Pass Your Isaca COBIT 2019 Exam Easy!

Isaca COBIT 2019 COBIT 2019 Foundation exam dumps vce, practice test questions, study guide & video training course to study and pass quickly and easily. Isaca COBIT 2019 COBIT 2019 Foundation exam dumps & practice test questions and answers. You need avanset vce exam simulator in order to study the Isaca COBIT 2019 certification exam dumps & Isaca COBIT 2019 practice test questions in vce format.

Governance System and Components

2. Components of the Governance System

Back to our Nike example Imagine yourself as a Nike top manager, and you want to fulfil your governance goals and objectives, as we described them in previous lectures. So these governance goals and objectives are, for example, to manage risks well, to manage changes well, and so on. Now the question is: what are all the things and all the components you need to achieve these objectives? Do you need people's skills to manage changes well? Surely you do, right? Do you need processes? Definitely. Do you need some policies? Do you need infrastructure? Do you need applications? Yes, definitely. Kobet divided the things you need to govern and manage Nike into seven categories, which you can see here: processes, organisational structures, information flow items, and more. We will explain each of them in more detail in a moment. To fulfil your governance and management objectives, you need a governance system. The governance system is the set of seven components that we just saw in a previous picture. The most well known of our processes But you can see that there are also organisational structures, information, skills and competencies, and others. As we said, all these components form a system, the governance system. And if you set them well, it means that your governance system operates well. These components interact with each other, and you always need to consider all of the components, not just some of them. For example, processes alone will not ensure good governance. To execute processes, you also need proper tools such as ticketing and monitoring systems to have them under control. You also need your people to have the proper competencies to execute these processes. So you need all the components. We use the term holistic to describe the idea that all the components have to be considered. And now let's go one component by one and display the definitions as well. In a big organisation like Nike, you can't live without processes. Processes are step-by-step guidelines on how things must be done. For example, if the computer of your accountant breaks down, you must already have a step-by-step guideline for who will do what to fix it, who will receive the complaint, whether and how he will record it, and so on. Requests from the auser or incident management processes are required. Remember that we said in the Governance Management Objectives lecture that Kobe defines 40 objectives, and each has one process. So Kobe defines 40 processes which youneed in your like It requests andincident management is only one of them. You should also look at the official definition. It summarises what we've just explained. Processes are sets of activities to achieve certain objectives, such as fixed accountants or computers, and that support the achievement of overall goals, such as supporting the users well. Nike, like any other company, must have defined roles for those responsible for key decisions within the company. This could be CEO, Chief Executive Officer, CFO, Chief Financial Officer, CIO, Chief Information Officer, an Executive Committee, or other roles. Cobbit gives us a complete definition of these roles in the Cobbit 2019 Framework Governance and Management Objectives Books; it's in Chapter Eight, Appendix B. This topic is not part of our core material, so you don't need it for your exam, but I found it personally very interesting. The reason is that these roles and organisational structure definitions are used frequently in IT companies and departments, but I didn't see them defined well in any other standards or framework while not sure about Sisacertification though, you may find it then there aswell because it is practical. I have included an optional extra lecture after this one where I will give you a quick walkthrough of these definitions after processes and organisational structures. We have a third component, which is information flows and items. Well, without information, it would be difficult to govern and manage anything, so this is an important part of your governance as well. The definition says exactly that the information is pervasive throughout any company, and Cobbit focuses on the information required for the effective functioning of the governance system. Managers who follow governance are also people; at least, I know a few. The full title of this component is "People Skills and Competencies." We discussed earlier in the course that even if you have the other components perfect, for example, perfect processes, if you don't have people with the right skills to execute them correctly, your governance will fail. So as the definition explains, people's skills and competencies are required for good decision-making, executing corrective actions, and successful completion of all activities. Besides processes, you also need principles and policies, which you can imagine as more high-level statements or prescriptions than step-by-step processes and procedures, which, on the contrary, are