COBIT Toolkit

(No reviews yet) Write a Review
Downloadable Resources, Instant Access

Secure that your organization builds and oversees a team of employees for assigned technology support area through ongoing execution of recruiting, development, retention, coaching and support, performance management, and managerial activities.

More Uses of the COBIT Toolkit:

  • Manage knowledge or awareness of IT best practice framework (ITIL, COBIT) and Operational Excellence concepts or methodologies.

  • Ensure you lead the development of up to date information security policies, procedures, and standards, and oversee approval, dissemination and maintenance.

  • Drive capability and innovation for existing and new security business topics for the respective area of responsibility.

  • Assure your organization creates a multi year plan to operationalize a technology support strategy, with key milestones, deliverables, and realization targets.

  • Initiate: development and management of security, privacy, and compliance content for your organizations security knowledge base (serving revenue and support engineering).

  • Collaborate with security and grc to support development and maturity of controls and continuous compliance testing, audit, and evidence through customer feedback analysis.

  • Lead: advocate for security, privacy, and compliance product improvements to the security, product, IT infrastructure and software development teams through customer use cases and stories.

  • Manage customer expectations and deliver quality security consulting services while balancing business objectives with security requirements.

  • Provide IT auditing, consulting, investigative, learning, and developmental services to internal staff and departments.

  • Ensure you have organizational, analytical, and problem solving skills, preferably in a risk or trust and safety context.

  • Translate technical vulnerabilities and security risks into business risk terminology for business units and recommend corrective actions to customers and project stakeholders.

  • Secure that your organization oversees the creation and execution of departmental budgets and forecasts for applicable technology support function.

  • Be accountable for the identification, research, and analysis of end to end business, processes, and technology support opportunities.

  • Lead knowledge in the area of Data Loss Prevention, DLP risks, DLP technical controls, DLP technologies, security best practices standards (ISO, NIST, COBIT), and audit and regulatory frame works.

  • Establish that your organization is a team of qualified professionals that conduct periodic audits and administer a Sarbanes Oxley test program.

  • Orchestrate: partner with architects, infrastructure, application and business teams to ensure that technologies are developed and maintained according to security policies and guidelines.

  • Devise: driven by your core values, you foster an environment that attracts, motivates, and engages your people to achieve full potential; individually and as a team.

  • Be certain that your organization directs, plans, and organizes activities of professional and administrative staff engaged in providing information technology services.

  • Guide: participation or leadership in industry groups, trade associations, other security / privacy organizations.

  • Develop and implement a strategic, long term, comprehensive enterprise information security program to ensure your organizations assets are adequately protected.

  • Initiate: exposure to enterprise level and process risks, control procedures, framework (coso/cobit), methodologies, agile audit and other leading audit techniques.

  • Confirm your organization stays abreast of industry trends and understands the direction of applicable technology support capabilities and ensures technology environment is agile enough to change quickly to support.




The Toolkit contains the following practical and powerful enablers with new and updated COBIT specific requirements:

STEP 1: Get your bearings

Start with...

  • The latest edition of the COBIT Self Assessment Toolkit containing requirements to perform a quickscan, get an overview and share with stakeholders.

Organized in a data driven improvement cycle RDMAICS (Recognize, Define, Measure, Analyze, Improve, Control and Sustain), check the…

  • Example pre-filled Self-Assessment Dashboard to get familiar with results generation

Then find your goals...

STEP 2: Set concrete goals, tasks, dates and numbers you can track

Featuring new and updated case-based questions, organized into seven core areas of process design, this Self-Assessment will help you identify areas in which COBIT improvements can be made.

10 examples of the standard requirements:

  1. Is the risk management capability of your organizations IT department able to identify and mitigate or eliminate relevant risk early enough to prevent security incidents?

  2. Is there a process in place to develop an IT strategic plan that defines how IT goals will contribute to the enterprises strategic objectives and related costs and risks?

  3. Is there any mechanism to track fraudulent or dishonest use of the electronic signature, password or any other unique identification feature of any other person?

  4. Is there a strategic planning process in place that is designed to ensure that IT services are aligned and integrated with organizational goals and objectives?

  5. Is there any written communication made available to your organization initiating the changes informing the IT department of the changes actually made?

  6. What is the risk that it general control deficiencies adversely impact the operation of the application and related automated application controls?

  7. Does the provider maintain log data from IDS intrusion detection system, IPS intrusion prevention system, Firewall, systems, and applications?

  8. Is there a contingency plan for the business processes to be used in the event of interruption of the services provided by the cloud provider?

  9. Does your organization have controls in place to classify and safeguard PII including intake points, release/data sharing points and storage?

  10. Does expanded testing of the impacted application controls provide sufficient assurance the application controls have operated effectively?

Complete the self assessment, on your own or with a team in a workshop setting.

Your COBIT self-assessment dashboard which gives you your dynamically prioritized projects-ready tool and shows your organization exactly what to do next:

  • The Self-Assessment Dashboard; with the COBIT Self-Assessment and Scorecard you will develop a clear picture of which COBIT areas need attention, which requirements you should focus on and who will be responsible for them:

    • Shows your organization instant insight in areas for improvement: Auto generates reports, radar chart for maturity assessment, insights per process and participant and bespoke, ready to use, RACI Matrix
    • Gives you a professional Dashboard to guide and perform a thorough COBIT Self-Assessment
    • Is secure: Ensures offline data protection of your Self-Assessment results
    • Dynamically prioritized projects-ready RACI Matrix shows your organization exactly what to do next:


STEP 3: Implement, Track, follow up and revise strategy

The outcomes of STEP 2, the self assessment, are the inputs for STEP 3; Start and manage COBIT projects with the implementation resources:

  • Step-by-step COBIT Project Management Form Templates covering the COBIT project requirements and success criteria:

Examples; 10 of the check box criteria:

  1. Responsibility Assignment Matrix: Too many rs: with too many people labeled as doing the work, are there too many hands involved?

