INDEX
| A | |
acquire |
72, 82, 96, 106 |
activities |
64-65, 89-90, 109, 111 |
align |
72, 106 |
assess |
72, 106 |
assessment |
126-134 |
assessor |
139-140 |
audit |
49-52 |
| B | |
Baldridge National Quality |
41 |
Programme |
|
Barger, T |
17 |
base practices |
128-134 |
Basel II, Basel III |
45, 115 |
benefits realisation |
58, 63 |
Berners-Lee, T. |
101 |
Beynon-Davies, P. |
99 |
BMIS |
55 |
build |
72, 82, 96, 106 |
business |
|
governance |
19 |
strategy |
39, 76, 114 |
continuity |
48 |
| C | |
Cadbury Report |
17 |
capability |
|
assessment |
43, 126 |
levels |
128, 132-134 |
model |
43, 126 |
process attributes (PA1.1, etc.) |
80, 128, 130 |
service capabilities |
102 |
CEAF |
103 |
certification |
|
CGEIT |
22 |
CISA |
140 |
COBIT 5 Assessor |
139-140 |
COBIT 5 Foundation |
139-140 |
COBIT 5 Implementation |
139-140 |
COBIT Certified Assessor |
139-140 |
CGEIT |
22 |
change enablement |
46, 121-122 |
CIMA |
19 |
CMM |
42 |
CMMI |
42-43 |
compliance |
13, 57, 70, 75-76, 118, 143 |
conformance |
19, 24, 143 |
contextual quality |
81, 95 |
control objectives |
49 |
controls |
|
internal |
44-45 |
corporate governance |
15-16 |
codes |
16 |
COSO |
44 |
ERM |
34 |
courses |
|
Assessor |
138-140 |
Foundation |
138-140 |
Implementation |
138-140 |
culture, ethics & behaviour |
92-94 |
| D | |
De Haes, S. |
21-22 |
Deming, W.E. |
40 |
dimension |
|
capability dimension |
79 |
enabler dimension |
79-80, 83 |
process dimension |
79 |
direct |
24, 107-108 |
documentation |
135-136 |
domains |
72, 89-90, 106 |
APO |
106 |
BAI |
106 |
DSS |
106 |
EDM |
106 |
MEA |
106 |
| E | |
EFQM |
41 |
enabler |
79-105 |
category |
81 |
culture, ethics & behaviour |
92-94 |
information |
94-102 |
organisational structure |
90-92 |
people, skills & competencies |
104-105 |
performance management |
83-84 |
principles, policies & frameworks |
84-86 |
processes |
86-90 |
services, infrastructure & applications |
102-104 |
enterprise |
13-14 |
architecture |
39-40 |
governance |
16, 19 |
evaluate |
24, 72, 82, 106-107 |
| F | |
FEA |
40, 103 |
function |
26, 28 |
| G | |
generic |
|
practices |
128, 132-134 |
work products |
128, 132-134 |
goals |
|
enabler goals |
59, 83, 89 |
enterprise goals |
59, 74-75 |
goals cascade |
74-78 |
IT-related goals |
59, 74-77 |
good practice |
82 |
Google Knowledge Graphs |
101 |
governance |
15-22 |
corporate |
15-16 |
enablers |
63 |
enterprise |
16, 19 |
IT |
19-22, 24-25 |
objective |
58, 63-64 |
practices |
24, 109-110 |
scope |
63 |
governance of enterprise IT |
22 |
Guldentops, E. |
49 |
| H | |
Hardy, G. |
54 |
Henderson, J.C. |
20 |
Higgs boson |
101 |
holistic approach |
57, 66-69 |
| I | |
implementation |
113-125 |
lifecycle |
119-125 |
information |
|
empiric |
47-48, 99-100 |
model |
47, 56, 96-97 |
physical world |
47-48, 100 |
pragmatic |
47-48, 98-99, 100-101 |
security |
36-38 |
semantic |
47-48, 100-101 |
social world |
47-48, 100-102 |
syntactic |
47-48, 99, 100 |
innovation |
56, 141 |
inputs |
87, 89-90, 109, 111, 123, 132 |
internal controls |
44-45 |
intrinsic quality |
81, 95 |
ISACA |
21, 22, 23, 24, 44 |
ISF |
37 |
ISO31000 |
34-35 |
ISO9000 series |
28, 41 |
ISO/IEC 15504 series |
42-44, 88, 107, 125-129, 131 |
ISO/IEC 20000 series |
28-31 |
ISO/IEC 27000 series |
36-38 |
ISO/IEC 38500 series |
24-25, 54-55 |
IT governance |
19-22, 24-25 |
IT Steering Committee |
71 |
IT Strategy Committee |
70-71 |
ITAF |
56 |
ITGI |
21, 54, 74, 75 |
ITIL |
25-28, 46, 68, 87, 103, 119 |
| J | |
Juran |
