CONTROL OBJECTIVE FOR INFORMATION AND RELATED TECHNOLOGY (COBIT)
- Information System Audit and Control Association(ISACA) is the leading organization for COBIT
- COBIT 4.1 has 4 domains,34 processes and 318 controls objectives
- The four domains
- Plan and Organization (10 processes) o Acquire and implement (7 processes) o Deliver and Support (13 processes)
- Monitor and Evaluate (4 processes)
- The COBIT 5 processes are split into governance and management “areas”. These 2 areas contain a total of 5 domains and 37 processes:
- Governance of Enterprise IT
- Evaluate, Direct and Monitor (EDM) – 5 processes
- Management of Enterprise IT
- Align, Plan and Organize (APO) – 13 processes
- Build, Acquire and Implement (BAI) – 10 processes
- Deliver, Service and Support (DSS) – 6 processes
- Monitor, Evaluate and Assess (MEA) – 3 processes
- COBIT framework is focused on IT Process/General IT process
- Business/Application controls are not in the scope of COBIT. A Business has to establish its own Application controls
- Application Controls:
- AC1 Source document preparation and authorization
- AC2 Source document collection and data entry
- AC3 Accuracy, completeness and authenticity checks
- AC4 Data processing integrity and validity
- AC5 Output review, reconciliation and error handling
- AC6 Transaction authentication and integrity
error: Content is protected !!
Login
Accessing this course requires a login. Please enter your credentials below!