Chapter 14. Support Tools and Frameworks
This chapter introduces the reader to the need for support tools and frameworks such as COBIT: Management Guidelines, a framework for Information Technology/Information Systems (IT/IS) managers and COBIT: audit’s use in support of the business Support cycle. International standards and good practices such as ISO 17799, ITIL, privacy standards, COSO, CoCo, Cadbury, King, and Sarbanes-Oxley also play a vital role in ensuring the appropriate governance.
General Frameworks
Control Objectives for Information and related Technology (COBIT®) is one of the most widely accepted models of IT governance and control utilized to manage risks and implement controls within an IT environment in order to achieve business objectives.
COBIT was introduced to meld existing IT standards and best practices into one comprehensive structure designed to achieve international accepted governance standards. Working from the strategic requirements of the organization, COBIT encompasses the full range of IT activities focusing on the achievement of control objectives rather than the implementation of specific controls. As such, it integrates and aligns IT practices with organizational governance and strategic requirements. It is not the only set of standards in common use, but it integrates with other standards to achieve defined levels of control.
What may be classed as best practice for an organization must be appropriate to that organization based upon its needs and capabilities. ...
Get Auditor’s Guide to Information Systems Auditing now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.