COBIT Flashcards
What is COBIT?
The Control Objectives for Information and Related Technology (COBIT) provides managers, auditors, and IT users with a set of measures, indicators, processes, and best practices to maximize the benefit of information technology. The COBIT framework includes the following:
> Business Objectives
> Governance Objectives
> Information Criteria
> IT Resources
> Domains and Processes of COBIT
COBIT gives us an external framework that we consider in terms of what should an information and related technology should do. What is the overall purpose?
What are the Business Objectives of COBIT?
These might include:
> Effective decision support
> Efficient transaction processing
> Compliance with reporting requirements or information security requirements
What are the Governance Objectives?
It focus on 5 related areas related to IT governance:
> Strategic alignment
> Value delivery
> Resource management
> Risk management
> Performance measurement - how well it performs
What are the 7 Information criteria of IT?
7 distinct criteria exist that describe the COBIT business requirements pertaining to information. The information criteria can be remembered using the mnemonic ICERACE, as follows: I - Integrity C - Confidentiality E - Efficiency R - Reliability A - Availability C - Compliance E - Effectiveness
What are the IT resources?
These consist of: > applications, > information (input/output), > infrastructure, and > people. The IT resources and the processes are referred to as the enterprise architecture for IT.
What are the domains and processes of COBIT?
COBIT defines IT processes within the context of the following 4 domains, which direct the delivery of solutions and services and ensure the directions are followed:
PO AIDS ME
Plan and Organize - provides direction
Acquire and Implement - provides solutions to needs
Deliver and Support - provides services to users
Monitor an Evaluate - ensure directions are followed.