Analysing the Relation in Between ITIL, Cobit, Togaf and CMMI

Hello All!

I will be posting more of these stuff at my new webpage from now on!

Please stay tuned and remember to visit!

Hope to see you there!


Every single company in the World has its own ITdepartment and these IT organizations are under increasing pressure to meet thebusiness goals of their companies. So, IT department has such a major role inthe business processes. The IT organization not only creates complexity for thebusiness, but at the same time, provides the means to demonstrate thiscompliance. Organizations rely on guidelines such as the IT Infrastructure Library(ITIL), Control Objectives for Information and related Technology (COBIT), The Open Group Architecture Framework (TOGAF) and Capability MaturityModel Integration (CMMI) tohelp understand and address these challenges.

Although all these metodologies are usefull for thecompanies, some people believe that you can reach the same point by using only one of them and others think that there are some metodologies which are complementary.

In this assignment you will find the explanations of these metodologies and their relations to create a well designed system in business world.

All these metodologies has their own features and all of them are connected somehow. In this article we will examine them, see how they operate and how they are connected eachother. Note: Relations will be placed at the end.

ITIL Overview

ITIL defines a guidance of best practice processes. First developed in the 1980s by the Office of Government Commerce (OGC), a branch of the British Government, ITIL defines processes at a high level. It is left to the organizations to implement the processes in the manner most suitable to their particular situations and needs. ITIL is becoming a de facto standard worldwide as organizations adopt it as their guideline for establishing IT service management (ITSM) processes. A major thrust of ITIL is to promote the alignment of IT with the business. ITIL defines service quality as the level of alignment between the actual services delivered and the actual needs of the business.


      Organizations looking to receive certification in ITSM processes can now do so by meeting the new ISO 20000 standards, which were established last year. Although ITIL covers a number of areas, its main focus is on ITSM. ITIL provides a comprehensive, consistent, and coherent framework of best practices for ITSM and related processes, which promotes a quality approach for achieving business effectiveness and efficiency in the use of information systems. ITIL Books ITIL consists of seven core books that define seven sets of processes covering seven different IT areas:

· Service Support

· Service Delivery

· Planning to Implement Service Management

· Information Communications Technology (ICT) Infrastructure Management

· Applications Management

· The Business Perspective

· Security

Two areas deal specifically with ITSM:

Service Support, consisting of:

·  Incident management Problem management

·  Change management

·  Configuration management

·  Release management

·  Service desk function

Service Delivery, consisting of:

·  Capacity management

·  Availability management

·  Financial management for IT services

·  Service level management

·  IT service continuity management  (ITSCM)

Cobit Overview

General features of cobit can be found below. General description of Cobit will be given after that.

General features of Cobit are:

· Cobit accepts that IT should be exist for the business purposes,

· Cobit tries to make a balance between IT Strategy and Business Strategy,

· With these features it includes accepted rules of IT Managements,

· It almost cover all IT functions within 34 process it has,

· It is compatible with other IT Management standards such as ISO, ITIL, CMMI, MOF etc.

· Every single company (no matter if it is a big or small company) from every sector can use it,

· It has different usage purposes such as control, process improvement, process management, measurement, comparison etc.


     Control Objectives for Information and Related Technology (COBIT) is a framework created by ISACA for information technology (IT) management and IT governance. It is a supporting toolset that allows managers to bridge the gap between control requirements, technical issues and business risks.

COBIT is an IT governance framework and supporting toolset developed by ISACA. ISACA view ITIL as being complementary to COBIT. They see COBIT as providing a governance and assurance role while ITIL providing guidance for service management. ISACA first released COBIT in 1996; ISACA published the current version, COBIT 5, in 2012. COBIT aims “to research, develop, publish and promote an authoritative, up-to-date, international set of generally accepted information technology control objectives for day-to-day use by business managers, IT professionals and assurance professionals”.

The framework supports governance of IT by defining and aligning business goals with IT goals and IT processes.

The business orientation of COBIT consists of linking business goals to IT goals, providing metrics and maturity models to measure their achievement, and identifying the associated responsibilities of business and IT process owners.

Togaf Overview

     The Open Group Architecture Framework (TOGAF) is a framework for enterprise architecture which provides an approach for designing, planning, implementing, and governing an enterprise information technology architecture. TOGAF has been a registered trademark of The Open Group in the United States and other countries since 2011.

TOGAF is a high level approach to design. It is typically modeled at four levels: Business, Application, Data, and Technology. It relies heavily on modularization, standardization, and already existing, proven technologies and products.
An architecture framework is a set of tools which can be used for developing a broad range of different architectures. It should:

·  describe a method for defining an information system in terms of a set of building blocks

·  show how the building blocks fit together

·  contain a set of tools

·  provide a common vocabulary

·  include a list of recommended standards

·  include a list of compliant products that can be used to implement the building blocks. TOGAF is such an architecture framework.


CMMI Overview


       Capability Maturity Model Integration (CMMI) is a process improvement training and appraisal program and service administered and marketed by Carnegie Mellon Universityand required by many DoD and U.S. Government contracts, especially in software development. Carnegie Mellon University claims CMMI can be used to guide process improvement across a project, division, or an entire organization. CMMI defines the following maturity levels for processes: Initial, Managed, Defined, Quantitatively Managed, Optimizing.

