SlideShare a Scribd company logo

Accountability Corbit Overview 06262007

H
Humberto Bruno Pontes Silva
Economy & Finance
1 of 27
CobiT 4.1 Information Technology Control Objectives & Control Practices John W. Beveridge Office of the State Auditor Enterprise Security Board Security Awareness Day June 26, 2007
[object Object],[object Object],CobiT
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],CobiT's Scope
Perspective on CobiT’s Control Definition Information Systems Need to Be Controlled ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Control ( as defined by COBIT ) ,[object Object]
To Achieve Business Objectives To Avoid Risks, Threats and Exposures Control (as defined by COBIT) The policies, procedures, practices and organizational structures designed to provide reasonable assurance that business objectives will be achieved and that undesired events will be prevented or detected and corrected. Source: COBIT Control Objectives. P. 12.
CobiT promotes a healthy understanding about “reasonable assurance” and “residual risk” Knowing the acceptable levels for reasonable assurance and residual risk is a critical success factor for designing and managing an adequate framework of control
Assurance Level 100% Residual Risk 0% Reasonable Assurance
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
IT Management ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
IT Management Issues ,[object Object],[object Object],[object Object],[object Object]
IT Value ,[object Object],[object Object],[object Object],[object Object],[object Object]
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Need for IT Governance Control Framework
To Manage and Control IT, The Answer Lies In : ,[object Object],[object Object],[object Object],[object Object]
Organizations require a structured approach for managing these and other challenges. This will ensure that there are agreed objectives for IT, good management controls in place and effective monitoring of performance to keep on track and avoid unexpected outcomes. ,[object Object],Keeping IT Running Security Value/Cost Managing Complexity Aligning IT with Business Regulatory Compliance
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],PERFORMANCE MEASUREMENT RESOURCE MANAGEMENT RISK MANAGEMENT VALUE DELIVERY STRATEGIC ALIGNMENT www.itgi.org www.itgi.org
IT Governance Focus Areas ,[object Object],[object Object],[object Object],[object Object],[object Object]
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],COBIT helps bridge the gaps between business risks, control needs and technical issues. It provides good practices across a domain and process framework and presents activities in a manageable and logical structure. IT resources need to be managed by a set of naturally grouped processes. C OBI T provides a framework that achieves this objective. ,[object Object]
CobiT is an Authoritative Source ,[object Object],[object Object],[object Object],[object Object]
Organisations will consider and use a variety of IT models, standards and best practices. These must be understood in order to consider how they can be used together, with COBIT acting as the consolidator (‘umbrella’). C OBI T ISO 9000 ISO 17799 ITIL COSO WHAT HOW ,[object Object],SCOPE OF COVERAGE
PERFORMANCE: Business Goals CONFORMANCE Basel II, Sarbanes- Oxley Act, etc. Enterprise Governance IT Governance ISO 9001:2000 ISO 17799 ISO 20000 Best Practice Standards QA Procedures Processes and Procedures Drivers C OBI T COSO Security Principles ITIL Balanced Scorecard ,[object Object]
COBIT Cube The COBIT framework describes how IT processes deliver the information that the business needs to achieve its objectives. For controlling this delivery, COBIT provides three key components, each forming a dimension of the COBIT cube. Business Requirements for Information Criteria IT Resources IT Processes
COBIT: Premise ,[object Object],[object Object],i IT Resources and Processes Information Business Processes Business Objectives provide to for achieving
IT Resource Management ,[object Object]
COBIT Domains : Information Processes (3rd Component) Feedback Feedback Feedback Plan and Organize Acquire and Implement Deliver and Support Monitor and Evaluate
[object Object]
CobiT is Easily Available ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Recommended

What is GRC – Governance, Risk and Compliance
What is GRC – Governance, Risk and Compliance What is GRC – Governance, Risk and Compliance
What is GRC – Governance, Risk and Compliance BOC Group
 
Operational security | How to design your information security GRC (governanc...
Operational security | How to design your information security GRC (governanc...Operational security | How to design your information security GRC (governanc...
Operational security | How to design your information security GRC (governanc...Maxime CARPENTIER
 
