Assessment to COBIT 4.1 maturity model based on process attributes and control objectives

摘要

Cobit 4.1 defines a number of IT processes; each of which consists of several activities. A process is controlled by several control objectives. All processes share the same maturity attributes. Cobit 4.1 however does not define any assessment method to determine the maturity of IT processes. This paper reviews current assessment methods and identifies their drawbacks. This paper then proposes an assessment method to the Cobit 4.1 maturity model whose calculation is based on process attributes and control objectives. The assessment presumes that when the control objectives are met, the activity must have been executed. Data are collected using a questionnaire given to selected key functions. The maturity level is calculated using simple average. The assessment method is illustrated with a case study of process Manage Data (DS11). The assessment method allows one to identify aspects of a process that need improvement.