CHAPTER FOURTEEN
Support Tools and Frameworks
THIS CHAPTER INTRODUCES the reader to the need for support tools and frameworks such as Control Objectives for Information and related Technology (COBIT®): Management Guidelines, a framework for Information Technology/Information Systems (IT/IS) managers and COBIT: audit’s use in support of the business Support cycle. International standards and good practices such as ISO 17799, IT Infrastructure Library® (ITIL®), privacy standards, Committee of Sponsoring Organizations (COSO), Criteria of Control (CoCo), Cadbury, King, and Sarbanes-Oxley also play a vital role in ensuring the appropriate governance.
GENERAL FRAMEWORKS
COBIT is one of the most widely accepted models of IT governance and control utilized to manage risks and implement controls within an IT environment in order to achieve business objectives.
COBIT was introduced to meld existing IT standards and best practices into one comprehensive structure designed to achieve international accepted governance standards. Working from the strategic requirements of the organization, COBIT encompasses the full range of IT activities focusing on the achievement of control objectives rather than the implementation of specific controls. As such, it integrates and aligns IT practices with organizational governance and strategic requirements. It is not the only set of standards in common use, but it integrates with other standards to achieve defined levels of control.
What may be classed as ...