41 |
| K | |
Kaizen |
41 |
Kotter, John |
46, 82, 119 |
| L | |
lag indicator |
83-84 |
lead indicator |
83-84 |
lifecycle |
121-125 |
| M | |
management |
|
of risk (MoR) |
31, 34 |
plan, build, run, monitor (PBRM) |
70, 73 |
practices |
111, 131 |
mapping |
|
enabler goals |
77-78 |
enterprise goals |
77-78, 145-150 |
IT-related goals |
77-78, 151-161 |
process goals |
77-78, 154-161 |
stakeholder needs |
77-78, 145-150 |
tables |
145-161 |
maturity |
|
assessment |
42-43 |
CMM |
42 |
CMMI |
42-43 |
COBIT® 4.1 |
42 |
MEHARI |
36 |
metrics |
|
lag indicator |
83-84 |
lead indicator |
83-84 |
mission |
59, 84, 108, 114 |
model |
|
process assessment (PAM) |
43, 79, 89, 107, 126-134 |
process capability (PCM) |
43, 126 |
process reference (PRM) |
43, 71, 72, 88, 107, 127-128 |
monitor |
24, 32-33, 70-72, 82, 106, 143 |
Morris, C |
47, 98 |
MoV |
36 |
| O | |
OCTAVE |
34 |
organise |
72, 106 |
outputs |
87-90, 109, 111, 123, 132 |
| P | |
pain points |
117 |
PAM |
43, 79, 89, 107, 126-134 |
capability assessment |
126 |
rating levels (0-5) |
128-130 |
rating scales (N, P, L, F) |
131 |
PBRM (plan, build, run, monitor) |
70-73 |
PCM |
43, 126 |
PDCA |
40 |
performance |
19, 24, 143 |
PESTLE |
74, 114 |
plan |
71-72, 82, 106 |
PMBOK® |
32-33 |
practices |
|
governance practices |
24, 109 |
management practices |
111, 131 |
PRINCE2 |
31-32 |
principles |
|
COBIT 5 |
57-72 |
enterprise end-to-end |
57, 59-62 |
holistic approach |
57, 66-69 |
ISO/IEC 38500 |
24 |
meeting stakeholder needs |
57-59 |
separation of governance & management |
57, 70-73 |
single integrated framework |
57, 66 |
PRM |
43, 71, 72, 88, 107, 127-128 |
process |
|
activities |
89-90, 109, 111 |
assessment model (PAM) |
43, 79, 89, 107, 126-134 |
base practices |
128-134 |
capability model (PCM) |
43, 126 |
COBIT 5 processes list |
141-143 |
generic practices |
128, 132-134 |
generic work products |
128, 132-134 |
goals |
88-89, 108, 110, 131 |
governance process |
107-109 |
inputs |
87, 89-90, 109, 111, 123 |
management process |
110-111 |
outputs |
87-90, 109, 111, 123, 132 |
purpose |
108, 110 |
reference model (PRM) |
43, 71, 72, 88, 107, 127-128 |
work products |
131-134 |
process attributes (PA) |
128-131 |
| Q | |
quality |
40-41, 81, 95 |
| R | |
RACI chart |
87-88, 108-110, 123 |
resource |
|
COBIT®5 documentation |
135-137 |
enabler resources |
66-67 |
optimisation |
63 |
risk |
|
appetite |
59, 86, 115 |
ISO31000 |
34-35 |
optimisation |
63 |
risk management |
19, 33-35, 44, 118, 135 |
Risk IT |
34, 52, 55 |
role |
57, 64, 87-88, 105-106, 108-109, 111, 123-124 |
Ross, J. |
19 |
| S | |
Sarbanes-Oxley Act (SOX) |
20, 44-45, 115 |
security |
|
ISO/IEC 27000 series |
36-38 |
security & accessibility |
96 |
semiotics |
97-98 |
framework |
97-102 |
ladder |
97-102 |
service |
102-104 |
management system (SMS) |
28-30 |
SFIA |
105 |
Shannon, C. |
48, 99 |
Six Sigma |
41 |
skills |
104-105 |
SFIA |
105 |
enabler |
104-105 |
SMS |
28-30 |
stakeholders |
|
drivers |
74 |
external |
57, 80 |
internal |
57, 80 |
needs |
57-59, 70, 72, 74-75, 145-150 |
Stamper, R. |
47, 97-98 |
| T | |
TGF |
56 |
TOGAF |
39-40, 103 |
TQM |
41 |
training |
138-140 |
Tricker, R.I. |
19 |
triggers |
117-118 |
| V | |
Val IT |
36, 52, 54, 55, 119 |
value |
|
delivery |
36 |
management of value (MoV) |
36 |
Val IT |
36, 52, 54, 55, 119 |
Van Grembergen, W. |
21, 22 |
Venkatraman, N. |
20 |
vision |
46, 84, 114 |
| W | |
Weill, P. |
19-20 |
work products |
127, 131-134 |
| Z | |
Zachman |
40 |