The Control Objectives for Information and Related Technology (COBIT) framework, developed by ISACA, stands as a pivotal framework for managing and governing enterprise information and technology. Releasing its latest iteration as COBIT 2019 or COBIT 5, this framework delineates the components and design factors necessary for establishing and sustaining a tailored system for enterprise governance of information and technology (EGIT).
EIIG Matches COBIT 5 Key Principles
In the contemporary landscape, where enterprises aspire to be data-driven, data governance is an integral facet of EGIT. A self-defined data fabric such as Orion Governance’s Enterprise Information Intelligence Graph (EIIG) serves as a pertinent means to bolster the COBIT framework by embedding its principles within a data governance context.
COBIT 5 has five key principles:
- Meeting the needs of the stakeholders,
- Enterprise-wide coverage,
- Creating an integrated framework,
- Enabling holistic approach to achieve operational efficiency, and
- Separating governance from management
EIIG overlaps with all these principles from the data governance perspective to facilitate the implementation of COBIT 5.
Meeting the Needs of the Stakeholders
Satisfying stakeholders’ requisites for precise and timely decision-making commences with a comprehensive understanding of, and unfettered access to, reliable and trusted data. EIIG’s self-defined data fabric is adept at this, as it intelligently ingests metadata from an array of enterprise technology sources, spanning mainframes, DBMS, data lakes, ETL, BI reporting tools, and programming languages like Python and Java. This bottom-up approach facilitates end-to-end traceability and transparency throughout an organization’s data landscape. EIIG not only offers data lineage, including granular field-level details, but also equips stakeholders with active metadata providing hyper awareness and actionable insights.
Moreover, EIIG activates enterprise metadata and augments data quality. By embedding crucial data quality metrics and continually applying them, EIIG ensures real-time monitoring of data quality at each stage of its journey, elucidated through a quality score within its lineage. This mechanism propagates data trust, extending its assurance to the final output. Through integration with BI tools like PowerBI and Tableau, EIIG presents stakeholders with a consolidated view of pivotal measurements—quality score, trust score, and value score—thereby instilling confidence in the foundational data. Stakeholders can also delve into EIIG for detailed data lineage insights, empowering them to make informed decisions.
Furthermore, EIIG tailors data visualization to accommodate stakeholders’ preferences, providing details based on their roles. Executives may require high-level perspectives, line-of-business (LOB) units focus on specific domains, while data engineers necessitate exhaustive details. Facilitated by a hierarchical drill-down menu, distinct personas can access the requisite information, ensuring their unique needs are met productively. Changes in the IT landscape are captured all the way from the source, including developer’s commit ID and the approval workflows are all logged to provide traceability needed to satisfy auditors’ needs.
EIIG’s prowess in offering end-to-end data traceability dismantles data silos by providing a centralized and federated view of an organization’s data assets. This inclusivity, spanning various technology sources, fosters swift and intelligent intra- and inter-system connectivity regardless of asset location. This comprehensive coverage is foundational to COBIT’s aspiration to amalgamate data governance, IT governance, and organizational governance. It underscores cross-functional collaboration, augmenting data value extraction—a primary tenet of COBIT 5.
Creating an Integrated Framework
COBIT 5 seeks to forge a unified framework to address diverse demands from stakeholders, partners, suppliers, and customers. EIIG seamlessly aligns with this principle by constituting an integrated data governance framework, an entity that harmonizes with the broader COBIT integrated framework. Unlike conventional solutions, EIIG stands as a next-generation active data governance platform, seamlessly incorporating all key components into a unified product.
The symbiosis between EIIG’s singular data governance framework and COBIT’s integrated framework is evident in concrete examples. EIIG’s real-time impact analysis facilitates agility, offering automated assessment of the consequences of changes. By identifying dependencies between datasets and executables affected by proposed changes, EIIG empowers controlled and reliable alterations—crucial for application development, data migration, compliance management, and other IT projects. Additionally, EIIG’s AI/ML-powered term-to-asset mapper bridges technical and business terms, enhancing the alignment between COBIT and organizational language.
Enabling a Holistic Approach to Operational Efficiency
COBIT 5’s emphasis on holistic efficiency aligns with the crux of data governance—data is omnipresent, forming the bedrock of decisions. EIIG epitomizes this holistic approach through automated governance processes, data policy enforcement, quality augmentation, role assignments, collaboration facilitation, audit trails, trust assurance in BI reporting, and more. This comprehensive embrace advances COBIT’s overarching goal of value creation.
Separating Governance from Management
COBIT’s differentiation of governance from management underscores governance’s fundamental role. COBIT 5 separates the governance from management by proposing EDM (evaluate, direct, and monitor) for governance and PBRM (plan, build, run, and monitor) for management. EDM ensures that the needs of stakeholders’ objectives are evaluated, directed by prioritization, and monitored for performance. On the other hand, PBRM ensures and monitors the activities that are described in governance.
In the data arena, then, governance focuses policies, rules, regulations—dictated by stakeholders’ needs, business priorities, and regulatory regime– that guide how data is used while management puts more emphasis on the technical aspects of collecting, processing, integrating, and storing data in compliance with the guidelines set up by data governance.
EIIG Improves Data Governance
EIIG resonates with this principle by operationalizing data governance. It enables agile and automated processes to govern data flows across the enterprise.
By elevating data governance in tandem with IT governance and enterprise governance, EIIG empowers COBIT 5’s aim to distinguish governance from management, enriching its organizational significance.
In conclusion, EIIG—a self-defined data fabric and next-generation data governance platform—profoundly aligns with COBIT 5’s core principles. In the context of EGIT, EIIG empowers organizations to enhance regulatory compliance, amplify productivity, mitigate risks, foster innovation, and truly embrace data-driven strategies. The synergy between COBIT’s enterprise governance and EIIG’s data governance yields a harmonious blend that resonates with the dynamic demands of contemporary business landscapes.
About the Author: Niu Bai, Ph.D. is the Head of Global Business Development at Orion Governance, Inc. Connect with Niu on LinkedIn.