×

Message

EU e-Privacy Directive

This website uses cookies to manage authentication, navigation, and other functions. By using our website, you agree that we can place these types of cookies on your device.

View e-Privacy Directive Documents

You have declined cookies. This decision can be reversed.

cobitThe COBIT 5 Assessment programme is designed to provide enterprises with an understandable, logical, repeatable, reliable and robust methodology for assessing the capability of their IT processes, based on the COBIT 5 process reference model (PRM).

A COBIT 5 Assessment can be used for a number of purposes starting with a basic status check on an organisation's current capability levels regarding its processes and ability to deliver the performance expected. As the capability level increases management's actions become more effective at making their organisation effective and efficient.

The purpose of a COBIT 5 assessment is to determine the extent to which processes achieve the stated process purpose. Information and data that characterize each process is determined and assessed. The COBIT 5 PAM (process assessment model), the ISO/IEC 15504 capability measurement framework and the ISO/IEC 15504 assessment process are the core elements for conducting the assessments. View: COBIT 5 Assessor course

COBIT 5 Capability Assessment Tool

Conducting a COBIT 5 Capability Assessment

The COBIT 5 Assess Guide for conducting process capability assessments recommends the use of tools to facilitate the assessment process. While an Excel worksheet may be adequate for a self-assessment, an assessment following the COBIT 5 Assessor guidelines require something more reliable, repeatable and robust.

Is the ITGN Capability Assessment Tool right for you?

Read more about Assessment Tools

COBIT 5 Assessment Tools

The ITGN COBIT assessment tool is a standard-based approach to process capability assessment producing results that support process improvement prioritisation and planning. The ITGN COBIT assessment tool incorporates assessment criteria for the COBIT framework as well as other process reference models, and uses ISO/IEC 15504 as the basis for the measurement framework and assessment process. The approach to performing a process capability assessment follows the “Assessor Guide: Using COBIT 5” and the ISO 15504 standard for capability assessments.

Read about Tools for COBIT Assessors 

The Process Assessment Model

The Process Assessment Model (PAM) is the basis for an assessment of an enterprise’s IT processes against the COBIT 5 framework and for training and certifying assessors. The COBIT 5 Process Assessment Model provides an outline of the requirements for achieving capability level 1 using the COBIT 5 processes described in the COBIT 5 Enabling Processes Guide. The COBIT 5 assessment process is evidenced-based to enable a reliable, consistent and repeatable assessment process in the area of governance and management of IT.

Guidance given in the COBIT 5 PAM assists assessors with planning and conducting assessments of the first level of process capability. It provides capability level indicators for determining the process purposes, selecting appropriate process outcomes and identifying process activities and work products that are inputs and outputs to the process. Assessment of process capability at levels above one will depend on the assessor correctly identifying indicators for the second to fifth levels of of process capability.

Read more about the COBIT 5 PAM

Competent assessors are essential

The COBIT 5 PAM assessment process relies heavily on knowledgeable and experienced assessors to perform reliable assessments of process capability. Although a good departure point for the initial planning of an assessment, the COBIT 5 PAM only outlines the process requirements (base practices, key activities and work products) at a high-level for level 1.

Choosing an experienced assessor, knowledgeable in the COBIT 5 process model and skilled in the practical implementation of the processes is essential to assessments of capability, particularly when assessments are of capability levels beyond level one. Much of the value of the assessment (i.e. accuracy and reliability of identified improvements) will depend on the assessor leading the assessment.

Before a COBIT 5 PAM assessment can commence, a critical preliminary step to the assessment process is that the sponsor and lead assessor agree on the activities and work products of the the process to be assessed. The activities and work products that fall within the scope of the assessment will depend on what is actually required for the selected process outcomes to be achieved.  

Read about Assessor Competence 

Key steps in the Assessment Process

The key COBIT 5 assessment process steps are:

  • Selecting the processes that will fall within the scope of assessment and clarifying the purpose of the assessment.
  • Agreeing with the sponsor which activities and work products are essential to delivering the outcomes expected.
  • Documenting the assessment process so that it is repeatable.
  • Gathering sufficient evidence of the process executing as defined.

To overcome the subjective nature of COBIT 5 PAM assessments, ITGN has developed an assessment tool, based on ISO 15504, to ensure that a reliable, repeatable and consistent assessment can be performed. 

Read more about the COBIT 5 assessment methodology

Assessment Classes I, II and III

The class of assessment refers to the type (or purpose) of assessment required. Assessment class type I is for comparison between organisations, class II is for identifying the best options for capability improvement and class III is used to check the current status of capability.

Each assessment class has a different requirement for assessment process rigour and the collection of objective  evidence.

  • Class I requires the most rigourous assessment process as the results are used for external comparison between organisations. 
  • Class II is used to provide a reliable assessment for internal reporting.
  • Class III assessment is suitable for monitoring the ongoing progress of an improvement programme or to identify key issues for a later class one or class two assessment. 

Read more about Class I, II ad III 

Capability improvement using COBIT

Capability improvement is made easier with the aid of COBIT 5 as the approach is inherently lean and focused on business goals and strategic objectives.

Read more about Capability Improvement

Resource optimization using COBIT

Optimization of resources is achieved with the assistance of the COBIT 5 Framework to identify which activities are essential for the selected processes and process outcomes.

Read more about Resource Optimization

Capability Assessment & Improvement

COBIT 5 capability assessments can be highly subjective and depend on the assessor's IT knowledge and experience. The ITGN has the skill, experience and tools needed to ensure reliable results.

Learn more...

COBIT Management System

Improve your IT organisation's efficiency and effectiveness with a management system to coordinate and continuously improve the operational practices.

Read more...

Go to top