Morland-Austin IT GRC Knowledge Base

Manage Solution Identification and Build

IT GRC Knowledge Base » IT Governance Management » IT Governance – COBIT 5 » Management – Build (Build, Acquire, Implement) » Manage Solution Identification and Build

  1. This article provides an overview and summary of the COBIT 5 process Manage Solution Identification and Build, which is part of the Management – build (Build, Acquire, Implement) domain.

The purpose of this COBIT 5 process is to establish and maintain identified solutions in line with organisation requirements covering design, development and sourcing. This also includes the management of configuration, testing, requirements management and maintenance of organisation processes, applications, information/data, infrastructure and services. The goal is to deliver timely and cost-effective solutions capable of supporting organisation strategic and operational objectives.

The following sub-governance processes are further supported by a list of control activities:

  1. Design high-level solutions. Develop and document high-level designs using agreed-on and appropriate phased or rapid agile development techniques.
  2. Design detailed solution components. Develop and document detailed designs using agreed-on and appropriate phased or rapid agile development techniques.
  3. Develop solution components. Develop solution components in accordance with detailed designs following development methods and documentation standards, quality assurance (QA) requirements, and approved standards.
  4. Procure solution components. Procure solution components based on the acquisition plan in accordance with requirements and detailed designs, architecture principles and standards.
  5. Build solutions. Install, configure and build solutions and integrate with organisation process activities. Implement control, security and auditability measures during configuration and integration of hardware and software.
  6. Perform quality assurance (QA). Develop, resource and execute a QA plan aligned with the QMS.
    Prepare for solution testing. Establish a test plan and required environments to test the solution components, including the organisation processes and supporting services, applications and infrastructure.
  7. Execute solution testing. Execute testing continually during development, including control testing, in accordance with the defined test plan and development practices in the appropriate environment.
  8. Manage changes to requirements. Track the status of individual requirements throughout the project life cycle and manage the approval of changes.
  9. Maintain solutions. Develop and execute a plan for the maintenance of solution and infrastructure components.
  10. Define IT services and maintain the service portfolio. Define and agree on new or changed IT services and service level options.

For more information please contact Morland-Austin at info@morland-austin.com.