Complex information systems configuration using ISACA Design Guide into an Axiomatic Design approach

Abstract

This paper describes the process of designing a customized governance solution for an enterprise information system using COBIT framework guidelines and an axiomatic design approach. COBIT (Control Objectives for Information and related Technology) is a generally accepted framework created by the ISACA (Information Systems Audit and Control Association) for governing and managing enterprise information and technology (IT). COBIT framework can be applied to any organization in any industry and was designed to help deliver value while managing better the risks associated with the IT processes. On the other side, the Axiomatic Design (AD) theory involves a continuous interplay between the design objectives (the needs/what we want to achieve) and the means capable of reaching those objectives (how we want to achieve) to determine the best configuration capable of satisfying the design intend. The AD theory requires a description of the design's objectives in terms of specific requirements, called Functional Requirements (FR). The development of a complete solution to a given problem starts by mapping the FRs to Design Parameters (DPs) in the solution domain. ISACA Design Guide proposes ten (10) Design Factors and forty (40) Governance Objectives; each objective (a set of Functional Requirements) can be achieved through several combinations of Design Parameters. From the Axiomatic Design theory perspective, this determines a coupled matrix. To decouple the matrix, the profile of each design factor is drawn, and the sub-factors will be taken only once within the factor where the sub-factor has the highest weight. A case study is presented.