Information Systems – COBIT

Information Systems – COBIT

Control Objectives for Information and Related Technology (COBIT) is a tool used by managers and auditors to align Business and IT Strategy.

BACKGROUND

IT needs to deliver the information that the enterprise needs to achieve its objectives. So, COBIT divides IT into 34 processes belonging to four domains and provides a high level control objective for each of them.

The four domains are:

  • Planning
    • Strategy and tactics to ensure that IT contributes to the achievement of business objectives.
    • Planning, communication and management across different perspectives of organisational and technological infrastructure.
  • Acquiring and Implementing
    • To realize the IT strategy, IT solutions need to be identified, developed or acquired, as well as implemented and integrated into the business process.
  • Delivery and Support
    • Ensure delivery of required services
    • Setup necessary support processes
    • Include actual processing of data by application systems
  • Monitoring
    • Ensure regularly process assessment over time for quality and compliance with control requirements.
    • Management’s oversight of the organisation’s control process provided by internal and external audit.

CONTROL and CONTROL OBJECTIVES

The Control is the set of policies, procedures, practices and organisational structures designed to provide reasonable assurance that business objectives will be achieved and undesired events will be prevented or detected and corrected.

The IT Control Objective is a statement of the desired result or purpose to be achieved by implementing control practices in a particular IT activity.

Leave a Reply

Your email address will not be published. Required fields are marked *