Attention COBIT Compliance Expert: Assessment Questionnaire and solutions Requirement (Based on COBIT 4.1) for moving to cloud
We are an IT organization that is outsourcing IT to a vendor who is going to leverage cloud to do service delivery. After the cloud move, we want to be COBIT 4.1 compliant. In order for us to be COBIT 4.1 compliant, we want to ask our services integrator partner valid process based questions to ensure we can be COBIT 4.1 compliant once we move to cloud. Also, we want for each question a solution statements for near-term, mid-term and long-term.
RFP Scope Requirement
1) In the attached spreadsheet, you will see 34 COBIT control objectives, and 206 sub objectives that align to these objectives. We need to come up with at least 2 most important questions (in order of importance with 1 as highest priority under each category) that we need to ask for each of those 206 sub objectives. The questions need to validate that those objectives are being met.
2) We have provided you a template to fill. We have a master sheet in the template which lists all COBIT objectives and sub objectives. We want a separate tab for each objective. We have already provided content for three objectives PO1, PO2 and PO3. Your task is to come up with at least 2 questions for each sub objective starting from objectives PO4 to M4. There are 191 sub objectives in those 31 remaining objective areas and we need at least 2 questions (more if you think so) to validate the intent for each of those sub objectives. So, we will need at least 382 questions.
3) Please also validate our questions in tabs PO1, PO2 andPO3. We need to ensure that our questions are also meeting the need.
4) For each question there will be three types of solution.
a. Near-term: Solution that will address the near term needs of the organization. This solution is also the first step that the organization take if they are at the beginning stages
b. Mid-term: This solution addresses after the near term needs of the organization are in place. This solution is the steps that the organization takes to implement important operational and technical elements
c. Long-term: Solution for a well defined and advanced environment.
Note: Please remember that servers would be virtualized; PAAS and SAAS may be used etc since this is going to be cloud move. Please think cloud move when asking the questions to ensure that COBIT can materialize in that scenario.
Please provide a fixed bid and ETC.