How prescriptive are the COBIT maturity models and supporting guidance, and how does this compare to the CMM/CMMI approach?
The MMs in COBIT, like all the COBIT guidance, are intended to be tailored and developed to suit the specific needs of the enterprise. The guidance is also at a high level with the intention that it provides generic guidance, not specific, detailed criteria. In particular, the maturity attributes are very generic and high-level, intended to be a simple guide for any process. When performing a COBIT maturity assessment, specific attribute details will need to be identified for the process under review, and compared to COBIT’s control objectives, control practices, and goals and metrics to the desired level of detail. COBIT does not prescribe the assessment approach, which is a management decision, ranging from a high-level workshop discussion to an in-depth analysis, as appropriate, driven by business needs. In CMM/CMMI, although the guidance would always need to be tailored for a given appraisal situation, the standard guidance is much more specific and detailed, due to its much narrow
Related Questions
- The COBIT framework states that the COBIT maturity models are derived from the SEI Capability Maturity Model (CMM). What is the actual relationship between COBIT and CMM?
- How prescriptive are the COBIT maturity models and supporting guidance, and how does this compare to the CMM/CMMI approach?
- Are COBITs maturity models useful to organizations that have already adopted CMMI?
