This paper is published in Volume-10, Issue-1, 2024
Area
Information Security
Author
Taha Qureshi
Org/Univ
Nangia and Co LLP, Mumbai, India
Pub. Date
19 February, 2024
Paper ID
V10I1-1217
Publisher
Keywords
The Control Objectives for Information and Related Technologies (COBIT), COBIT Performance Management (CPM), Capability Maturity Model Integration (CMMI), Process Assessment Model (PAM).

Citationsacebook

IEEE
Taha Qureshi. Enhancing organizational Governance: A proposal for COBIT 2019 Maturity Assessment, International Journal of Advance Research, Ideas and Innovations in Technology, www.IJARIIT.com.

APA
Taha Qureshi (2024). Enhancing organizational Governance: A proposal for COBIT 2019 Maturity Assessment. International Journal of Advance Research, Ideas and Innovations in Technology, 10(1) www.IJARIIT.com.

MLA
Taha Qureshi. "Enhancing organizational Governance: A proposal for COBIT 2019 Maturity Assessment." International Journal of Advance Research, Ideas and Innovations in Technology 10.1 (2024). www.IJARIIT.com.

Abstract

Background: This paper introduces a structured methodology for assigning maturity levels in accordance with The Control Objectives for Information and Related Technologies (COBIT) 2019 framework. The conventional method of evaluating an organization's COBIT Performance Management (CPM) often concentrates solely on capability levels, given the absence of a well-defined approach for assigning maturity levels in the framework. The proposed methodology introduces an approach aligned with the principles of performance management designed to quantify the maturity of the governance and management objectives from the framework and collectively represent their impact on the overall organization. Discussion: Maturity levels provide management with a comprehensive understanding of the current state of governance and management practices in the organization. Maturity assessment offers a holistic perspective, furnishing management with a thorough overview of the organizational landscape. COBIT 5 released in the year 2012, followed the Process Assessment Model (PAM) model for assigning capability and maturity values. Since there is no defined PAM for COBIT 2019, The Capability Maturity Model Integration (CMMI) levels defined by the CMMI Institute can be used to represent process improvement efforts, in other words, it can measure capability levels along with other factors to give value to the organizations process for measuring maturity. Up to this point, there exists no formalized methodology for assigning or deriving maturity levels for an organization using the COBIT framework. The impetus for this paper stemmed from Luis Gorgona’s, encouragement in the ISACA blog for readers to explore the COBIT 2019 framework as a valuable resource for developing an approach to model, assessing maturity scores, and identifying essential factors for measuring their organization's performance. Research Objectives: This paper aims to achieve the following objectives: 1. The Necessity and Challenges in the Assigning of Maturity Levels. 2. Proposing a Methodology for Assigning Maturity Levels for the COBIT 2019 Framework. Conclusion: In conclusion, this paper encourages readers, auditors, and professionals to go beyond a basic evaluation of capability levels. By which organization leaders can attain an accurate comprehension of their existing Information and Technology(I&T) practices through the adoption of this systematic approach. Consequently, leading to well-informed decision-making, enhancing overall coverage of COBIT 2019 objectives.