COBIT 2019: Align, Plan and Organize (APO)

Parent Process Reference Framework (PRF): COBIT 2019

Align, Plan and Organize the COBIT Domain

This framework includes several processes that guide IT governance and management. Below, we detail each of the 14 processes that make up this domain:

Processes

1. Managed IT Management Framework

2. Managed Strategy

3. Managed Enterprise Architecture

4. Managed Innovation

5. Managed Portfolio

6. Managed Budget and Costs

7. Managed Human Resources

8. Managed Relationships

9. Managed Service Contracts

10. Managed Suppliers

11. Managed Quality

12. Managed Risk

13. Managed Security

14. Managed Data
    
    

Process Details

APO 01: Managed IT Management Framework

• Objective:
  Design the management system for corporate IT based on corporate goals and other design factors.

• Guidelines:

  1. Implement all necessary components of the management system.

  2. Adopt a consistent management approach that meets corporate governance requirements, covering:

     1. Management processes;

     2. Organizational structures;

     3. Roles and responsibilities;

     4. Reliable and repeatable activities;

     5. Information items;

     6. Policies and procedures;

     7. Skills and competencies;

     8. Culture and behavior;

     9. Services, infrastructure and applications.

• Related Processes:

  • ISO/IEC 20000 – Context Leadership Planning Support.
    
    

APO 02: Managed Strategy

• Objective:
  Provide a holistic view of the current business and IT environment, define future direction, and plan initiatives to migrate to the desired scenario.

• Guidelines:

  1. Assess the organization’s digital maturity and develop a roadmap to close the gaps.

  2. Rethink internal operations and customer-facing activities.

  3. Connect each initiative to a comprehensive digital transformation strategy, ensuring changes in channels, processes, data, culture, skills, operating model and incentives.

• Related Processes:

  • Processes under ITIL Service Strategy.
    
    

APO 03: Managed Enterprise Architecture

• Objective:
  Establish a common architecture composed of layers of business processes, information, data, applications and technology.

• Guidelines:

  1. Develop models and practices that describe the base and target architecture.

  2. Define requirements for taxonomy, standards, guidelines, procedures, templates and tools.

  3. Promote alignment, increase agility, improve information quality and reduce costs, enabling the reuse of components.

• Related Processes/Frameworks:

  1. ITIL Service Design

  2. IT4IT
     
     

APO 04: Managed Innovation

• Objective:
  Monitor IT trends and identify opportunities for innovation that can benefit business needs and IT strategy.

• Guidelines:

  1. Analyze opportunities for innovation in emerging technologies, services or business processes.

  2. Influence strategic planning and enterprise architecture decisions to achieve competitive advantage, better customer experience and greater operational efficiency.

APO 05: Managed Portfolio

• Objective:
  Execute strategic direction for investments in alignment with the enterprise architecture vision and IT roadmap.

• Guidelines:

  1. Evaluate, prioritize and balance programs and services, managing demand within available resources.

  2. Move selected programs to the active product or service portfolio.

  3. Monitor portfolio performance and adjust initiatives as priorities and performance change.

• Related Processes:

  1. ITIL Service Portfolio Management

  2. ISO/IEC 20000 - Service Portfolio
     
     

APO 06: Managed Budget and Costs

• Objective:
  Manage IT financial activities, including budget, costs, and benefits, and prioritize spending through formal practices.

• Guidelines:

  1. Identify and control total costs and benefits within strategic and tactical IT plans.

  2. Establish partnerships between IT and business areas to ensure effective use of resources and transparency in service costs and values.

• Related Processes:

  1. ITIL Financial Management

  2. ISO/IEC 20000: Budget and Accounting for Services
     
     

APO 07: Managed Human Resources

• Objective:
  Ensure the recruitment, acquisition, planning, evaluation and development of human resources (internal and external) in a structured manner.

• Guidelines:

  • Optimize human resource capabilities to meet corporate objectives.

• Related Processes:

  • ISO/IEC 20000: Management, Leadership, Planning and Support Context
    
    

APO 08: Managed Relationships

• Objective:
  Manage relationships with business stakeholders in a formal and transparent manner.