even more detailed descriptions of each step or activity within a process. I believe that you agree with me that you need those as well to ensure good governance. That is because principles, policies, and procedures translate desired behaviour into practical guidance for day-to-day management. Imagine that as a night manager you want your employees to behave safely so sensitive company data is not stolen and abused. That is a desired behavior, but you need practical guidance for the behavior, so a security policy is created that describes in detail how the employees must behave, for example. They can't share their passwords. Open specific files from emails. can't connect external devices to company laptops and so on culture.Ethics and behaviour are important components of company governance Imagine the culture of a company where it is normal not to follow rules and not to listen to managers. As the owner of such companies, would you feel certain that nothing bad could happen? that you have things under control when the employees do what they like instead of following instructions. And last but not least, the services, infrastructure, and applications components Remember that your Nike Accountant computer broke down, and we have a process that requires an IT specialist to record this as an incident into a system or an application. So this application will also help you with your governance, right? It contains all the records of all incidents, so you can track them and follow them. You need infrastructure and applications to be able to govern and manage your IT. Another example might be your monitoring system. There's also the term "services." I will simplify for now and say that a service is a collection of applications and infrastructure. For example, an invoicing service is a collection of applications and systems where accountants can process their invoices. Copy describes how each component should look in detail, and we will see that later in the Governance and Management Objectives section. There we will see generic descriptions that may fit any company or any condition. However, some companies have special regulations or want to focus on a specific era, such as security or DevOps, and in that case, the generic corporate description of the seven components can be changed, and we can call that variance. So these are all seven components that form the governance system. They can be described in their basic or generic form, and we call them generic components in that case, or they can be tailored to a specific purpose, and then we call them variants. I have created this summary picture, which is not official and you will not find it in your downloaded books, but it explains the term in that section. Title what is the governance system? While the governance system of a company is the way all those seven components we've just explained are configured and connected together, If you manage a flower shop, your governance system will be set up differently than unite it.For example, you will not have a very formal management of change process because there are only two workers and it will be more flexible if they just talk to each other rather than sending each other formal change tickets. And we have one more extra topic here, which is called the focus areas. A focus area is a certain topic or domain that can be addressed by a collection of governance and management objectives and their components. These components can be generic or variants, or any combination. A nice example of a focus area was published on LinkedIn by Jsnito from ISACA Brazil for Brazilian GDPR. You can see the collection of governance and management objectives for this focused era. As you can see, the browserly and GDPR will necessitate the implementation of EDM one as well as the establishment of a governance framework and the maintenance of IDM three to ensure risk optimization, other errors, and other objectives. The number of focus areas is unlimited, which makes it a bit open ended.New focus areas can be added as required, or a subject matter expert and practitioners can contribute. As you can see in the GDPR for Brazil on the right grey part of the slide, you can see more examples of focus areas. As you can see, the small and medium enterprises also deserve special attention from Kobe. That's why it's a focus area. cybersecurity, for sure. Risk cloud computing, privacy, and DevOps. DevOps is given an example for both a component variant and a focus area. Why? DevOps is a current team in the marketplace and definitely requires specific guidance, making it a focus area. Within the DevOps focus area, there will be a number of the generic governance and management objectives of the core Cobbt model, but there will also be a number of variants of development, operational, and monitoring processes and related organisational structures. Please. I'm talking about DevOps. But if you haven't heard about DevOps, I recommend you check it out, since it has become one of the most popular frameworks for many IT companies and departments. DevOps is not in the scope of this course, but I will likely upload a short introduction to the course as additional material. If you are working in it or interested in it, it's really worth your attention. Okay, just to briefly summarise this lecture, we have covered seven components of the governance system, and we explained what the focus areas are. We will explore a new term, design factors," in the next.

