Itil Cobit Mapping
This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA
Overview
Download & View Itil Cobit Mapping as PDF for free.
More details
- Words: 5,685
- Pages: 16
Glenfis AG
(c) Glenfis AG
ITIL COBIT Mapping Overview
www.glenfis.ch www.itil.org www.bs15000.ch
Seite 1 von 16
V 2.2
Glenfis AG
(c) Glenfis AG
ITIL COBIT Mapping Overview
www.glenfis.ch www.itil.org www.bs15000.ch
Seite 2 von 16
V 2.2
Glenfis AG
(c) Glenfis AG
ITIL COBIT Mapping Overview
www.glenfis.ch www.itil.org www.bs15000.ch
Seite 3 von 16
V 2.2
Glenfis AG
ITIL COBIT Mapping Overview
ITIL Service Management Process
Process
Control Objective
Seite 4 von 16
COBIT Process
1. SERVICE LEVEL MANAGEMENT The SLM Process Planning the Process Implementing the Process The On-going Process SLA contents and key targets Key Performance Indicators and metrics for SLM efficiency and effectiveness
DS DS DS DS DS DS DS
1 1 1 1 1 1 1
DS DS DS DS DS DS DS
1.0 1.1 1.2 1.2 1.5 1.2 1.4
Define and Manage Service Levels Service Level Agreement Framework Aspects of Service Level Agreements Aspects of Service Level Agreements Review of Service Level Agreements and Contracts Aspects of Service Level Agreements Monitoring and Reporting
2. FINANCIAL MANAGEMENT FOR IT SERVICES Budgeting Developing the IT Accounting system Developing the Charging System Planning for IT Accounting and Charging Implementation Ongoing management and operation
PO 5 PO 5 PO 5 DS 6 DS 6 DS 6 DS 6
PO PO PO DS DS DS DS
5.0 5.1 5.1 6.2 6.1 6.0 6.3
Manage the IT Investment Annual IT Operating Budget Annual IT Operating Budget Costing Procedures Chargeable Items Identify and Allocate Costs User Billing and Chargeback Procedures
3. CAPACITY MANAGEMENT The Capacity Management process Activities in Capacity Management Costs, benefits and possible problems Planning and implementation Review of the Capacity Management process Interfaces with other SM processes
DS 3 DS 3 DS 3 DS 3 DS 3 DS 3 n.a.
DS 3.0 DS 3.0 DS 3.7 DS 3.7 DS 3.0 DS 3.3 n.a.
Manage Performance and Capacity Manage Performance and Capacity Capacity Management of Resources Capacity Management of Resources Manage Performance and Capacity Monitoring and Reporting n.a.
4. IT Service Continuity Management Scope of ITSCM The Business Continuity Lifecycle Management Structure Generating awareness Interfaces with other SM processes
DS 4 DS 4 DS 4 DS 4 DS 4 n.a.
DS 4.0 DS 4.1 DS 4.1 DS 4.1 DS 4.1 n.a.
Ensure Continuous Service IT Continuity Framework IT Continuity Framework IT Continuity Framework IT Continuity Framework n.a.
5. AVAILABILITY MANAGEMENT
DS 4
DS 4.0
Ensure Continuous Service
(c) Glenfis AG
www.glenfis.ch www.itil.org www.bs15000.ch
V 2.2
Glenfis AG
ITIL COBIT Mapping Overview
Basic concepts The Availability Management Process The Cost of (Un)Availability Availability Planning Availability improvement Availability measurement and reporting Availability Management tools Availability Management methods and techniques
DS DS PO DS DS DS DS DS
4 4 9 3 4 3 3 3
6. THE SERVICE DESK Overview Implementing a Service Desk infrastructure Service Desk technologies Service Desk responsibilities, functions, staffing levels etc Service Desk staffing skill set Setting up a Service Desk environment Service Desk education and training Service Desk processes and procedures Incident reporting and review
DS 8 DS 8 DS 8 n.a. PO 4 PO 7 PO 8 PO 7 DS 8 DS 5
DS DS PO DS DS DS DS DS
4.2 4.0 9.4 3.2 4.4 3.3 3.4 3.0
Seite 5 von 16 IT Continuity Plan Strategy and Philosophy Ensure Continuous Service Assess Risks Availability Plan Minimising IT Continuity Requirements Monitoring and Reporting Modeling Tools Manage Performance and Capacity
DS 8.0 DS 8.1 DS 8.1 n.a. PO 4.4 PO 7.4 PO 8.1 PO 7.4 DS 8.0 DS 5.10
Assist and Advise Customers Help Desk Help Desk n.a. Roles and Responsibilities Personnel Training External Requirements Review Personnel Training Assist and Advise Customers Violation and Security Activity Reports
7. INCIDENT MANAGEMENT Goal of Incident Management Scope of Incident Management Basic concepts Benefits of Incident Management Planning and implementation Incident Management activities Handling of major Incidents Roles of the Incident Management process Key Performance Indicators Tools
DS DS DS DS DS DS DS DS DS DS DS
10 10 10 10 10 10 10 10 10 10 10
DS 10.0 DS 10.0 DS 10.1 DS 10.1 DS 10.1 DS 10.1 DS 10.3 DS 10.2 DS 10.0 DS 10.3 DS 10.1
Manage Problems and Incidents Manage Problems and Incidents Problem Management System Problem Management System Problem Management System Problem Management System Problem Tracking and Audit Trail Problem Escalation Manage Problems and Incidents Problem Tracking and Audit Trail Problem Management System
8. PROBLEM MANAGEMENT Goal of Problem Management Scope of Problem Management Basic concepts Benefits of Problem Management Planning and implementation Problem control activities Error control activities Proactive Problem Management
DS 10 DS 10 DS 10 DS 10 DS 10 DS 10 DS 10 DS 10 DS 8
DS 10.0 DS 10.0 DS 10.1 DS 10.1 DS 10.1 DS 10.1 DS 10.3 DS 10.3 DS 8.5
Manage Problems and Incidents Manage Problems and Incidents Problem Management System Problem Management System Problem Management System Problem Management System Problem Tracking and Audit Trail Problem Tracking and Audit Trail Trend Analysis and Reporting
(c) Glenfis AG
www.glenfis.ch www.itil.org www.bs15000.ch
V 2.2
Glenfis AG
ITIL COBIT Mapping Overview
Seite 6 von 16
Providing information to the support organisation Metrics Roles within Problem Management
DS 8 DS 10 DS 10
DS 8.5 DS 10.0 DS 10.0
Trend Analysis and Reporting Manage Problems and Incidents Manage Problems and Incidents
9. CONFIGURATION MANAGEMENT Goal of Configuration Management Scope of Configuration Management Basic concepts Benefits and possible problems Planning and implementation Activities Process control Relations to other processes Tools specific to the Configuration Management process Impact of new technology Guidance on Configuration Management
DS 9 DS 9 DS 9 DS 9 DS 9 DS 9 DS 9 DS 9 n.a. n.a. n.a. n.a.
DS 9.0 DS 9.0 DS 9.0 DS 9.1 DS 9.1 DS 9.1 DS 9.0 DS 9.0 n.a. n.a. n.a. n.a.
Manage the Configuration Manage the Configuration Manage the Configuration Configuration Recording Configuration Recording Configuration Recording Manage the Configuration Manage the Configuration n.a. n.a. n.a. n.a.
10. CHANGE MANAGEMENT Goal of Change Management Scope of Change Management Basic concepts Benefits, costs and possible problems Activities Planning and implementation Metrics and management reporting Software tools Impact of new technology
AI 6 AI 6 AI 6 AI 6 AI 6 AI 6 AI 6 AI 6 AI 6 n.a.
AI 6.0 AI 6.0 AI 6.0 AI 6.1 AI 6.2 AI 6.0 AI 6.0 AI 6.2 AI 6.3 n.a.
Manage Changes Manage Changes Manage Changes Change Request Initiation and Control Impact Assessment Manage Changes Manage Changes Impact Assessment Control of Changes n.a.
