Transcript COBIT IT Processes Defined Within Four Domains

COBIT Framework
Source: http://www.isaca.org/exec3.htm
COBIT
Business Objectives
Information
•
•
•
•
•
•
•
Effectiveness
Efficiency
Confidentiality
Integrity
Availability
Compliancy
Reliability
IT-resources
•
•
•
•
•
People
Application systems
Technology
Facilities
Data
Cobit Framework
IT Processes Defined Within Four Domains
Information
Monitoring
Planning and
Organization
Delivery and
Support
Acquisition and
Implementation
Planning and Organization
P01
P02
P03
P04
P05
P06
P07
P08
P09
P10
P11
define a strategic IT plan
define the information architecture
determine the technological direction
define IT organization and relationships
manage the IT investment
communicate management aims and direction
manage human resources
ensure compliance with external requirements
assess risks
manage projects
manage quality
Acquisition and Implementation
AI1
identify solutions
AI2
acquire and maintain application software
AI3
acquire and maintain technology architecture
AI4
develop and maintain IT procedures
AI5
install and accredit system
AI6
manage changes acquire and maintain
Delivery and Support
DS1
DS2
DS3
DS4
DS5
DS6
DS7
DS8
DS9
DS10
DS11
DS12
DS13
define service levels
manage third party services
manage performance and capacity
ensure continuous service
ensure system security
identify and attribute cost
educate and train users
assist and advise IT customers
manage the configuration
manage problems and incidents
manage data
manage facilities
manage operations
Monitoring
M1
monitor the processes
M2
asses internal control adequacy
M3
obtain independent assurance
M4
provide for independent audit
Standards for
Information Systems Auditing
Standards for
Information Systems Auditing
Standards for
Information Systems Auditing
Standards for
Information Systems Auditing
Standards for
Information Systems Auditing
Standards for
Information Systems Auditing
Standards for
Information Systems Auditing