Press Release

 

 New ISACA Guide Shows How Updated COSO Framework Relates With COBIT 5 

Rolling Meadows, IL, USA (26 March 2014)—A new guide released today by ISACA shows how the latest versions of the COSO Internal Control—Integrated Framework and COBIT relate and helps professionals who use both frameworks to create business value for enterprises in all industries and geographies.

“Relating the COSO Internal Control—Integrated Framework and COBIT” looks at the updated COSO framework, which now includes a stronger emphasis on information technology, and examines the related COBIT 5 components. The paper outlines COBIT 5’s relationship to specific COSO principles and matches the relevant COBIT 5 framework content with the associated COSO framework concept.

COSO’s internal control framework helps management, boards of directors and others with their duties regarding internal control. COBIT is used by enterprises worldwide to effectively govern and manage their information and technology. Recently, COBIT was included as an informative reference in the new US Cybersecurity Framework developed by NIST.

“With the updates in the last couple of years of both COBIT and the COSO framework, many enterprises have been asking if the two are still complementary,” said Steven Babb, CGEIT, CRISC, ITIL, chair of the ISACA Framework Committee. “This paper answers that question with a resounding yes, and shows exactly how the two relate. By using both together, organizations can be confident that they are following proven guidance on assessing and improving their internal control practices within an effective governance structure.”

“Relating the COSO Internal Control—Integrated Framework and COBIT” is available free of charge at www.isaca.org/coso-and-cobit. Additional information about the COSO framework is at www.coso.org/ic.htm. The COBIT 5 framework is a free download at www.isaca.org/cobit.

 

About ISACA

With more than 110,000 constituents in 180 countries, ISACA (www.isaca.org) helps business and IT leaders maximize value and manage risk related to information and technology. Founded in 1969, the nonprofit, independent ISACA is an advocate for professionals involved in information security, assurance, risk management and governance. These professionals rely on ISACA as the trusted source for information and technology knowledge, community, standards and certification. The association, which has 200 chapters worldwide, advances and validates business-critical skills and knowledge through the globally respected Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in the Governance of Enterprise IT (CGEIT) and Certified in Risk and Information Systems Control (CRISC) credentials. ISACA also developed and continually updates COBIT, a business framework that helps enterprises in all industries and geographies govern and manage their information and technology.

Participate in the ISACA Knowledge Center: www.isaca.org/knowledge-center

Follow ISACA on Twitter:  https://twitter.com/ISACANews

Join ISACA on LinkedIn: ISACA (Official), http://linkd.in/ISACAOfficial

Like ISACA on Facebook: www.facebook.com/ISACAHQ

 

Contact:

Kristen Kessinger, +1.847.660.5512, news@isaca.org  

Joanne Duffer, +1.847.660.5564, news@isaca.org

Rachel Acevedo, +1.847.660.5617, news@isaca.org