Institute of Internal Auditors COBIT Presentation October 9, 2001 - PowerPoint PPT Presentation

1 / 31
About This Presentation
Title:

Institute of Internal Auditors COBIT Presentation October 9, 2001

Description:

Executive Summary. Framework. Control Objectives. Audit Guidelines. Management ... Executive Summary. Provides a synopsis of COBIT's objectives and processes ... – PowerPoint PPT presentation

Number of Views:99
Avg rating:3.0/5.0
Slides: 32
Provided by: james636
Category:

less

Transcript and Presenter's Notes

Title: Institute of Internal Auditors COBIT Presentation October 9, 2001


1
Institute of Internal AuditorsCOBIT
PresentationOctober 9, 2001
2
For More Information on COBIT
  • Phone
  • 847-253-1545
  • Email
  • research_at_isaca.org
  • Websites
  • www.Itgovernance.org
  • www.isaca.org

3
Cost
  • ISACA Member 115
  • Non-Member 225

4
Background
  • Control OBjectives for Information and related
    Technology
  • Originally released in 1996 by the Information
    Systems Audit and Control Foundation (ISACF)
  • Current primary publisher is the IT Governance
    Institute - formed by the Information Systems
    Audit and Control Association (ISACA) in 1998
  • COBIT was formed through research of sources such
    as the technical standards from ISO, codes of
    conduct issued by the Council of Europe and
    ISACA, professional standards for internal
    control and auditing issued by COSO, AICPA, GAO,
    etc.
  • The above sources were used to formulate COBIT to
    be both pragmatic and responsive to business
    needs while being independent of the technical IT
    platforms adopted in an organization.

5
The COBIT Mission
  • To research, develop, publicize and promote an
    authoritative, up-to-date, international set of
    generally accepted information technology control
    objectives for day-to-day use by business
    managers and auditors

6
Objectives of COBIT
  • To provide a framework to bridge gaps between
    business risks, control needs and technical
    issues in order to maximize benefits, capitalize
    on opportunities and gain competitive advantage

7
Components
  • Executive Summary
  • Framework
  • Control Objectives
  • Audit Guidelines
  • Management Guidelines

8
Executive Summary
  • Provides a synopsis of COBITs objectives and
    processes

9
Framework
  • A tool to be used as a comprehensive guidance for
    users, auditors, management business process
    owners

10
Control Objectives
  • Generically defined high-level business needs
    organized by process/activity used to facilitate
    the implementation of a process

11
Audit Guidelines
  • A template used to facilitate the obtaining,
    evaluating, assessing and substantiating of of
    information needed to evaluate overall control

12
Management Guidelines
  • Set of action oriented guidelines developed to
    assist management in answering
  • Does the benefit outweigh the cost?
  • What are the indicators of good performance?
  • What are the critical success factors?
  • What are the risks of not achieving our
    objectives?
  • What do others do?
  • How do we measure and compare?

13
COBIT Family of Products
14
Framework (see handout)
  • 4 Domains
  • Planning Organization
  • Acquisition Implementation
  • Delivery Support
  • Monitoring
  • 34 Control Objectives
  • 318 Detailed Control Objectives

15
(No Transcript)
16
Audit Guidelines
  • Obtain Understanding
  • Interviewing
  • Obtaining
  • Evaluate Controls
  • Considering
  • Assess Compliance
  • Testing
  • Substantiate Risk
  • Performing
  • Identifying

17
Management Guidelines
  • Critical Success Factors
  • Key Goal Indicators
  • Key Performance Indicators
  • Maturity Model

18
Example
  • Manage Changes

19
Domain
  • Acquisition Implementation

20
Control Objective
  • AI6

21
Detailed Control Objectives
  • Change Request Initiation and Control
  • Impact Assessment
  • Control of Changes
  • Emergency Changes
  • Documentation and Procedures
  • Authorized Maintenance
  • Software Release Policy
  • Distribution of Software

22
Audit Guidelines
  • Obtain Understanding
  • Interviewing
  • Obtaining
  • Evaluate Controls
  • Considering
  • Assess Compliance
  • Testing
  • Substantiate Risk
  • Performing
  • Identifying

23
Management Guidelines
  • Non-existent
  • Initial/Ad Hoc
  • Repeatable but Intuitive
  • Defined Process
  • Managed Measurable
  • Optimized

24
Findings
  • Issues
  • Benchmarking

25
Adopting COBIT Tool Set
26
Adopting COBIT Tool Set
27
Adopting COBIT Tool Set
28
Adopting COBIT Tool Set
29
Adopting COBIT Tool Set
30
Adopting COBIT Tool Set
31
COBIT Case Studies
  • Cedel Group
  • Office of the State Auditor of Massachusetts
  • PWC
  • Fidelity Investments
  • Department of Defense
  • Boston Gas Company
  • Santa Barbara Bank and Trust
  • Society for Worldwide Interbank Financial
    Telecommunication
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Institute of Internal Auditors COBIT Presentation October 9, 2001" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!