Also available in: Chinese Simplified | Chinese Traditional | German |
Indonesian | Japanese | Korean | Malay | Portuguese | Spanish
Rolling Meadows, IL, USA (16 December 2005)—The IT Governance Institute released today a significant update of Control Objectives for Information and related Technology (COBIT), an internationally accepted IT governance framework used by major companies worldwide. COBIT provides an authoritative, international set of generally accepted practices that help boards of directors, executives and managers increase the value of IT and reduce related risks.
“Executives realize the significant impact information has on the success of their enterprises and the increasing governance responsibility they possess to ensure that success,” said Erik Guldentops, CISA, CISM, a management consultant in Brussels, Belgium, and a member of the COBIT development team since inception. “The new edition of COBIT provides good practices and links upward to support the IT governance requirements of executives and boards, while also linking downward to address the more detailed requirements of those responsible for solution and service delivery. This provides further support to optimize IT investments, ensure value delivery and mitigate IT risk in a transparent manner.”
Although COBIT is also widely used as a tool for Sarbanes-Oxley (SOX) compliance, its earlier editions pre-date much of the current control legislation, including SOX. It is a product of more than 10 years of research and cooperation among global IT and business experts, and is available as an open standard at COBIT Online.
The new edition—COBIT 4.0—provides a stronger business focus to address the evolving responsibilities of boards and employees. COBIT 4.0 marks the first major update of the COBIT core content since the release of COBIT 3rd Edition in 2000. The first edition was published in 1994. Case studies of COBIT implementations at major international enterprises are available at Case Studies.
“COBIT 4.0 does not look like an academic tome; there is useful material on every page,” said Christopher Fox, ACA. “It has the potential to be a document that will be dog-eared and well used.”
COBIT 4.0 includes guidance for boards of directors and all levels of management. It consists of four sections:
- The executive overview
- The framework
- The core content (control objectives, management guidelines and maturity models)
- Appendices (mappings, cross-references and a glossary)
The core content is divided according to the 34 IT process and gives a complete picture of how to control, manage and measure each process.
In addition, COBIT 4.0:
- Analyzes how the detailed control objectives can be mapped to the five IT governance domains to identify potential gaps
- Harmonizes and maps COBIT to other standards (ITIL, CMM, COSO, PMBOK, ISF and ISO 17799)
- Clarifies key goal indicator (KGI) and key performance indicator (KPI) relationships, identifying how KPIs drive the achievement of KGIs
- Links business goals, IT goals and IT processes (detailed research in eight industries results in a clearer insight into how COBIT processes support the achievement of specific IT goals and, by extension, business goals)
COBIT 4.0 replaces the third edition components Executive Summary, Framework, Control Objectives and Management Guidelines. Work is underway to address Audit Guidelines. The introduction of COBIT 4.0 does not invalidate work done with COBIT 3rd Edition, but provides the opportunity to build on that work and further improve IT governance and control arrangements, where appropriate.
Much of COBIT is available for complimentary download at www.isaca.org/cobit. Print copies can be purchased at the ISACA Bookstore (www.isaca.org/bookstore) for
US $190. A complimentary webcast offering an in-depth look at COBIT 4.0 is available.
COBIT® (Control Objectives for Information and related Technology®),issued by ITGI, is internationally accepted as good practice for control over information, IT and related risks. COBIT is used to implement governance over IT and improve IT controls. It contains control objectives, audit guidelines, performance and outcome metrics, critical success factors and maturity models.
The IT Governance Institute® (ITGI) (www.itgi.org) was established in 1998 to advance international thinking and standards in directing and controlling an enterprise’s information technology. Effective IT governance helps ensure that IT supports business goals, optimizes business investment in IT, and appropriately manages IT-related risks and opportunities. The IT Governance Institute developed Control Objectives for Information and related Technology (COBIT) and offers original research and case studies to assist enterprise leaders and boards of directors in their IT governance responsibilities.
Kristen Bertholomey, +1.847.590.7455, firstname.lastname@example.org
Deborah Vohasek, +1.847.590.7466, email@example.com
IT Governance Institute
3701 Algonquin Road, Suite 1010
Rolling Meadows, IL 60008