Full Access Isaca COBIT-Design-and-Implementation Tutorials

An enterprise would classify the threat landscape as high if geopolitical situations are affecting the enterprise. Geopolitical factors can introduce significant risks, such as instability, regulatory changes, or economic sanctions, which can have a profound impact on the enterprise's operations and strategic goals.

In COBIT 2019, the threat landscape design factor considers various external threats that could impact the enterprise. Geopolitical situations are a significant external factor that can elevate the threat landscape due to potential disruptions and increased risks.

COBIT 2019 Framework References:

COBIT 2019 Design Guide, Chapter 2:Discusses the importance of assessing external threats, including geopolitical situations, when evaluating the threat landscape.

COBIT 2019 Implementation Guide, Chapter 7:Emphasizes the need to consider external factors such as geopolitical risks in the governance system design.

Classifying the threat landscape as high due to geopolitical situations ensures that the enterprise proactively addresses these risks and implements appropriate governance and risk management strategies to mitigate potential impacts.

The COBIT 2019 Implementation Guide specifies:

"The change enablement component addresses behavioral and cultural aspects of the implementation or improvement initiative. It is key to achieving commitment and reducing resistance to change."

Therefore, change enablement is focused on culture and behavior, not organizational structures or technical implementation details.

A key input to be considered when defining drivers for a COBIT implementation is the stakeholder map. Understanding the stakeholders involved and their expectations is crucial for identifying the drivers that will shape the governance system.

References in COBIT 2019 Design and Implementation:

COBIT 2019 Implementation Guide, Chapter 3:This chapter emphasizes the importance of stakeholder identification and mapping in understanding their needs and expectations, which in turn define the drivers for the COBIT implementation.

COBIT 2019 Framework: Governance and Management Objectives, MEA04 (Managed Stakeholder Engagement):This objective highlights the role of stakeholder engagement in shaping governance and management priorities.

The stakeholder map provides a clear view of who the stakeholders are and what their interests and expectations are, ensuring that the drivers for the COBIT implementation are aligned with the needs of the enterprise.

In COBIT 2019, ultimate accountability for governance decisions lies with the governing body or executive committee:

"The executive committee or board is ultimately accountable for the approval of IT governance principles, frameworks, structures, and objectives."

They ensure alignment with enterprise strategy and oversight.