3. Components of the Governance System - Organizational Structures

Welcome to the optional lecture dedicated to one of the seven governance components, the organisational structures. copy gives This is a brief definition of roles and structures that are commonly used in organizations, and it is really useful for anyone in IT or even outside IT to know what these roles and structures mean. During my consulting and training, I often use these terms and assume that everyone knows them since they are so common in the IT world. But I found out that it's not always the case. So let's go through them together and each ofyou can scan how familiar you are with them. I'm opening my Governance and Management Objectives books. That's where you find these organisational structures. It's in Appendix 82, and I'm pretty sure it's on Page 299. So I'm going to go straight to page 299 and open appendix 82, so let's go look at each of the roles or structures, beginning with the board or board of directors, which is a commonly used term in organizations. This is a group of the most senior executive or nonexecutive directors accountable for governance. Or, in the lectures, we will frequently refer to the board of directors, who are ultimately responsible for the company's governance. The executive committee is a group of senior executives appointed by the board who execute the decisions of the board because both strategic planning and decision-making for the organisation are done according to the mission, vision, and values of the organisation from a very strategic point of view. The reality is that it's not always practical for the boards, especially large boards, to gather in person to take some necessary actions. An executive committee is a smaller group with close ties through their leadership that can get together often with little notice to address pressing issues that affect the organization, such as some emerging crises. The Chief Executive Officer, or CEO, is the highest-ranking officer charged with the total management of the enterprise. CFO: This is the most senior person responsible for finance. Chief Financial Officer COO most Senior Officialaccountable for operation of the company sothe complete operations the company operates well. Chief Risk Officer. Most senior officials are accountable for all aspects of risks across the company, including the CIO. Chief Information Officer: this is the top manager responsible for it. So managing it, meaning aligning it in the business, means it's accountable for planning, resourcing, and managing delivery to complete it, and CTOs and most senior officials are responsible for it as well. But for the technical aspects, not so much as for aligning IT with the business and its strategy, but for the technical aspects, such as managing monitoring decisions related to IT services and technical infrastructure solutions (sometimes the CIO and CTO are one person, just call the CIO), So we have only one top manager of thewhole It and the next one Chief Digital Officer This is a relatively new role or responsibility, with someone in charge of putting the company's digital transformation into action. It Governance Board which are a group of experts. people accountable for it. like something similar to the previous board But that was for our whole company. Now we have the Governance Board. So the same body is now accountable for governance for It.As a result, it connected issues and decisions, enabled investments, delivered value, and monitored risks. The architecture board is a group of company experts who oversee and make decisions on enterprise architecture. Enterprise Architecture I simplify a lot, and I just say these are the building blocks of the company. We can say every company's building blocks are quite different. But if I simplify, I can say whether we divide our company and systems into production systems, ordering systems, customer data systems, or what some companies like to call front end, back end, and so on and so forth. So these are people takingcare of enterprise architecture. How the company is built up, meanswhat blocks, what parts are there. Enterprise Risk Committee people are responsible for risk management at the enterprise level. The chief information security officer is a senior officer who is accountable for security across the whole enterprise. Then we have business processes. Owner thereare processes defined within the business ofthe company, like what the company does. And we can have a specific person responsible for each business process. Examples of business processes could be manufacturing, accounting, procurement, and so on. As a result, portfolioManager may be the owner of each such process. Well, what is a portfolio in a company? A portfolio is a set of investments, programs, projects, or other investments or initiatives that are running or are prepared to run within the company. And the portfolio manager is the individual responsible for guiding such portfolios within the company. So he's responsible for portfolio management. These programs, projects, initiatives within portfolio, theremight be decisions about them, right? Whether the programme or initiative will be approved, whether it makes sense, and that decisions come from the steering committee, sometimes the programme project committee. But a steering committee is frequently used in companies. So this is the committee deciding about programmes and projects, and each individual programme within the portfolio that was approved by the steering committee has its own leader; his name or his title is programme manager. So this is the individual responsible for guiding or managing a specific program. And what is a program? It is a set of individual projects, and each project also has its own leader or boss. So a project manager is the individual responsible for guiding a specific project. And programmes might be coordinated by a specific group of people called the Project Management Office. What I mean by "coordinated" is that I would rather say "supported by giving guidance templates, gathering and assessing information about programmes and projects, and supporting them through their life cycles. Some companies really go for this role or organisational structure. The Project Management Office has been found useful for supporting projects. They may also assist with