Governance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesGovernance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesCapgemini
 
GRC
GRCGRC
GRCMaryam Hidayatallah CPFA,MIPA,MA,CICA
 
Grc governance, risk management & compliance
Grc governance, risk management & complianceGrc governance, risk management & compliance
Grc governance, risk management & complianceHR Globe Consulting
 
Governance risk and compliance
Governance risk and complianceGovernance risk and compliance
Governance risk and complianceMagdalena Matell
 
GRC - Isaca Training 16.9.2014
GRC - Isaca Training 16.9.2014GRC - Isaca Training 16.9.2014
GRC - Isaca Training 16.9.2014Paul Simidi
 
Enterprise Governance, Risk and Compliance
Enterprise Governance, Risk and ComplianceEnterprise Governance, Risk and Compliance
Enterprise Governance, Risk and ComplianceAxis Technology, LLC
 

Recommended

What is GRC – Governance, Risk and Compliance
What is GRC – Governance, Risk and Compliance What is GRC – Governance, Risk and Compliance
What is GRC – Governance, Risk and Compliance BOC Group
 
Operational security | How to design your information security GRC (governanc...
Operational security | How to design your information security GRC (governanc...Operational security | How to design your information security GRC (governanc...
Operational security | How to design your information security GRC (governanc...Maxime CARPENTIER
 
Governance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesGovernance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesCapgemini
 
GRC
GRCGRC
GRCMaryam Hidayatallah CPFA,MIPA,MA,CICA
 
Grc governance, risk management & compliance
Grc governance, risk management & complianceGrc governance, risk management & compliance
Grc governance, risk management & complianceHR Globe Consulting
 
Governance risk and compliance
Governance risk and complianceGovernance risk and compliance
Governance risk and complianceMagdalena Matell
 
GRC - Isaca Training 16.9.2014
GRC - Isaca Training 16.9.2014GRC - Isaca Training 16.9.2014
GRC - Isaca Training 16.9.2014Paul Simidi
 
Enterprise Governance, Risk and Compliance
Enterprise Governance, Risk and ComplianceEnterprise Governance, Risk and Compliance
Enterprise Governance, Risk and ComplianceAxis Technology, LLC
 
CMLGroup - What is GRC?
CMLGroup - What is GRC?CMLGroup - What is GRC?
CMLGroup - What is GRC?CML Group
 
it grc
it grc it grc
it grc 9535814851
 
GRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance ExecutiveGRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance ExecutiveMax Neira Schliemann
 
Ten Slides in Ten Minutes - Company Realities - GRC
Ten Slides in Ten Minutes - Company Realities - GRCTen Slides in Ten Minutes - Company Realities - GRC
Ten Slides in Ten Minutes - Company Realities - GRCBill Graham CP.APMP
 
Governance, Risk, Compliance & Trust (OCEG graphics removed)
Governance, Risk, Compliance & Trust (OCEG graphics removed)Governance, Risk, Compliance & Trust (OCEG graphics removed)
Governance, Risk, Compliance & Trust (OCEG graphics removed)Alex Todd
 
GRC 101 ISACA Bengaluru on 28th Dec 2013
GRC 101 ISACA Bengaluru on 28th Dec 2013GRC 101 ISACA Bengaluru on 28th Dec 2013
GRC 101 ISACA Bengaluru on 28th Dec 2013FixNix Inc.,
 
Simplifying IT GRC
Simplifying IT GRCSimplifying IT GRC
Simplifying IT GRCanand choudhary
 
Thematic compliance
Thematic complianceThematic compliance
Thematic complianceMaryam Hidayatallah CPFA,MIPA,MA,CICA
 
Governance Risk and Compliance - in Higher Education - Australia
Governance Risk and Compliance - in Higher Education - AustraliaGovernance Risk and Compliance - in Higher Education - Australia
Governance Risk and Compliance - in Higher Education - AustraliaMarissa McCauley
 
