The COBIT 5 Foundation and Assessor for Security course is designed as an advanced assessor guide to COBIT 5 and enables you to understand how an integrated business framework for the governance and management of enterprise IT can be utilized to achieve IT business integration, cost reductions, and increased productivity. The syllabus areas that this course is designed to cover are:

• How to use the self-assessment guide
• How IT management issues are affecting organizations
• The need for an effective framework to govern and manage enterprise IT
• How COBIT meets the requirement for an IT governance framework
• How COBIT is used with other standards and best practices
• The functions that COBIT provides and the benefits of using COBIT
•  The COBIT framework and all the components of COBIT
• How to apply COBIT in a practical situation
• How to perform a process capability assessment using the Assessor Guide: using COBIT 5
• How to apply the Process Assessment Model (The PAM) in performing a process capability assessment
• Specifically: To use the Process Reference Model, in particular, to be able to use the 37 processes outlined in the PRM; To apply and analyze the measurement model in assessing process capability levels; and, To apply and analyze the capability dimension using generic criteria outlined in the PAM
• How to identify and assess the roles and responsibilities in the process capability assessment process
• How to perform and assess the 7 steps outlined in the Assessor Guide
• Specifically: Initiate a process assessment; Scope an assessment, using the tools provided and the PAM for the selection of the appropriate processes; Plan and brief the teams; Collect and validate the data; Do a process attribute rating; and, Report the findings of the assessment

Lesson 1: COBIT 5 Overview and Key Features

• What is COBIT 5?
• COBIT 5 Scope
• History of COBIT 5
• The Drivers for COBIT 5
• Mapping COBIT 5 with other frameworks
• Mapping COBIT 5 in a business

Lesson 2: The Five COBIT 5 Principles

• Meeting Stakeholders Needs
• The Goals Cascade
• Covering an Enterprise Endo-to-end
• Single Integrated Framework
• Enabling a Holistic Approach
• Separating Governance from Management

Lesson 3: The Seven COBIT 5 Enablers

• COBIT 5 Enabler Dimensions
• Enabler 1 “ Principles, Policy and Frameworks
• Enabler 2 “ Processes
• Enabler 3 “ Organisational Structures
• Enabler 4 “ Culture, Ethics and Behaviour
• Enabler 5 “ Information
• Enabler 6 “ Services, Infrastructure and Applications
• Enabler 7 “ People, Skills and Competencies

Lesson 4: COBIT Implementation

• Challenges to Success
• Key Success Factors
• COBIT 5 Lifecycle Approach
• COBIT 5 Implementation Lifecycle
• Phase 1 “ What are the Drivers?
• Phase 2 “ Where are We Now?
• Phase 3 “ Where do we want to be?
• Phase 4 “ What Needs to be Done?
• Phase 5 “ How do we get there?
• Phase 6 “ Did we get there?
• Phase 7 “ How to Keep Momentum
• Business Case

Lesson 5: The COBIT 5 Process Capability Model

• What is a Process Assessment?
• What is the COBIT Assessment Program
• The Differences between a Capability and Maturity Assessment
• Overview of the COBIT 5 Capability Model & Assessments
• The Process Reference Model (PRM)
• The Process Assessment Model (PAM)
• The Measurement Framework

Lesson 6: Roles and Responsibilities

• Assessment Team
• Role “ Sponsor
• Role “ Lead Assessor
• Role “ Assessor
• Role “ Co-ordinator
• Competencies for Assessors
• Key Issues for an Assessment

Lesson 7: Assessment Initiation and Scoping

• Recommend Steps
• Pre-Assessment Questionnaire
• Scoping Process
• Selection of Processes
• Initial Mapping of the Processes
• Setting Target Capability Levels
• Assessment Class Selection
• Self-Assessment

Lesson 8: Planning the Assessment and Briefing the Teams

• Planning Overview
• Recommendation Planning Steps
• Assessment Plan
• Briefing Overview
• Recommended Briefing Steps
• Issues “ Management Support
• Issues - Training

Lesson 9: Data Collection, Validation and Attribute Rating

• Data Collection Overview
• Data Collection Recommended Steps
• Process Purpose & Outcomes, Base Products and Work Products
• Data Collection Strategy
• Instances of Process Performance
• Evidence Requirements
• Capability Levels of Evidence
• Recording
• Data Validation Recommended Steps
• Review of Data Collected
• Dealing with Deficiencies

Lesson 10: Process Rating

• Attribute Rating Recommended Steps
• Attribute Rating Scales
• Process Capability Levels
• Attribute Ratings and Capability Levels
• Decision Making Process

Lesson 11: Assessment Reporting

• Assessment Reporting Recommended Steps
• Reporting
• Minimum Report Content
• Implication of Results
• Presentation to Participants

Lesson 12: Self-Assessment

• The Self-Assessment Process
• Deciding on a Process to Assess
• Determine Level 1 Capability
• Determine Capability Levels 2 to 5
• Record and Summarize Results

Lesson 13 “ Exam Preparation

• Exam Structure
• Exam Question Types

Although there is no mandatory requirement, ideally candidates should have at least two years of professional experience working in an IT Services environment. Candidates wishing to attend this course must have attained the COBIT 5 Foundation course prior to attending the course.

The COBIT 5 Foundation and Assessor for Security course would suit candidates working in the following IT professions or areas:

• Internal and external auditors
• IT auditors and consultants
• IT Managers
• IT Quality professionals
• IT Leadership
• Process practitioners

The above list is a suggestion only; individuals may wish to attend based on their own career aspirations, personal goals, or objectives. Delegates may take as few or as many Intermediate qualifications as they require, and to suit their needs.

There is no prerequisite to attending this foundation course, although it is recommended that candidates should have a good understanding of enterprise governance concepts and IT organizational management.