11. RELEASE MANAGEMENT Goal of Release Management Scope of Release Management Basic concepts Benefits and possible problems Planning and implementation Process control Relations to other processes Tools specific to the Release Management process Guidance for successful Release Management
AI 5 AI 5 AI 5 AI 5 AI 5 AI 5 AI 5 n.a. n.a. AI 5
AI 5.0 AI 5.0 AI 5.0 AI 5.0 AI 5.0 AI 5.0 AI 5.0 n.a. n.a. AI 5.0
Install and Accredit Systems Software Release Policy Software Release Policy Software Release Policy Software Release Policy Software Release Policy Software Release Policy n.a. n.a. Software Release Policy
(c) Glenfis AG
www.glenfis.ch www.itil.org www.bs15000.ch
V 2.2
ITIL COBIT Mapping Overview
Glenfis AG
PO
Planning & Organisation
Seite 7 von 16
ITIL Prozess
ITIL Book
PO1 PO 1.1 PO 1.2 PO 1.3 PO 1.4 PO 1.5 PO 1.6 PO 1.7 PO 1.8
Define a Strategic IT Plan IT as Part of the Organisation's Long- and Short-Range Plan IT Long-Range Plan IT Long-Range Planning-Approach and Structure IT Long-Range Plan Changes Short-Range Planning for the IT Function Communication of IT Plans Monitoring and Evaluating of IT Plans Assessment of Existing Systems
Design and Planning: Strategic Management Design and implementing a Plan Setting goals and objectives Developing a strategy Design and implementing a Plan Design and implementing a Plan Deployment: Communication Plan Review and evaluating progress of the plan Review the current position (SWOT)
ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management
PO2 PO 2.1 PO 2.2 PO 2.3 PO 2.4
Define the Information Architecture Information Architecture Model Corporate Data Dictionary and Data Syntax Rules Data Classification Scheme Security Levels
Design and Planning: the ICT Architecture Technology Architecture Technology Architecture n.a. Security Management
ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management
PO3 PO 3.1 PO 3.2 PO 3.3 PO 3.4 PO 3.5
Determine Technological Direction Technological Infrastructure Planning Monitor Future Trends and Regulations Technological Infrastructure Contingency Hardware and Software Acquisition Plans Technology Standards
Design and Planning: the ICT Architecture Technology Architecture Management Architecture (Selecting) IT Service Continuity Mgmt Design and implementing a Plan The design and development of ICT standards and policies
ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL Service Delivery ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management
PO4 PO 4.1 PO 4.2 PO 4.3 PO 4.4 PO 4.5 PO 4.6 PO 4.7 PO 4.8 PO 4.9 PO 4.10 PO 4.11 PO 4.12 PO 4.13 PO 4.14 PO 4.15
Define the IT Organisation and Relationships IT Planning or Steering Committee Organisational Placement of the IT Function Review of Organisational Achievements Roles and Responsibilities Responsibility for Quality Assurance Responsibility for Logical and Physical Security Ownership and Custodianship Data and System Ownership Supervision Segregation of Duties IT Staffing Job or Position Descriptions for IT Staff Key IT Personnel Contracted Staff Policies and Procedures Relationships
generic generic generic Roles, responsibilities and interfaces Roles, responsibilities and interfaces Roles, responsibilities and interfaces Infrastructure Design (Ownership issues) Infrastructure Design (Ownership issues) Roles, responsibilities and interfaces generic ICT Operational Roles ICT Operational Roles ICT Operational Roles Suppliers and Procurement Suppliers and Procurement
ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Service Delivery & Service Support & ICT IM ITIL Service Delivery & Service Support & ICT IM ITIL Service Delivery & Service Support & ICT IM ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL Service Delivery & Service Support & ICT IM ITIL Security Management ITIL Service Delivery & Service Support & ICT IM ITIL Service Delivery & Service Support & ICT IM ITIL Service Delivery & Service Support & ICT IM ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management
PO5 PO 5.1 PO 5.2 PO 5.3
Manage the IT Investment Annual IT Operating Budget Cost and Benefit Monitoring Cost and Benefit Justification
ITIL Financial Mgmt for IT Services ITIL Financial Management ITIL Financial Management ITIL Financial Management
ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery
PO6 PO 6.1 PO 6.10 PO 6.11 PO 6.2 PO 6.3 PO 6.4 PO 6.5 PO 6.6 PO 6.7
Communicate Management Aims and Direction Positive Information Control Environment Management's Responsibility for Policies Communication of Organisation Policies Policy Implementation Resources Maintenance of Policies Compliance with Policies, Procedures and Standards Quality Commitment Security and Internal Control Framework Policy Intellectual Property Rights
Communication the vision generic generic Roles for implementation (Authority Matrix) generic generic generic generic generic
ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Security Management ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Planning to implement Service Management
(c) Glenfis AG
www.glenfis.ch www.itil.org www.bs15000.ch
V 2.2
Glenfis AG
ITIL COBIT Mapping Overview
Seite 8 von 16
PO 6.8 PO 6.9
Issue-Specific Policies Communication of IT Security Awareness
generic n.a.
ITIL Planning to implement Service Management n.a.
PO7 PO 7.1 PO 7.2 PO 7.3 PO 7.4 PO 7.5 PO 7.6 PO 7.7 PO 7.8
Manage Human Resources Personnel Recruitment and Promotion Personnel Qualifications Roles and Responsibilities Personnel Training Cross-Training or Staff Back-up Personnel Clearance Procedures Employee Job Performance Evaluation Job Change and Termination
n.a. Roles, responsibilities and interfaces; Training Roles, responsibilities and interfaces Training Training generic Where are we now: People n.a.
ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Service Delivery & Service Support & ICT IM ITIL Service Delivery & Service Support & ICT IM ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL Security Management ITIL ICT Infrastructure Management n.a.
PO8 PO 8.1 PO 8.2 PO 8.3 PO 8.4 PO 8.5 PO 8.6
Ensure Compliance with External Requirements External Requirements Review Practices and Procedures for Complying with External Requirements Safety and Ergonomic Compliance Privacy, Intellectual Property and Data Flow Electronic Commerce Compliance with Insurance Contracts
n.a. n.a. n.a. generic n.a. n.a.
n.a. n.a. n.a. n.a. ITIL Security Management n.a. n.a.
PO9 PO 9.1 PO 9.2 PO 9.3 PO 9.4 PO 9.5 PO 9.6 PO 9.7 PO 9.8
Assess Risks Business Risk Assessment Risk Assessment Approach Risk Identification Risk Measurement Risk Action Plan Risk Acceptance Safeguard Selection Risk Assessment Commitment
ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL
PO10 PO 10.1 PO 10.10 PO 10.11 PO 10.12 PO 10.13 PO 10.2 PO 10.3 PO 10.4 PO 10.5 PO 10.6 PO 10.7 PO 10.8 PO 10.9
Manage Projects Project Management Framework User Department Participation in Project Initiation Project Team Membership and Responsibilities Project Definition Project Approval Project Phase Approval Project Master Plan System Quality Assurance Plan Planning of Assurance Methods Formal Project Risk Management Test Plan Training Plan Post-Implementation Review Plan
n.a. Readiness Assessment (Provide a baseline for Risk Mgmt) Design, Build, Deploy: Testing Deploy: training strategies Optimize: Application review Process Managing the business Value Organising roles and functions n.a. n.a. n.a. n.a. The Application Management lifecycle Control methods and techniques
n.a. n.a. ITIL Application ITIL Application ITIL Application ITIL Application ITIL Application ITIL Application n.a. n.a. n.a. n.a. ITIL Application ITIL Application
PO11 PO 11.1 PO 11.2 PO 11.3 PO 11.4 PO 11.5 PO 11.6 PO 11.7 PO 11.8 PO 11.9 PO 11.10 PO 11.11 PO 11.12 PO 11.13 PO 11.14 PO 11.15 PO 11.16 PO 11.17
Manage Quality General Quality Plan Quality Assurance Approach Quality Assurance Planning Quality Assurance Review of Adherence to IT Standards and Procedures System Development Life Cycle Methodology System Development Life Cycle Methodology for Major Changes to Existing Technology Updating of the System Development Life Cycle Methodology Coordination and Communication Acquisition and Maintenance Framework for the Technology Infrastructure Third-Party Implementor Relationships Programme Documentation Standards Programme Testing Standards System Testing Standards Parallel/Pilot Testing System Testing Documentation Quality Assurance Evaluation of Adherence to Development Standards Quality Assurance Review of the Achievement of IT Objectives
Quality Management Quality Management Formal quality initiatives Formal quality initiatives ITIL Application Management The Application Management lifecycle Control methods and techniques Communication plan n.a. n.a. Control methods and techniques Control methods and techniques Control methods and techniques Deploy: Pilot Deployment Control methods and techniques Control methods and techniques Critical success factors and Key performance indicators
ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Application Management ITIL Application Management ITIL Application Management ITIL Application Management ITIL Application Management ITIL Planning to implement Service Management n.a. n.a. ITIL Application Management ITIL Application Management ITIL Application Management ITIL Application Management ITIL Application Management ITIL Application Management ITIL Planning to implement Service Management
(c) Glenfis AG
Business Business Business Business Business Business Business Business
Continuity Continuity Continuity Continuity Continuity Continuity Continuity Continuity
www.glenfis.ch www.itil.org www.bs15000.ch
Management Management Management Management Management Management Management Management
ITIL The Business Perspective ITIL The Business Perspective ITIL The Business Perspective ITIL The Business Perspective ITIL The Business Perspective ITIL The Business Perspective ITIL The Business Perspective ITIL The Business Perspective ITIL The Business Perspective
Management Management Management Management Management Management
Management Management
V 2.2
Glenfis AG PO 11.18 Quality Metrics PO 11.19 Reports of Quality Assurance Reviews
(c) Glenfis AG
ITIL COBIT Mapping Overview Critical success factors and Key performance indicators Ongoing monitoring and process reviews
www.glenfis.ch www.itil.org www.bs15000.ch
Seite 9 von 16 ITIL Planning to implement Service Management ITIL Planning to implement Service Management
V 2.2
ITIL COBIT Mapping Overview
Glenfis AG
AI
Process
Acquisition & Implementation
Seite 10 von 16
ITIL Book
AI1 AI 1.1 AI 1.2 AI 1.3 AI 1.4 AI 1.5 AI 1.6 AI 1.7 AI 1.8 AI 1.9 AI 1.10 AI 1.11 AI 1.12 AI 1.13 AI 1.14 AI 1.15 AI 1.16 AI 1.17 AI 1.18