Governance, Risk & Compliance Management Solution
Governance, Risk & Compliance Management SolutionGovernance, Risk & Compliance Management Solution
Governance, Risk & Compliance Management SolutionRishabh Software
 
Fix nix, inc
Fix nix, incFix nix, inc
Fix nix, incFixNix Inc.,
 
Governance, risk and compliance framework
Governance, risk and compliance frameworkGovernance, risk and compliance framework
Governance, risk and compliance frameworkCeyeap
 
GRC Fundamentals
GRC FundamentalsGRC Fundamentals
GRC Fundamentals3Sixty Insights
 
138 مبادرة #تواصل_تطوير المحاضرة ال 138 من المبادرة دكتور مهندس / أكرم حسن اس...
138 مبادرة #تواصل_تطوير المحاضرة ال 138 من المبادرة دكتور مهندس / أكرم حسن اس...138 مبادرة #تواصل_تطوير المحاضرة ال 138 من المبادرة دكتور مهندس / أكرم حسن اس...
138 مبادرة #تواصل_تطوير المحاضرة ال 138 من المبادرة دكتور مهندس / أكرم حسن اس...Egyptian Engineers Association
 
Compliance Framework
Compliance FrameworkCompliance Framework
Compliance Frameworkbarnetdh
 
Security Governance by Risknavigator 2010
Security Governance by Risknavigator 2010Security Governance by Risknavigator 2010
Security Governance by Risknavigator 2010Lennart Bredberg
 
Busines Continuity And Compliance
Busines Continuity And ComplianceBusines Continuity And Compliance
Busines Continuity And Compliancesalamali
 
Compliance framework
Compliance frameworkCompliance framework
Compliance frameworkManoj Agarwal
 
Third Party Risk Management
Third Party Risk ManagementThird Party Risk Management
Third Party Risk ManagementEC-Council
 
Creating Value Through Enterprise Risk Management
Creating Value Through Enterprise Risk Management Creating Value Through Enterprise Risk Management
Creating Value Through Enterprise Risk Management Risk Management Institution of Australasia
 
Simple php backdoor_by_dk
Simple php backdoor_by_dkSimple php backdoor_by_dk
Simple php backdoor_by_dkStan Adrian
 
Certificados Digitais
Certificados DigitaisCertificados Digitais
Certificados DigitaisHumberto Bruno Pontes Silva
 

More Related Content

What's hot

CMLGroup - What is GRC?
CMLGroup - What is GRC?CMLGroup - What is GRC?
CMLGroup - What is GRC?CML Group
 
GRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance ExecutiveGRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance ExecutiveMax Neira Schliemann
 
Ten Slides in Ten Minutes - Company Realities - GRC
Ten Slides in Ten Minutes - Company Realities - GRCTen Slides in Ten Minutes - Company Realities - GRC
Ten Slides in Ten Minutes - Company Realities - GRCBill Graham CP.APMP
 
Governance, Risk, Compliance & Trust (OCEG graphics removed)
Governance, Risk, Compliance & Trust (OCEG graphics removed)Governance, Risk, Compliance & Trust (OCEG graphics removed)
Governance, Risk, Compliance & Trust (OCEG graphics removed)Alex Todd
 
GRC 101 ISACA Bengaluru on 28th Dec 2013
GRC 101 ISACA Bengaluru on 28th Dec 2013GRC 101 ISACA Bengaluru on 28th Dec 2013
GRC 101 ISACA Bengaluru on 28th Dec 2013FixNix Inc.,
 
Governance Risk and Compliance - in Higher Education - Australia
Governance Risk and Compliance - in Higher Education - AustraliaGovernance Risk and Compliance - in Higher Education - Australia
Governance Risk and Compliance - in Higher Education - AustraliaMarissa McCauley
 
Governance, Risk & Compliance Management Solution
Governance, Risk & Compliance Management SolutionGovernance, Risk & Compliance Management Solution
Governance, Risk & Compliance Management SolutionRishabh Software
 
Governance, risk and compliance framework
Governance, risk and compliance frameworkGovernance, risk and compliance framework
Governance, risk and compliance frameworkCeyeap
 
