of Quality Assurance Reviews

n.a. Readiness Assessment (Provide a baseline for Risk Mgmt) Design, Build, Deploy: Testing Deploy: training strategies Optimize: Application review Process Managing the business Value Organising roles and functions n.a. n.a. n.a. n.a. The Application Management lifecycle Control methods and techniques Quality Management Quality Management Formal quality initiatives Formal quality initiatives ITIL Application Management The Application Management lifecycle Control methods and techniques Communication plan n.a. n.a. Control methods and techniques Control methods and techniques Control methods and techniques Deploy: Pilot Deployment Control methods and techniques Control methods and techniques Critical success factors and Key performance indicators Critical success factors and Key performance indicators Ongoing monitoring and process reviews

Management Management Management Management Management Management

Management Management

ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Application Management ITIL Application Management ITIL Application Management ITIL Application Management ITIL Application Management ITIL Planning to implement Service Management n.a. n.a. ITIL Application Management ITIL Application Management ITIL Application Management ITIL Application Management ITIL Application Management ITIL Application Management ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Planning to implement Service Management

(c) Glenfis AG

www.glenfis.ch

Datum: 8/13/2008

Glenfis AG

ITIL zu COBIT Prozess Mapping
Acquisition & Implementation ITIL Process
Managing the business value Defining the delivery strategy Defining the delivery strategy n.a. n.a. n.a. n.a. Readiness Assessment n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. Control Methods and techniques ITIL Change Management ITIL Change Management ITIL Change Management n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. ITIL Change Management Application review process Operational control and mgmt of the services, components and their config. Proactive operational Mgmt & Availability Mgmt generic Operational control and mgmt of the services, components and their config. Operational control and mgmt of the services, components and their config. ITIL Change Management n.a. Service Level Management, SLA, OLA, UC Deploy; Distributing applications Deploy; Distributing applications Deploy; Training strategy ITIL ITIL ITIL ITIL ITIL ITIL Release Management Change Management Release Management Release Management Release Management Change Management (Rollout plan) (Rollout plan) (Rollout plan) (Rollout plan)

Seite 11 von 17

AI
AI1 AI 1.1 AI 1.2 AI 1.3 AI 1.4 AI 1.5 AI 1.6 AI 1.7 AI 1.8 AI 1.9 AI 1.10 AI 1.11 AI 1.12 AI 1.13 AI 1.14 AI 1.15 AI 1.16 AI 1.17 AI 1.18 AI2 AI 2.1 AI 2.2 AI 2.3 AI 2.4 AI 2.5 AI 2.6 AI 2.7 AI 2.8 AI 2.9 AI 2.10 AI 2.11 AI 2.12 AI 2.13 AI 2.14 AI 2.15 AI 2.16 AI 2.17 AI3 AI 3.1 AI 3.2 AI 3.3 AI 3.4 AI 3.5 AI 3.6 AI 3.7 AI4 AI 4.1 AI 4.2 AI 4.3 AI 4.4 AI5 AI 5.1 AI 5.2 AI 5.3 AI 5.4 AI 5.5 AI 5.6

ITIL Book
ITIL Application Management ITIL Application Management ITIL Application Management ITIL Application Management ITIL Application Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL Application Management n.a. n.a. ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management n.a. ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL Application Management ITIL Application Management ITIL Service Support ITIL Service Support ITIL Service Support n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. ITIL Service Support ITIL Application Management ITIL Application Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management & ITIL Service Delivery IITIL Security Management ITIL ICT Infrastructure Management ITIL Availability Management ITIL Service Support ITIL ICT Infrastructure Management ITIL Application Management ITIL Service Delivery ITIL Application Management ITIL Application Management ITIL Application Management ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support

Identify Automated Solutions Definition of Information Requirements Formulation of Alternative Courses of Action Formulation of Acquisition Strategy Third-Party Service Requirements Technological Feasibility Study Economic Feasibility Study Information Architecture Risk Analysis Report Cost-Effective Security Controls Audit Trails Design Ergonomics Selection of System Software Procurement Control Software Product Acquisition Third-Party Software Maintenance Contract Application Programming Acceptance of Facilities Acceptance of Technology Acquire and Maintain Application Software Design Methods Major Changes to Existing Systems Design Approval File Requirements Definition and Documentation Programme Specifications Source Data Collection Design Input Requirements Definition and Documentation Definition of Interfaces User-Machine Interface Processing Requirements Definition and Documentation Output Requirements Definition and Documentation Controllability Availability as a Key Design Factor IT Integrity Provisions in Application Programme Software Application Software Testing User Reference and Support Materials Reassessment of System Design Acquire and Maintain Technology Infrastructure Assessment of New Hardware and Software Preventative Maintenance for Hardware System Software Security System Software Installation System Software Maintenance System Software Change Controls Use and Monitoring of System Utilities Develop and Maintain Procedures Operational Requirements and Service Levels User Procedures Manual Operations Manual Training Materials Install and Accredit Systems Training Application Software Performance Sizing Implementation Plan System Conversion Data Conversion Testing Strategies and Plans