Identify Automated Solutions Definition of Information Requirements Formulation of Alternative Courses of Action Formulation of Acquisition Strategy Third-Party Service Requirements Technological Feasibility Study Economic Feasibility Study Information Architecture Risk Analysis Report Cost-Effective Security Controls Audit Trails Design Ergonomics Selection of System Software Procurement Control Software Product Acquisition Third-Party Software Maintenance Contract Application Programming Acceptance of Facilities Acceptance of Technology
Service Level Management Defining the delivery strategy Defining the delivery strategy Service Level Management Change Management Financial Management for IT Services n.a. Change Management Security Management n.a. n.a. Release Management n.a. n.a. Service Level Management n.a. Build Build
ITIL Application Management ITIL Service Delivery ITIL Application Management ITIL Application Management ITIL Service Delivery ITIL ICT Infrastructure Management ITIL Service Delivery ITIL ICT Infrastructure Management ITIL Service Support ITIL Security Management n.a. ITIL ICT Infrastructure Management ITIL Service Support ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL Service Delivery ITIL Application Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management
AI2 AI 2.1 AI 2.2 AI 2.3 AI 2.4 AI 2.5 AI 2.6 AI 2.7 AI 2.8 AI 2.9 AI 2.10 AI 2.11 AI 2.12 AI 2.13 AI 2.14 AI 2.15 AI 2.16 AI 2.17
Acquire and Maintain Application Software Design Methods Major Changes to Existing Systems Design Approval File Requirements Definition and Documentation Programme Specifications Source Data Collection Design Input Requirements Definition and Documentation Definition of Interfaces User-Machine Interface Processing Requirements Definition and Documentation Output Requirements Definition and Documentation Controllability Availability as a Key Design Factor IT Integrity Provisions in Application Programme Software Application Software Testing User Reference and Support Materials Reassessment of System Design
Control Methods and techniques Change Management Change Management Change Management n.a. Release Management Release Management Release Management Release Management Release Management Change Management Change Management Availability Management Release Management Change Management Release Management Application review process
ITIL Application Management ITIL Application Management ITIL Service Support ITIL Service Support ITIL Service Support n.a. ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Delivery ITIL Service Support ITIL Service Support ITIL Application Management ITIL Application Management
AI3 AI 3.1 AI 3.2 AI 3.3 AI 3.4 AI 3.5 AI 3.6 AI 3.7
Acquire and Maintain Technology Infrastructure Assessment of New Hardware and Software Preventative Maintenance for Hardware System Software Security System Software Installation System Software Maintenance System Software Change Controls Use and Monitoring of System Utilities
Operational control and mgmt of the services, components and their config. Problem Management Security Management Operational control and mgmt of the services, components and their config. Operational control and mgmt of the services, components and their config. Change Management generic
ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL Service Support IITIL Security Management ITIL ICT Infrastructure Management ITIL Service Support ITIL Service Support ITIL ICT Infrastructure Management
AI4 AI 4.1
Develop and Maintain Procedures Operational Requirements and Service Levels
Service Level Management, SLA, OLA, UC
ITIL Application Management ITIL Service Delivery
(c) Glenfis AG
www.glenfis.ch www.itil.org www.bs15000.ch
V 2.2
Glenfis AG
ITIL COBIT Mapping Overview
Seite 11 von 16
AI 4.2 AI 4.3 AI 4.4
User Procedures Manual Operations Manual Training Materials
Deploy; Distributing applications Deploy; Distributing applications Deploy; Training strategy
ITIL Application Management ITIL Application Management ITIL Application Management
AI5 AI 5.1 AI 5.2 AI 5.3 AI 5.4 AI 5.5 AI 5.6 AI 5.7 AI 5.8 AI 5.9 AI 5.10 AI 5.11 AI 5.12 AI 5.13 AI 5.14
Install and Accredit Systems Training Application Software Performance Sizing Implementation Plan System Conversion Data Conversion Testing Strategies and Plans Testing of Changes Parallel/Pilot Testing Criteria and Performance Final Acceptance Test Security Testing and Accreditation Operational Test Promotion to Production Evaluation of Meeting User Requirements Management's Post-Implementation Review
Release Management Change Management Release Management Release Management Release Management Change Management Change Management Release Management Change Management Release Management Release Management Release Management Change Management Change Management
ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support
AI6 AI 6.1 AI 6.2 AI 6.3 AI 6.4 AI 6.5 AI 6.6 AI 6.7 AI 6.8
Manage Changes Change Request Initiation and Control Impact Assessment Control of Changes Emergency Changes Documentation and Procedures Authorised Maintenance Software Release Policy Distribution of Software
Change Management Change Management Change Management Change Management Change Management Change Management Release Management Release Management
(c) Glenfis AG
(Rollout plan) (Rollout plan) (Rollout plan) (Rollout plan)
ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support
www.glenfis.ch www.itil.org www.bs15000.ch
V 2.2
ITIL COBIT Mapping Overview
Glenfis AG
Seite 12 von 16
DS
Delivery & Support
DS1 DS 1.1 DS 1.2 DS 1.3 DS 1.4 DS 1.5 DS 1.6 DS 1.7
Define and Manage Service Levels Service Level Agreement Framework Aspects of Service Level Agreements Performance Procedures Monitoring and Reporting Review of Service Level Agreements and Contracts Chargeable Items Service Improvement Program
Service Level Management Service Level Management Service Level Management Service Level Management Service Level Management/Availability Management Service Level Management Financial Management Service Level Management
ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery
DS2 DS 2.1 DS 2.2 DS 2.3 DS 2.4 DS 2.5 DS 2.6 DS 2.7 DS 2.8
Manage Third-Party Services Supplier Interfaces Owner Relationships Third-Party Contracts Third-Party Qualifications Outsourcing Contracts Continuity of Services Security Relationships Monitoring
Capacity & ITSCM & Security Mgmt Capacity Management Capacity Management Service Level Management (Underpinning Contracts) Capacity Management Service Level Management Service Continuity Management Security Management Service Level Management
ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Security Management ITIL Service Delivery
DS3 DS 3.1 DS 3.2 DS 3.3 DS 3.4 DS 3.5 DS 3.6 DS 3.7 DS 3.8 DS 3.9
Manage Performance and Capacity Availability and Performance Requirements Availability Plan Monitoring and Reporting Modeling Tools Proactive Performance Management Workload Forecasting Capacity Management of Resources Resources Availability Resources Schedule
Availability & Capacity Mgmt Availability Management Availability Management Availability Management Availability Management/Capacity Management Capacity Management Capacity Management Capacity Management Capacity Management Capacity Management
ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery
DS4 DS 4.1 DS 4.2 DS 4.3 DS 4.4 DS 4.5 DS 4.6 DS 4.7 DS 4.8 DS 4.9 DS 4.10 DS 4.11 DS 4.12 DS 4.13
Ensure Continuous Service IT Continuity Framework IT Continuity Plan Strategy and Philosophy IT Continuity Plan Contents Minimising IT Continuity Requirements Maintaining the IT Continuity Plan Testing the IT Continuity Plan IT Continuity Plan Training IT Continuity Plan Distribution User Department Alternative Processing Back-up Procedures Critical IT Resources Back-up Site and Hardware Off-site Back-up Storage Wrap-up Procedures
IT Service Continuity Management Service Continuity Management Service Continuity Management Service Continuity Management Service Continuity Management Service Continuity Management Service Continuity Management Service Continuity Management Service Continuity Management Service Continuity Management Service Continuity Management Service Continuity Management Service Continuity Management Service Continuity Management
ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery
DS5 DS 5.1 DS 5.2 DS 5.3 DS 5.4 DS 5.5
Ensure Systems Security Manage Security Measures Identification, Authentication and Access Security of Online Access to Data User Account Management Management Review of User Accounts
ICT Infrastructure Management Security Management Security Management Security Management Security Management Security Management
ITIL ICT Infrastructure Management ITIL Security Management ITIL Security Management ITIL Security Management ITIL Security Management ITIL Security Management
(c) Glenfis AG
Processe
www.glenfis.ch www.itil.org www.bs15000.ch
ITIL Book
V 2.2
Glenfis AG DS DS DS DS DS DS DS DS DS DS DS DS DS DS DS DS
5.6 5.7 5.8 5.9 5.10 5.11 5.12 5.13 5.14 5.15 5.16 5.17 5.18 5.19 5.20 5.21
ITIL COBIT Mapping Overview
Seite 13 von 16
User Control of User Accounts Security Surveillance Data Classification Central Identification and Access Rights Management Violation and Security Activity Reports Incident Handling Reaccreditation Counterparty Trust Transaction Authorisation Non-Repudiation Trusted Path Protection of Security Functions Cryptographic Key Management Malicious Software Prevention, Detection and Correction Firewall Architectures and Connections with Public Networks Protection of Electronic Value
Security Management Management and control Security Management Security Management Security Management Management and control Security Management Security Management Security Management Security Management Security Management Security Management Management and control Management and control Management and control Management and control
DS6 DS 6.1 DS 6.2 DS 6.3
Identify and Allocate Costs Chargeable Items Costing Procedures User Billing and Chargeback Procedures
Financial Mgmt for IT Services Financial Management Financial Management Financial Management
ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery
DS7 DS 7.1 DS 7.2 DS 7.3
Educate and Train Users Identification of Training Needs Training Organisation Security Principles and Awareness Training
Deployment; Training Deployment; Training Deployment; Training
ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management
DS8 DS 8.1 DS 8.2 DS 8.3 DS 8.4 DS 8.5
Assist and Advise Customers Help Desk Registration of Customer Queries Customer Query Escalation Monitoring of Clearance Trend Analysis and Reporting
Service Desk & Incident Mgmt Service Desk Incident Management Incident Management Incident Management Problem Management
ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support
