Chapter 5. Using CobiT Framework to Improve SOx Controls and Governance

Our professional and business world is filled with acronyms or initials that have become words themselves. We say the word IBM today often not thinking that it stands for the corporation's original name, International Business Machines. COSO also has become such a word—we forget what COSO stands for, and to many professionals it has just become a descriptive word. (Chapter 3 provides a description of the COSO framework and related background information.) While not at the same level of recognition, CobiT is an acronym that is becoming another generic word among business and IT professionals. You will find it sometimes abbreviated as COBIT rather than its official abbreviation as CobiT. The acronym or word stands for Control Objectives for Information and related Technology. Because of this framework's emphasis on controls and technology, the first and last letters are capitalized. CobiT is an important internal control framework that can stand by itself but is an important support tool for documenting and understanding COSO and Sarbanes-Oxley (SOx) internal controls. Although CobiT's original emphasis was on information technology (IT), the framework has been broadened today and professionals in many levels of business will benefit from having an understanding of the CobiT framework and its use as a tool for documenting, reviewing, and understanding SOx internal controls.

The CobiT standards and framework documentation ...

Get Sarbanes-Oxley Internal Controls: Effective Auditing with AS5, CobiT, and ITIL now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.