*** Welcome to piglix ***

COBIT


COBIT (Control Objectives for Information and Related Technologies) is a good-practice framework created by international professional association ISACA for information technology (IT) management and IT governance. COBIT provides an implementable "set of controls over information technology and organizes them around a logical framework of IT-related processes and enablers."

ISACA first released COBIT in 1996, originally as a set of control objectives to help the financial audit community better maneuver in IT-related environments. Seeing value in expanding the framework beyond just the auditing realm, ISACA released a broader version 2 in 1998 and expanded it even further by adding management guidelines in 2000's version 3. The development of both the AS 8015: Australian Standard for Corporate Governance of Information and Communication Technology in January 2005 and the more international draft standard ISO/IEC DIS 29382 (which soon after became ISO/IEC 38500) in January 2007 increased awareness of the need for more information and communication technology (ICT) governance components. ISACA inevitably added related components/frameworks with versions 4 and 4.1 in 2005 and 2007 respectively, "addressing the IT-related business processes and responsibilities in value creation (Val IT) and risk management (Risk IT)."

In April 2012, COBIT 5 was released. Several drivers were responsible for the transition from 4.1 to 5:

An add-on for COBIT 5 related to information security was released on December 2012, and one related to assurance was released in June 2013.

COBIT was initially "Control Objectives for Information and Related Technologies," though before the release of the framework people talked of "CobiT" as "Control Objectives for IT" or "Control Objectives for Information and Related Technology." The framework defines a set of generic processes for the management of IT, with each process defined together with process inputs and outputs, key process-activities, process objectives, performance measures and an elementary maturity model. COBIT also provides a set of recommended best practices for governance and control process of information systems and technology with the essence of aligning IT with business. COBIT 5 consolidates COBIT 4.1, Val IT and Risk IT into a single framework acting as an enterprise framework aligned and interoperable with other frameworks and standards.


...
Wikipedia

...