Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

DS9.2 - Identification and Maintenance of Configuration Items

This topic is intended to enable collaboration and sharing of information to facilitate a better understanding and approach to implementing this COBIT control objective based on the risk, value and guidance provided by its corresponding control practices.

COBIT Control Objective DS9.2 - Identification and Maintenance of Configuration Items is contained within Process Popup Manage the Configuration.

Learn more about COBIT and related publications.

Click “Join This Community” to be able to actively participate in discussions and contribute content. You must be an ISACA member to join this topic. Join ISACA now.

 
This Topic Has:
8 Members
1 Online
4819 Visits

 Recent Discussions

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Badge: Energizer


Identification and Maintenance of Configuration Items

Establish configuration procedures to support management and logging of all changes to the configuration repository. Integrate these procedures with change management, incident management and problem management procedures.

View value and Risk Drivers  help

Hide value and Risk Drivers help


Value Drivers

  • Effective change and incident management
  • Compliance with accounting requirements
  Risk Drivers
  • Failure to identify business-critical components
  • Uncontrolled change management, causing business disruptions
  • Inability to assess the impact of a change because of inaccurate information
  • Inability to accurately account for assets

View Control Practices  help

Hide Control Practices  help

  1. Define and implement a policy requiring all configuration items and their attributes and versions to be identified and maintained.
  2. Tag physical assets according to a defined policy. Consider using an automated mechanism, such as barcodes.
  3. Define a policy that integrates incident, change and problem management procedures with the maintenance of the configuration repository.
  4. Define a process to record new, modified and deleted configuration items and their relative attributes and versions. Identify and maintain the relationships between configuration items in the configuration repository.
  5. Establish a process to maintain an audit trail for all changes to configuration items.
  6. Define a process to identify critical configuration items in relationship to business functions (component failure impact analysis).
  7. Record all assets—including new hardware and software, procured or internally developed—within the configuration management data repository.
  8. Define and implement a process to ensure that valid licences are in place to prevent the inclusion of unauthorised software.

Discussions: 0 total

Must be a Topic member to contribute

No Results Found

Documents & Publications: 23 total

Must be a Topic member to contribute
View All »
Books
Posted by ISACA 498 days ago
Books
Posted by ISACA 827 days ago
ICQs and Audit Programs
Posted by ISACA 1277 days ago
ICQs and Audit Programs
Posted by ISACA 1409 days ago
Books
Posted by ISACA 1537 days ago

Events & Online Learning: 0 total

No Results Found

Journal Articles: 34 total

Volume 5, 2017
by Filip Caron, Ph.D.
Blockchain technology, commonly expected to drive the next wave of digital infrastructure and process innovation, is rapidly developing into maturity.
Volume 4, 2017
by Rassoul Ghaznavi-Zadeh, CISM, COBIT Foundation, SABSA, TOGAF
Traditionally, security architecture consists of some preventive, detective and corrective controls that are implemented to protect the enterprise infrastructure and applications.
Volume 4, 2017
by Mathew Nicho, Ph.D., CEH, CIS, ITIL Foundation, RWSP, SAP, Shafaq Khan, Ph.D., CIS, PMBOK, PMP, SAP, and Ram Mohan, CRISC, CISM, CGEIT, ISO 27001, ITIL Foundation
A key issue often cited by information systems (IS) executives in the last three decades is aligning IT with business, which assists in realizing value from IT investments.
Volume 3, 2017
by Vasant Raval, DBA, CISA, ACMA, and Rajesh Sharma, Ph.D., ITIL-F, Six Sigma Black Belt
Success does not teach much, if anything; it is the failure that provides lessons to do better in the future.
Volume 1, 2017
by Graciela Braga, CGEIT, COBIT Foundation, CPA
When discussing the impact of IT on cities, some questions arise: How have cities been transformed by IT? Can this transformation be measured? What are the benefits and risk factors of the transformation?
Volume 6, 2016
by Sunil Bakshi, CISA, CGEIT, CISM, CRISC, ABCI, AMIIB, BS 25999 LI, CEH, CISSP, ISO 27001 LA, MCA, PMP
During the past 30 years, enterprises have been embracing new methods to transform their operations to use IT and related technology to provide a higher level of customer service.

Wikis: 2 total

Blog Posts: 16 total

Information Security and Privacy is hot issue at present time. Number of security breaches is rapidly increasing.  In case of late detection, costs of breaches are skyrocketing. In the same time Artificial Intelligence (AI), Machine Learning (ML) are fast...
Posted By : Dragan Pleskonjic | 0 comments
My previous blog under name "Dragan on Security" was at location: http://conwex.info/blog/. It was active from August 28, 2005 to October 3, 2012. By beginning of 2017 it is moved to new location http://www.dragan-pleskonjic.com/blog/. With possibility to...
Posted By : Dragan Pleskonjic | 0 comments
28 Sep 2017
Recently, I witnessed an interesting webcast by Scopism, an UK-based consulting and training company. They announced the publication of the SIAM(c) Foundation Body of Knowledge, available for free through their website www.scopism.com. Service Integration...
Posted By : Peter873 | 0 comments
The real success story is adoption of technology, and adoption is possible if the team which is implementing the Tech solution have vision and purpose of that solution to be adoptable by larger users / stake holders. We always do not get green field proje...
Posted By : Gopal207 | 0 comments
Few days ago the person behind the Hacking Team hack revealed how he did it in pastebin - (the original in Spanish) https://pastebin.com/raw/GPSHF04A I was very keen to understand how good you need to be to hack back one of the most (in)famous hacki...
Posted By : TiagoRosado | 0 comments
“Enterprise architecture is now a strategic componentof every forward-thinking organization around the world.”Source: http://feapo.org/press-release-ea-perspectives-white-paper/ Related Article: Common Perspective on Enterprise Architecture: http://feapo....
Posted By : SA | 1 comments