I am currently working on a project to revamp our IT governance framework using COBIT 5. We are struggling to link our IT-related goals back to the enterprise goals through the goals cascade. Specifically, how can we develop performance metrics that actually demonstrate business value instead of just technical uptime? I want to ensure our reporting is relevant to the board.
3 answers
To effectively align these metrics, you must utilize the COBIT 5 goals cascade starting from stakeholder drivers. Map your 17 generic enterprise goals to the 17 IT-related goals provided in the framework. For business value, don't just track "server availability"; instead, track "percentage of business process disruptions due to IT incidents." This shifts the focus from a technical component to a business impact. I recommend using the Balanced Scorecard (BSC) dimensions—Financial, Customer, Internal, and Learning and Growth—to categorize these metrics for board-level reporting.
Have you already identified which specific enablers in your organization are the primary drivers for these goals, or are you focusing strictly on process metrics at this stage?
Focus on the "MEA" domain (Monitor, Evaluate, and Assess). It’s designed specifically to provide transparency and ensure that the goals are being met through consistent performance measurement.
I agree with Jessica. Specifically, MEA01 is crucial here. It helps in establishing a monitoring approach that provides a complete view of IT performance and its contribution to the business.
That is a great question, Michael. Most organizations make the mistake of only looking at the 'Processes' enabler. You should also evaluate 'Information' and 'Organizational Structures' because if the flow of information is poor, your metrics will be inaccurate regardless of the process. I suggest creating a RACI chart for each key metric to ensure accountability is clear across all enablers.