138 مبادرة #تواصل_تطوير المحاضرة ال 138 من المبادرة دكتور مهندس / أكرم حسن اس...
138 مبادرة #تواصل_تطوير المحاضرة ال 138 من المبادرة دكتور مهندس / أكرم حسن اس...138 مبادرة #تواصل_تطوير المحاضرة ال 138 من المبادرة دكتور مهندس / أكرم حسن اس...
138 مبادرة #تواصل_تطوير المحاضرة ال 138 من المبادرة دكتور مهندس / أكرم حسن اس...Egyptian Engineers Association
 
Compliance Framework
Compliance FrameworkCompliance Framework
Compliance Frameworkbarnetdh
 
Security Governance by Risknavigator 2010
Security Governance by Risknavigator 2010Security Governance by Risknavigator 2010
Security Governance by Risknavigator 2010Lennart Bredberg
 
Busines Continuity And Compliance
Busines Continuity And ComplianceBusines Continuity And Compliance
Busines Continuity And Compliancesalamali
 
Compliance framework
Compliance frameworkCompliance framework
Compliance frameworkManoj Agarwal
 
Third Party Risk Management
Third Party Risk ManagementThird Party Risk Management
Third Party Risk ManagementEC-Council
 

What's hot (20)

CMLGroup - What is GRC?
CMLGroup - What is GRC?CMLGroup - What is GRC?
CMLGroup - What is GRC?
 
it grc
it grc it grc
it grc
 
GRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance ExecutiveGRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance Executive
 
Ten Slides in Ten Minutes - Company Realities - GRC
Ten Slides in Ten Minutes - Company Realities - GRCTen Slides in Ten Minutes - Company Realities - GRC
Ten Slides in Ten Minutes - Company Realities - GRC
 
Governance, Risk, Compliance & Trust (OCEG graphics removed)
Governance, Risk, Compliance & Trust (OCEG graphics removed)Governance, Risk, Compliance & Trust (OCEG graphics removed)
Governance, Risk, Compliance & Trust (OCEG graphics removed)
 
GRC 101 ISACA Bengaluru on 28th Dec 2013
GRC 101 ISACA Bengaluru on 28th Dec 2013GRC 101 ISACA Bengaluru on 28th Dec 2013
GRC 101 ISACA Bengaluru on 28th Dec 2013
 
Simplifying IT GRC
Simplifying IT GRCSimplifying IT GRC
Simplifying IT GRC
 
Thematic compliance
Thematic complianceThematic compliance
Thematic compliance
 
Governance Risk and Compliance - in Higher Education - Australia
Governance Risk and Compliance - in Higher Education - AustraliaGovernance Risk and Compliance - in Higher Education - Australia
Governance Risk and Compliance - in Higher Education - Australia
 
Governance, Risk & Compliance Management Solution
Governance, Risk & Compliance Management SolutionGovernance, Risk & Compliance Management Solution
Governance, Risk & Compliance Management Solution
 
Fix nix, inc
Fix nix, incFix nix, inc
Fix nix, inc
 
Governance, risk and compliance framework
Governance, risk and compliance frameworkGovernance, risk and compliance framework
Governance, risk and compliance framework
 
GRC Fundamentals
GRC FundamentalsGRC Fundamentals
GRC Fundamentals
 
138 مبادرة #تواصل_تطوير المحاضرة ال 138 من المبادرة دكتور مهندس / أكرم حسن اس...
138 مبادرة #تواصل_تطوير المحاضرة ال 138 من المبادرة دكتور مهندس / أكرم حسن اس...138 مبادرة #تواصل_تطوير المحاضرة ال 138 من المبادرة دكتور مهندس / أكرم حسن اس...
138 مبادرة #تواصل_تطوير المحاضرة ال 138 من المبادرة دكتور مهندس / أكرم حسن اس...
 
