Getting started > Getting started overview
|
Getting started > Getting started overview |
|
Control within an entity comprises of the policies, procedures, practices and organisational structures designed to provide reasonable assurance that the use of IT will enable the achievement of business objectives and that undesired events will be prevented, or detected and corrected.
A Control Objective is a statement of the desired result or purpose to be achieved by implementing control procedures for a particular IT activity.
IT Governance is the structure of relationships and processes to direct and control the enterprise in order to achieve the entity's goals by adding value while balancing risk with the return on IT and its processes.
CobiT provides generally accepted practices for managing and controlling Information and Information Technology (IT) resources. CobiT was designed for three audiences-management, users, and auditors (or persons performing evaluations or assessments):
 |
Management - to balance risk and to control investments in IT. |
|
Users - to obtain assurance about the IT services received. |
|
Process Owners - to discharge their responsibility for controlling the information aspects of the processes. |
|
Auditors - to plan, audit and report on the systems of internal control established over IT processes. |
CobiT provides details about the Controls necessary, the Control Objectives and IT Governance, together with an Implemetation Tool Set and case studies.
Before getting started, it would be appropriate to become familiar with the above by reading through the CobiT material.
|