Book Review: COBIT 5 for Business Benefits Realization

COBIT 5 for Business Benefits Realization
Author: ISACA | Reviewed by Larry Marks, CISA, CISM, CGEIT, CRISC, CFE, CISSP, CSTE, ITIL, PMP
Date Published: 3 February 2017

Article by ISACA on COBIT 5 for Business Benefits RealizationCOBIT 5 for Business Benefits Realization is part of the COBIT 5 body of knowledge, which covers audit and assurance, risk management, information security, regulations and compliance, IT operations, governance of IT (GEIT), as well as value from IT investments.

This short reference book walks through a firm’s governance structure and identifies high-level strategies that have to be considered in the context of the enterprise environment to gain value for application. This book has chapters on strategic planning, applying COBIT 5 to gain business benefits and practical guidance on enabling COBIT 5. It is a principles-based book, covering topics such as the governance of communications, people, process and technology, and it covers project and program management. It provides guidelines, glossaries and key implementation considerations to help the implementer, whom ISACA calls the “enabler,” to assure a successful implementation of COBIT 5. The book provides several responsible, accountable, consulted and informed (RACI) charts, which an enterprise’s risk or senior management can use to implement a governance structure or delegate authority. However, readers would benefit from more tangible advice about enabling project, program or portfolio management to add value to an enterprise and the book’s guidance is sometimes too generic, such as when it covers related metrics.

The book’s most valuable content is in its discussions of innovation forums and the efforts needed to enable a positive atmosphere, innovation and experimentation without fanfare. This book provides food for thought that enablers can review and apply to their current environments. It is guidance like this that keeps organizations evergreen and encourages them to provide useful and relevant thought leadership.

The book suggests implementing a repeatable process to create an environment conducive to analyzing and implementing opportunities for business and IT innovation. This involves reaching out to employees across the enterprise for ideas on improvement. Enterprises seeking involvement and participation from the collective whole will find this content useful. Such an environment goes beyond leadership requiring involvement from all employees in the enterprise.

Editor’s Note

COBIT 5 for Business Benefits Realization is available from the ISACA Bookstore. For more information, visit h04.v6pu.com/bookstore, contact Support or telephone +1.847.660.5650.

Reviewed by Larry Marks, CISA, CRISC, CISM, CGEIT, CFE, CISSP, CRVPM, CSTE, ITIL, PMP
Is a risk manager with extensive experience in managing and implementing processes, policies and technology regarding risk, security, governance, program management, compliance, internal controls and information security in the financial services, insurance, health care and telecommunications industries. He has helped manage project management offices at various Fortune 100 firms. Marks has been published in the ISACA Journal, (ISC)2 Journal, PMI Journal and ProjectManagement.com.