Why choose the IT Governance Network?

Global leaders in the design and implementation of IT governance frameworks and mechanisms.

More than 10 years experience in the protection of personal information (POPIA).

Consulting services, software solutions and wide range of training available.

POPIA Compliance Framework and Monitoring System

POPI Compliance FrameworkThe Protection of Personal Information Act is technical and complex, it requires a wide range of technical and organisational measures to be implemented to protect the rights of natural and juristic persons to privacy.  To ensure compliance, the Information Regulator requires all organisations to develop and implement a compliance framework so that they can effectively monitor the protection afforded natural and juristic persons. 

A functionally rich POPIA Compliance Framework and Monitoring System supports small and large organisations effectively and efficiently achieve POPIA compliance. It enables organisations to jump start their POPIA programme by implementing an international standards-based POPIA compliance framework.   

More about the POPIA Compliace Framework and Monitoring System ...


iso 15504 capability improvementThe COBIT 5 Process Assessment Model (PAM) is based on the international standard ISO/IEC 15504-2 standard. This standard comprises a process dimension (the COBIT 5 PRM) and a capability dimenison (the process attributes).

The assessment approach for conducting a COBIT 5 assessment is detailed in the COBIT 5 Assessor Guide.

The ISO 15504 process attributes for capability improvement provides an evolutionary, logical, reliable and robust methodology for improving the capability of the IT processes. 

Higher levels of capability indicate greater sophistication in the ability of management to direct and control the assigned work. 

COBIT 5 was released by ISACA on the 10 April 2012. Visit the ISACA web site to download COBIT 5. Key features of the new version of COBIT 5 are the incorporation of the ISO 38500 model for the corporate governance for IT and the complete replacement of the COBIT Maturity Model with an ISO 15504 aligned COBIT Process Capability Assessment Model. The COBIT process descriptions have been modernised and greater emphasis is placed on alignment with IT and Enterprise goals. Register now to attend one of our leading-edge COBIT 5 seminars.

it governance framework

Process Integration

At the ITGN we use an Operating Model to describe how an IT organisation functions in support of its business operation. The operating model defines the major information and technology capabilities required to support and execute your business strategy; and how the core components of capability (process, technology and people) are used to drive efficiency and effectiveness.

The COBIT 5 framework can be used to organize IT activities into a logical operating model of 37 process in total. While not all the processes might be essential, the integrated nature of the processes will require that at least a few activities of each process will be required. Defining your organisation's own processes will take into account the integration necessary as well as the possible consolidation of activities into fewer processes. 

Accountability Framework

Good governance requires accountability for the outcomes achieved and mutual respect for each others' decision-making authority. An accountability framework clarifies which roles and responsibilities are important to delivering the results expected, who should lead and who supports the value creation. The operating model separates out responsibility and identifies the "touch-points" between process and process area responsibilities.

Usually, a number of processes and process areas support the operating model. The objective of good IT governance is to effectively and efficiently leverage the IT resources in support of achieving the organisaton's strategic objectives.  

The ITGN can assist you with any one of a number of popular approaches to a COBIT 5 implementation, depending on the circumstances and preferences of the organisation concerned. The ISACA approach is described in the "COBIT 5 Implementation Guide". This approach is for "enabling change" through programme management. It comprises a number of initiatives/projects within a programme. This is not the same "programme management" as described in the process BAI01 Manage Programmes and Projects, which could be an alternative to the Implementation Guide. 

The Implementation Guide's programme management approach is characterised by the need for a sponsor to take responsibility for the successful implementation of changes that are often driven by external requirements for improved "GRC" or "pain points" raised by the business. The sponsor authorises the business case for the change and takes responsibility for its success.

An internal governance approach driven by the CIO would be to implement an IT governance framework and the various governance mechanisms at the governance, management and operational levels of the IT organisation and across business units. 

Some organisations prefer to focus on building capability, either generally, or specifically in selected process areas, a process or collection of processes. This approach promotes organic growth in capability to achieve pre-defined outcomes. 

The management system enabled approach focuses on continuous improvement using small, incremental changes across the operational environment driven by the respective managers and process owners. The ITGN has a specialised management system to jump start the use of a management system by providing a pre-configured system.

COBIT 5 is ISACA’s latest business framework for the governance, management and operation of IT across any enterprise. COBIT 5 can help enterprises create optimal value from IT through effectively and efficiently leveraging resources, optimizing risk management and delivering real benefits to the business.

COBIT 5 - IT Governance Framework

COBIT 5 can assist management design and implement an IT governance framework based on a set of processes with clearly defined expected outcomes, a management system to co-ordinate delivery and governance model to maintain alignment with strategic objectives.

Read more about an IT Governance Framework

COBIT 5 - Integrated Operating Model

COBIT 5 is based on an integrated process model for all activities related to the use of information and information related technology. Together with a management system and governance framework, COBIT 5 enables organisations to plan and operate more efficiently and effectively.

Read more about the COBIT 5 operating model 

COBIT 5 Assessments

The COBIT 5 Process Assessment Model (PAM) provides an outline of the requirements for achieving capability level 1 using the COBIT 5 processes described in the COBIT 5 Enabling Processes Guide. Understanding the current level of capability is the first step of many to increase capability and deliver better performance. The COBIT 5 PAM only describes capability level 1. Assessments at the higher level of capability depend on the competence of the assessor and objectives of the organisation. To overcome the subjective nature of COBIT 5 PAM assessments the ITGN has developed a tool, based on ISO 15504, to ensure a reliable consistent and repeatable assessment. 

Read more about COBIT 5 assessments

COBIT 5 Implementation

The COBIT 5 Implementation Guide describes one of the four possible approaches to implementing the COBIT framework. The focus of the Implementation Guide is programme and project management for the purpose of GRC improvements. The other three approaches to the implementation of COBIT 5 are through  1) working with the CIO to establishment of a IT governance framework,  2)working with process owners to build capability and deliver better performance, and 3) liaising with business regarding the pain points that they experience regarding their IT services.

The ITGN offers consulting services and training across all four types of COBIT implementation. 

Read more about COBIT 5 implementations

COBIT 5 for Risk

COBIT 5 for Risk focuses on the risk management professional and risk management activities. It addresses the establishment of a risk function and the building of a risk management process. The COBIT 5 for Risk guide is in addition to the COBIT 5 APO12 Risk Management process and the COBIT 5 EDM03 Governance of Risk process.

Read more about COBIT 5 and risk management

COBIT 5 for Assurance

COBIT 5 for Assurance focuses on the assurance professional and the assurance activities typical of an assurance provider. It addresses how to set up and maintain an efficient assurance function and provide assurance for the COBIT 5 enablers described in the COBIT 5 Business Framework.

Read more about COBIT 5 assurance

COBIT 5 Assessor mistakes!

Common mistakes by COBIT 5 assessors.

View video

King IV Corporate Governance Assessment

King IV assessmentAssess the current level of your organisation's corporate governance using this King IV assessment tool.


COBIT Assessment as a Service

COBIT 5 AssessmentConduct a COBIT assessment using this COBIT Assessment-as-a-Service.


POPIA Preliminary Assessments

it governance oversightPOPIA preliminary assessments provide an efficient and effective approach to determining the extent to which the requirements of the Protection of Personal Information Act have been addressed.


Go to top