CMMI is a process improvement model that consists of the best practices applied in the development of software, derived from the industry. CMMI segregates the best practice knowledge into different levels, and each level progresses to higher standards. All levels address the development and maintenance of products and services through the product life cycle from conception through delivery and maintenance.

CMMI currently addresses three areas of interest:

1. Product and service development — CMMI for Development (CMMI-DEV),

2. Service establishment, management, — CMMI for Services (CMMI-SVC),

3. Product and service acquisition — CMMI for Acquisition (CMMI-ACQ).

The following COBIT 5 areas and domains are covered by CMMI:
• Application-building-and acquisition related processes in the BAI domain
• Some organizational and quality-related processes from the APO domain

Relations Between Some of These Metodologies

·   As we said before COBIT is an IT governance framework and supporting toolset developed by ISACA. ISACA view ITIL as being complementary to COBIT. They see COBIT as providing a governance and assurance role while ITIL providing guidance for service management.

·   While TOGAF adds structure for enterprise architecture, processes and techniques, COBIT puts TOGAF into context by relating architectural processes to all other IT processes. And COBIT, through RACI charts, adds responsibilities for TOGAF, helping organizations implement TOGAF and connect it to broader IT processes. To complete the circle, COBIT also adds key performance indicators for TOGAF.

·   TOGAF should not just make an association, but be explicit in business architecture, application architecture, data architecture and technical architecture domains regarding the added benefits. These benefits and risks of open source can then “cascade” into the broader IT governance and management COBIT framework.

·   In terms of TOGAF, ITIL provides the target architecture, which should be confronted with the baseline architecture of a specific organization,

·   Probably the most important relationship between ITIL and TOGAF is that there is a strong relationship between the processes (although these relationships are not clearly identified in ITIL). In particular, the first builds on the results of the latter. An enterprise architecture describes services that are needed at a high level and these services are designed in the Service Design stage in ITIL.

·   Both TOGAF and ITIL provide guidance in the design of services, albeit at a different level of detail. Also, design in ITIL is focused on IT services while enterprise architecture has a much broader focus (also looking at non-IT services).


·   Both ITIL and COBIT help organizations to manage IT from a business perspective and achieve business goals while measuring progress and ensuring effective IT governance.

·   ITIL is more focused on service management and provides guidance on how to develop and implement effective solutions. COBIT provides an overall, high level governance framework which is applicable to most organizations but is not specific about certain aspects of the business like IT service management or information security.

·   As ITIL covers particular areas in more detail, it can be mapped to COBIT to enhance the framework and build a hierarchy of processes.

·   COBIT can be used to shape ITIL processes to the business needs and measure the success of ITIL implementation.

·   CMMI for services and CMMI for acquisitions are complementary to COBIT, in that these aspects are not adequately covered by COBIT.

·   Both CMMI and COBIT include a maturity model, however the CMMI standards include goals and procedures which are not part of the COBIT maturity model

·   According to relation between Togaf and ITIL see the figure below:


·   ITIL goes into further detail and gives better guidance on the core service management topics; COBIT can be used as an umbrella to include other IT aspects like information architecture, system development, portfolio / programme / project management, risk management, security management and many other things.

·   CobiT addresses “what is to be achieved,” while ITIL addresses “how to achieve it.”

·   Both CMMI and ITIL are process maturity frameworks that follow a similar and structured approach.

·   Both emphasize development of processes to improve product development and customer satisfaction and support the coordination of multi-disciplinary activities related to a project.

·   Although both CMMI and ITIL are similar in structure, the amount of duplication is, however, small and there is no contradiction between the two models, making it possible to apply both CMMI / ITIL models simultaneously in an organization.

·   CMMI is the de facto quality standard for software development, integration, deployment, and maintenance processes in organizations and ITIL is the first choice of organizations for standards related to operations and the infrastructure side of IT.

·   Implementation of CMMI / ITIL also aids organizations in reducing the cost of quality, improving turnaround times, and arriving at a precise estimate of efforts required that helps in costing products.

·   Unlike CMMI, ITIL is not descriptive and orders the processes in sets. CMMI for instance, recommends requirement analysis but does not specify how to do a requirement analysis. ITIL on the other hand, provides specifics on how to undertake the requirement analysis.

·   CMMI is a descriptive approach that orders process areas along a maturity model with maturity levels. A CMMI model is not a process but a description of effective process characteristics.

·   While CMMI is focused toward software development, maintenance, and product integration, ITIL is broader in scope and provides a framework for IT service management and operations including a hardware life cycle.

·   CMMI is geared specifically to software development organizations and focuses on continuous improvement, whereas ITIL addresses IT operations issues such as security, change and configuration management, capacity planning, troubleshooting, and service desk functions.

·   While the application of CMMI helps the organization gain competency and expertise in software or product development, ITIL applications help align the entire IT process and resources of the organization to business processes.

·   The most important relationship between COBIT and TOGAF, is that enterprise architecture is one of the processes described in COBIT. Actually, when you look at the description of enterprise architecture in COBIT 5 you see that they have looked at TOGAF closely and included most of the TOGAF Architecture Development Method in the description of the process.

·   COBIT seems to cover all the TOGAF phases and activities.

·   The heart of COBIT is a (high-level) description of all IT processes, which are based on and aligned with various other process frameworks, including TOGAF.




Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s