This publication outlines a process assessment model (PAM) based on COBIT 5 that is compliant with International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC) 15504.
The model is the basis for the assessment of an enterprise’s IT process capabilities against COBIT 5 and a training and certification programme for assessors. The assessment process is evidenced-based to enable a reliable, consistent and repeatable assessment process in the area of governance and management of IT. The assessment model enables assessments by enterprises to support process improvement. Guidance is given in a separate assessor guide on a scoping approach to select the processes to be assessed, including the use of ISACA’s published COBIT 5 mappings to determine the processes to be assessed. These mappings include:
• Linking enterprise goals to enterprise-related IT goals
• Linking enterprise-related IT goals to IT processes
• A diagnostic tool for selecting scoping areas