COBIT - University of Tulsa

Download Report

Transcript COBIT - University of Tulsa

Nicholas Sprague University of Tulsa

• • • • • • What is COBIT?

History Components Framework Why do we care?

Benefits

• • • Control Objectives for Information and Related Technology Released by ISACA for IT management and governance It is a supporting toolset that allows SAs to bridge the gap between control requirements, technical issues, and business risks that starts from the stakeholders’ needs with regard to information and technology

• • • • • • • 1996: 1 st 2000: 3 rd edition released 1998: 2 nd addition added “Management Guidelines” edition released 2003: online version became available 2005: 4 th edition released 2007: version 4.1 released 2012: COBIT 5 released; draws from the BMIS

• • • • • Framework Process descriptions Control objectives Management guidelines Maturity models

• • Organizes IT governance objectives and good practices by IT domains and processes Links these domains and processes to business requirements

• • Reference process model and common language for everyone in an organization • • • • Maps to the following responsibility areas: Plan Build Run Monitor

• • • • • Provides a complete set of high level requirements to be considered by management for effective control of each IT process Plan and organize Acquire and implement Deliver and support Monitor and evaluate

• • • • Assign responsibility Agree on objectives Measure performance Illustrate interrelationships with other processes

• Assess maturity and capability per process and address gaps

• • • • • • Maintain high quality information to support business decisions Achieve strategic goals and realize business benefits through the effective use of IT Achieve operational excellence through reliable technology applications Maintain IT related risk at an acceptable level Optimize the cost of IT services and technology Remain compliant with laws, regulations, contractual agreements, and policies

• • Information is a key resource for all enterprises, and there is a huge dependency on technology.

Information technologies are pervasive in enterprises and need to be governed in a holistic manner, taking in the full end-to-end business and IT functional areas of responsibility

• • • • • • • • http://www.lucidit.com.my/governance_consulting_s ervices.php

http://www.powertech.com/guides/Compliance/cob it.htm

http://www.analytix.co.za/Training/ExaminationsCe rtifications/COBIT.aspx

http://www.isaca.org/COBIT/Documents/COBIT5 Laminate.pdf

http://www.isaca.org/COBIT/Pages/default.aspx

http://acronyms.thefreedictionary.com/CoBIT http://en.wikipedia.org/wiki/COBIT http://www.isaca.org/Knowledge Center/Research/Documents/COBIT5-Framework ED-27June2011.pdf