COBIT® stands for ‘Control Objectives for Information and related Technology’ and is increasingly internationally accepted as good practice for control over information, IT and related risks. It is a governance and control framework with guidance for IT controls that focuses on "What needs to be achieved" rather than "How to achieve." Its guidance enables an enterprise to implement effective governance over IT that is pervasive and intrinsic throughout the enterprise.
COBIT is closely linked to COSO, the most common control framework to deal with Regulatory requirements. For this reason COBIT is widely accepted as the IT control framework that can be used to meet regulatory compliance requirements such as Sarbanes Oxley, Basel II, etc.
The IT Service management community is looking into COBIT as well in order to use the detailed COBIT' control objectives in setting measurement criteria. |
