Saturday, January 20, 2007

1. What is COBIT all about ?

What is COBIT all about?

The first edition of Cobit was published in 1996 and the framework has been updated several times since. It is now used by governments and large corporations in many parts of the world, ranging from Thailand's Securities and Exchange Commission to the Dubai Municipality to the European Union.

The most recent incarnation, Cobit 4.0, was released in December last year and incorporates enhancements to guide companies in the area of regulatory compliance.

COBIT 4.0 is the newest evolution of control objectives for information and related technology, the world’s leading IT control and governance framework.

It is an IT government framework and supporting toolset that allows manages to bridge the gap between control requirements, technical issues and business risks.

It also emphasis regulatory compliance, helps organization to increase the value attained from IT, enables alignment and simplifies implementation of COBIT framework.

Some of the benefits of implementing COBIT are:

  • Better alignment upon business focus
  • Understandable view of IT for management
  • Clear ownership and responsibilities
  • General acceptance with 3rd parties and regulators
  • Shared understanding among all stakeholders based on computer language
  • Fulfillment of COSO required for the IT control environment

Processes


The core content of COBIT is divided into 34 IT processes. Each is divided into 4 sections for each process:

  1. The high level control objective of process
  2. The detailed level control objective of process
  3. Management guidelines; input and output, RACI(Responsible, accountable, consulted and (or informed) charts, goals and metrics)
  4. Maturity model of process

posted by zeSt @ 10:47 PM

1 Comments:

At 8:53 PM, Blogger Compliance Advisor said...

Something I want to share over here is that companies complying with COBIT 4.0 regulation can comply with many other regulations and standards also. A crosswalk poster between different regulations is a very useful tool, especially when it is available at no cost. This poster is crosswalk between: ISO 17799, Sarbanes Oxley, HIPAA, COBIT 4.0, Payment Card Industry (PCI), GLBA, NERC standards CIP and PIPEDA (Canada) http://www.compliancehome.com/symantec/.

 

Post a Comment

<< Home