  2. Probability and Impact Matrix: What are the risks involved in appointing external agencies to manage the COBIT project?

  3. Change Management Plan: How will the stakeholders share information and transfer knowledge?

  4. Activity Duration Estimates: How does a COBIT project life cycle differ from a product life cycle?

  5. Resource Breakdown Structure: What is the primary purpose of the human resource plan?

  6. Procurement Management Plan: Are target dates established for each milestone deliverable?

  7. Variance Analysis: Are there quarterly budgets with quarterly performance comparisons?

  8. Scope Management Plan: Will the COBIT project deliverables become accepted in writing?

  9. Procurement Audit: Are the right skills, experiences and competencies present in the acquisition workgroup and are the necessary outside specialists involved in part of the process?

  10. Scope Management Plan: Were COBIT project team members involved in the development of activity & task decomposition?

Step-by-step and complete COBIT Project Management Forms and Templates including check box criteria and templates.

1.0 Initiating Process Group:

  • 1.1 COBIT project Charter
  • 1.2 Stakeholder Register
  • 1.3 Stakeholder Analysis Matrix

2.0 Planning Process Group:

  • 2.1 COBIT project Management Plan
  • 2.2 Scope Management Plan
  • 2.3 Requirements Management Plan
  • 2.4 Requirements Documentation
  • 2.5 Requirements Traceability Matrix
  • 2.6 COBIT project Scope Statement
  • 2.7 Assumption and Constraint Log
  • 2.8 Work Breakdown Structure
  • 2.9 WBS Dictionary
  • 2.10 Schedule Management Plan
  • 2.11 Activity List
  • 2.12 Activity Attributes
  • 2.13 Milestone List
  • 2.14 Network Diagram
  • 2.15 Activity Resource Requirements
  • 2.16 Resource Breakdown Structure
  • 2.17 Activity Duration Estimates
  • 2.18 Duration Estimating Worksheet
  • 2.19 COBIT project Schedule
  • 2.20 Cost Management Plan
  • 2.21 Activity Cost Estimates
  • 2.22 Cost Estimating Worksheet
  • 2.23 Cost Baseline
  • 2.24 Quality Management Plan
  • 2.25 Quality Metrics
  • 2.26 Process Improvement Plan
  • 2.27 Responsibility Assignment Matrix
  • 2.28 Roles and Responsibilities
  • 2.29 Human Resource Management Plan
  • 2.30 Communications Management Plan
  • 2.31 Risk Management Plan
  • 2.32 Risk Register
  • 2.33 Probability and Impact Assessment
  • 2.34 Probability and Impact Matrix
  • 2.35 Risk Data Sheet
  • 2.36 Procurement Management Plan
  • 2.37 Source Selection Criteria
  • 2.38 Stakeholder Management Plan
  • 2.39 Change Management Plan

3.0 Executing Process Group:

  • 3.1 Team Member Status Report
  • 3.2 Change Request
  • 3.3 Change Log
  • 3.4 Decision Log
  • 3.5 Quality Audit
  • 3.6 Team Directory
  • 3.7 Team Operating Agreement
  • 3.8 Team Performance Assessment
  • 3.9 Team Member Performance Assessment
  • 3.10 Issue Log

4.0 Monitoring and Controlling Process Group:

  • 4.1 COBIT project Performance Report
  • 4.2 Variance Analysis
  • 4.3 Earned Value Status
  • 4.4 Risk Audit
  • 4.5 Contractor Status Report
  • 4.6 Formal Acceptance

5.0 Closing Process Group:

  • 5.1 Procurement Audit
  • 5.2 Contract Close-Out
  • 5.3 COBIT project or Phase Close-Out
  • 5.4 Lessons Learned



With this Three Step process you will have all the tools you need for any COBIT project with this in-depth COBIT Toolkit.

In using the Toolkit you will be better able to:

  • Diagnose COBIT projects, initiatives, organizations, businesses and processes using accepted diagnostic standards and practices
  • Implement evidence-based best practice strategies aligned with overall goals
  • Integrate recent advances in COBIT and put process design strategies into practice according to best practice guidelines

Defining, designing, creating, and implementing a process to solve a business challenge or meet a business objective is the most valuable role; In EVERY company, organization and department.

Unless you are talking a one-time, single-use project within a business, there should be a process. Whether that process is managed and implemented by humans, AI, or a combination of the two, it needs to be designed by someone with a complex enough perspective to ask the right questions. Someone capable of asking the right questions and step back and say, 'What are we really trying to accomplish here? And is there a different way to look at it?'

This Toolkit empowers people to do just that - whether their title is entrepreneur, manager, consultant, (Vice-)President, CxO etc... - they are the people who rule the future. They are the person who asks the right questions to make COBIT investments work better.

This COBIT All-Inclusive Toolkit enables You to be that person.