|Differences and commonalities between ITIL® & COBIT®|
|The tasks of ITIL|
ITIL describes a systematic, professional procedure for the management of IT services. The library emphatically puts the emphasis on the importance of meeting the corporate requirements from the commercial aspect.
The necessary prerequisite for this is the unconditional willingness to accept change in respect of a customer and a service-orientated approach. In many companies this requires a change in the existing behavioral culture.
The aim, with the help of ITIL, is to also create a clear world of definitions in the service management area and to consequently simplify the communication.
|The tasks of COBIT|
The COBIT framework is aimed primarily at compliance and security and, as such, ensures the IT governance for the operation of the IT services.
IT service management under ITIL is geared purely towards customer benefit and efficiency. Achieving the business objectives whilst simultaneously meeting internal and external requirements is fundamental to ensuring a company’s medium and long-term success.
There is now considerably less tolerance of misconduct and negligence amongst the legislators, shareholders and clients. Domestic and foreign regulatory authorities are demanding faultless procedures. They are calling for the transparency and measurability of the IT activities. The management of the operational risks must therefore be carried out in the interest of the company and its stakeholders.
As numerous negative examples from the past show, some companies have not survived due to the lack of or defective control mechanisms. Basel II and the Sarbanes-Oxley Act (SOX) were created not least as a result of the lack of due care in the handling of operational risks.
In this context ever-increasing importance is being attached to COBIT today. This best practice framework supports the controls for all IT processes and is primarily geared towards the auditing aspects and ensuring compliance.
|Synergy between COBIT and ITIL: ISO 20000|
It is no longer enough purely to implement best practice. The synergy between the two networks now lies in the fact that the more formal control objectives of COBIT are being aligned with the ITIL framework which is orientated towards suitability and flexibility and these must be fulfilled in a way that can be defined.
This link neatly synchronizes the standards for the strategic orientation and increased efficiency of IT service management with the auditing standards.
The two frameworks will continue to develop and increasingly converge, with the bridge for this being created by the international ISO 20000 standard. Based on ITIL the two organizations itSMF and BSI (British Standard Institute) have developed this clearly measurable standard and therefore created the opportunity for certification of the conformity, effectiveness and efficiency of the individual IT service management control objectives.