//
you're reading...
Information Security, IT & TECHNOLOGY

COBIT 5—Yoga for Enterprise IT


ISACA-Logo

Yoga is a popular science and art of well-being. Its benefits range from as modest as being helpful for fixing specific ailments or disorders to transforming one’s body-mind communion to attain a state of eternal exhilaration and union, by aligning oneself with the world and nature.

Consider applying the concept of yoga to enterprise IT—if business is seen as the body, information surely is its mind. And, the right information at the right time with the right person can make the difference between exceptional success and dooming failure.

Given that we now inhabit an increasingly connected digital world, there is less disagreement on the ever more critical dependence on IT. Businesses clearly recognise the strategic nature of IT, but also often find themselves entangled in a range of IT pains and disillusioning disorders. Such issues include IT operational issues, IT project failures, cost over-runs and data breaches and a stagnating, or, at the other extreme, hyper IT that keeps costing resources and attention, without synchronised business deliveries. Baffled with finding the answers, organisations increasingly tend to find themselves at a loss when it comes to ascertaining the right approach to making IT work optimally for business.

COBIT 5 is a framework for enterprise IT governance that provides compelling reasons for a shift in an enterprise’s approach to management and governance of enterprise IT. Built on five key principles, many of COBIT 5’s principles resonate the yogic thinking, such as starting with the need to focus on stakeholders’ needs, covering the enterprise end to end, adopting a single aligned framework with a holistic approach and separating governance from management.

Many organisations suffering from impulsive or chronic IT operational and management issues have found solutions from COBIT 5 to effectively alleviate their burning pain points. But then there are the larger and often constipated IT governance questions of finding sustainable ways to make enterprise IT naturally meet strategic, compliance and reporting needs. Profound IT governance issues include chronic disorders, such as IT management deadlocks, certification fatigue, and goal disconnects between the board, the executive level and underlying operational layers. Also, governance issues can include, as I mentioned previously, either a stagnating or disintegrating IT or hyper IT.

As with yoga, there is emerging realisation that in the digital connected world, there are fewer chances for a business entity to achieve sustainable growth, unless it clearly recognises how it can make a difference to the world at large. There is a need for moving from an inside-out-focused thinking to one that is outside-in-driven. The focus on the goal needs to clearly shift from chasing profits and numbers to being relevant and making a difference to stakeholders, and aligning enterprise IT capabilities accordingly.

As a first step, take a cue from the transformational aspects of yoga that first looks at transforming the fundamental thinking through deeper introspection on questions such as, “Why do I exist?” Enterprise leadership could apply this question in their capacity as stakeholder representatives. That would help trigger a whole business-IT (body-mind) transformation at every layer. And, when an organisation experiences such a transformed realisation, suddenly it tends to be unexpectedly rewarded with answers and solutions that appear to be so simple—as if they were always there—and loaded with eternal benefits for all stakeholders.

To achieve this, an organisation would need to look within. It needs to challenge its approach at every layer of enterprise IT to see if what is being done has the goal of stakeholder value maximisation in mind, rather than the narrow perspective of maximising its own profits and numbers. All of this means experiencing information and IT capability empowerment at every level—not for mere IT sake but for governance sake.

Much like there is no one form of yoga that fits all, there is also no one COBIT 5 approach that will fit every organisation. Every organisation will, according to its near- and long-term goals, need to churn through the COBIT 5 guidance to concoct its own IT governance framework that aligns with its business and enterprise IT needs. Besides, an IT governance approach founded on COBIT 5 not only co-exists very well, but also inspires greater alignment with various standards that an enterprise considers as relevant.

If approached and practiced diligently enterprise-wide, every organisation could experience several rewards that include quality information-driven decisions, maximising stakeholder value from IT enabled investments, IT operational excellence, and IT risk and resource optimisation.

Hence, it may not be out of place to believe that to survive and sustain in the emerging global cyber economy, enterprises could do well to move from their narrow pursuit of IT happiness to a broader expression of enterprise information-aligned IT joy!

Vittal Raj,CISA, CISM, CGEIT, CRISC, CFE, CIA, CISSP, FCA, COBIT 5 Foundation Accredited Trainer
Founder and partner of M/s. Kumar & Raj, and Director at Pristine Consulting Private Limited

[ISACA Blog]

About @PhilipHungCao

@PhilipHungCao, CISM, CCSP, CCSK, CASP, CIW-WSP, GICSP, PCNSE, ACSP, CCDA, DCSE, JNCIA, MCTS, MCSA, VCP5-DCV, VCP6-NV, ZCNT is a #TekF@rmer. He has 16 years' experience in ICT/Cybersecurity industry in various sectors & positions.

Discussion

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Web Stats

  • 119,159 hits
@PhilipHungCao

@PhilipHungCao

@PhilipHungCao, CISM, CCSP, CCSK, CASP, CIW-WSP, GICSP, PCNSE, ACSP, CCDA, DCSE, JNCIA, MCTS, MCSA, VCP5-DCV, VCP6-NV, ZCNT is a #TekF@rmer. He has 16 years' experience in ICT/Cybersecurity industry in various sectors & positions.

Personal Links

View Full Profile →

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 2,247 other followers

Twitter Updates

Archives

August 2015
M T W T F S S
« Jul   Sep »
 12
3456789
10111213141516
17181920212223
24252627282930
31  
%d bloggers like this: