Hierarchy of COBIT Processes to Achieve IT-related and Enterprise Goals

Based on mapping in ISACA's COBIT 5: Enabling Processes, Appendix C

Number of
ted

Primary and Related

COBIT Processes
I T-

Goa

Secondary COBIT
rela

Processes
ITRG 01 Alignment of IT and business strategy 23
EDM01 Ensure Governance Framework Setting and Maintenance P
EDM02 Ensure Benefits Delivery P
EDM03 Ensure Risk Optimisation S
EDM04 Ensure Resource Optimisation S
EDM05 Ensure Stakeholder Transparency S
APO01 Manage the IT Management Framework P
APO02 Manage Strategy P
APO03 Manage Enterprise Architecture P
APO04 Manage Innovation S
APO05 Manage Portfolio P
APO06 Manage Budget and Costs S
APO07 Manage Human Resources P
APO08 Manage Relationships P
APO09 Manage Service Agreements S
APO11 Manage Quality S
BAI01 Manage Programmes and Projects P
BAI02 Manage Requirements Definition P
BAI03 Manage Solutions Identification and Build S
BAI05 Manage Organisational Change Enablement S
BAI08 Manage Knowledge S
DSS04 Manage Continuity S
DSS05 Manage Security Services S
MEA01 Monitor, Evaluate and Assess Performance and Conformance S
ITRG 02 IT compliance and support for business compliance with external laws and 20
regulations
EDM01 Ensure Governance Framework setting and Maintenance S
EDM03 Ensure Risk Optimisation S
EDM05 Ensure Stakeholder Transparency S
APO01 Manage the IT Management Framework P
APO07 Manage Human Resources S
APO10 Manage Supplies S
APO11 Manage Quality S
APO12 Manage Risk P
APO13 Manage Security P
BAI02 Manage Requirements Definition S
BAI09 Manage Assets S
BAI10 Manage Configuration P
DSS01 Manage Operations S
DSS03 Manage Problems S
DSS04 Manage Continuity S
DSS05 Manage Security Services P
DSS06 Manage Business Process Controls S
MEA01 Monitor, Evaluate and Assess Performance and Conformance S
MEA02 Monitor, Evaluate and Assess the System of Internal Control P
MEA03 Monitor, Evaluate and Assess Compliance with External Requirements P
ITRG 03 Commitment of executive management for making IT-related decisions 17
EDM01 Ensure Governance Framework Setting and Maintenance P
EDM02 Ensure Benefits Delivery S
EDM03 Ensure Risk Optimisation S
EDM04 Ensure Resource Optimisation S
EDM05 Ensure Stakeholder Transparency P
APO01 Manage the IT Management Framework S
APO02 Manage Strategy S
APO03 Manage Enterprise Architecture S
APO05 Manage Portfolio S
APO06 Manage Budget and Costs S
APO07 Manage Human Resources S
APO08 Manage Relationships S
BAI01 Manage Programmes and Projects S
BAI02 Manage Requirements Definition S
BAI05 Manage Organisational Change Enablement S
BAI06 Manage Changes S
MEA01 Monitor, Evaluate and Assess Performance and Conformance S
ITRG 04 Managed IT-related business risk 33
EDM01 Ensure Governance Framework Setting and Maintenance S
EDM03 Ensure Risk Optimisation P
EDM04 Ensure Resource Optimisation S
APO01 Manage the IT Management Framework S
APO02 Manage Strategy S
APO03 Manage Enterprise Architecture S
APO04 Manage Innovation S
APO05 Manage Portfolio S
APO06 Manage Budget and Costs S
APO07 Manage Human Resources S
APO08 Manage Relationships S
APO09 Manage Service Agreements S
APO10 Manage Supplies P
APO11 Manage Quality S
APO12 Manage Risk P
APO13 Manage Security P
BAI01 Manage Programmes and Projects P
BAI02 Manage Requirements Definition S
BAI03 Manage Solutions Identification and Build S
BAI04 Manage Availability and Capacity S
BAI06 Manage Changes P
BAI07 Manage Change Acceptance and Transitioning S
BAI09 Manage Assets S
BAI10 Manage Configuration S
DSS01 Manage Operations P
DSS02 Manage Service Requests and Incidents P
DSS03 Manage Problems P
DSS04 Manage Continuity P
DSS05 Manage Security Services P
DSS06 Manage Business Process Controls P
MEA01 Monitor, Evaluate and Assess Performance and Conformance P
MEA02 Monitor, Evaluate and Assess the System of Internal Control P
MEA03 Monitor, Evaluate and Assess Compliance with External Requirements P
ITRG 05 Realised benefits from IT-enabled investments and services portfolio 24
EDM01 Ensure Governance Framework Setting and Maintenance S
EDM02 Ensure Benefits Delivery P
EDM04 Ensure Resource Optimisation S
APO02 Manage Strategy S
APO03 Manage Enterprise Architecture S
APO04 Manage Innovation P
APO05 Manage Portfolio P
APO06 Manage Budget and Costs P
APO08 Manage Relationships S
APO09 Manage Service Agreements S
APO10 Manage Supplies S
APO11 Manage Quality P
BAI01 Manage Programmes and Projects P
BAI02 Manage Requirements Definition S
BAI03 Manage Solutions Identification and Build S
BAI04 Manage Availability and Capacity S
BAI06 Manage Changes S
BAI07 Manage Change Acceptance and Transitioning S
BAI08 Manage Knowledge S
DSS01 Manage Operations S
DSS03 Manage Problems S
DSS04 Manage Continuity S
MEA01 Monitor, Evaluate and Assess Performance and Conformance S
MEA03 Monitor, Evaluate and Assess Compliance with External Requirements P
ITRG 06 Transparency of IT costs, benefits and risk 18
EDM01 Ensure Governance Framework Setting and Maintenance S
EDM02 Ensure Benefits Delivery P
EDM03 Ensure Risk Optimisation P
EDM04 Ensure Resource Optimisation S
EDM05 Ensure Stakeholder Transparency P
APO03 Manage Enterprise Architecture S
APO05 Manage Portfolio S
APO06 Manage Budget and Costs P
APO08 Manage Relationships S
APO09 Manage Service Agreements S
APO10 Manage Supplies S
APO12 Manage Risk P
APO13 Manage Security P
BAI01 Manage Programmes and Projects S
BAI09 Manage Assets P
BAI10 Manage Configuration S
MEA01 Monitor, Evaluate and Assess Performance and Conformance S
MEA02 Monitor, Evaluate and Assess the System of Internal Control S
ITRG 07 Delivery of IT services in line with business requirements 34
EDM01 Ensure Governance Framework Setting and Maintenance P
EDM02 Ensure Benefits Delivery P
EDM03 Ensure Risk Optimisation S
EDM04 Ensure Resource Optimisation S
EDM05 Ensure Stakeholder Transparency P
APO01 Manage the IT Management Framework S
APO02 Manage Strategy P
APO03 Manage Enterprise Architecture S
APO05 Manage Portfolio S
APO06 Manage Budget and Costs S
APO07 Manage Human Resources S
APO08 Manage Relationships P
APO09 Manage Service Agreements P
APO10 Manage Supplies P
APO11 Manage Quality P
APO12 Manage Risk S
APO13 Manage Security S
BAI01 Manage Programmes and Projects S
BAI02 Manage Requirements Definition P
BAI03 Manage Solutions Identification and Build P
BAI04 Manage Availability and Capacity P
BAI06 Manage Changes P
BAI07 Manage Change Acceptance and Transitioning S
BAI08 Manage Knowledge S
BAI09 Manage Assets S
DSS01 Manage Operations P
DSS02 Manage Service Requests and Incidents P
DSS03 Manage Problems P
DSS04 Manage Continuity P
DSS05 Manage Security Services S
DSS06 Manage Business Process Controls P
MEA01 Monitor, Evaluate and Assess Performance and Conformance P
MEA02 Monitor, Evaluate and Assess the System of Internal Control S
MEA03 Monitor, Evaluate and Assess Compliance with External Requirements S
ITRG 08 Adequate use of applications, information and technology solutions 31
EDM02 Ensure Benefits Delivery S
EDM03 Ensure Risk Optimisation S
EDM04 Ensure Resource Optimisation S
APO02 Manage Strategy S
APO03 Manage Enterprise Architecture S
APO04 Manage Innovation P
APO05 Manage Portfolio S
APO06 Manage Budget and Costs S
APO08 Manage Relationships S
APO09 Manage Service Agreements S
APO10 Manage Supplies S
APO11 Manage Quality S
APO12 Manage Risk S
APO13 Manage Security S
BAI01 Manage Programmes and Projects S
BAI02 Manage Requirements Definition S
BAI03 Manage Solutions Identification and Build S
BAI04 Manage Availability and Capacity S
BAI05 Manage Organisational Change Enablement P
BAI06 Manage Changes S
BAI07 Manage Change Acceptance and Transitioning P
BAI08 Manage Knowledge S
BAI10 Manage Configuration S
DSS01 Manage Operations S
DSS02 Manage Service Requests and Incidents S
DSS03 Manage Problems S
DSS04 Manage Continuity S
DSS05 Manage Security Services S
DSS06 Manage Business Process Controls S
MEA01 Monitor, Evaluate and Assess Performance and conformance S
MEA02 Monitor, Evaluate and Assess the System of Internal Control S
ITRG 09 IT agility 24
EDM01 Ensure Governance Framework Setting and Maintenance S
EDM04 Ensure Resource Optimisation P
APO01 Manage the IT Management Framework S
APO02 Manage Strategy S
APO03 Manage Enterprise Architecture P
APO04 Manage Innovation P
APO05 Manage Portfolio S
APO07 Manage Human Resources S
APO09 Manage Service Agreements S
APO10 Manage Supplies P
APO11 Manage Quality S
APO12 Manage Risk S
BAI02 Manage Requirements Definition S
BAI04 Manage Availability and Capacity S
BAI05 Manage Organisational Change Enablement S
BAI06 Manage Changes S
BAI07 Manage Change Acceptance and Transitioning S
BAI08 Manage Knowledge P
BAI09 Manage Assets S
BAI10 Manage Configuration S
DSS01 Manage Operations S
DSS03 Manage Problems S
DSS04 Manage Continuity S
MEA01 Monitor, Evaluate and Assess Performance and Conformance S
ITRG 10 Security of information, processing infrastructure and applications 21
EDM01 Ensure Governance Framework Setting and Maintenance S
EDM03 Ensure Risk Optimisation P
APO01 Manage the IT Management Framework S
APO03 Manage Enterprise Architecture S
APO07 Manage Human Resources S
APO09 Manage Service Agreements S
APO10 Manage Supplies S
APO12 Manage Risk P
APO13 Manage Security P
BAI02 Manage Requirements Definition S
BAI06 Manage Changes P
BAI08 Manage Knowledge S
BAI09 Manage Assets S
BAI10 Manage Configuration S
DSS01 Manage Operations S
DSS02 Manage Service Requests and Incidents S
DSS04 Manage Continuity S
DSS06 Manage Business Process Controls S
MEA01 Monitor, Evaluate and Assess Performance and Conformance S
MEA02 Monitor, Evaluate and Assess the System of Internal Control S
MEA03 Monitor, Evaluate and Assess Compliance with External Requirements S
ITRG 11 Optimisation of IT assets, resources and capabilities 29
EDM01 Ensure Governance Framework setting and Maintenance S
EDM02 Ensure Benefits Delivery S
EDM04 Ensure Resource Optimisation P
APO01 Manage the IT Management Framework P
APO02 Manage Strategy S
APO03 Manage Enterprise Architecture P
APO04 Manage Innovation P
APO05 Manage Portfolio S
APO06 Manage Budget and Costs S
APO07 Manage Human Resources P
APO08 Manage Relationships S
APO09 Manage Service Agreements S
APO10 Manage Supplies S
APO11 Manage Quality S
BAI01 Manage Programmes and Projects S
BAI02 Manage Requirements Definition S
BAI03 Manage Solutions Identification and Build S
BAI04 Manage Availability and Capacity P
BAI05 Manage Organisational Change Enablement S
BAI06 Manage Changes S
BAI08 Manage Knowledge S
BAI09 Manage Assets P
BAI10 Manage Configuration P
DSS01 Manage Operations P
DSS03 Manage Problems P
DSS04 Manage Continuity S
DSS05 Manage Security Services S
DSS06 Manage Business Process Controls S
MEA01 Monitor, Evaluate and Assess Performance and Conformance P
ITRG 12 Enablement and support of business processes by integrating applications and 16
technology into business processes
EDM01 Ensure Governance Framework Setting and Maintenance S
EDM02 Ensure Benefits Delivery S
APO01 Manage the IT Management Framework S
APO02 Manage Strategy S
APO03 Manage Enterprise Architecture S
APO04 Manage Innovation S
APO08 Manage Relationships P
BAI02 Manage Requirements Definition P
BAI03 Manage Solutions Identification and Build S
BAI05 Manage Organisational Change Enablement S
BAI06 Manage Changes P
BAI07 Manage Change Acceptance and Transitioning P
DSS03 Manage Problems S
DSS04 Manage Continuity S
DSS05 Manage Security Services S
DSS06 Manage Business Process Controls S
ITRG 13 Delivery of programmes delivering benefits, on time, on budget, and meeting 23
requirements and quality standards
EDM01 Ensure Governance Framework setting and Maintenance S
EDM02 Ensure Benefits Delivery S
EDM03 Ensure Risk Optimisation S
EDM04 Ensure Resource Optimisation S
EDM05 Ensure Stakeholder Transparency S
APO01 Manage the IT Management Framework S
APO02 Manage Strategy S
APO05 Manage Portfolio P
APO06 Manage Budget and Costs S
APO07 Manage Human Resources P
APO08 Manage Relationships S
APO09 Manage Service Agreements S
APO10 Manage Supplies S
APO11 Manage Quality P
APO12 Manage Risk P
BAI01 Manage Programmes and Projects P
BAI02 Manage Requirements Definition S
BAI03 Manage Solutions Identification and Build S
BAI04 Manage Availability and Capacity S
BAI05 Manage Organisational Change Enablement P
BAI06 Manage Changes S
BAI07 Manage Change Acceptance and Transitioning S
MEA01 Monitor, Evaluate and Assess Performance and Conformance S
ITRG 14 Availability of reliable and useful information for decision making 29
EDM01 Ensure Governance Framework Setting and Maintenance S
EDM02 Ensure Benefits Delivery S
EDM03 Ensure Risk Optimisation S
EDM05 Ensure Stakeholder Transparency S
APO01 Manage the IT Management Framework S
APO02 Manage Strategy S
APO03 Manage Enterprise Architecture S
APO04 Manage Innovation S
APO09 Manage Service Agreements P
APO10 Manage Supplies S
APO11 Manage Quality S
APO12 Manage Risk S
APO13 Manage Security P
BAI02 Manage Requirements Definition S
BAI03 Manage Solutions Identification and Build S
BAI04 Manage Availability and Capacity P
BAI06 Manage Changes S
BAI07 Manage Change Acceptance and Transitioning S
BAI08 Manage Knowledge P
BAI09 Manage Assets S
BAI10 Manage Configuration P
DSS01 Manage Operations S
DSS02 Manage Service Requests and Incidents S
DSS03 Manage Problems P
DSS04 Manage Continuity P
DSS05 Manage Security Services S
DSS06 Manage Business Process Controls S
MEA01 Monitor, Evaluate and Assess Performance and Conformance S
MEA02 Monitor, Evaluate and Assess the System of Internal Control S
ITRG 15 IT compliance with internal policies 24
EDM01 Ensure Governance Framework Setting and Maintenance S
EDM03 Ensure Risk Optimisation P
EDM05 Ensure Stakeholder Transparency S
APO01 Manage the IT Management Framework P
APO02 Manage Strategy S
APO07 Manage Human Resources S
APO08 Manage Relationships S
APO09 Manage Service Agreements S
APO10 Manage Supplies S
APO11 Manage Quality S
APO12 Manage Risk S
BAI06 Manage Changes S
BAI07 Manage Change Acceptance and Transitioning S
BAI09 Manage Assets S
BAI10 Manage Configuration S
DSS01 Manage Operations S
DSS02 Manage Service Requests and Incidents S
DSS03 Manage Problems S
DSS04 Manage Continuity S
DSS05 Manage Security Services S
DSS06 Manage Business Process Controls S
MEA01 Monitor, Evaluate and Assess Performance and Conformance P
MEA02 Monitor, Evaluate and Assess the System of Internal Control P
MEA03 Monitor, Evaluate and Assess Compliance with External Requirements S
ITRG 16 Competent and motivated business and IT personnel 16
EDM01 Ensure Governance Framework Setting and Maintenance S
EDM02 Ensure Benefits Delivery S
EDM03 Ensure Risk Optimisation S
EDM04 Ensure Resource Optimisation P
APO01 Manage the IT Management Framework P
APO02 Manage Strategy S
APO07 Manage Human Resources P
APO08 Manage Relationships S
APO11 Manage Quality S
APO12 Manage Risk S
BAI01 Manage Programmes and Projects S
BAI08 Manage Knowledge S
DSS01 Manage Operations S
DSS04 Manage Continuity S
DSS06 Manage Business Process Controls S
MEA01 Monitor, Evaluate and Assess Performance and Conformance S
ITRG 17 Knowledge, expertise and initiatives for business innovation 31
EDM01 Ensure Governance Framework Setting and Maintenance S
EDM02 Ensure Benefits Delivery P
EDM03 Ensure Risk Optimisation S
EDM04 Ensure Resource Optimisation S
EDM05 Ensure Stakeholder Transparency S
APO01 Manage the IT Management Framework P
APO02 Manage Strategy P
APO03 Manage Enterprise Architecture S
APO04 Manage Innovation P
APO05 Manage Portfolio S
APO07 Manage Human Resources P
APO08 Manage Relationships P
APO10 Manage Supplies S
APO11 Manage Quality S
APO12 Manage Risk S
BAI01 Manage Programmes and Projects S
BAI02 Manage Requirements Definition S
BAI03 Manage Solutions Identification and Build S
BAI04 Manage Availability and Capacity S
BAI05 Manage Organisational Change Enablement P
BAI06 Manage Changes S
BAI07 Manage Change Acceptance and Transitioning S
BAI08 Manage Knowledge P
DSS01 Manage Operations S
DSS02 Manage Service Requests and Incidents S
DSS03 Manage Problems S
DSS04 Manage Continuity S
DSS06 Manage Business Process Controls S
MEA01 Monitor, Evaluate and Assess Performance and Conformance S
MEA02 Monitor, Evaluate and Assess the System of Internal Control S
MEA03 Monitor, Evaluate and Assess Compliance with External Requirements S