Scribd
Upload
60 views

Cobit 5 Processos

COBIT (Control Objectives for Information and related Technology) is a framework of best practices for IT management and governance that helps organizations achieve strategic objectives through effective use of resources while minimizing IT risks. The framework interconnects enterprise and IT governance by linking business and IT goals. COBIT defines IT processes divided into four domains: plan and organize, acquire and implement, deliver and support, and monitor and evaluate. The framework represents a de facto standard for assessing IT functions and auditing IT management systems.

Uploaded by

rafael.nicodemus
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
60 views

Cobit 5 Processos

COBIT (Control Objectives for Information and related Technology) is a framework of best practices for IT management and governance that helps organizations achieve strategic objectives through effective use of resources while minimizing IT risks. The framework interconnects enterprise and IT governance by linking business and IT goals. COBIT defines IT processes divided into four domains: plan and organize, acquire and implement, deliver and support, and monitor and evaluate. The framework represents a de facto standard for assessing IT functions and auditing IT management systems.

Uploaded by

rafael.nicodemus
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

COBIT 5 (Control Objectives for Information and related Technology)

COBIT (Control Objectives for Information and related Technology), the abbreviation COBIT is used.

COBIT is a framework of the best practices for IT management (IT governance) .It is a set of the best practices and procedures
that help the organization to achieve strategic objectives through an effective use of available resources and minimization of the
IT risks. COBIT interconnects Enterprise governance and IT governance. This connection is realized by linking business and IT
goals, defining metrics and maturity models to measure achievement of objectives and defining the responsibilities of owners of
business and IT processes.

The first COBIT version was released by ISACA organization in 1996.The first edition consisted of the framework, the second
one was extended to include audit guidelines, an implementation toolset and control objectives. The third edition added
management guidelines. The third edition of COBIT has been released by the ITG Institute (IT Governance Institute). Current
edition is the fifth (COBIT 5), and the fifth version is available from April 2012. COBIT 5 consolidates and integrates the COBIT 4.1,
Val IT 2.0 and Risk IT frameworks and also draws significantly from the Business Model for Information Security (BMIS) and ITAF.

COBIT defines IT processes, divided into four domains:

Plan and Organize (PO)


PO1 Define a strategic IT plan
PO2 Define the information architecture
PO3 Determine technological direction
PO4 Define the IT processes, organization and relationships
PO5 Manage the IT investment
PO6 Communicate management aims and direction
PO7 Manage IT human resources
PO8 Manage quality
PO9 Assess and manage IT risks
PO10 Manage projects
Acquire and Implement (AI)
AI1 Identify automated solution.
AI2 Acquire and maintain application software
AI3 Acquire and maintain technology infrastructure
AI4 Enable operation and use
AI5 Procure IT resources
AI6 Manage changes
AI7 Install and accredit solutions and changes
Deliver and Support (DS)
DS1 Define and manage service levels
DS2 Manage third-party service
DS3 Manage performance and capacity
DS4 Ensure continuous service
DS5 Ensure systems security
DS6 Identify and allocate costs
DS7 Educate and train users
DS8 Manage service desk and incidents
DS9 Manage the configuration
DS10 Manage problems
DS11 Manage data
DS12 Manage the physical environment
DS13 Manage operations
Monitor and Evaluate (ME)
ME1 Monitor and evaluate IT performance.
ME2 Monitor and evaluate internal control.
ME3 Ensure compliance with external requirements.
ME4 Provide IT governance

Use of the COBIT in practice: COBIT represents a de-facto standard for management practices and for the control and audit of
ITC in the organization. It is therefore intended primarily for top managers to assess the functioning of ICT and for the auditor to
carry out the audit of ICT management systems. Unlike ITIL, that is more designed for IT manager (CIO).

Related terms and methods:

Governance
IT Governance
ITIL (Information Technology Infrastructure Library)

Related management field:

Informatics

Other information and sources (International)

ISACA
COBIT 4.1 Framework for IT Governance and Control
COBIT 5 A Business Framework for the Governance and Management of Enterprise IT
ITGI Governance Institute

You might also like