resources, such as gathering project managers or project supports. So this is the body supporting projects and programmes While Project Management Office is pretty commonly used and executed within organizations, I haven't seen this next one used. Because it is used so frequently. Data Management Function or a function or a department responsible for supporting enterprise data across the data lifecycle and managing data strategy infrastructure and repositories I haven't seen such a thing on the enterprise level. It doesn't mean it doesn't exist, but I haven't seen it as common in businesses. While serving as the head of human resources, I was in charge of data management. This is pretty common. Most senior officials are accountable for planning and policies regarding HR in the enterprise, which is pretty common. and relationship manager Companies may even have multiple relationship managers for various departments within the company. These are the people who do what they do. They're responsible for overseeing and managing the interface between business and IT. Typically, they are established, and sometimes there are different relationship managers for different parts of the business to take care of them and to build the relationship and be the single point of contact for major failures and other responsibilities. Head Architect Senior Individual Accountable for Architecture within the Company Next, we have a person in charge of Development who is also in charge of Operations within the Company. So the head of its operations, even the head of its administration, I have not seen this role defined that way. So not so frequent. But why not individually accountable for It relatedrecord and responsible for supporting It related administrativematters then Service Manager as well. Service Manager title is used veryfrequently, but It's work or hisresponsibilities are very much between companies. Here, it's defined as someone who manages the development, implementation, evaluation, and even maintenance of existing products and services. So it depends. Sometimes it's the head of the Process Service Management Department, so it varies from company to company. Information Security Manager is a very common role-related title; this is the person accountable for information security within the company. Business Continuity Manager You may know this area. This is about business continuity, but we also talk about disaster recovery plans and arrangements, don't we? So this is the individual who managed and decided about enterprise business continuity. in the event of disasters. There are some disruptive events. So disaster recovery is often used as a term, then Privacy officer: the person in charge of monitoring the risk and business impact of privacy law, as well as guiding and coordinating the implementation of policies and activities that ensure compliance with privacy directives. officer Legal Counsel is responsible for guidance on legal matters. The compliance function is responsible for all guidance on external compliance and Audit Department, which is a pretty frequently used function responsible for providing internal audits, so this was a nice brief overview of these abbreviations, which you can see sometimes as CEO COOCTO. You have some guidance here briefly naming and giving brief definitions of what these abbreviations mean.

4. Design Factors

In a previous lecture, we stated that the governance system of a flower shop will be different than the one in Yonike It.Why is that? Can you think of some factors that influence how your processes, principles, policies, and organisational structures look like? Whether they will be robust and detailed or just less formal and basic Well, how about the size of the organization? The flower shop is small, so it doesn't need much bureaucracy, while Mike is huge, so it doesn't need more detailed processes or compliance requirements. You know that some industries are highlyregulated and they need a lot ofgovernance such as banks or pharma industry. So the size of the organisation or compliance requirements are examples of design factors. Design factors can influence the design of a company's governance system. In the grey area of this slide, you can see various design factors such as enterprise strategy, enterprise goals, risk profile, related issues, threat, landscape, and more. We have extra slights for each one, and we will describe them in details. In a moment we will describe each factor, and we will get back to them again. In chapter seven, designing a thyroid governance system, There is even a whole book whichhelps with designing your governance system. The Kobe 2019 design guide. Even though the details of this book are not in the scope of the course, you can download the book from the Isaka website the same way as you downloaded your previous materials. Please note that this is not a free book. It contains very detailed guidance on how to adjust copied based on each design factor. And now we can take each design factor one by one. The first factor that we will describe is the enterprise strategy. Organizations have different strategies that can be described as a combination of four archetypes: growth acquisition, innovation differentiation, cost leadership, and client service stability. Typically, organisations have one primary strategy and one secondary strategy. You can see detailed explanations of each strategy type in the table. The goal of a growth acquisition is for the company to grow and expand its services. There's a recent example from Europe. Vodafone Telco Company bought UPC, which is another telecom. Through this, Vodafone grows. They've expanded their services but also acquired millions of new customers. Formally using UPC Innovation differentiation means that the company is focusing on offering new, innovative products and services. An example might be Uber, if you are watching their journey. They began with a taxi-like service but are constantly expanding to include food, bicycles, and package transport. Cost leadership means, for example, that the enterprise is currently focusing on short-term cost minimization. That may be the case for many companies. During the epidemic of the Coronavirus, companies saw a reduction in demand for their services, so they were forced to reduce the cost. Client service stability means that the