Compliance Framework
Compliance FrameworkCompliance Framework
Compliance Framework
 
Security Governance by Risknavigator 2010
Security Governance by Risknavigator 2010Security Governance by Risknavigator 2010
Security Governance by Risknavigator 2010
 
Busines Continuity And Compliance
Busines Continuity And ComplianceBusines Continuity And Compliance
Busines Continuity And Compliance
 
Compliance framework
Compliance frameworkCompliance framework
Compliance framework
 
Third Party Risk Management
Third Party Risk ManagementThird Party Risk Management
Third Party Risk Management
 
Creating Value Through Enterprise Risk Management
Creating Value Through Enterprise Risk Management Creating Value Through Enterprise Risk Management
Creating Value Through Enterprise Risk Management
 

Viewers also liked

Simple php backdoor_by_dk
Simple php backdoor_by_dkSimple php backdoor_by_dk
Simple php backdoor_by_dkStan Adrian
 
Motive Power Technician - Technical Offering Focuses on Hands-on Skills
Motive Power Technician - Technical Offering Focuses on Hands-on SkillsMotive Power Technician - Technical Offering Focuses on Hands-on Skills
Motive Power Technician - Technical Offering Focuses on Hands-on Skillsjasonw93
 
ใบสมัครปริญญาโท
ใบสมัครปริญญาโทใบสมัครปริญญาโท
ใบสมัครปริญญาโทchetbouw
 
Nouveau document texte
Nouveau document texteNouveau document texte
Nouveau document texteSai Ef
 
Premio nacional ampliación de los plazos
Premio nacional ampliación de los plazosPremio nacional ampliación de los plazos
Premio nacional ampliación de los plazosOxígeno Bolivia
 
Primeros Auxilios y Reanimación Cardio Pulmonar
Primeros Auxilios y Reanimación Cardio PulmonarPrimeros Auxilios y Reanimación Cardio Pulmonar
Primeros Auxilios y Reanimación Cardio PulmonarUhma Salud
 

Viewers also liked (15)

Simple php backdoor_by_dk
Simple php backdoor_by_dkSimple php backdoor_by_dk
Simple php backdoor_by_dk
 
Certificados Digitais
Certificados DigitaisCertificados Digitais
Certificados Digitais
 
Motive Power Technician - Technical Offering Focuses on Hands-on Skills
Motive Power Technician - Technical Offering Focuses on Hands-on SkillsMotive Power Technician - Technical Offering Focuses on Hands-on Skills
Motive Power Technician - Technical Offering Focuses on Hands-on Skills
 
Plazast12012 sinnombres.docx (1)
Plazast12012 sinnombres.docx (1)Plazast12012 sinnombres.docx (1)
Plazast12012 sinnombres.docx (1)
 
ใบสมัครปริญญาโท
ใบสมัครปริญญาโทใบสมัครปริญญาโท
ใบสมัครปริญญาโท
 
Nouveau document texte
Nouveau document texteNouveau document texte
Nouveau document texte
 
Props c
Props cProps c
Props c
 
Premio nacional ampliación de los plazos
Premio nacional ampliación de los plazosPremio nacional ampliación de los plazos
Premio nacional ampliación de los plazos
 
Gamc festa della donna - invito
Gamc festa della donna - invitoGamc festa della donna - invito
Gamc festa della donna - invito
 
Competencias genéricas
Competencias genéricasCompetencias genéricas
Competencias genéricas
 
Acerca de las pilas
Acerca de las pilasAcerca de las pilas
Acerca de las pilas
 
Primeros Auxilios y Reanimación Cardio Pulmonar
Primeros Auxilios y Reanimación Cardio PulmonarPrimeros Auxilios y Reanimación Cardio Pulmonar
Primeros Auxilios y Reanimación Cardio Pulmonar
 
2016 GMekong Forum - S13 - intro to NSHD-M
2016 GMekong Forum - S13 - intro to NSHD-M2016 GMekong Forum - S13 - intro to NSHD-M
2016 GMekong Forum - S13 - intro to NSHD-M
 
Edema agudo de pulmon
Edema agudo de pulmon Edema agudo de pulmon
Edema agudo de pulmon
 
