COBIT Mapping: Mapping FFIEC With COBIT 4.1 

 

COBIT® Mapping: Mapping FFIEC With COBIT® 4.1  Download the PDF (Member Only, 915K)
Bookstore Purchase the Book

  Provide feedback on this document
Knowledge Center  Visit the COBIT - Implementation Knowledge Center community
Knowledge Center  Visit the COBIT - Use it Effectively Knowledge Center community

This is a mapping of the Federal Financial Institutions Examination Council (FFIEC) Information Technology (IT) Examination Handbook with COBIT 4.1. US financial institutions, examiners/auditors, and external assurance and advisory professionals that have regulatory requirements or interests under the FRB, FDIC, NCUA, OCC and OTS are the primary target audience of FFIEC.

The content of the FFIEC IT Examination Handbook Booklets is divided into sections and sub-sections. However, there is no numerical categorization to logically identify each of the sections and sub-sections in the booklets. Therefore, as part of this mapping exercise, a numerical index of the FFIEC sections (including subsections) was developed for each of the booklets.

The FFIEC IT Examination Handbook—Information Security Booklet provides guidance for storage of data on media, which is to be secured physically with environmental controls. This section was mapped to the following COBIT control objectives:

  • DS11.6 Security requirements for data management
  • DS12.1 Site selection and layout
  • DS12.3 Physical access
  • DS12.4 Protection against environmental factors