|
SOX / CobIT |
|
SOX / COBIT
For organizations that must link IT and Technology integrity with Sarbanes-Oxley compliance, we offer a series of assessments and control programs based on CobIT.
Control Objectives for Information and related Technology is an open standard of IT Governance Institute. It is published by ISACA – The Information Systems Audit and Control Association & Foundation. It is designed to help audit of IT operations.
Use is based on business objectives in the COBIT Framework. Organizations select IT processes and controls as appropriate from the COBIT Control Objectives and as usually reflected in an organizational business plan. The goal of the audits is to assess procedures and results with COBIT Audit Guidelines, to assess status of the organization, identify critical success factors, and to measure performance with the COBIT Management Guidelines. It is also used to help develop a sound set of processes.
The standard holds 34 Information Technology control objectives: • 11 planning and organization • 6 acquisition and implementation • 13 delivery and support • 4 monitoring
Each IT process is supported by: • 8-10 Critical Success Factors • 5-7 Key Goal Indicators • 6-8 Key Performance Indicators
Critical Success Factors are used as management’s key issues to control and core actions to take. They are focused on implementing and controlling the right processes. Key Goal Indicators are used to determine whether an IT process has achieved its goals and they focus on monitoring the achievement of the goals. Key Performance Indicators are sued to measures of how well an IT process is performing and focuses on monitoring performance to predict goal achievement. |