DS9 DS 9.1 DS 9.2 DS 9.3 DS 9.4 DS 9.5 DS 9.6 DS 9.7 DS 9.8
Manage the Configuration Configuration Recording Configuration Baseline Status Accounting Configuration Control Unauthorised Software Software Storage Configuration Management Procedures Software Accountability
Configuration Management Configuration Management Configuration Management Configuration Management Configuration Management Configuration Management Configuration Management (DSL) Configuration Management Configuration Management
ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support
DS10 DS 10.1 DS 10.2 DS 10.3 DS 10.4 DS 10.5
Manage Problems and Incidents Problem Management System Problem Escalation Problem Tracking and Audit Trail Emergency and Temporary Access Authorisations Emergency Processing Priorities
Incident, Problem & Change Mgmt Incident Management (Begriffsabgrenzung unklar Problem, Incident) Incident Management Problem Management Change Management Change Management
ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support
DS11 DS 11.1 DS 11.2 DS 11.3 DS 11.4 DS 11.5 DS 11.6 DS 11.7 DS 11.8
Manage Data Data Preparation Procedures Source Document Authorisation Procedures Source Document Data Collection Source Document Error Handling Source Document Retention Data Input Authorisation Procedures Accuracy, Completeness and Authorisation Checks Data Input Error Handling
Management Management Management Management Management Management Management Management
ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management
(c) Glenfis AG
of all aspects of ICT operational security
of all aspects of ICT operational security
of of of of
all all all all
aspects aspects aspects aspects
of of of of
ICT ICT ICT ICT
operational operational operational operational
security security security security
of the supporting operational process of the supporting operational process of the supporting operational process of the supporting operational process of the supporting operational process of the supporting operational process and control of all aspects of ICT operational security and control of all aspects of ICT operational security www.glenfis.ch www.itil.org www.bs15000.ch
ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL
Security Management ICT Infrastructure Management Security Management Security Management Security Management ICT Infrastructure Management Security Management Security Management Security Management Security Management Security Management Security Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management
V 2.2
Glenfis AG DS DS DS DS DS DS DS DS DS DS DS DS DS DS DS DS DS DS DS DS DS DS
11.9 11.10 11.11 11.12 11.13 11.14 11.15 11.16 11.17 11.18 11.19 11.20 11.21 11.22 11.23 11.24 11.25 11.26 11.27 11.28 11.29 11.30
ITIL COBIT Mapping Overview
Seite 14 von 16
Data Processing Integrity Data Processing Validation and Editing Data Processing Error Handling Output Handling and Retention Output Distribution Output Balancing and Reconciliation Output Review and Error Handling Security Provision for Output Reports Protection of Sensitive Information During Transmission and Transport Protection of Disposed Sensitive Information Storage Management Retention Periods and Storage Terms Media Library Management System Media Library Management Responsibilities Back-up and Restoration Back-up Jobs Back-up Storage Archiving Protection of Sensitive Messages Authentication and Integrity Electronic Transaction Integrity Continued Integrity of Stored Data
Management and control of all aspects of ICT operational Management and control of all aspects of ICT operational Management of the supporting operational process Management of the supporting operational process Management of the supporting operational process Management of the supporting operational process Management of the supporting operational process Management and control of all aspects of ICT operational Management and control of all aspects of ICT operational Management and control of all aspects of ICT operational Storage Management, Backup & Recovery Storage Management, Backup & Recovery Storage Management, Backup & Recovery Storage Management, Backup & Recovery Storage Management, Backup & Recovery Storage Management, Backup & Recovery Storage Management, Backup & Recovery Storage Management, Backup & Recovery Security Management Security Management Security Management Security Management
DS12 DS 12.1 DS 12.2 DS 12.3 DS 12.4 DS 12.5 DS 12.6
Manage Facilities Physical Security Low Profile of the IT Site Visitor Escort Personnel Health and Safety Protection Against Environmental Factors Uninterruptible Power Supply
generic: Vertraulichkeit, Integrität, Verfügbarkeit Managing Facility Management Managing Facility Management Managing Facility Management Managing Facility Management Managing Facility Management Managing Facility Management
ITIL Security Management Facility Management Facility Management Facility Management Facility Management Facility Management Facility Management
DS13 DS 13.1 DS 13.2 DS 13.3 DS 13.4 DS 13.5 DS 13.6 DS 13.7 DS 13.8
Manage Operations Processing Operations Procedures and Instructions Manual Start-up Process and Other Operations Documentation Job Scheduling Departures from Standard Job Schedules Processing Continuity Operations Logs Safeguard Special Forms and Output Devices Remote Operations
Workload, Workload, Workload, Workload, Workload, Workload, Workload, Workload,
ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management
(c) Glenfis AG
output, output, output, output, output, output, output, output,
resilience resilience resilience resilience resilience resilience resilience resilience
testing testing testing testing testing testing testing testing
www.glenfis.ch www.itil.org www.bs15000.ch
management management management management management management management management
and and and and and and and and
security security
security security security
scheduling scheduling scheduling scheduling scheduling scheduling scheduling scheduling
ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL
Security Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management Security Management Security Management Security Management Security Management
V 2.2
Glenfis AG
M
ITIL COBIT Mapping Overview
ITIL Process
Monitoring
M1 M 1.1 M 1.2 M 1.3 M 1.4
Monitor the Processes Collecting Monitoring Data Assessing Performance Assessing Customer Satisfaction Management Reporting
ITIL ITIL ITIL ITIL
M2 M 2.1 M 2.2 M 2.3 M 2.4
Assess Internal Control Adequacy Internal Control Monitoring Timely Operation of Internal Controls Internal Control Level Reporting Operational Security and Internal Control Assurance
Security Security Security Security Security
M3 Obtain Independent Assurance M 3.1 Independent Security and Internal Control Certification/Accreditation of IT Services Independent Security and Internal Control Certification/Accreditation of Third-Party M 3.2 Service Providers M 3.3 Independent Effectiveness Evaluation of IT Services M 3.4 Independent Effectiveness Evaluation of Third-Party Service Providers Independent Assurance of Compliance with Laws and Regulatory Requirements and M 3.5 Contractual Commitments Independent Assurance of Compliance with Laws and Regulatory Requirements and M 3.6 Contractual Commitments by Third-Party Service Providers M 3.7 Competence of Independent Assurance Function M 3.8 Proactive Audit Involvement M4 M 4.1 M 4.2 M 4.3 M 4.4 M 4.5
Provide for Independent Audit Audit Charter Independence Professional Ethics and Standards Competence Planning
(c) Glenfis AG
Seite 15 von 16
www.glenfis.ch www.itil.org www.bs15000.ch
Service Service Service Service
Level Level Level Level
Management Management Management Management
Management Management Management Management Management
ITIL Book ITIL ITIL ITIL ITIL ITIL
Service Service Service Service Service
Delivery Delivery Delivery Delivery Delivery
ITIL ITIL ITIL ITIL ITIL
Security Security Security Security Security
Management Management Management Management Management
Security Management
ITIL Security Management ITIL Security Management
Security Management Security Management Security Management
ITIL Security Management ITIL Security Management ITIL Security Management
Security Management
ITIL Security Management
Security Management Security Management Security Management
ITIL Security Management ITIL Security Management ITIL Security Management
Security Security Security Security Security Security
ITIL ITIL ITIL ITIL ITIL ITIL
Management Management Management Management Management Management
Security Security Security Security Security Security
Management Management Management Management Management Management V 2.2
Glenfis AG
ITIL COBIT Mapping Overview
M 4.6 Performance of Audit Work M 4.7 Reporting M 4.8 Follow-up Activities
(c) Glenfis AG
Security Management Security Management Security Management
www.glenfis.ch www.itil.org www.bs15000.ch
Seite 16 von 16 ITIL Security Management ITIL Security Management ITIL Security Management
V 2.2
(c) Glenfis AG
ITIL COBIT Mapping Overview
www.glenfis.ch www.itil.org www.bs15000.ch
Seite 1 von 16
V 2.2
Glenfis AG
(c) Glenfis AG
ITIL COBIT Mapping Overview
www.glenfis.ch www.itil.org www.bs15000.ch
Seite 2 von 16
V 2.2
Glenfis AG
(c) Glenfis AG
ITIL COBIT Mapping Overview
www.glenfis.ch www.itil.org www.bs15000.ch
Seite 3 von 16
V 2.2
Glenfis AG
ITIL COBIT Mapping Overview
ITIL Service Management Process
Process
Control Objective
Seite 4 von 16
COBIT Process
1. SERVICE LEVEL MANAGEMENT The SLM Process Planning the Process Implementing the Process The On-going Process SLA contents and key targets Key Performance Indicators and metrics for SLM efficiency and effectiveness
DS DS DS DS DS DS DS
1 1 1 1 1 1 1
DS DS DS DS DS DS DS
1.0 1.1 1.2 1.2 1.5 1.2 1.4
Define and Manage Service Levels Service Level Agreement Framework Aspects of Service Level Agreements Aspects of Service Level Agreements Review of Service Level Agreements and Contracts Aspects of Service Level Agreements Monitoring and Reporting
2. FINANCIAL MANAGEMENT FOR IT SERVICES Budgeting Developing the IT Accounting system Developing the Charging System Planning for IT Accounting and Charging Implementation Ongoing management and operation
PO 5 PO 5 PO 5 DS 6 DS 6 DS 6 DS 6
PO PO PO DS DS DS DS
5.0 5.1 5.1 6.2 6.1 6.0 6.3
Manage the IT Investment Annual IT Operating Budget Annual IT Operating Budget Costing Procedures Chargeable Items Identify and Allocate Costs User Billing and Chargeback Procedures
3. CAPACITY MANAGEMENT The Capacity Management process Activities in Capacity Management Costs, benefits and possible problems Planning and implementation Review of the Capacity Management process Interfaces with other SM processes
DS 3 DS 3 DS 3 DS 3 DS 3 DS 3 n.a.
