CHAPTER 13
COBIT
13.1 BACKGROUND
13.2 HISTORY
(a) Planning and Organization
(b) Acquisition and Implementation
(c) Delivery and Support
(d) Monitoring
13.3 COBIT CUBE
(a) COBIT 4.x
(b) Main Changes in COBIT 4.x
(c) COBIT 4.x Highlights
(d) COBIT 4.x Maturity Model
13.4 LINKING BUSINESS GOALS TO IT GOALS
(a) Business Requirements Mapping with IT Resources/Processes
(i) Quality
(ii) Security
(iii) Fiduciary
13.5 HOW WILL COBIT 4.x IMPACT/BENEFIT USERS?
13.6 CONCLUSION
REFERENCES
13.1 BACKGROUND
Control Objectives for Information and Related Technology (COBIT) is an IT governance control framework. COBIT's purpose is to ensure IT resources are aligned with an enterprise's business objectives so that services delivered balance IT risks and returns. COBIT defines 34 significant processes, links 318 detailed controls activities to them, and defines an internal control framework for all of them.
COBIT is designed for three distinct audiences:
- Management. —to help them to balance risk and control investment in an often unpredictable IT environment
- Users. —to obtain assurance on the security and controls of IT services
- Information systems auditors. —to substantiate their opinions and/or to provide better advice to management on internal controls
13.2 HISTORY
The COBIT framework was defined in the first edition, published in 1996. Research for second edition (released in 1998) included the collection and analysis of identified international sources and was carried out by ...
Get Governance, Risk, and Compliance Handbook: Technology, Finance, Environmental, and International Guidance and Best Practices now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
