Business analysts should become familiar with this framework if they are not already, as this framework embodies the same key principle of business analysis, which is delivering value the business.ĬOBIT has evolved significantly since it was first introduced in 1996 as an audit framework, designed mostly for internal IS auditors. The principles, practices, analytical tools and models found in COBIT 5 embody thought leadership and guidance from global business and IT leaders and governance experts. COBIT 5 provides an end-to-end business view of the governance of enterprise IT (GEIT), reflecting the central role of both information and technology in creating value for the business. It is expected to be the most significant evolution in the framework’s 16-year history. COBIT 5 is the latest edition of ISACA’s globally accepted IT governance framework. IT governance therefore enables an enterprise to take full advantage of its information, thereby maximizing benefits, capitalizing on opportunities, and gaining a competitive advantage.ISACA has officially announced that COBIT 5 will be generally available on April 12, 2012.
Furthermore, IT governance integrates and institutionalizes good practices to ensure that an enterprise’s IT organization supports business objectives. IT governance is the responsibility of executives and the board of directors, and consists of the leadership, organizational structures and processes that ensure that the enterprise’s IT sustains and extend the organization’s strategies and objectives. In addition to supporting the COSO framework, and hence Sarbanes-Oxley requirements, the COBIT framework addresses IT governance more broadly. COBIT provides controls that address operational and compliance objectives related directly to financial reporting. Additional details regarding IT control considerations can be found in COBIT, a control framework published by the IT Governance Institute. The Committee of the Sponsoring Organizations (COSO) provides a high-level view of the components of an IT control framework necessary for meeting SOX compliance however, it does not provide details on how to execute the framework.
0 kommentar(er)