DS 3.0 DS 3.0 DS 3.7 DS 3.7 DS 3.0 DS 3.3 n.a.
Manage Performance and Capacity Manage Performance and Capacity Capacity Management of Resources Capacity Management of Resources Manage Performance and Capacity Monitoring and Reporting n.a.
4. IT Service Continuity Management Scope of ITSCM The Business Continuity Lifecycle Management Structure Generating awareness Interfaces with other SM processes
DS 4 DS 4 DS 4 DS 4 DS 4 n.a.
DS 4.0 DS 4.1 DS 4.1 DS 4.1 DS 4.1 n.a.
Ensure Continuous Service IT Continuity Framework IT Continuity Framework IT Continuity Framework IT Continuity Framework n.a.
5. AVAILABILITY MANAGEMENT
DS 4
DS 4.0
Ensure Continuous Service
(c) Glenfis AG
www.glenfis.ch www.itil.org www.bs15000.ch
V 2.2
Glenfis AG
ITIL COBIT Mapping Overview
Basic concepts The Availability Management Process The Cost of (Un)Availability Availability Planning Availability improvement Availability measurement and reporting Availability Management tools Availability Management methods and techniques
DS DS PO DS DS DS DS DS
4 4 9 3 4 3 3 3
6. THE SERVICE DESK Overview Implementing a Service Desk infrastructure Service Desk technologies Service Desk responsibilities, functions, staffing levels etc Service Desk staffing skill set Setting up a Service Desk environment Service Desk education and training Service Desk processes and procedures Incident reporting and review
DS 8 DS 8 DS 8 n.a. PO 4 PO 7 PO 8 PO 7 DS 8 DS 5
DS DS PO DS DS DS DS DS
4.2 4.0 9.4 3.2 4.4 3.3 3.4 3.0
Seite 5 von 16 IT Continuity Plan Strategy and Philosophy Ensure Continuous Service Assess Risks Availability Plan Minimising IT Continuity Requirements Monitoring and Reporting Modeling Tools Manage Performance and Capacity
DS 8.0 DS 8.1 DS 8.1 n.a. PO 4.4 PO 7.4 PO 8.1 PO 7.4 DS 8.0 DS 5.10
Assist and Advise Customers Help Desk Help Desk n.a. Roles and Responsibilities Personnel Training External Requirements Review Personnel Training Assist and Advise Customers Violation and Security Activity Reports
7. INCIDENT MANAGEMENT Goal of Incident Management Scope of Incident Management Basic concepts Benefits of Incident Management Planning and implementation Incident Management activities Handling of major Incidents Roles of the Incident Management process Key Performance Indicators Tools
DS DS DS DS DS DS DS DS DS DS DS
10 10 10 10 10 10 10 10 10 10 10
DS 10.0 DS 10.0 DS 10.1 DS 10.1 DS 10.1 DS 10.1 DS 10.3 DS 10.2 DS 10.0 DS 10.3 DS 10.1
Manage Problems and Incidents Manage Problems and Incidents Problem Management System Problem Management System Problem Management System Problem Management System Problem Tracking and Audit Trail Problem Escalation Manage Problems and Incidents Problem Tracking and Audit Trail Problem Management System
8. PROBLEM MANAGEMENT Goal of Problem Management Scope of Problem Management Basic concepts Benefits of Problem Management Planning and implementation Problem control activities Error control activities Proactive Problem Management
DS 10 DS 10 DS 10 DS 10 DS 10 DS 10 DS 10 DS 10 DS 8
DS 10.0 DS 10.0 DS 10.1 DS 10.1 DS 10.1 DS 10.1 DS 10.3 DS 10.3 DS 8.5
Manage Problems and Incidents Manage Problems and Incidents Problem Management System Problem Management System Problem Management System Problem Management System Problem Tracking and Audit Trail Problem Tracking and Audit Trail Trend Analysis and Reporting
(c) Glenfis AG
www.glenfis.ch www.itil.org www.bs15000.ch
V 2.2
Glenfis AG
ITIL COBIT Mapping Overview
Seite 6 von 16
Providing information to the support organisation Metrics Roles within Problem Management
DS 8 DS 10 DS 10
DS 8.5 DS 10.0 DS 10.0
Trend Analysis and Reporting Manage Problems and Incidents Manage Problems and Incidents
9. CONFIGURATION MANAGEMENT Goal of Configuration Management Scope of Configuration Management Basic concepts Benefits and possible problems Planning and implementation Activities Process control Relations to other processes Tools specific to the Configuration Management process Impact of new technology Guidance on Configuration Management
DS 9 DS 9 DS 9 DS 9 DS 9 DS 9 DS 9 DS 9 n.a. n.a. n.a. n.a.
DS 9.0 DS 9.0 DS 9.0 DS 9.1 DS 9.1 DS 9.1 DS 9.0 DS 9.0 n.a. n.a. n.a. n.a.
Manage the Configuration Manage the Configuration Manage the Configuration Configuration Recording Configuration Recording Configuration Recording Manage the Configuration Manage the Configuration n.a. n.a. n.a. n.a.
10. CHANGE MANAGEMENT Goal of Change Management Scope of Change Management Basic concepts Benefits, costs and possible problems Activities Planning and implementation Metrics and management reporting Software tools Impact of new technology
AI 6 AI 6 AI 6 AI 6 AI 6 AI 6 AI 6 AI 6 AI 6 n.a.
AI 6.0 AI 6.0 AI 6.0 AI 6.1 AI 6.2 AI 6.0 AI 6.0 AI 6.2 AI 6.3 n.a.
Manage Changes Manage Changes Manage Changes Change Request Initiation and Control Impact Assessment Manage Changes Manage Changes Impact Assessment Control of Changes n.a.