company is focusing on providing stable services. Examples may be traditional banks who focus on building a great reputation and a loyal customer base. And a question for you based on some basic information that you have now about Night Company: what do you think would be their primary and secondary strategy? Well, we said that they need to offer new services online, right? So the primary would be innovation differentiation, and since Nike is a traditional brand with a great reputation and is a leader on the market, the secondary would be client service stability. But you are the owner and manager, not me. So you are the one to decide on a strategy. So you are, of course, free to disagree with me. Like an enterprise strategy, enterprise goal design factors have similar characteristics. Goals are more detailed strategies, so they too influence what your governance system should look like. In the table, you can see some examples of goals. Let's look at the first one. Eg. one portfolio of competitive products and services. This will be a goal for a company whose primary strategy will be innovation and differentiation. You can see Balanced Scorecard dimensions stated for each enterprise goal. Balanced Scorecard is a different governance framework than COBIT, and it defines four dimensions, as shown in the second column of the table. Balanced Core is not in the scope of this course, but if you're interested in it, you can find plenty of information online. risk profile is another design factor. It identifies the unrelated risks to which the company is currently exposed. It also indicates whether they are risk sobig that they exceed the company risk appetiteor we can say risk tolerance. I'm sure that you will agree with me that if there is an area within your company that is more vulnerable and threatened by big risks, you're going to need more governance to get this area under control. And that is why this is a design factor based on risk. You design your governance to cover these risks. Examples of risks are stated in the table. You don't need to study these large, detailed tables for your exam. Just look at a few examples to understand what those risks may be. Consider the numbers nine and ten. They are easy to understand. nine hardware incidents and ten software failures. Assume you identified nine and ten Nike risk areas or categories. This means that Nike has a high probability or high risk of hardware or software failures. Therefore, the governance system at Nike must be designed in a way that hardware and software failures are prevented or well managed. Similar to risks, if you have some problematic areas within your IT and are dealing with IT issues, you're going to need more governance to get these areas under control. Imagine that hardware and software failures at Nike are not only probable, but they are already happening. You already have a lot of hardware and software failures, so you must design your governance system to prevent them and manage them well. You can see examples in the truncated table here. Again, you don't have to study this table for your exam, but if you're interested and you want to see the whole table, you can find it in your downloaded Cobbt Framework Introduction and Methodology book, page 25. Another design factor is the thread landscape. We divide it into two levels only: normal and high. For example, an enterprise operating within a high-threat landscape such as the financial sector will require strong governance in the form of highly capable security-related processes. Compliance requirement design factors have three levels: low, normal, and high. For example, banks, pharma, industry, army andsimilar will be evaluated as high compliancebecause there is a lot of regulationson how these organisations must work. A flower shop or a company that provides soft skills training will be evaluated as having low compliance because there's not much regulation that they have to follow. more details about what it means by "low, normal, and high." You can see it in the table here. Law means that there's a minimum or lowerthan average compliance requirements imposed on the company. "Normal" means that there's just a common set of compliance requirements imposed on the company. A common set is a set that has something in common or is common across different industries. High means that there are more than average compliance requirements imposed on the company. These are the pharma- or army-related examples that I've mentioned earlier. And where would you place the nighttime company? most likely to the normal level, right? It is not a law since Nike is a big corporation and has to follow the laws of different countries, but it is not a high law because their production or services are not related to house safety or similar. The next design factor is its role of It.Your governance system will be different if IT acts just as a supporting department, such as the one in the small flower shop, or if it enables the business and plays strategic roles, such as in companies like Uber, Netflix, Facebook, and so on. You can see more details in this table. When it is not crucial for the business and its innovation, IT only has a supporting role. If it has an effect, such as when it fails, the operation and continuity of the business are jeopardized. But on the other hand, it isnot important for innovating the business. We call that role a factory. when it is important for business innovation but does not have a critical dependency on it For the current running and continuity of the business, we call that a role turnaround. And when it is critical for both running and innovating the organization's business processes and services, we call this strategic. How about unique It?Which one of these categories is closest? You are the boss, of course, but I believe Nike is moving from factory to turnaround. At the moment, it is becoming the innovator, which is a characteristic of turnaround because lots of businesses are moving online. But at the same time, there are still the shops, right? They are, of course, dependent on it to some extent, but you could still sell shoes and shops if it were to fail. Therefore, there is not a critical dependency on it for the current running of the business. That's why it wouldn't be strategic. The sourcing model is also important. You will govern