10
Volume 3 2014 7 : COBIT ® ? : [email protected] COBIT Recognition and Case Studies COBIT COBIT 5 COBIT 4.1 Ecopetrol IT COBIT 5 COBIT 5 COBIT 5 IT 6 COSO 2013 COBIT 5 Ecopetrol S.A. IT COBIT 5 Alberto León Lozano CISA CGEIT CIA CRMA Ecopetrol S.A. IT COSO COBIT IT 2007 Ecopetrol COSO Internal ControlIntegrated Framework - Ecopetrol 2008 9 NYSE 2008 Ecopetrol DTI IT IT IT COBIT ® IT IT COBIT ® 4.1 5 IT IT DTI Ecopetrol ! 2014 7 21 Alberto León Lozano COBIT 5Use It Effectively COBIT 5

COBIT Ecopetrol S.A. IT COBIT 5 - Information … · COBIT® Process Assessment Model PAM :Using COBIT ... Sai K. Honig CISA CIA IT 10 Honig COBIT ITIL HIPAA ... 2014 COBIT 5 Risk

  • Upload
    vonhan

  • View
    263

  • Download
    1

Embed Size (px)

Citation preview

Volume 3 2014 7

:

COBIT®

?

:

[email protected]

COBIT Recognition and Case

Studies COBIT

COBIT 5 COBIT 4.1

Ecopetrol IT COBIT 5

COBIT 5

COBIT 5 IT 6

COSO 2013 COBIT 5

Ecopetrol S.A. IT

COBIT 5 Alberto León Lozano CISA CGEIT CIA CRMA

Ecopetrol S.A.

IT

COSO

COBIT

IT

2007 Ecopetrol

COSO Internal Control—Integrated

Framework -

Ecopetrol 2008 9 NYSE

2008

Ecopetrol DTI

IT IT

IT COBIT®

IT IT

COBIT® 4.1 5

IT IT

DTI Ecopetrol

! 2014 7 21 Alberto

León Lozano COBIT 5—Use It Effectively COBIT 5—

Volume 3 2014 7 2

COBIT® 5 DTI

COBIT

IT GEIT

COBIT 5

Ecopetrol 7,000 Ecopetrol

40 4 Ecopetrol 60%

Ecopetrol

Ecopetrol COSO

Ecopetrol IT IT

IT IT

DTI IT UTI IT

IT IT

IT GRC

IT

Ecopetrol COBIT

DTI COBIT IT IT

COBIT

IT

IT

IT COSO

2008 4 Ecopetrol IT

IT

Volume 3 2014 7 3

COBIT IT

— COSO

DTI

SAP

Ecopetrol COBIT 4.1 28

IT 2

3

2009 1 IT

CIO

CFO CEO IT

2009 12 COBIT

Ecopetrol

2009 2013 IT IT

Ecopetrol IT IT

IT

DTI IT

COSO 2013 COBIT 5

2010 IT IT

IT IT

Ecopetrol COBIT IT

Ecopetrol IT COBIT

COBIT

Ecopetrol

IT

Volume 3 2014 7 4

IT

20 ISACA COBIT

Foundation Exam

ISACA

2013 Ecopetrol IT

Ecopetrol IT COBIT

5 IT

IT

1

3 4

IT COBIT

PAM Process

Assessment Model Using COBIT® 5

ISO 15504

16 IT

3.8 1

3.6

2

COBIT 5

IT

IT COBIT 5

SSC

[BPM] ERM COSO ERM

1— 2013

Ecopetrol S.A.

2— 2013

Ecopetrol S.A.

Volume 3 2014 7 5

COBIT 5

Ecopetrol IT

COBIT 4.1

IT GRC

COBIT 5

IT COBIT 4.1

COBIT 5

IT GRC

3 7 Ecopetrol IT

IT

3

IT

4

IT

5

3—IT

Ecopetrol S.A.

4—IT

70%

90%96% 97% 98% 98%

0%

10%

20%

30%

40%

50%

60%

70%

80%

90%

100%

2008 2009 2010 2011 2012 2013

Ecopetrol S.A.

5—IT

Ecopetrol S.A.

6—

Ecopetrol S.A.

