Jason Singer CYBR 615 7.2
-
Upload
jason-singer -
Category
Documents
-
view
221 -
download
0
Transcript of Jason Singer CYBR 615 7.2
-
7/27/2019 Jason Singer CYBR 615 7.2
1/14
COBIT and IT GovernanceJASON SINGE
CYBR 61
7/21/1
-
7/27/2019 Jason Singer CYBR 615 7.2
2/14
Why are we here today?
Centralized control over IT and aligning it with
the business goals of Newton and Newton.
IT Governance
Control Objectives for Information and relatedTechnology (COBIT) is a framework for informationtechnology that allows managers to have oversight oveIT and build value rather than cost.
-
7/27/2019 Jason Singer CYBR 615 7.2
3/14
COBIT
Executives should will be ableUse metrics to gaugeeffectiveness of IT
Direct IT for optimaladvantage
Discover and mitigate IT Risk
-
7/27/2019 Jason Singer CYBR 615 7.2
4/14
How Does COBIT Support theGovernance of IT?
Bottom-line: COBIT will increase the value of IT
COBIT supports the Governance of IT by providing a framewthat:
IT is aligned withthe business
IT enables thebusiness and
maximizes benefits
IT resources areused responsibly
IT risks amanage
appropria
-
7/27/2019 Jason Singer CYBR 615 7.2
5/14
COBIT
Delivery of actualservices
Training
Security
Metrics
Oversight over controlprocesses
External audit
Identify IT solutions
Developed oracquired
Implemented in to
business processesMaintenance ofexisting systems
Strategy andtactics
Determine how ITcan contribute tobusiness goals
Plan andOrganization
Acquire andImplement
Deliver andSupport
Monitor andEvaluate
-
7/27/2019 Jason Singer CYBR 615 7.2
6/14
Plan and Organize
To realize the IT strategy, IT solutions need tobe identified, developed or acquired, aswell as implemented and integrated intothe business process.
In addition, changes in and maintenanceof existing systems are covered by thisdomain to make sure that the life cycle iscontinued for these systems.
-
7/27/2019 Jason Singer CYBR 615 7.2
7/14
Acquire and Implement
To realize the IT strategy, IT solutions need tobe identified, developed or acquired, aswell as implemented and integrated intothe business process.
In addition, changes in and maintenanceof existing systems are covered by thisdomain to make sure that the life cycle iscontinued for these systems.
-
7/27/2019 Jason Singer CYBR 615 7.2
8/14
Deliver and Support
This domain is concerned with the actual delivery ofrequired services, which range from traditional operationsover security and continuity aspects to training.
In order to deliver services, the necessary supportprocesses must be set up.
This domain includes the actual processing of data byapplication systems, often classified under applicationcontrols.
-
7/27/2019 Jason Singer CYBR 615 7.2
9/14
Monitor and Evaluate
All IT processes need to be regularly assessed overtime for their quality and compliance with controlrequirements.
This domain thus addresses managements oversighof the organization's control process andindependent assurance provided by internal andexternal audit or obtained from alternative sources.
-
7/27/2019 Jason Singer CYBR 615 7.2
10/14
Who else is using COBIT for ITGovernance?
-
7/27/2019 Jason Singer CYBR 615 7.2
11/14
Benefits of COBIT
Common language between Executives, business staff and IT Staff
Leaders will better understand what IT is capable of
Leaders will be able to integrate IT in to business objectives
Ultimately get more from IT
IT will cost less as it will become more efficient and optimized
Reduce operation risk by having the right controls in place
-
7/27/2019 Jason Singer CYBR 615 7.2
12/14
Bottom Line
Implementing COBIT will establish a
link between IT and the business
with oversight from Executives who
will ensure that IT is postured to addvalue to the business.
-
7/27/2019 Jason Singer CYBR 615 7.2
13/14
COBIT and IT Governance
Questions?
-
7/27/2019 Jason Singer CYBR 615 7.2
14/14
References:
COBIT 4.1 brochure (http://www.isaca.org/Knowledge-Center/cobit/Documents/CobiT-Products.pdf)
Cedarville University(http://www.cedarville.edu/Search.aspx?q=gray_audit_presentation)
http://www.isaca.org/Knowledge-Center/cobit/Documents/CobiT-Products.pdfhttp://www.isaca.org/Knowledge-Center/cobit/Documents/CobiT-Products.pdfhttp://www.cedarville.edu/Search.aspx?q=gray_audit_presentationhttp://www.cedarville.edu/Search.aspx?q=gray_audit_presentationhttp://www.isaca.org/Knowledge-Center/cobit/Documents/CobiT-Products.pdfhttp://www.isaca.org/Knowledge-Center/cobit/Documents/CobiT-Products.pdfhttp://www.isaca.org/Knowledge-Center/cobit/Documents/CobiT-Products.pdfhttp://www.isaca.org/Knowledge-Center/cobit/Documents/CobiT-Products.pdfhttp://www.isaca.org/Knowledge-Center/cobit/Documents/CobiT-Products.pdf