Upload
izzati-azmi
View
231
Download
0
Embed Size (px)
Citation preview
8/3/2019 Cob It New
1/18
CONTROL OBJECTIVES FOR
INFORMATION AND RELATED
TECHNOLOGY
PREPARED BY :
SHAZERINNA ZAINAL OSMAN SHAH 122900
BKAS 3113 SEMINAR IN ACCOUNTING INFORMATION SYSTEM
8/3/2019 Cob It New
2/18
` is a certification created by ISACA and the IT
Governance Institute (ITGI) in 1996.
` is a set of best practices (framework) for
information (IT) management
` MISSION :
to research, develop, publicize and promote an
authoritative, up-to-date, international set ofgenerally accepted information technology control
objectives for day-to-day use by business
managers and auditors
8/3/2019 Cob It New
3/18
` CobiT has had fourmajorreleases:
` In 1996 - the first edition of COBIT was released.
` In 1998 - the second edition added "Management
Guidelines".` In 2000 - the third edition was released.
In 2003, an on-line version became available.
` In December 2000 - the fourth edition was initially
released. In May 2007, the current 4.1 revision was released.
8/3/2019 Cob It New
4/18
People
Information
ApplicationsInfrastructure
What CIO can action?
What the company
wants?
Effectiveness
Confidentiality
Availability
Efficiency Reliability
Integrity
Compliance
8/3/2019 Cob It New
5/18
` IT is aligned with business
`
IT enable the business and maximisebenefits
` IT resources are used effectively
` IT risks are managed effectively
8/3/2019 Cob It New
6/18
8/3/2019 Cob It New
7/18
8/3/2019 Cob It New
8/18
` PLANNING & ORGANIZATION (PO)
` ACQUISITION & IMPLEMENTATION (AI)
` DELIVERY & SUPPORT (DS)
` MONITORING & EVALUATION (ME)
8/3/2019 Cob It New
9/18
` PO1 Define a Strategic IT Plan and direction
` PO2 Define the Information Architecture
` PO3 Determine Technological Direction
` PO4 Define the IT Processes, Organization andRelationships
` PO5 Manage the IT Investment
` PO6 Communicate Management Aims and Direction
` PO7 Manage IT Human Resources
` PO8 Manage Quality` PO9 Assess and Manage IT Risks
` PO10 Manage Projects
8/3/2019 Cob It New
10/18
` AI1 Identify Automated Solutions
` AI2 Acquire and Maintain Application Software
` AI3 Acquire and Maintain Technology
Infrastructure` AI4 Enable Operation and Use
` AI5 Procure IT Resources
` AI6 Manage Changes
` AI7 Install and Accredit Solutions and Changes
8/3/2019 Cob It New
11/18
` DS1 Define and Manage Service Levels` DS2 Manage Third-party Services` DS3 Manage Performance and Capacity`
DS4 Ensure Continuous Service` DS5 Ensure Systems Security` DS6 Identify and Allocate Costs` DS7 Educate and Train Users` DS8 Manage Service Desk and Incidents` DS9 Manage the Configuration` DS10 Manage Problems` DS11 Manage Data` DS12 Manage the Physical Environment` DS13 Manage Operations
8/3/2019 Cob It New
12/18
` ME1 Monitor and Evaluate IT Processes
`
ME2 Monitor and Evaluate Internal Control` ME3 Ensure Regulatory Compliance
` ME4 Provide IT Governance
8/3/2019 Cob It New
13/18
8/3/2019 Cob It New
14/18
` Key Goal Indicatorspredefined measures that indicate if an IT process met itsbusiness requirements in terms of the relevant informationcriteria.
` KeyPerformance Indicator
predefined measures that determine how well the ITprocess enables the goal to be achieved.
` Critical Success Factorshighlight important issues or actions for managementto achieve control over IT processes.
` Maturity Modelsmethod of measuring proficiency so that anorganization can make a systematic attempt toimprove
8/3/2019 Cob It New
15/18
` A common language for executives, business and
IT staff
` A view, understandable to management, of what IT
does` A better understanding of how the business and IT
can work together for successful delivery of IT
initiatives
` Better quality IT services` Better alignment, based on a business focus
` More efficient and successful audits
` Improved efficiency and optimization of cost
8/3/2019 Cob It New
16/18
` CobiT provides management and business process owners
with an Information Technology (IT) governance model that
helps in understanding and managing the risks associated with
IT.
` CobiT helps bridge the gaps between business risks, control
needs and technical issues by presenting the controls through
one vehicle.
` It is a control model to meet the needs of IT governance and
ensure the integrity of information and information systems.
8/3/2019 Cob It New
17/18
` COBIT. (n.d.). Retrieved from Wikipedia:
http://en.wikipedia.org/wiki/COBIT
` CobitOverview. (n.d.). Retrieved from HCI-ITIL:
http://www.hci-itil.com/COBIT/cobit_overview.html
` UsingCobit. (n.d.). Retrieved from ezcobit:http://www.ezcobit.com/UsingCobit/
` What is Cobit. (n.d.). Retrieved from Slideshare:
http://www.slideshare.net/Benkalland/what-is-cobit
` www.isaca.org. (n.d.). Retrieved from ISACA:http://www.isaca.org/Knowledge-
Center/cobit/Documents/CobiT-4.1-Brochure.pdf
8/3/2019 Cob It New
18/18