your company differently when it is within your company, which is called insourcing or outsourcing, or handled by a different company, outsourced using the cloud, or a mixed model of operation. Your governance system will differ depending on what implementation method is used, such as Agile, DevOps, Traditional, or Hybrid. You can see explanations of each method in the table. I will use an additional graphic to explain the difference between Agile and traditional methods of IT implementation method.You can deliver software to the customer by collecting requirements for the entire delivery. Let's imagine we will be developing a niche market. We will be designing it for a month, then developing and testing it for three months, then putting it into production before the customers get it and can start using it. This is a traditional, sometimes called "waterfall" method. You can see a bicycle in the picture as it gets designed, developed, tested, and deployed as a whole. The hive is the second one below, where you collect only some of the main requirements, process them, and give them to the customer immediately. This means, for example, that the customer only getsfrom the issue of the main screen with acatalog and a list of goods at the beginning. But it already has some value for him because he sees what it will look like and can think of other requirements that will be required based on what he sees. He can also use the catalogue's list of goods as his basic evidence. In the next step, you collect further requirements and deliver them to the customer again, and so on. Again, this picture shows an imaginary scenario in which you would be able to give to the customer a usable piece of the bicycle after each iteration. This way, the customer gets at least some value very quickly and can start using it even if it's not a complete bicycle. DevOps is an approach that emphasises speed and quality in its delivery via heavy automation, an agile way of working, and certain cultural aspects. A more detailed explanation of DevOps is not part of this course, but you can see a DevOps introduction video in the bonuses section of the course. If the company uses traditional working method andat the same time Agile and DevOps, itis referred to as hybrid or Bimodalit. Bimodal means that it is working the traditional waterfall way for some parts of the infrastructure and the modern Agile and DevOps way for other parts of the infrastructure. Technology adoption strategies play important roles as well. It matters whether the company places itself as the leader in the market, so it must react and adopt new technology very quickly. While the enterprise waits, others are already utilising the technology, which we refer to as followers or even slow adopters when they are among the last to adopt the technology. The final design factor is enterprise size, which is comfortably divided into two layers: enterprises with more than 250 employees and those with fewer than 250 employees. All these twelve design factors are covered by one of the books we mentioned earlier, the Cobra 2019 Design Guide. This design guide will tell you exactly how your governance system should look based on these design factors. A walkthrough of the book is not part of this course, but if you're interested, you can download it on the Sakura website just as you downloaded our course materials. It is not free, but if you like detailed guidance on configuring copy based on all those various factors, you can find it there. This is all related to the topic of design factors, and in the next lecture we will explain the term "goal cascade." Before we jump to the next topic, I have decided to modify our Nike example and I'm changing the picture of the Nike manager. I like this picture much more, and I'll be using this one for the next example.

5. Goals Cascade

to explain the goal cascade. I will start with an example and a question. Imagine again that you are the night manager, and you have set one of your main strategic goals. Let's call it "Enterprise Goal" to have a customer-oriented service Service Culture.Wow, that sounds great. But you meet your IT manager, and he will ask you, "Well, nice that you have set your strategic goal." But what does that mean for me and my staff in It?And you meet your chief security officer, and he will ask you the same question: What does it mean for me? Do I change what I do? Or what can COBIT answer about that for you? For each enterprise goal, it will tell you exactly what IT goals must be set to be aligned with your strategy. Look at this picture. Your enterprise goal of having a customer-oriented service culture is here. Kobe will tell you what goals it needs to have to fulfil that enterprise goal. Here it is called alignment goals, which means that it needs to be aligned with the whole enterprise. Cobbit doesn't stop here and even breaks down the alignment goal into its detailed objectives. for example, processes, responsibilities, and many more. I will show you an example in a moment. To explain this picture fully, I must go back to your enterprise goals. You have set a goal customer orientedservice culture but that goal was derivedfrom the need of Vario snike stakeholders. Here you can see the stakeholder drivers and needs listed in the box. Stakeholder needs were explained in theEnterprise Governance of It lecture. The basic idea behind goal cascade is that goals are cascaded down from stakeholder desires and needs to enterprise goals, then up to governance and management detailed goals. It is still very theoretical. I realised that. So let's have a look at some examples. You can find this table in your downloaded Introduction to Methodology book, page 29. It covers most common enterprise goals. You can find the one you choose under "Eg. Five." We are talking about this book that you have downloaded, Kobe 2019 Introduction and Methodology. And the best would be if you can open your owncopy on the book, page 29 and see the table. So I'm opening my copy here. Okay, looking at page 29 here, you can see a table. We will be looking at five customer-oriented service cultures. So if I open it, we can check the eGfive customer-oriented service culture goal and the enterprise goal. You can also see several metrics on the right side, but we don't need them. Now I'm scrolling down for you to see the whole