IT Governance and Management - COBIT Flashcards Preview

CPA - BEC > IT Governance and Management - COBIT > Flashcards

Flashcards in IT Governance and Management - COBIT Deck (2):
1

COBIT framework

COBIT widely used as international standard for identifying best practices in IT. Provides IT governance model aligning IT with organizational governance

COBIT FOCUSES MORE ON IT THAN COSO

Difference between COSO, COSO ERM, and COBIT are intended audiences and scope. COSO ERM AND COSO provides common internal control language for use by management, board, and internal/external auditors. COBIT focuse on IT controls and intended for IT manages, IT professionals, and internal/external auditors

2

COBIT FRAMEWORK 3 COMPONENTS

I ) Domains and processes - IT function divided into 4 domains within which 34 basic IT processes reside

1) Planning and Organization - How can IT contribute to business objectives; establish strategic vision, develop tactics to plan, communicate, and realize vision

2) Acquisition and Implementation - How to acquire, implement, or develop IT solutions that address business objectives and integrate with critical business process

3) delivery and Support - How can best deliver required IT services including operations, security, and training

4) Monitoring - How best to periodically assess IT quality and compliance with control requirements

A) MINITOR AND EVALUATE IT PERFORMANCE - establish monitoring approach, include metrics, reporting process, and means to identify and correct deficiencies

B) MINITOR AND EVALUATE INTERNAL CONTROL - required by SOX 404

C) ENSURE REGULATORY COMPLIANCE - Identify compliance requirements and evaluate, report on, the extent of compliance with these requirements

D) PROVIDE IT GUIDANCE - Establish IT governance framework that aligns with organization's strategy and value delivery program

Effective IT performance management requires a monitoring process including the following:

II) Information Criteria - to have value to organization, data must have following properties or attributes - Effectiveness, efficiency, confidentiality, integrity, availability, compliance, reliability

III) IT resources - identify physical resources that compromise IT system; People,Applications,Technology, facilities, data

Decks in CPA - BEC Class (62):