• Guidelines:

  1. Establish open communication, a common language and mutual accountability.

  2. Ensure cooperation between IT and business areas to create positive corporate results.

• Related Processes:

  • ITIL Business Relationship Management
    
    

APO 09: Managed Service Contracts

• Objective:
  Align service levels and IT-enabled products with the needs and expectations of business areas.

• Guidelines:

  1. Identify, specify, design, publish, agree and monitor IT products and services, as well as service levels and performance indicators.

  2. Ensure that IT services meet the current and future needs of the company.

• Related Processes:

  1. ITIL Service Level Management

  2. ISO/IEC 20000: Service Level Management
     
     

APO 10: Managed Suppliers

• Objective:
  Manage IT products and services provided by third parties to meet corporate requirements.

• Guidelines:

  1. Carry out the search, selection and management of suppliers, as well as monitor the performance of contracts and the supplier ecosystem.

  2. Minimize risks associated with underperforming suppliers and ensure competitive pricing.

• Related Processes:

  1. ISO/IEC 20000: Supplier Management

  2. ITIL Supplier Management
     
     

APO 11: Managed Quality

• Objective:
  Define and communicate quality requirements for IT-related processes, procedures and outcomes.

• Guidelines:

  1. Implement controls and continuous monitoring practices to ensure constant improvement and efficiency.

  2. Ensure consistent delivery of solutions and services that meet stakeholder needs.

• Related Processes:

  • ISO/IEC 20000
    
    

APO 12: Managed Risk

• Objective:
  Continuously identify, assess and reduce IT-related risks within defined tolerance levels.

• Guidelines:

  1. Integrate IT risk management with Enterprise Risk Management (ERM).

  2. Balancing the costs and benefits of risk management measures.
     
     

APO 13: Managed Security

• Objective:
  Define, operate and monitor an information security management system.

• Guidelines:

  • Keep the impact and frequency of information security incidents within acceptable risk levels.

• Related Processes:

  • ISO/IEC 20000: Information Security Management
    
    

APO 14: Managed Data

• Objective:
  Achieve and sustain effective management of enterprise data assets throughout the lifecycle – from creation to delivery, maintenance and archiving.

• Guidelines:

  • Ensure effective use of critical data assets to achieve corporate objectives.
    
    

Translated by 4MATT Tecnologia from the original “Process Symphony: Align, Plan and Organize (COBIT 2019).

Tags: ServiceNow, Snow Software, Software Asset Management, Software Asset Management, SAM, FINOps, ITAM, ITSM, Flexera, Cloud Management governance framework, COBIT 2019 contact us, governance structures, IT governance, design factors, design guide, online course, cobit certification, COBIT 2019, governance objective, it business, information governance, cobit exam, it management, leave a comment, powered by isaca, cobit framework, isaca launched, cobit benefits, COBIT 2019, free materials, certificate programs, designed to evolve, best practices, capability levels, microsoft power, information management, COBIT 2019, governance objectives, foundation bridge, Brazilian companies, decision making, social networks, best practices, certification exams, performance management, COBIT 2019, governance certification, implementation guides, implementing nist using cobit, ti market, power bi, design and implementation, governance framework, governance strategy, cybersecurity, implementation guide, governance effective, cascade of goals, cobit implementation, project management, business objectives, information technology, cobit certification, IT professionals, corporate governance, risk management, organizational structures, COBIT 2019, digital transformation, design factors, governance objective, IT governance, design factor, decision making, cobit certification, foundation bridge, business objectives, cybersecurity, implementation guides
design guide, customer experience, cobit certification, information technology, business relationship management, cobit benefit, governance strategies, isaca launched, certificate programs, cobit framework, best practices, implementing nist using cobit, strategic planning, application data, cobit exam, it management, contact us, holistic approach, project management, power bi
certification in governance, financial management, governance structures, certification exams, IT market, microsoft power, organize apo, cobit implementation, social networks, best practices, design and implementation