Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Save to My Library
Look up keyword
Like this
1Activity
0 of .
Results for:
No results containing your search query
P. 1
COBIT40 Brochure

COBIT40 Brochure

Ratings: (0)|Views: 11 |Likes:
Published by peterlimttk

More info:

Categories:Types, Brochures
Published by: peterlimttk on Dec 17, 2010
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

12/17/2010

pdf

text

original

 
JUSTRELEASED
:
C
OBI
T4.0
T
HENEWESTEVOLUTIONOF
ONTROL
O
 BJECTIVES  FOR
 NFORMATION  AND RELATED
 ECHNOLOGY 
,
THEWORLD
SLEADING
IT
CONTROLANDGOVERNANCEFRAMEWORK 
 ® 
 
Successful organizations understand the benefits of informationtechnology (IT) and use this knowledge to drive their shareholders’value. They recognize the critical dependence of many business processes on IT, the need to comply withincreasing regulatory compliance demands and the benefits of managing risk effectively. To aid organizations in successfullymeeting today’s business challenges, the IT GovernanceInstitute
®
(ITGI) has published version four of 
Control Objectives for Information and related Technology
(C
OBI
T
®
).C
OBI
Tis an IT governance framework and supporting toolsetthat allows managers to bridge the gap between controlrequirements, technical issues and business risks. C
OBI
Tenables clear policy development and good practice for ITcontrol throughout organizations. ITGI’s latest version— C
OBI
T
®
4.0—emphasizes regulatory compliance, helpsorganizations to increase the value attained from IT, enablesalignment and simplifies implementation of the C
OBI
Tframework. It does not invalidate work done based on earlier versions of C
OBI
Tbut instead can be used to enhance work already done based upon those earlier versions. When major activities are planned for IT governance initiatives, or when anoverhaul of the enterprise control framework is anticipated, it isrecommended to start fresh with C
OBI
T4.0. C
OBI
T4.0 presents activities in a more streamlined and practical manner so continuous improvement in IT governance is easier thanever to achieve.
Supporting IT Governance
C
OBI
Tsupports IT governance by providing aframework to ensure that:IT is aligned with the businessIT enables the business and maximizes benefitsIT resources are used responsiblyIT risks are managed appropriately
Benefits ofImplementing C
OBI
T
Implementing C
OBI
Tallows for:Better alignment based upon a businessfocusAn understandable view of IT for managementClear ownership and responsibilitiesGeneral acceptability with third parties and regulatorsShared understanding among allstakeholders based on a common languageFulfillment of the COSO requirements fothe IT control environmentC
OBI
Thas become the integrator for IT best practices and the umbrella framework for ITgovernance because it is harmonized with other standards and continuously kept up to date. The process structure of C
OBI
T, in conjunction withits high-level, business-oriented approach, provides an end-to-end view of IT that aidsorganizations in getting the most value possiblefrom their IT investments.
C
OBI
TFramework History
The C
OBI
T framework was defined in the firstedition, copyrighted in April 1996 by the ITGovernance Institute. Following on from itsdefinition, the application of international standards and guidelines and research into best
4.0
 
 practices led to the development of the controlobjectives. Audit guidelines were nextdeveloped to assess whether these controlobjectives are appropriately implemented.Research for the first and second editions(1998) included an extensive mapping tointernational standards and was carried out byteams in Europe, the US and Australia.The C
OBI
T
®
3
rd 
Edition
©
 project (released in2000) consisted of developing the managementguidelines and updating the second edition based on new and revised international references. Inaddition, the C
OBI
T framework was revised and enhanced to support increased managementcontrol, introduce performance management and further develop IT governance.
Overview ofC
OBI
T4.0
C
OBI
T 4.0 provides good practices across adomain and process framework. Like previousreleases of C
OBI
T, C
OBI
T 4.0 leverages theexperience of numerous international experts.The C
OBI
Tcontrol framework links ITinitiatives to the business requirements,organizes IT activities into a generally accepted  process model, identifies the major IT resourcesto be leveraged and defines the managementcontrol objectives to be considered. C
OBI
T4.0represents a consensus of experts from around the world who continually work together tomaintain the relevancy, benefit and timelinessof C
OBI
T.C
OBI
T4.0 marks the first major update of theC
OBI
Tcore content since the release of C
OBI
T3
rd 
Edition in 2000. The new C
OBI
Tvolumeconsists of four sections:The executive overviewThe framework The core content (control objectives,management guidelines and maturitymodels)Appendices (mappings and cross-references, additional maturity modelinformation, reference material, a projectdescription and a glossary)The core content is divided according to the34 IT processes. Each process is covered infour sections of approximately one pageeach, combining to give a complete pictureof how to control, manage and measure the process. The four sections for each process,in order, are:1.The high-level control objective for the process(a)A process description summarizing the process objectives(b)A high-level control objectiverepresented in a waterfall summarizing process goals, metrics and practices(c)The mapping of the process to the process domains, information criteria,IT resources and IT governance focusareas2.The detailed control objectives for the process3.Management guidelines: the processinputs and outputs, a RACI (Responsible,Accountable, Consulted and/or Informed)chart, goals and metrics4.The maturity model for the processAnother way of viewing the process performance content is:Process inputs are what the process owneneeds from others.The process description describes what the process owner needs to do.The process outputs are what the processowner needs to deliver.The goals and metrics show how the process should be measured.The RACI chart defines what needs to bedelegated and to whom.The maturity model shows how the process can be improved.
IT Governance Focus Areas
Strategic alignment
focuses on ensuring the linkage of business and IT plans, on defining, maintaining and validating the IT value proposition, and on aligning IT operations with enterprise operations.
Value delivery
is about executing the value proposition throughout the delivery cycle, ensuring that IT delivers the promised benefitsagainst the strategy, concentrating on optimizing costs and proving the intrinsic value of IT.
Resource management
is about the optimal investment in, and the proper management of, critical IT resources: processes, people,applications, infrastructure and information. Key issues relate to the optimization of knowledge and infrastructure.
Risk management
requires risk awareness by senior corporate officers, a clear understanding of the enterprise’s appetite for risk,transparency about the significant risks to the enterprise, and embedding of risk management responsibilities into the organization.
Performance measurement
tracks and monitors strategy implementation, project completion, resource usage, process performance and service delivery, using, for example, balanced scorecards that translate strategy into action to achieve goals measurable beyond conventional accounting.
How Is C
OBI
T4.0 DifferentFrom C
OBI
T3
rd
Edition?
C
OBI
T4.0 is an enhancement of C
OBI
T3
rd 
Edition and in no way invalidatesany implementation or execution activities based on C
OBI
T3
rd 
Edition. The introductionof C
OBI
T4.0 provides the opportunity tofurther improve IT governance and controlarrangements, where appropriate. Mappingsto support this transition are included in aC
OBI
T4.0 appendix, and release 3.2 of C
OBI
TOnline
®
(a web-based databasereflecting the most current C
OBI
Tmaterial)will remain available, in a frozen state, tosupport transition activity. Future C
OBI
Tupdate activity will take place electronicallyand on an ongoing basis via new releases(post-3.2) of C
OBI
TOnline. Occasional printcopies will be released when the updateactivity warrants.
For More Information
Additional information about C
OBI
T4.0 isavailable at
www.isaca.org/cobit 
. TheC
OBI
T4.0 publication can be downloaded for no charge on the web site. C
OBI
T4.0can also be purchased at
www.isaca.org/bookstore
, along with other valuable C
OBI
Tproducts.

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->