Introduction

Getting Started

COBiT Basics

The COBiT Domains and Control Objectives

The COBiT Management Guidelines

IT Governance Metrics

Risk Assessment

CobiT FAQ

	What is the purpose of CobiT?
	Who is using CobiT?
	Who are the Process owners?
	Why was the orientation of CobiT focussed on the process rather than functions or applications?
	How robust are the business requirements?
	What is the overall quality of CobiT, and were there any process owners/ executives that were part of the review?
	What is the future direction of CobiT?
	How did ISACF decide on the list of primary references?
	Can I use CobiT as a statement of criteria for specific audit conclusions?
	Are the control objectives meant to be a minimum level of control or best practice?
	What about the absence of platform specific controls?
	Where are the application controls?
	Why is there overlap within the Control Objectives?
	Are the Control Objectives linked to the Audit Guidelines and to what degree?
	Why are there not any risk statements with the control objectives?
	What training is available for the use of CobiT?
	Who in my organisation should go to the training?
	What is the level of training required?
	Why are there differences between the detailed control objectives and the control considerations?
	In what way can I suggest to IT management that they use CobiT?
	Is the CobiT Framework superior to other accepted control models?
	What is the quickest and best way to sell CobiT to IT managers?
	Will future versions of CobiT give consideration to the perceived need for risk identification?
	Has CobiT and its Framework been accepted by CIO's?
	How are the Management Guidelines integrated into the CobiT Framework?

CobiT Implementation Tool Set

Using CobiT Online - Credits