CobiT (control Objectives for information and Related Technology) is the international recognized Framework to the IT-Governance and arranges the tasks of the IT into processes and control Objectives (often with a control goal translates, actually control defaults, in which current German-language version the term any longer not translated). CobiT does not define here, HOW the requirements are to be converted, but only WHICH to convert ist.CobiT became originally (1993) by the international federation of the EDP examiners (information of system audit and control Association, ISACA) developed, since 2000 the IT Governance of institutes, a sister organization is incumbent on to update [ISACA], CobiT too etwickeln and. CobiT developed from a tool for IT-examiner (AUDI gates) to a tool for the controlling of the IT from enterprise view.

CobiT was provided in strong support on COSO, in order to ensure the integration of the IT-Governance into the Corporate Governance.

The control Objectives specified in CobiT are into 34 processes arranged, which guarantee a reliable and the enterprise need appropriate information function. On the basis of company targets IT-goals are specified, which affect again the architecture of the IT. Here appropriately defined and claimant IT-processes ensure the processing of information, the administration of IT-resources (personnel, technology, data, applications) and the contribution of services.

The publications of CobiT consist of the "core content" and the "Assurance Guide". The latter is developed still and covers the control Practices (conversion the control Objectives) and the audit Guidelines (examination of the reaching the control Objectives).

In the CobiT 4,0 core content is specified for each of the 34 CobiT of processes:

• Description of process
• A process goal (High level control Objective)
• Substantial activities
• Substantial measured variables
• Control Objectives (in sum 215)
• Management Guidelines with the inputs and the output of the process, a giving up and competence matrix (RACI Chart) and detailed Metriken for the evaluation of the process and for the evaluation of the contribution of individual activities to the goals of the process too these again to the goals of the IT
• Hoar frost degree model, which - ajar against CMM - which describes respective typical developments of the process in 6 ripe degree stages (0 to 5)

Additionally to the individual processes sieved generic (for all processes valid) control Objectives and control Objectives for application controls (input, processing, expenditure and transmission controls) are indicated.

Further CobiT relevant publications of the ISACA are

• Board Briefing on IT Governance - for consciousness-shaping for the need on enterprise further controlling of the IT
• CobiT Mapping - a set of documents, which the confrontation of CobiT and other IT-standards (e.g. ITIL, ISO17799, IT-Grundschutzhandbuch, NIST, FIPS, ISO13335, TOGAF, etc.) contains.
• CobiT implementation Guide - a guidance for the conversion of IT Governance

The ISACA offers a CobiT Foundation Course for certifying of persons. Additionally the following two certifying are offered for the topic:

• Certified information of system AUDI gate (CISA) - this certifying addresses itself mainly to
• Certified information Security manager (CISM) - this certifying addresses itself mainly to IT-Sicherheitsmanager.

ISACA organizes each year regional (European) and international conferences as well as several CobiT user Convertions. Within these platforms lectures and Workshops are offered approximately around CobiT and IT-Governance.

Related links

• ISACA Website with the English-language version of CobiT 4,0 under ISACA
• German summary and material with ISACA German Chapter
• ISACA Cobit sides
• ISACA Austrian Chapter with the official German-language version of CobiT 4,0 under ISACA Austrian Chapter
• Cobit Wiki

Articles in category "Cobit"

We found here 11 articles.