(c) Glenfis AG

www.glenfis.ch

Datum: 8/13/2008

Glenfis AG

ITIL zu COBIT Prozess Mapping
Acquisition & Implementation ITIL Process
ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL Change Management Release Management Release Management Release Management Change Management Release Management Change Management Release Management Change Management Change Management Change Management Change Management Change Management Change Management Release Management Release Management ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL Service Service Service Service Service Service Service Service Support Support Support Support Support Support Support Support

Seite 12 von 17

AI
AI AI AI AI AI AI AI AI 5.7 5.8 5.9 5.10 5.11 5.12 5.13 5.14

ITIL Book

Testing of Changes Parallel/Pilot Testing Criteria and Performance Final Acceptance Test Security Testing and Accreditation Operational Test Promotion to Production Evaluation of Meeting User Requirements Management's Post-Implementation Review Manage Changes Change Request Initiation and Control Impact Assessment Control of Changes Emergency Changes Documentation and Procedures Authorised Maintenance Software Release Policy Distribution of Software

AI6 AI 6.1 AI 6.2 AI 6.3 AI 6.4 AI 6.5 AI 6.6 AI 6.7 AI 6.8

ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support

(c) Glenfis AG

www.glenfis.ch

Datum: 8/13/2008

Glenfis AG

ITIL zu COBIT Prozess Mapping
Delivery & Support ITIL Processe
ITIL Service Level Management ITIL Service Level Management ITIL Service Level Management ITIL Service Level Management ITIL Service Level Management ITIL Service Level Management ITIL Service Level Management ITIL Service Level Management ITIL Capacity & ITSCM & Security Mgmt ITIL Capacity Management ITIL Capacity Management ITIL Service Level Management (Underpinning Contracts) ITIL Capacity Management ITIL Service Level Management ITIL Service Continuity Management generic ITIL Service Level Management ITIL Availability & Capacity Mgmt ITIL Availability Management ITIL Availability Management ITIL Availability Management ITIL Availability Management ITIL Capacity Management ITIL Capacity Management ITIL Capacity Management ITIL Capacity Management ITIL Capacity Management ITIL ITSCM ITIL Service Continuity ITIL Service Continuity ITIL Service Continuity ITIL Service Continuity ITIL Service Continuity ITIL Service Continuity ITIL Service Continuity ITIL Service Continuity ITIL Service Continuity ITIL Service Continuity ITIL Service Continuity ITIL Service Continuity ITIL Service Continuity Management Management Management Management Management Management Management Management Management Management Management Management Management

Seite 13 von 17

DS
DS1 DS 1.1 DS 1.2 DS 1.3 DS 1.4 DS 1.5 DS 1.6 DS 1.7 DS2 DS 2.1 DS 2.2 DS 2.3 DS 2.4 DS 2.5 DS 2.6 DS 2.7 DS 2.8 DS3 DS 3.1 DS 3.2 DS 3.3 DS 3.4 DS 3.5 DS 3.6 DS 3.7 DS 3.8 DS 3.9 DS4 DS 4.1 DS 4.2 DS 4.3 DS 4.4 DS 4.5 DS 4.6 DS 4.7 DS 4.8 DS 4.9 DS 4.10 DS 4.11 DS 4.12 DS 4.13 DS5 DS 5.1 DS 5.2 DS 5.3 DS 5.4 DS 5.5 DS 5.6 DS 5.7 DS 5.8 DS 5.9 DS 5.10 DS 5.11 DS 5.12 DS 5.13 DS 5.14

ITIL Book
ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Security Management ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL ICT Infrastructure Management ITIL Security Management ITIL Security Management ITIL Security Management ITIL Security Management ITIL Security Management ITIL Security Management ITIL ICT Infrastructure Management ITIL Security Management ITIL Security Management ITIL Security Management ITIL ICT Infrastructure Management ITIL Security Management ITIL Security Management ITIL Security Management