Caramel
CaramelCaramel
Caramel
 

Similar to Accountability Corbit Overview 06262007

COBIT 4.0
COBIT 4.0COBIT 4.0
COBIT 4.0bluekiu
 
gray_audit_presentation.ppt
gray_audit_presentation.pptgray_audit_presentation.ppt
gray_audit_presentation.pptKhalilIdhman
 
It governance in_higher_education_by_james_yung
It governance in_higher_education_by_james_yungIt governance in_higher_education_by_james_yung
It governance in_higher_education_by_james_yungnorsaidatul_akmar
 
02. cobit 41 dan iso 17799
02. cobit 41 dan iso 1779902. cobit 41 dan iso 17799
02. cobit 41 dan iso 17799Mulyadi Yusuf
 
MAKING SENSE OF IT GOVERNANCE
MAKING SENSE OF IT GOVERNANCEMAKING SENSE OF IT GOVERNANCE
MAKING SENSE OF IT GOVERNANCERudy Shoushany
 
IT Governance Framework
IT Governance FrameworkIT Governance Framework
IT Governance FrameworkSherri Booher
 
Chap2 2007 Cisa Review Course
Chap2 2007 Cisa Review CourseChap2 2007 Cisa Review Course
Chap2 2007 Cisa Review CourseDesmond Devendran
 
rethinking marketing
rethinking marketingrethinking marketing
rethinking marketingNavneet Singh
 
Governance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 FrameworkGovernance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 FrameworkGoutama Bachtiar
 
Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)Hendri Eka Saputra
 
IT Governance Vs IT Management Presentation V0.1
IT Governance Vs IT Management Presentation V0.1IT Governance Vs IT Management Presentation V0.1
IT Governance Vs IT Management Presentation V0.1Richard Willis
 

Similar to Accountability Corbit Overview 06262007 (20)

Cobit 41 framework
Cobit 41 frameworkCobit 41 framework
Cobit 41 framework
 
01 intro-cobit
01 intro-cobit01 intro-cobit
01 intro-cobit
 
COBIT 4.0
COBIT 4.0COBIT 4.0
COBIT 4.0
 
IT Governance - COBIT Perspective
IT Governance - COBIT PerspectiveIT Governance - COBIT Perspective
IT Governance - COBIT Perspective
 
gray_audit_presentation.ppt
gray_audit_presentation.pptgray_audit_presentation.ppt
gray_audit_presentation.ppt
 
It governance in_higher_education_by_james_yung
It governance in_higher_education_by_james_yungIt governance in_higher_education_by_james_yung
It governance in_higher_education_by_james_yung
 
It Governance Methodology Cox
It Governance Methodology CoxIt Governance Methodology Cox
It Governance Methodology Cox
 
CISSPills #3.02
CISSPills #3.02CISSPills #3.02
CISSPills #3.02
 
02. cobit 41 dan iso 17799
02. cobit 41 dan iso 1779902. cobit 41 dan iso 17799
02. cobit 41 dan iso 17799
 
MAKING SENSE OF IT GOVERNANCE
MAKING SENSE OF IT GOVERNANCEMAKING SENSE OF IT GOVERNANCE
MAKING SENSE OF IT GOVERNANCE
 
CobiT And ITIL Breakfast Seminar
CobiT And ITIL Breakfast SeminarCobiT And ITIL Breakfast Seminar
CobiT And ITIL Breakfast Seminar
 
Audit rizkie hafizzah
Audit rizkie hafizzahAudit rizkie hafizzah
Audit rizkie hafizzah
 
IT Governance Framework
IT Governance FrameworkIT Governance Framework
IT Governance Framework
 
Chap2 2007 Cisa Review Course
Chap2 2007 Cisa Review CourseChap2 2007 Cisa Review Course
Chap2 2007 Cisa Review Course
 
rethinking marketing
rethinking marketingrethinking marketing
rethinking marketing
 
Governance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 FrameworkGovernance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 Framework
 
Sharpening the Lens
Sharpening the LensSharpening the Lens
Sharpening the Lens
 
Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)
 