11. RELEASE MANAGEMENT Goal of Release Management Scope of Release Management Basic concepts Benefits and possible problems Planning and implementation Process control Relations to other processes Tools specific to the Release Management process Guidance for successful Release Management
AI 5 AI 5 AI 5 AI 5 AI 5 AI 5 AI 5 n.a. n.a. AI 5
AI 5.0 AI 5.0 AI 5.0 AI 5.0 AI 5.0 AI 5.0 AI 5.0 n.a. n.a. AI 5.0
Install and Accredit Systems Software Release Policy Software Release Policy Software Release Policy Software Release Policy Software Release Policy Software Release Policy n.a. n.a. Software Release Policy
(c) Glenfis AG
www.glenfis.ch www.itil.org www.bs15000.ch
V 2.2
ITIL COBIT Mapping Overview
Glenfis AG
PO
Planning & Organisation
Seite 7 von 16
ITIL Prozess
ITIL Book
PO1 PO 1.1 PO 1.2 PO 1.3 PO 1.4 PO 1.5 PO 1.6 PO 1.7 PO 1.8
Define a Strategic IT Plan IT as Part of the Organisation's Long- and Short-Range Plan IT Long-Range Plan IT Long-Range Planning-Approach and Structure IT Long-Range Plan Changes Short-Range Planning for the IT Function Communication of IT Plans Monitoring and Evaluating of IT Plans Assessment of Existing Systems
Design and Planning: Strategic Management Design and implementing a Plan Setting goals and objectives Developing a strategy Design and implementing a Plan Design and implementing a Plan Deployment: Communication Plan Review and evaluating progress of the plan Review the current position (SWOT)
ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management
PO2 PO 2.1 PO 2.2 PO 2.3 PO 2.4
Define the Information Architecture Information Architecture Model Corporate Data Dictionary and Data Syntax Rules Data Classification Scheme Security Levels
Design and Planning: the ICT Architecture Technology Architecture Technology Architecture n.a. Security Management
ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management
PO3 PO 3.1 PO 3.2 PO 3.3 PO 3.4 PO 3.5
Determine Technological Direction Technological Infrastructure Planning Monitor Future Trends and Regulations Technological Infrastructure Contingency Hardware and Software Acquisition Plans Technology Standards
Design and Planning: the ICT Architecture Technology Architecture Management Architecture (Selecting) IT Service Continuity Mgmt Design and implementing a Plan The design and development of ICT standards and policies
ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL Service Delivery ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management
PO4 PO 4.1 PO 4.2 PO 4.3 PO 4.4 PO 4.5 PO 4.6 PO 4.7 PO 4.8 PO 4.9 PO 4.10 PO 4.11 PO 4.12 PO 4.13 PO 4.14 PO 4.15
Define the IT Organisation and Relationships IT Planning or Steering Committee Organisational Placement of the IT Function Review of Organisational Achievements Roles and Responsibilities Responsibility for Quality Assurance Responsibility for Logical and Physical Security Ownership and Custodianship Data and System Ownership Supervision Segregation of Duties IT Staffing Job or Position Descriptions for IT Staff Key IT Personnel Contracted Staff Policies and Procedures Relationships
generic generic generic Roles, responsibilities and interfaces Roles, responsibilities and interfaces Roles, responsibilities and interfaces Infrastructure Design (Ownership issues) Infrastructure Design (Ownership issues) Roles, responsibilities and interfaces generic ICT Operational Roles ICT Operational Roles ICT Operational Roles Suppliers and Procurement Suppliers and Procurement
ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Service Delivery & Service Support & ICT IM ITIL Service Delivery & Service Support & ICT IM ITIL Service Delivery & Service Support & ICT IM ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL Service Delivery & Service Support & ICT IM ITIL Security Management ITIL Service Delivery & Service Support & ICT IM ITIL Service Delivery & Service Support & ICT IM ITIL Service Delivery & Service Support & ICT IM ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management
PO5 PO 5.1 PO 5.2 PO 5.3
Manage the IT Investment Annual IT Operating Budget Cost and Benefit Monitoring Cost and Benefit Justification
ITIL Financial Mgmt for IT Services ITIL Financial Management ITIL Financial Management ITIL Financial Management
ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery
PO6 PO 6.1 PO 6.10 PO 6.11 PO 6.2 PO 6.3 PO 6.4 PO 6.5 PO 6.6 PO 6.7
Communicate Management Aims and Direction Positive Information Control Environment Management's Responsibility for Policies Communication of Organisation Policies Policy Implementation Resources Maintenance of Policies Compliance with Policies, Procedures and Standards Quality Commitment Security and Internal Control Framework Policy Intellectual Property Rights
Communication the vision generic generic Roles for implementation (Authority Matrix) generic generic generic generic generic
ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Security Management ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Planning to implement Service Management
(c) Glenfis AG
www.glenfis.ch www.itil.org www.bs15000.ch
V 2.2
Glenfis AG
ITIL COBIT Mapping Overview
Seite 8 von 16
PO 6.8 PO 6.9
Issue-Specific Policies Communication of IT Security Awareness
generic n.a.
ITIL Planning to implement Service Management n.a.
PO7 PO 7.1 PO 7.2 PO 7.3 PO 7.4 PO 7.5 PO 7.6 PO 7.7 PO 7.8
Manage Human Resources Personnel Recruitment and Promotion Personnel Qualifications Roles and Responsibilities Personnel Training Cross-Training or Staff Back-up Personnel Clearance Procedures Employee Job Performance Evaluation Job Change and Termination
n.a. Roles, responsibilities and interfaces; Training Roles, responsibilities and interfaces Training Training generic Where are we now: People n.a.
ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Service Delivery & Service Support & ICT IM ITIL Service Delivery & Service Support & ICT IM ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL Security Management ITIL ICT Infrastructure Management n.a.
PO8 PO 8.1 PO 8.2 PO 8.3 PO 8.4 PO 8.5 PO 8.6
Ensure Compliance with External Requirements External Requirements Review Practices and Procedures for Complying with External Requirements Safety and Ergonomic Compliance Privacy, Intellectual Property and Data Flow Electronic Commerce Compliance with Insurance Contracts
n.a. n.a. n.a. generic n.a. n.a.
n.a. n.a. n.a. n.a. ITIL Security Management n.a. n.a.
PO9 PO 9.1 PO 9.2 PO 9.3 PO 9.4 PO 9.5 PO 9.6 PO 9.7 PO 9.8
Assess Risks Business Risk Assessment Risk Assessment Approach Risk Identification Risk Measurement Risk Action Plan Risk Acceptance Safeguard Selection Risk Assessment Commitment
ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL
PO10 PO 10.1 PO 10.10 PO 10.11 PO 10.12 PO 10.13 PO 10.2 PO 10.3 PO 10.4 PO 10.5 PO 10.6 PO 10.7 PO 10.8 PO 10.9
Manage Projects Project Management Framework User Department Participation in Project Initiation Project Team Membership and Responsibilities Project Definition Project Approval Project Phase Approval Project Master Plan System Quality Assurance Plan Planning of Assurance Methods Formal Project Risk Management Test Plan Training Plan Post-Implementation Review Plan
n.a. Readiness Assessment (Provide a baseline for Risk Mgmt) Design, Build, Deploy: Testing Deploy: training strategies Optimize: Application review Process Managing the business Value Organising roles and functions n.a. n.a. n.a. n.a. The Application Management lifecycle Control methods and techniques
n.a. n.a. ITIL Application ITIL Application ITIL Application ITIL Application ITIL Application ITIL Application n.a. n.a. n.a. n.a. ITIL Application ITIL Application
PO11 PO 11.1 PO 11.2 PO 11.3 PO 11.4 PO 11.5 PO 11.6 PO 11.7 PO 11.8 PO 11.9 PO 11.10 PO 11.11 PO 11.12 PO 11.13 PO 11.14 PO 11.15 PO 11.16 PO 11.17
Manage Quality General Quality Plan Quality Assurance Approach Quality Assurance Planning Quality Assurance Review of Adherence to IT Standards and Procedures System Development Life Cycle Methodology System Development Life Cycle Methodology for Major Changes to Existing Technology Updating of the System Development Life Cycle Methodology Coordination and Communication Acquisition and Maintenance Framework for the Technology Infrastructure Third-Party Implementor Relationships Programme Documentation Standards Programme Testing Standards System Testing Standards Parallel/Pilot Testing System Testing Documentation Quality Assurance Evaluation of Adherence to Development Standards Quality Assurance Review of the Achievement of IT Objectives
Quality Management Quality Management Formal quality initiatives Formal quality initiatives ITIL Application Management The Application Management lifecycle Control methods and techniques Communication plan n.a. n.a. Control methods and techniques Control methods and techniques Control methods and techniques Deploy: Pilot Deployment Control methods and techniques Control methods and techniques Critical success factors and Key performance indicators
ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Planning to implement Service Management ITIL Application Management ITIL Application Management ITIL Application Management ITIL Application Management ITIL Application Management ITIL Planning to implement Service Management n.a. n.a. ITIL Application Management ITIL Application Management ITIL Application Management ITIL Application Management ITIL Application Management ITIL Application Management ITIL Planning to implement Service Management
(c) Glenfis AG
Business Business Business Business Business Business Business Business
Continuity Continuity Continuity Continuity Continuity Continuity Continuity Continuity
www.glenfis.ch www.itil.org www.bs15000.ch
Management Management Management Management Management Management Management Management
ITIL The Business Perspective ITIL The Business Perspective ITIL The Business Perspective ITIL The Business Perspective ITIL The Business Perspective ITIL The Business Perspective ITIL The Business Perspective ITIL The Business Perspective ITIL The Business Perspective
Management Management Management Management Management Management
Management Management
V 2.2
Glenfis AG PO 11.18 Quality Metrics PO 11.19 Reports of Quality Assurance Reviews
(c) Glenfis AG
