[X]
ITIL Serivce Management 7 6 5 4 3 2 1
Click on the area of your interest
What is COBIT - Overview

COBIT® stands for Control Objectives for Information and Related Technology and is the internationally recognized manual for IT Governance, i.e. for guaranteeing security, quality and compliance in information technology. In this context COBIT does not primarily define how the requirements are to be met but instead concentrates mainly on what has to be implemented.

COBIT was originally developed (1993) by the international Information Systems Audit and Control Association, ISACA. Since the year 2000 the development and updating of COBIT has been the responsibility of the IT Governance Institute, a sister organization of the ISACA. Over the years COBIT has developed from being a tool for IT auditors into a tool for the control of IT from the corporate viewpoint and, amongst other things, is also used as a model for ensuring compliance with statutory requirements. This generally promotes the industrialization of IT.

COBIT was created very much along the lines of the COSO (Committee of Sponsoring Organizations of Tradeway Commission) the framework for internal controls designed to ensure the integration of IT governance within the corporate governance. In this context COBIT is intended to be the link between the control frameworks throughout the company (COSO) and the IT-specific models (e.g. ITIL, ISO17799/27002 etc.). Evidence that COBIT meets this requirement is demonstrated by the fact that COBIT is widely used internationally as a control model by most large companies. It is the premise of ISACA that 95 % of major companies utilize COBIT in whole or in part.

COBIT provides good practices in the form of a domain and process framework and entails activities in a structure which is both logical and easy to use. The good practices contained within COBIT incorporate the views of various experts whose focus is clearly more control than implementation-based. These practices lend support for improving capital investment within the IT environment and ensure service delivery as well as an assessment benchmark in the event of irregularities occurring.

To enable IT to successfully fulfill the business requirements, an internal system of monitoring/controls or an internal framework should be implemented by the management. The COBIT framework provides a help in this context through

  • a link with the business requirements,
  • the incorporation of IT-related activities into a generally accepted process model,
  • the identification of key IT resources to be controlled and
  • the definition of the control objectives to be taken into account.

COBIT’s orientation towards the core business consists of a link between corporate objectives and IT objectives, the provision of measurement parameters and maturity models for measuring target attainment and includes identification of the relevant responsibilities both in the technical area and IT.

COBIT’s process orientation is demonstrated by the process model which organizes the IT into 34 processes, subdivided into planning, development, operation and monitoring, establishing an integrated view of the IT. In this context, company-wide architecture models help to identify the key resources for the success of the processes such as e.g. applications, information, infrastructure and personnel.
 

webdesign: 100pro.ch