Define and Manage Service Levels Service Level Agreement Framework Aspects of Service Level Agreements Performance Procedures Monitoring and Reporting Review of Service Level Agreements and Contracts Chargeable Items Service Improvement Programme Manage Third-Party Services Supplier Interfaces Owner Relationships Third-Party Contracts Third-Party Qualifications Outsourcing Contracts Continuity of Services Security Relationships Monitoring Manage Performance and Capacity Availability and Performance Requirements Availability Plan Monitoring and Reporting Modeling Tools Proactive Performance Management Workload Forecasting Capacity Management of Resources Resources Availability Resources Schedule Ensure Continuous Service IT Continuity Framework IT Continuity Plan Strategy and Philosophy IT Continuity Plan Contents Minimising IT Continuity Requirements Maintaining the IT Continuity Plan Testing the IT Continuity Plan IT Continuity Plan Training IT Continuity Plan Distribution User Department Alternative Processing Back-up Procedures Critical IT Resources Back-up Site and Hardware Off-site Back-up Storage Wrap-up Procedures Ensure Systems Security Manage Security Measures Identification, Authentication and Access Security of Online Access to Data User Account Management Management Review of User Accounts User Control of User Accounts Security Surveillance Data Classification Central Identification and Access Rights Management Violation and Security Activity Reports Incident Handling Reaccreditation Counterparty Trust Transaction Authorisation

ITIL ICT Infrastructure Management generic generic generic generic generic generic Management and control of all aspects of ICT operational security generic generic generic Management and control of all aspects of ICT operational security generic generic generic

(c) Glenfis AG

www.glenfis.ch

Datum: 8/13/2008

Glenfis AG

ITIL zu COBIT Prozess Mapping
Delivery & Support ITIL Processe
generic generic generic Management Management Management Management ITIL ITIL ITIL ITIL ITIL ITIL ITIL

Seite 14 von 17

DS
DS DS DS DS DS DS DS 5.15 5.16 5.17 5.18 5.19 5.20 5.21

ITIL Book
Security Management Security Management Security Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management

Non-Repudiation Trusted Path Protection of Security Functions Cryptographic Key Management Malicious Software Prevention, Detection and Correction Firewall Architectures and Connections with Public Networks Protection of Electronic Value Identify and Allocate Costs Chargeable Items Costing Procedures User Billing and Chargeback Procedures Educate and Train Users Identification of Training Needs Training Organisation Security Principles and Awareness Training Assist and Advise Customers Help Desk Registration of Customer Queries Customer Query Escalation Monitoring of Clearance Trend Analysis and Reporting Manage the Configuration Configuration Recording Configuration Baseline Status Accounting Configuration Control Unauthorised Software Software Storage Configuration Management Procedures Software Accountability Manage Problems and Incidents Problem Management System Problem Escalation Problem Tracking and Audit Trail Emergency and Temporary Access Authorisations Emergency Processing Priorities Manage Data Data Preparation Procedures Source Document Authorisation Procedures Source Document Data Collection Source Document Error Handling Source Document Retention Data Input Authorisation Procedures Accuracy, Completeness and Authorisation Checks Data Input Error Handling Data Processing Integrity Data Processing Validation and Editing Data Processing Error Handling Output Handling and Retention Output Distribution Output Balancing and Reconciliation Output Review and Error Handling Security Provision for Output Reports Protection of Sensitive Information During Transmission and Transport

and and and and

control control control control

of of of of

all all all all

aspects aspects aspects aspects

of of of of

ICT ICT ICT ICT

operational operational operational operational

security security security security

DS6 DS 6.1 DS 6.2 DS 6.3 DS7 DS 7.1 DS 7.2 DS 7.3 DS8 DS 8.1 DS 8.2 DS 8.3 DS 8.4 DS 8.5 DS9 DS 9.1 DS 9.2 DS 9.3 DS 9.4 DS 9.5 DS 9.6 DS 9.7 DS 9.8 DS10 DS 10.1 DS 10.2 DS 10.3 DS 10.4 DS 10.5 DS11 DS 11.1 DS 11.2 DS 11.3 DS 11.4 DS 11.5 DS 11.6 DS 11.7 DS 11.8 DS 11.9 DS 11.10 DS 11.11 DS 11.12 DS 11.13 DS 11.14 DS 11.15 DS 11.16 DS 11.17

ITIL Financial Mgmt for IT Services ITIL Financial Management ITIL Financial Management ITIL Financial Management Deployment; Training Deployment; Training Deployment; Training ITIL Service Desk & Incident Mgmt ITIL Service Desk ITIL Incident Management ITIL Incident Management ITIL Incident Management ITIL Problem Management ITIL Configuration Management ITIL Configuration Management ITIL Configuration Management ITIL Configuration Management ITIL Configuration Management ITIL Configuration Management ITIL Configuration Management (DSL) ITIL Configuration Management ITIL Configuration Management ITIL Incident, Problem & Change Mgmt ITIL Incident Management (Begriffsabgrenzung unklar Problem, Incident) ITIL Incident Management ITIL Problem Management ITIL Change Management ITIL Change Management Management Management Management Management Management Management Management Management Management Management Management Management Management Management Management Management Management of the supporting operational process of the supporting operational process of the supporting operational process of the supporting operational process of the supporting operational process of the supporting operational process and control of all aspects of ICT operational and control of all aspects of ICT operational and control of all aspects of ICT operational and control of all aspects of ICT operational of the supporting operational process of the supporting operational process of the supporting operational process of the supporting operational process of the supporting operational process and control of all aspects of ICT operational and control of all aspects of ICT operational

ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL Security Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management

security security security security

security security

(c) Glenfis AG

www.glenfis.ch

Datum: 8/13/2008

Glenfis AG

ITIL zu COBIT Prozess Mapping
Delivery & Support ITIL Processe
Management and control of all aspects of ICT operational security Storage Management, Backup & Recovery Storage Management, Backup & Recovery Storage Management, Backup & Recovery Storage Management, Backup & Recovery Storage Management, Backup & Recovery Storage Management, Backup & Recovery Storage Management, Backup & Recovery Storage Management, Backup & Recovery generic generic generic generic generic: Vertraulichkeit, Integrität, Verfügbarkeit n.a. n.a. n.a. n.a. n.a. n.a. Workload, Workload, Workload, Workload, Workload, Workload, Workload, Workload, output, output, output, output, output, output, output, output, resilience resilience resilience resilience resilience resilience resilience resilience testing testing testing testing testing testing testing testing management management management management management management management management and and and and and and and and scheduling scheduling scheduling scheduling scheduling scheduling scheduling scheduling ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL

Seite 15 von 17

DS
DS DS DS DS DS DS DS DS DS DS DS DS DS 11.18 11.19 11.20 11.21 11.22 11.23 11.24 11.25 11.26 11.27 11.28 11.29 11.30

ITIL Book
ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management Security Management Security Management Security Management Security Management

Protection of Disposed Sensitive Information Storage Management Retention Periods and Storage Terms Media Library Management System Media Library Management Responsibilities Back-up and Restoration Back-up Jobs Back-up Storage Archiving Protection of Sensitive Messages Authentication and Integrity Electronic Transaction Integrity Continued Integrity of Stored Data Manage Facilities Physical Security Low Profile of the IT Site Visitor Escort Personnel Health and Safety Protection Against Environmental Factors Uninterruptible Power Supply Manage Operations Processing Operations Procedures and Instructions Manual Start-up Process and Other Operations Documentation Job Scheduling Departures from Standard Job Schedules Processing Continuity Operations Logs Safeguard Special Forms and Output Devices Remote Operations

DS12 DS 12.1 DS 12.2 DS 12.3 DS 12.4 DS 12.5 DS 12.6 DS13 DS 13.1 DS 13.2 DS 13.3 DS 13.4 DS 13.5 DS 13.6 DS 13.7 DS 13.8

ITIL Security Management

ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management

(c) Glenfis AG

www.glenfis.ch

Datum: 8/13/2008

Glenfis AG
M
M1 M 1.1 M 1.2 M 1.3 M 1.4 M2 M 2.1 M 2.2 M 2.3 M 2.4 Monitor the Processes Collecting Monitoring Data Assessing Performance Assessing Customer Satisfaction Management Reporting Assess Internal Control Adequacy Internal Control Monitoring Timely Operation of Internal Controls Internal Control Level Reporting Operational Security and Internal Control Assurance

ITIL zu COBIT Prozess Mapping
Monitoring
ITIL ITIL ITIL ITIL n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a.

Seite 16 von 17

ITIL Process
Service Service Service Service Level Level Level Level Management Management Management Management ITIL ITIL ITIL ITIL ITIL n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a. n.a.

ITIL Book
Service Service Service Service Service Delivery Delivery Delivery Delivery Delivery

M3 Obtain Independent Assurance M 3.1 Independent Security and Internal Control Certification/Accreditation of IT Services Independent Security and Internal Control Certification/Accreditation of Third-Party Service M 3.2 Providers M 3.3 Independent Effectiveness Evaluation of IT Services M 3.4 Independent Effectiveness Evaluation of Third-Party Service Providers Independent Assurance of Compliance with Laws and Regulatory Requirements and M 3.5 Contractual Commitments Independent Assurance of Compliance with Laws and Regulatory Requirements and M 3.6 Contractual Commitments by Third-Party Service Providers M 3.7 Competence of Independent Assurance Function M 3.8 Proactive Audit Involvement M4 M 4.1 M 4.2 M 4.3 M 4.4 M 4.5 M 4.6 M 4.7 M 4.8 Provide for Independent Audit Audit Charter Independence Professional Ethics and Standards Competence Planning Performance of Audit Work Reporting Follow-up Activities

(c) Glenfis AG

www.glenfis.ch

Datum: 8/13/2008


								
To top