IT Governance Vs IT Management Presentation V0.1
IT Governance Vs IT Management Presentation V0.1IT Governance Vs IT Management Presentation V0.1
IT Governance Vs IT Management Presentation V0.1
 
COBIT 2019 - DIGITAL TRUST FRAMEWORK
COBIT 2019 - DIGITAL TRUST FRAMEWORKCOBIT 2019 - DIGITAL TRUST FRAMEWORK
COBIT 2019 - DIGITAL TRUST FRAMEWORK
 

More from Humberto Bruno Pontes Silva

More from Humberto Bruno Pontes Silva (20)

Confraria samba choro
Confraria samba choroConfraria samba choro
Confraria samba choro
 
Aula08 Sc
Aula08 ScAula08 Sc
Aula08 Sc
 
Ruy C Pq D Cbc 1 2007 10 29
Ruy C Pq D Cbc 1 2007 10 29Ruy C Pq D Cbc 1 2007 10 29
Ruy C Pq D Cbc 1 2007 10 29
 
Palestra Daniel Dias1
Palestra Daniel Dias1Palestra Daniel Dias1
Palestra Daniel Dias1
 
Portuguese Scrum
Portuguese ScrumPortuguese Scrum
Portuguese Scrum
 
RegulaçãO3
RegulaçãO3RegulaçãO3
RegulaçãO3
 
Backdoors
BackdoorsBackdoors
Backdoors
 
Apresentacao Aula04 So
Apresentacao Aula04 SoApresentacao Aula04 So
Apresentacao Aula04 So
 
Apresentacao Aula03 So
Apresentacao Aula03 SoApresentacao Aula03 So
Apresentacao Aula03 So
 
Ch06
Ch06Ch06
Ch06
 
2contecsi B
2contecsi B2contecsi B
2contecsi B
 
Apresentacao Aula02 So
Apresentacao Aula02 SoApresentacao Aula02 So
Apresentacao Aula02 So
 
Spin72
Spin72Spin72
Spin72
 
Spin72
Spin72Spin72
Spin72
 
Licitacoes
LicitacoesLicitacoes
Licitacoes
 
10 P R O C E S S O N O T C U
10 P R O C E S S O N O T C U10 P R O C E S S O N O T C U
10 P R O C E S S O N O T C U
 
Secex Sc Conhecendo O Tcu
Secex Sc Conhecendo O TcuSecex Sc Conhecendo O Tcu
Secex Sc Conhecendo O Tcu
 
Ch10
Ch10Ch10
Ch10
 
Ch03
Ch03Ch03
Ch03
 
Ch04
Ch04Ch04
Ch04
 

Recently uploaded

(DIYA) Bhumkar Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(DIYA) Bhumkar Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(DIYA) Bhumkar Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(DIYA) Bhumkar Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
VIP Call Girls Service Dilsukhnagar Hyderabad Call +91-8250192130
VIP Call Girls Service Dilsukhnagar Hyderabad Call +91-8250192130VIP Call Girls Service Dilsukhnagar Hyderabad Call +91-8250192130
VIP Call Girls Service Dilsukhnagar Hyderabad Call +91-8250192130Suhani Kapoor
 
The Economic History of the U.S. Lecture 18.pdf
The Economic History of the U.S. Lecture 18.pdfThe Economic History of the U.S. Lecture 18.pdf
The Economic History of the U.S. Lecture 18.pdfGale Pooley
 
TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...
TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...
TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...ssifa0344
 
20240429 Calibre April 2024 Investor Presentation.pdf
20240429 Calibre April 2024 Investor Presentation.pdf20240429 Calibre April 2024 Investor Presentation.pdf
20240429 Calibre April 2024 Investor Presentation.pdfAdnet Communications
 
WhatsApp 📞 Call : 9892124323 ✅Call Girls In Chembur ( Mumbai ) secure service
WhatsApp 📞 Call : 9892124323 ✅Call Girls In Chembur ( Mumbai ) secure serviceWhatsApp 📞 Call : 9892124323 ✅Call Girls In Chembur ( Mumbai ) secure service
WhatsApp 📞 Call : 9892124323 ✅Call Girls In Chembur ( Mumbai ) secure servicePooja Nehwal
 
