COBIT Objectives and Audit Activity Report

Project Name
Version

Your Company Name

COBIT (Control Objectives for Information

And Related Technologies) Objectives
And Audit Activity Report
Date

Confidential – ©2015 Documentation Consultants (www.SDLCforms.com) Document: 2700 Page 1 of 5

 COBIT Objectives and Audit Activity Report
Project Name
Version

Revision History

Date Version Author Change

COPYRIGHT NOTICE
Confidential – ©2015 Documentation Consultants
All rights reserved. These materials are for internal use only. No part of these materials may be
reproduced, published in any form or by any means, electronic or mechanical, including photocopy or any
information storage or retrieval system, nor may the materials be disclosed to third parties without the written
authorization of (Your Company Name).

Confidential – ©2015 Documentation Consultants (www.SDLCforms.com) Document: 2700 Page 2 of 5

 COBIT Objectives and Audit Activity Report
Project Name
Version

Table of Contents

1 Purpose ................................................................................................................................................................................... 4
2 Audit Objectives and Status .................................................................................................................................................. 4

Confidential – ©2015 Documentation Consultants (www.SDLCforms.com) Document: 2700 Page 3 of 5

 COBIT Objectives and Audit Activity Report
Project Name
Version

Note: Text displayed in blue italics is included to provide guidance to the author and should be deleted before publishing the
document. In any table, select and delete any blue line text; then click HomeStyles and select “Table Text” to restore the cells to
the default value.

1 Purpose

This document provides a centralized source for defining and reporting on COBIT objectives and related activities.

2 Audit Objectives and Status

Control Control Objective Control Control

SOX
Objective Name Activity Activity Name Control Activity Description
Activity Status
ID ID

P04.11 Segregation of P04.11.1 Segregation Complete Roles are defined to ensure proper segregation
Duties of Duties  of duty and to communicate the responsibilities
that are aligned with that role.

P04.11 Segregation of P04.11.2 Segregation Incomplete Authorization and roles are properly defined
Duties of Duties within IT systems to ensure segregation of
 duties, where possible the company uses
logical and authorized mechanisms to enforce
segregation of duties.

P04.14 Contracted Staff

Policies and
P04.14.1 Contracted
Staff
 Complete Contractor and no-employee staff access,
authorization, and accounts are managed in a
Procedures consistent manner with employees.

P04.9 Data and System

Ownership
P04.9.1 Data &
System
 Incomplete Applications have formal business owners to
ensure accountability and authorization for
Ownership changes to production environment.

Confidential – ©2015 Documentation Consultants (www.SDLCforms.com) Document: 2700 Page 4 of 5

 COBIT Objectives and Audit Activity Report
Project Name
Version

P06.3 IT Policies
Management
P06.3.1 IT Policies
 Complete The company has as an appropriate set of IT
policies to support IT strategy. Policies are
reviewed semi-annually to ensure accuracy and
relevance.

P08.3 Development and

Acquisition
P08.3.1 SDLC
Methodology
 Incomplete The SDLC process defines quality standards
and practices and addresses projects of varying
Standards size and scope.

Confidential – ©2015 Documentation Consultants (www.SDLCforms.com) Document: 2700 Page 5 of 5