1252016 COBIT - Wikipedia COBIT From Wikipedia, the free encyclopedia COBIT (Control Objectives for Information and Related Technologies) is a good-practice framework created by international professional association ISACA for information technology (IT) management and IT governance. COBIT provides an implementable "set of controls over information technology and organizes them around a logical framework of IT-related processes and enablers. "l!] Contents 1 History 2 The COBIT framework = 2.1 Framework and components 3 See also 4 References 5 External links History ISACA first released COBIT in 1996, originally as a set of control objectives to help the financial audit community better maneuver in IT-related environments.!IZ] Seeing valuc in expanding the framework beyond just the auditing realm, ISACA released a broader version 2 in 1998 and expanded it even further by adding management guidelines in 2000's version 3. The development of both the AS 8015: Australian Standard for Corporate Governance of Information and Communication Technology in January 2005@] and the more international draft standard ISO/TEC DIS 29382 (which soon after became ISO/TEC 38500) in January 2007" increased awareness of the need for more information and communication technology (ICT) governance components. ISACA inevitably added related components/frameworks with versions 4 and 4.1 in 2005 and 2007 respectively, "addressing the IT-related business processes and responsibilities in value creation (Val IT) and risk management (Risk 1T)."("I2] In April 2012, COBIT 5 was released. Several drivers were responsible for the transition from 4.1 to 5:0) = need for a more coherent understanding of how existing standards, best practices, and other tools relate and augment each other; need for a more end-to-end business/organization scope that covers all business and IT functions; need for improved guidance on hot-topic items such as enterprise architecture and emerging technologies; need for tighter integration among COBIT and other ISACA research, recommendations, and frameworks; need for tighter integration with extemal standards, recommendations, and frameworks; and need for improved information organization and dissemination concerning the framework, An add-on for COBIT 5 related to information security was released on December 2012, and one related to assurance was released in June 2013.{9107] The COBIT framework httos/enwikivedia.oraNwikiKCOBIT#The COBIT framework 1281252016 ‘COBIT - Wikipedia. COBIT was initially "Control Objectives for Information and Related Technologies.” though before the release of the framework people talked of "CobiT" as "Control Objectives for IT"! or "Control Objectives for Information and Related Technology."l° The framework defines a set of generic processes for the management of IT, with each process defined together with process inputs and outputs, key process-activities, process objectives, performance ‘measures and an elementary maturity model. COBIT also provides a set of recommended best practices for governance and control process of information systems and technology with the essence of aligning IT with business. COBIT $ consolidates COBIT 4.1, Val IT and Risk IT into a single framework acting as an enterprise framework aligned and interoperable with other frameworks and standards." Framework and components The business orientation of COBIT consists of linking business goals to IT goals, providing metrics and maturity models to measure their achievement, and identifying the associated responsibilities of business and IT process owners. The process focus of COBIT is illustrated by a process model that subdivides IT into four domains (Plan and Organize; Acquire and Implement; Deliver and Support; and Monitor and Evaluate) and 34 processes inline with the responsibility areas of plan, build, run, and monitor. It is positioned at a high level and has been aligned and harmonized with other, more detailed IT standards and good practices such as COSO, ITIL, BiSL, ISO 27000, CMMI, TOGAF and PMBOK. COBIT aets as an integrator of these different guidance materials, summarizing key objectives under one umbrella framework that link the good practice models with governance and business requirements.!"] COBIT 5 further consolidated and integrated the COBIT 4.1, Val IT 2.0 and Risk IT frameworks and drew from ISACA's /T Assurance Framework (ITAF) and the Business Model for Information Security (BMIS). The framework and its components can, when utilized well, also contribute to ensuring regulatory compliance. It can encourage less wasteful information management, improve retention schedules, increase business agility, and lower costs while better complying with data retention and management regulations.) COBIT components include: = Framework: Organizes IT governance objectives and good practices by IT domains and processes and link them to business requirements. = Process descriptions: A reference process model and common language for everyone in an organization, The processes map to responsibility areas of plan, build, ran, and monitor, = Control objectives: Provides a complete set of high-level requirements to be considered by management for effective contro! of each IT process. = Management guidelines: Helps assign responsibility, agree on objectives, measure performance, and illustrate interrelationship with other processes. = Maturity models: Assesses maturity and capability per process and helps to address gaps. See also IT Governance Data governance Information Quality Management Information Technology Infrastructure Library ISO/IEC 38500 References oe on a eo ta1252016 ‘COBIT - Wikipedia 1. Haes, $.D.; Grembergen, W.V. (2015). "Chapter 5: COBIT as a Framework for Enterprise Governance of IT". Enterprise Governance of Information Technology: Achieving Alignment and Value, Featuring COBIT 5 (2nd ed.) Springer. pp. 103-128. ISBN 9783319145471. Retrieved 24 June 2016. 2. Stroud, R.E, (2012). “Introduction to COBIT 5" (PDF). ISACA. Retrieved 24 June 2016. 3. da Cruz, M. (2006). "10: AS 8015-2005 - Australian Standard for Corporate Governance of ICT". In van Bon, J.; Verheijen, T. Frameworks for IT Management. Van Haren Publishing. pp. 95-102. ISBN 9789077212905. Retrieved 23 Jume 2016. 4, "ISO/IEC DIS 29382: 2007 Edition, February 1, 2007". IHS Standards Store. IHS, Inc. Archived from the original on 23 June 2016. Retrieved 23 June 2016, 5. "ISACA Releases COBIT 5: Updated Framework for the Governance and Management of IT” (PDF). Provitivi, Ine. 18 May 2012. Retrieved 24 June 2016, ‘COBIT 5 for Information Security". ISACA. Retrieved 24 June 2016, ‘COBIT 5 for Assurance". ISACA. Retrieved 24 hime 2016. 8, Katsikas, S.; Gritzalis, D., eds. (1996). Information Systenss Security: Fueing the Information Society of the 21st Century. FIP Advances in Information and Communication Technology. Springer. p. 358. ISBN 9780412781209. "The McCumber model has great similarities with the CobiT - Control Objectives for IT - framework (CobiT 1995). 9. "Welcome to the ISACA/F, ISACA. 18 October 1996. Archived from the original on 7 November 1996, Retrieved 24 June 2016. 10, Luellig, Ls Frazier, J. (2013), "A COBIT Approach 10 Regulatory Compliance and Defensible Disposal”, IS4C4 Journal. 8. Retrieved 24 June 2016, External links = COBIT page at ISACA (http://www.isaca.org/Cobit/pages/default.aspx) = Checklisi/cheatsheet summarizing Cobit 5 (http://www.minimarisk.com/wp-content/uploads/2015/08/Minim arisk_Cobit3_Cheatsheet_v1_0.pdf) = A user case of the COBIT Framework: San Marcos, TX (https://digital library. txstate.cdu/handle/10877/349 2) Retrieved from "https://en.wikipedia.org/w index.php ?title-COBIT&oldid=748485488" Categories: Information technology governance | Information technology audit | Privacy = This page was last modified on 8 November 2016, at 12:17. = Text is available under the Creative Commons Attribution-ShareAlike License; additional terms may apply. By using this site, you agree to the Terms of Use and Privacy Policy. Wikipedia® is a registered trademark of the Wikimedia Foundation, Inc., a non-profit organization. httos/enwikivedia.oraNwikiKCOBIT#The COBIT framework 38