table. You can see all the enterprise goals in this table. On pages 30–31, you can find the goals. They are officially called the Alignment Goals. Again, I'm opening it in my own copy. Page 30–31 So we see the Enterprise Goals and now we'removing to 30 31 alignment or It goals. As you can see here, they are specific for that department. Again, some metrics are here. We don't need them now. We'll see some metrics later. So you can see alignment goals here. And most importantly, on page 297 of the Governance and Management Objectives books, you can find information on cascading your enterprise goals into IT goals. I recommend you find this table in your Governance and Management Objectives books. You can see the whole thing there, and you can read it better there. We are talking about the Governance and Management Objective book now, and I'm opening my own copy at page 297 and you can see mappingtable enterprise Goals to alignment goals. The top row shows your enterprise objectives just as we saw them previously. And they are linked to the it alignment objectives. They are displayed in the first row. So again, you can see Enterprise goals on the top. And on the left side, you can see alignment goals. You can see letters P and S, where P means that there is a primary relationship between these two goals and S means that there is a secondary relationship. And now, for a little exercise, if your Nike It enterprise goal is a customer-oriented service culture, what goal must be set for it? Find the one with the primary relationship. Let's try together. In the top row, we are looking for Eg. 5, the customer-oriented service culture. We can highlight it here. Customer rented service culture five. And let's go down and find the letter P. And as you can see it here you can seethe P and we can see related It goal enablingand supporting business Processes by integrating applications and technology. And we can continue to scroll down to search for more goals with the letter P (primary relationship), and we can see that there are no more IT goals relevant to this Eg. Five Enterprise Goal. So only AG Eight is relevant, and let's cascade more. Now it goes into governance and management objectives. If you forgot the term "governance and management objectives," please watch again the lecture "Governance and Management Objectives" within this section. Now please open the Governance and Management Objectives books on page 298 and look at the table showing which of its goals give you prescriptions. What in detail must you do to fulfil these goals? Try to find our AG Eight enabling and supporting business processes by integrating application and technology goals and all governance and management objectives with peer relationships. I'm searching in my book. I went to page 298 and on the top row I will look for "EgEight enabling and supporting business processes" and so on. Now I will be scrolling down and looking for primary relationships with governance management objectives. So, as we can see, P is here to manage strategy, and another P is here to manage enterprise architecture. Then, while scrolling down for another, I came across Manage Organizational Changes. That is a primary relationship with our goal, so let's see more primary relationships, the last of which will be DSS Sixmanage business process controls for our goal. So manage business process controls here, and we can look into it further. This was really the last one. There is no more P for our objective or our goal. So, let us document our efforts so that we can review and analyse what we discovered. So you can list the goals and objectives that we found here. On the left side, we state that the NykeHall company goal is a customer-oriented service culture. That is, it must set a goal of enabling and supporting business processes through the integration of applications and technology. And that means that it must do particular tasks. Alternatively, we can say objectives, strategy, enterprise architecture, organisational changes, and business process controls. But even those objectives are pretty high-level, and we need to understand what that means for our daily work and detailed tasks. Now comes the core beauty of Cobbit, which I will uncover fully in the next section. But I'll tell you right now that for each of these objectives, there is a full prescription covering processes, activities you must do to meet its metrics, how you should use technology, your responsibilities, related guidance, and much more. It is described with a lovely structure and enough details that if you stay with me and let me walk you through the next section, you will be excited. Well, this was our last topic in the Governance System and Components section, so let's briefly recap what we learned. We had four lectures within this section. In the first lecture, "Governance and Management Objectives," we explained that COBIT gives you detailed prescriptions, what it must do, which activities to process, how things should be measured, responsibilities, and much more. You will see all these in the next section. These details are hidden under 40 governance and management objectives; wait for the next section for examples. The second lecture explained what all the things are and all the components you need to achieve management and governance objectives, such as organization, structures, culture, ethics, behavior, and more. The third lecture covers the design factors, which are factors that will influence what your governance system will look like. Small flower shops will have less formal processes than a huge enterprise. And finally, a goal cascade. cascades very high-level stakeholder needs and enterprise goals into very detailed prescription options. how it should work. We learned a lot in this section, but that is nothing compared to the treasures you will find in the Governance and Management Objective Section, which is coming next.

Go to testing centre with ease on our mind when you use Isaca COBIT 2019 vce exam dumps, practice test questions and answers. Isaca COBIT 2019 COBIT 2019 Foundation certification practice test questions and answers, study guide, exam dumps and video training course in vce format to help you study with ease. Prepare with confidence and study using Isaca COBIT 2019 exam dumps & practice test questions and answers vce from ExamCollection.