ITIL COBIT Mapping Overview Critical success factors and Key performance indicators Ongoing monitoring and process reviews
www.glenfis.ch www.itil.org www.bs15000.ch
Seite 9 von 16 ITIL Planning to implement Service Management ITIL Planning to implement Service Management
V 2.2
ITIL COBIT Mapping Overview
Glenfis AG
AI
Process
Acquisition & Implementation
Seite 10 von 16
ITIL Book
AI1 AI 1.1 AI 1.2 AI 1.3 AI 1.4 AI 1.5 AI 1.6 AI 1.7 AI 1.8 AI 1.9 AI 1.10 AI 1.11 AI 1.12 AI 1.13 AI 1.14 AI 1.15 AI 1.16 AI 1.17 AI 1.18
Identify Automated Solutions Definition of Information Requirements Formulation of Alternative Courses of Action Formulation of Acquisition Strategy Third-Party Service Requirements Technological Feasibility Study Economic Feasibility Study Information Architecture Risk Analysis Report Cost-Effective Security Controls Audit Trails Design Ergonomics Selection of System Software Procurement Control Software Product Acquisition Third-Party Software Maintenance Contract Application Programming Acceptance of Facilities Acceptance of Technology
Service Level Management Defining the delivery strategy Defining the delivery strategy Service Level Management Change Management Financial Management for IT Services n.a. Change Management Security Management n.a. n.a. Release Management n.a. n.a. Service Level Management n.a. Build Build
ITIL Application Management ITIL Service Delivery ITIL Application Management ITIL Application Management ITIL Service Delivery ITIL ICT Infrastructure Management ITIL Service Delivery ITIL ICT Infrastructure Management ITIL Service Support ITIL Security Management n.a. ITIL ICT Infrastructure Management ITIL Service Support ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL Service Delivery ITIL Application Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management
AI2 AI 2.1 AI 2.2 AI 2.3 AI 2.4 AI 2.5 AI 2.6 AI 2.7 AI 2.8 AI 2.9 AI 2.10 AI 2.11 AI 2.12 AI 2.13 AI 2.14 AI 2.15 AI 2.16 AI 2.17
Acquire and Maintain Application Software Design Methods Major Changes to Existing Systems Design Approval File Requirements Definition and Documentation Programme Specifications Source Data Collection Design Input Requirements Definition and Documentation Definition of Interfaces User-Machine Interface Processing Requirements Definition and Documentation Output Requirements Definition and Documentation Controllability Availability as a Key Design Factor IT Integrity Provisions in Application Programme Software Application Software Testing User Reference and Support Materials Reassessment of System Design
Control Methods and techniques Change Management Change Management Change Management n.a. Release Management Release Management Release Management Release Management Release Management Change Management Change Management Availability Management Release Management Change Management Release Management Application review process
ITIL Application Management ITIL Application Management ITIL Service Support ITIL Service Support ITIL Service Support n.a. ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Delivery ITIL Service Support ITIL Service Support ITIL Application Management ITIL Application Management
AI3 AI 3.1 AI 3.2 AI 3.3 AI 3.4 AI 3.5 AI 3.6 AI 3.7
Acquire and Maintain Technology Infrastructure Assessment of New Hardware and Software Preventative Maintenance for Hardware System Software Security System Software Installation System Software Maintenance System Software Change Controls Use and Monitoring of System Utilities
Operational control and mgmt of the services, components and their config. Problem Management Security Management Operational control and mgmt of the services, components and their config. Operational control and mgmt of the services, components and their config. Change Management generic
ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL Service Support IITIL Security Management ITIL ICT Infrastructure Management ITIL Service Support ITIL Service Support ITIL ICT Infrastructure Management
AI4 AI 4.1
Develop and Maintain Procedures Operational Requirements and Service Levels
Service Level Management, SLA, OLA, UC
ITIL Application Management ITIL Service Delivery
(c) Glenfis AG
www.glenfis.ch www.itil.org www.bs15000.ch
V 2.2
Glenfis AG
ITIL COBIT Mapping Overview
Seite 11 von 16
AI 4.2 AI 4.3 AI 4.4
User Procedures Manual Operations Manual Training Materials
Deploy; Distributing applications Deploy; Distributing applications Deploy; Training strategy
ITIL Application Management ITIL Application Management ITIL Application Management
AI5 AI 5.1 AI 5.2 AI 5.3 AI 5.4 AI 5.5 AI 5.6 AI 5.7 AI 5.8 AI 5.9 AI 5.10 AI 5.11 AI 5.12 AI 5.13 AI 5.14
Install and Accredit Systems Training Application Software Performance Sizing Implementation Plan System Conversion Data Conversion Testing Strategies and Plans Testing of Changes Parallel/Pilot Testing Criteria and Performance Final Acceptance Test Security Testing and Accreditation Operational Test Promotion to Production Evaluation of Meeting User Requirements Management's Post-Implementation Review
Release Management Change Management Release Management Release Management Release Management Change Management Change Management Release Management Change Management Release Management Release Management Release Management Change Management Change Management
ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support
AI6 AI 6.1 AI 6.2 AI 6.3 AI 6.4 AI 6.5 AI 6.6 AI 6.7 AI 6.8
Manage Changes Change Request Initiation and Control Impact Assessment Control of Changes Emergency Changes Documentation and Procedures Authorised Maintenance Software Release Policy Distribution of Software
Change Management Change Management Change Management Change Management Change Management Change Management Release Management Release Management
(c) Glenfis AG
(Rollout plan) (Rollout plan) (Rollout plan) (Rollout plan)
ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support
www.glenfis.ch www.itil.org www.bs15000.ch
V 2.2
ITIL COBIT Mapping Overview
Glenfis AG
Seite 12 von 16
DS
Delivery & Support
DS1 DS 1.1 DS 1.2 DS 1.3 DS 1.4 DS 1.5 DS 1.6 DS 1.7
Define and Manage Service Levels Service Level Agreement Framework Aspects of Service Level Agreements Performance Procedures Monitoring and Reporting Review of Service Level Agreements and Contracts Chargeable Items Service Improvement Program
Service Level Management Service Level Management Service Level Management Service Level Management Service Level Management/Availability Management Service Level Management Financial Management Service Level Management
ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery
DS2 DS 2.1 DS 2.2 DS 2.3 DS 2.4 DS 2.5 DS 2.6 DS 2.7 DS 2.8
Manage Third-Party Services Supplier Interfaces Owner Relationships Third-Party Contracts Third-Party Qualifications Outsourcing Contracts Continuity of Services Security Relationships Monitoring
Capacity & ITSCM & Security Mgmt Capacity Management Capacity Management Service Level Management (Underpinning Contracts) Capacity Management Service Level Management Service Continuity Management Security Management Service Level Management
ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Security Management ITIL Service Delivery
DS3 DS 3.1 DS 3.2 DS 3.3 DS 3.4 DS 3.5 DS 3.6 DS 3.7 DS 3.8 DS 3.9
Manage Performance and Capacity Availability and Performance Requirements Availability Plan Monitoring and Reporting Modeling Tools Proactive Performance Management Workload Forecasting Capacity Management of Resources Resources Availability Resources Schedule
Availability & Capacity Mgmt Availability Management Availability Management Availability Management Availability Management/Capacity Management Capacity Management Capacity Management Capacity Management Capacity Management Capacity Management
ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery
DS4 DS 4.1 DS 4.2 DS 4.3 DS 4.4 DS 4.5 DS 4.6 DS 4.7 DS 4.8 DS 4.9 DS 4.10 DS 4.11 DS 4.12 DS 4.13
Ensure Continuous Service IT Continuity Framework IT Continuity Plan Strategy and Philosophy IT Continuity Plan Contents Minimising IT Continuity Requirements Maintaining the IT Continuity Plan Testing the IT Continuity Plan IT Continuity Plan Training IT Continuity Plan Distribution User Department Alternative Processing Back-up Procedures Critical IT Resources Back-up Site and Hardware Off-site Back-up Storage Wrap-up Procedures
IT Service Continuity Management Service Continuity Management Service Continuity Management Service Continuity Management Service Continuity Management Service Continuity Management Service Continuity Management Service Continuity Management Service Continuity Management Service Continuity Management Service Continuity Management Service Continuity Management Service Continuity Management Service Continuity Management
ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery
DS5 DS 5.1 DS 5.2 DS 5.3 DS 5.4 DS 5.5
Ensure Systems Security Manage Security Measures Identification, Authentication and Access Security of Online Access to Data User Account Management Management Review of User Accounts
ICT Infrastructure Management Security Management Security Management Security Management Security Management Security Management
ITIL ICT Infrastructure Management ITIL Security Management ITIL Security Management ITIL Security Management ITIL Security Management ITIL Security Management
(c) Glenfis AG
Processe
www.glenfis.ch www.itil.org www.bs15000.ch
ITIL Book
V 2.2
Glenfis AG DS DS DS DS DS DS DS DS DS DS DS DS DS DS DS DS
5.6 5.7 5.8 5.9 5.10 5.11 5.12 5.13 5.14 5.15 5.16 5.17 5.18 5.19 5.20 5.21
ITIL COBIT Mapping Overview
Seite 13 von 16
User Control of User Accounts Security Surveillance Data Classification Central Identification and Access Rights Management Violation and Security Activity Reports Incident Handling Reaccreditation Counterparty Trust Transaction Authorisation Non-Repudiation Trusted Path Protection of Security Functions Cryptographic Key Management Malicious Software Prevention, Detection and Correction Firewall Architectures and Connections with Public Networks Protection of Electronic Value
Security Management Management and control Security Management Security Management Security Management Management and control Security Management Security Management Security Management Security Management Security Management Security Management Management and control Management and control Management and control Management and control
