
88 ◾ Information Security Metrics
Table 8.1 CobiT High-Level Control Objectives
Plan and Organize
PO1 Define a strategic IT plan and direction
PO2 Define the information architecture
PO3 Determine technological direction
PO4 Define the IT processes, organization, and relationships
PO5 Manage the IT investment
PO6 Communicate management aims and direction
PO7 Manage IT human resources
PO8 Manage quality
PO9 Assess and manage IT risks
PO10 Manage projects
Acquire and Implement
AI1 Identify automated solutions
AI2 Acquire and maintain application software
AI3 Acquire and maintain technology infrastructure
AI4 Enable operation and use
AI5 Procure IT resources
AI6 ...