Volume 3 2014 7 7

Controls and Assurance in the Cloud:Using COBIT 5 : COBIT® 5

2014 4

[CSP]

COBIT® 5 Cloud Security Alliance Cloud Controls Matrix version 3 CSA

CCMv3 CSP

COBIT® 5 for Assurance COBIT 5

COBIT® Process Assessment Model PAM :Using COBIT

® 5 COBIT

®[PAM]: COBIT

® 5

COBIT® 5 for Risk COBIT

® 5

ROI

Controls and Assurance in the Cloud CSP

CSP

CSP

Sai K. Honig CISA CIA

IT 10 Honig

COBIT ITIL HIPAA

SaaS Honig Grameen Foundation

COBIT 5 IT 6 Juan Carlos Morales CISA CISM CGEIT CRISC

IT IT

IT GEIT COBIT® 5 GEIT

COBIT 5 IT

1. :1COBIT 5 1

2014 7 21 Juan Carlos Morales COBIT 5—Use It

Effectively COBIT 5—

Volume 3 2014 7 8

IT

IT 1 King III 5 IT IT

IT King III

ITGI ISACA COBIT®

Val IT ISO ISO 38500 OCEG

12

2. 3

IT

COSO Internal Control - An Integrated Framework

64COBIT 5

BSC

3. :5

IT

IT IT

4. :6

5. :7

COSO 11 IT

COBIT 5 37 DSS06

6. COBIT 5 :8, 9

COBIT 5 IT

IT IT IT

IT COSO 10

COBIT 5 37 COBIT 5

IT

Juan Carlos Morales CISA CISM CGEIT CRISC

IT APMG COBIT 5

1 ISACA COBIT 5 Implementation COBIT 5 2012 3

2 King Committee on Corporate Governance, The King Report on Corporate Governance (King III) King King 2009

3 ISACA COBIT 5 Implementation COBIT 5 2012 3 6

4 COSO Internal Control - An Integrated Framework 2013

5 ISACA COBIT 5 Implementation COBIT 5 2012 3

6 ISACA COBIT 5 Implementation COBIT5 2012 6 D

7 ISACA COBIT 5 Implementation COBIT 5 2012 3

8 ISACA COBIT 5 Implementation COBIT 5 2012 3

9 ISACA COBIT 5:Enabling Processes COBIT 5: 2012

Volume 3 2014 7 9

COBIT 5

Controls and Assurance in the

Cloud:Using COBIT® 5

:

COBIT® 5

Relating the COSO Internal Control—Integrated Framework and

COBIT COSO

COBIT

COBIT 5 COBIT

COBIT® Global Regulatory and

Legislative Recognition

COBIT®

2014 COBIT

5 Risk Scenarios for COBIT

® 5 for

Risk COBIT®

5

COBIT 5 Principles:Where Did

They Come From? COBIT 5

:

COBIT 5

ISACA COBIT

5

David Cau, GRCP, ITIL, MSP, France

Sushil Chatterji, CGEIT, CEA, CMC, Singapore,

Joanne De Vito De Palma, CISM, BCMM, USA Jimmy Heschl, CISA, CISM, CGEIT, ITIL, Austria Katherine McIntosh, CISA, CIA, CRMA, USA Andre Pitkowski, CGEIT, CRISC, CRMA, OCTAVE, Brazil Paras Shah, CISA, CGEIT, CRISC, CA, Australia Sylvia Tosar, CGEIT, PMP, Uruguay Tichaona Zororo, CISA, CISM, CGEIT, CRISC, CIA, CRMA, South Africa

Jennifer Hajigeorgiou

[email protected]

COBIT Focus COBIT ISACA

COBIT Focus COBIT

ISACA

COBIT Focus COBIT

COBIT Focus COBIT

© 2013 ISACA.

Julia Fullerton [email protected]

COSO 2013 COBIT 5 Steven Babb CGEIT CRISC ITIL

2013 COSO Internal Control—Integrated Framework -

COSO COBIT® 5 2012

ISACA®

Relating the COSO Internal Control—Integrated

Framework and COBIT COSO - COBIT

COBIT 5

COSO

ISACA COSO

IT IT

ISACA

COSO COBIT 5

COSO COBIT 5

COBIT 5

COSO

COBIT 5

COSO 17

COSO COBIT 5

Relating the COSO Internal

Control—Integrated Framework and COBIT COSO COBIT

Steven Babb CGEIT CRISC ITIL Vodafone ISACA

Volume 3 2014 7 10

©2014 ISACA.