DS6 DS 6.1 DS 6.2 DS 6.3
Identify and Allocate Costs Chargeable Items Costing Procedures User Billing and Chargeback Procedures
Financial Mgmt for IT Services Financial Management Financial Management Financial Management
ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery ITIL Service Delivery
DS7 DS 7.1 DS 7.2 DS 7.3
Educate and Train Users Identification of Training Needs Training Organisation Security Principles and Awareness Training
Deployment; Training Deployment; Training Deployment; Training
ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management
DS8 DS 8.1 DS 8.2 DS 8.3 DS 8.4 DS 8.5
Assist and Advise Customers Help Desk Registration of Customer Queries Customer Query Escalation Monitoring of Clearance Trend Analysis and Reporting
Service Desk & Incident Mgmt Service Desk Incident Management Incident Management Incident Management Problem Management
ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support
DS9 DS 9.1 DS 9.2 DS 9.3 DS 9.4 DS 9.5 DS 9.6 DS 9.7 DS 9.8
Manage the Configuration Configuration Recording Configuration Baseline Status Accounting Configuration Control Unauthorised Software Software Storage Configuration Management Procedures Software Accountability
Configuration Management Configuration Management Configuration Management Configuration Management Configuration Management Configuration Management Configuration Management (DSL) Configuration Management Configuration Management
ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support
DS10 DS 10.1 DS 10.2 DS 10.3 DS 10.4 DS 10.5
Manage Problems and Incidents Problem Management System Problem Escalation Problem Tracking and Audit Trail Emergency and Temporary Access Authorisations Emergency Processing Priorities
Incident, Problem & Change Mgmt Incident Management (Begriffsabgrenzung unklar Problem, Incident) Incident Management Problem Management Change Management Change Management
ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support ITIL Service Support
DS11 DS 11.1 DS 11.2 DS 11.3 DS 11.4 DS 11.5 DS 11.6 DS 11.7 DS 11.8
Manage Data Data Preparation Procedures Source Document Authorisation Procedures Source Document Data Collection Source Document Error Handling Source Document Retention Data Input Authorisation Procedures Accuracy, Completeness and Authorisation Checks Data Input Error Handling
Management Management Management Management Management Management Management Management
ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management
(c) Glenfis AG
of all aspects of ICT operational security
of all aspects of ICT operational security
of of of of
all all all all
aspects aspects aspects aspects
of of of of
ICT ICT ICT ICT
operational operational operational operational
security security security security
of the supporting operational process of the supporting operational process of the supporting operational process of the supporting operational process of the supporting operational process of the supporting operational process and control of all aspects of ICT operational security and control of all aspects of ICT operational security www.glenfis.ch www.itil.org www.bs15000.ch
ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL
Security Management ICT Infrastructure Management Security Management Security Management Security Management ICT Infrastructure Management Security Management Security Management Security Management Security Management Security Management Security Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management
V 2.2
Glenfis AG DS DS DS DS DS DS DS DS DS DS DS DS DS DS DS DS DS DS DS DS DS DS
11.9 11.10 11.11 11.12 11.13 11.14 11.15 11.16 11.17 11.18 11.19 11.20 11.21 11.22 11.23 11.24 11.25 11.26 11.27 11.28 11.29 11.30
ITIL COBIT Mapping Overview
Seite 14 von 16
Data Processing Integrity Data Processing Validation and Editing Data Processing Error Handling Output Handling and Retention Output Distribution Output Balancing and Reconciliation Output Review and Error Handling Security Provision for Output Reports Protection of Sensitive Information During Transmission and Transport Protection of Disposed Sensitive Information Storage Management Retention Periods and Storage Terms Media Library Management System Media Library Management Responsibilities Back-up and Restoration Back-up Jobs Back-up Storage Archiving Protection of Sensitive Messages Authentication and Integrity Electronic Transaction Integrity Continued Integrity of Stored Data
Management and control of all aspects of ICT operational Management and control of all aspects of ICT operational Management of the supporting operational process Management of the supporting operational process Management of the supporting operational process Management of the supporting operational process Management of the supporting operational process Management and control of all aspects of ICT operational Management and control of all aspects of ICT operational Management and control of all aspects of ICT operational Storage Management, Backup & Recovery Storage Management, Backup & Recovery Storage Management, Backup & Recovery Storage Management, Backup & Recovery Storage Management, Backup & Recovery Storage Management, Backup & Recovery Storage Management, Backup & Recovery Storage Management, Backup & Recovery Security Management Security Management Security Management Security Management
DS12 DS 12.1 DS 12.2 DS 12.3 DS 12.4 DS 12.5 DS 12.6
Manage Facilities Physical Security Low Profile of the IT Site Visitor Escort Personnel Health and Safety Protection Against Environmental Factors Uninterruptible Power Supply
generic: Vertraulichkeit, Integrität, Verfügbarkeit Managing Facility Management Managing Facility Management Managing Facility Management Managing Facility Management Managing Facility Management Managing Facility Management
ITIL Security Management Facility Management Facility Management Facility Management Facility Management Facility Management Facility Management
DS13 DS 13.1 DS 13.2 DS 13.3 DS 13.4 DS 13.5 DS 13.6 DS 13.7 DS 13.8
Manage Operations Processing Operations Procedures and Instructions Manual Start-up Process and Other Operations Documentation Job Scheduling Departures from Standard Job Schedules Processing Continuity Operations Logs Safeguard Special Forms and Output Devices Remote Operations
Workload, Workload, Workload, Workload, Workload, Workload, Workload, Workload,
ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management ITIL ICT Infrastructure Management
(c) Glenfis AG
output, output, output, output, output, output, output, output,
resilience resilience resilience resilience resilience resilience resilience resilience
testing testing testing testing testing testing testing testing
www.glenfis.ch www.itil.org www.bs15000.ch
management management management management management management management management
and and and and and and and and
security security
security security security
scheduling scheduling scheduling scheduling scheduling scheduling scheduling scheduling
ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL ITIL
Security Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management ICT Infrastructure Management Security Management Security Management Security Management Security Management
V 2.2
Glenfis AG
M
ITIL COBIT Mapping Overview
ITIL Process
Monitoring
M1 M 1.1 M 1.2 M 1.3 M 1.4
Monitor the Processes Collecting Monitoring Data Assessing Performance Assessing Customer Satisfaction Management Reporting
ITIL ITIL ITIL ITIL
M2 M 2.1 M 2.2 M 2.3 M 2.4
Assess Internal Control Adequacy Internal Control Monitoring Timely Operation of Internal Controls Internal Control Level Reporting Operational Security and Internal Control Assurance
Security Security Security Security Security
M3 Obtain Independent Assurance M 3.1 Independent Security and Internal Control Certification/Accreditation of IT Services Independent Security and Internal Control Certification/Accreditation of Third-Party M 3.2 Service Providers M 3.3 Independent Effectiveness Evaluation of IT Services M 3.4 Independent Effectiveness Evaluation of Third-Party Service Providers Independent Assurance of Compliance with Laws and Regulatory Requirements and M 3.5 Contractual Commitments Independent Assurance of Compliance with Laws and Regulatory Requirements and M 3.6 Contractual Commitments by Third-Party Service Providers M 3.7 Competence of Independent Assurance Function M 3.8 Proactive Audit Involvement M4 M 4.1 M 4.2 M 4.3 M 4.4 M 4.5
Provide for Independent Audit Audit Charter Independence Professional Ethics and Standards Competence Planning
(c) Glenfis AG
Seite 15 von 16
www.glenfis.ch www.itil.org www.bs15000.ch
Service Service Service Service
Level Level Level Level
Management Management Management Management
Management Management Management Management Management
ITIL Book ITIL ITIL ITIL ITIL ITIL
Service Service Service Service Service
Delivery Delivery Delivery Delivery Delivery
ITIL ITIL ITIL ITIL ITIL
Security Security Security Security Security
Management Management Management Management Management
Security Management
ITIL Security Management ITIL Security Management
Security Management Security Management Security Management
ITIL Security Management ITIL Security Management ITIL Security Management
Security Management
ITIL Security Management
Security Management Security Management Security Management
ITIL Security Management ITIL Security Management ITIL Security Management
Security Security Security Security Security Security
ITIL ITIL ITIL ITIL ITIL ITIL
Management Management Management Management Management Management
Security Security Security Security Security Security
Management Management Management Management Management Management V 2.2
Glenfis AG
ITIL COBIT Mapping Overview
M 4.6 Performance of Audit Work M 4.7 Reporting M 4.8 Follow-up Activities
(c) Glenfis AG
Security Management Security Management Security Management
www.glenfis.ch www.itil.org www.bs15000.ch
Seite 16 von 16 ITIL Security Management ITIL Security Management ITIL Security Management
V 2.2
Related Documents
Itil Cobit Mapping
November 2019 17
Cobit Itil And Bs7799
November 2019 15
Cobit
October 2019 20
It-governance Itil V3 Cobit Framework Dh
June 2020 2