06_Joeri Van Speybroek_Dell_MeetupDora&Cybersecurity.pdf
06_Joeri Van Speybroek_Dell_MeetupDora&Cybersecurity.pdf06_Joeri Van Speybroek_Dell_MeetupDora&Cybersecurity.pdf
06_Joeri Van Speybroek_Dell_MeetupDora&Cybersecurity.pdfFinTech Belgium
 
Instant Issue Debit Cards - School Designs
Instant Issue Debit Cards - School DesignsInstant Issue Debit Cards - School Designs
Instant Issue Debit Cards - School Designsegoetzinger
 
The Economic History of the U.S. Lecture 21.pdf
The Economic History of the U.S. Lecture 21.pdfThe Economic History of the U.S. Lecture 21.pdf
The Economic History of the U.S. Lecture 21.pdfGale Pooley
 
Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...Call Girls in Nagpur High Profile
 
02_Fabio Colombo_Accenture_MeetupDora&Cybersecurity.pptx
02_Fabio Colombo_Accenture_MeetupDora&Cybersecurity.pptx02_Fabio Colombo_Accenture_MeetupDora&Cybersecurity.pptx
02_Fabio Colombo_Accenture_MeetupDora&Cybersecurity.pptxFinTech Belgium
 
The Economic History of the U.S. Lecture 20.pdf
The Economic History of the U.S. Lecture 20.pdfThe Economic History of the U.S. Lecture 20.pdf
The Economic History of the U.S. Lecture 20.pdfGale Pooley
 
Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...
Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...
Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...Pooja Nehwal
 
Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...
Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...
Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...ssifa0344
 
The Economic History of the U.S. Lecture 19.pdf
The Economic History of the U.S. Lecture 19.pdfThe Economic History of the U.S. Lecture 19.pdf
The Economic History of the U.S. Lecture 19.pdfGale Pooley
 
Dharavi Russian callg Girls, { 09892124323 } || Call Girl In Mumbai ...
Dharavi Russian callg Girls, { 09892124323 } || Call Girl In Mumbai ...Dharavi Russian callg Girls, { 09892124323 } || Call Girl In Mumbai ...
Dharavi Russian callg Girls, { 09892124323 } || Call Girl In Mumbai ...Pooja Nehwal
 
The Economic History of the U.S. Lecture 22.pdf
The Economic History of the U.S. Lecture 22.pdfThe Economic History of the U.S. Lecture 22.pdf
The Economic History of the U.S. Lecture 22.pdfGale Pooley
 
Call Girls Service Nagpur Maya Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Maya Call 7001035870 Meet With Nagpur EscortsCall Girls Service Nagpur Maya Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Maya Call 7001035870 Meet With Nagpur Escortsranjana rawat
 

Recently uploaded (20)

(DIYA) Bhumkar Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(DIYA) Bhumkar Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(DIYA) Bhumkar Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(DIYA) Bhumkar Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
VIP Call Girls Service Dilsukhnagar Hyderabad Call +91-8250192130
VIP Call Girls Service Dilsukhnagar Hyderabad Call +91-8250192130VIP Call Girls Service Dilsukhnagar Hyderabad Call +91-8250192130
VIP Call Girls Service Dilsukhnagar Hyderabad Call +91-8250192130
 
The Economic History of the U.S. Lecture 18.pdf
The Economic History of the U.S. Lecture 18.pdfThe Economic History of the U.S. Lecture 18.pdf
The Economic History of the U.S. Lecture 18.pdf
 
TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...
TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...
TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...
 
20240429 Calibre April 2024 Investor Presentation.pdf
20240429 Calibre April 2024 Investor Presentation.pdf20240429 Calibre April 2024 Investor Presentation.pdf
20240429 Calibre April 2024 Investor Presentation.pdf
 
Veritas Interim Report 1 January–31 March 2024
Veritas Interim Report 1 January–31 March 2024Veritas Interim Report 1 January–31 March 2024
Veritas Interim Report 1 January–31 March 2024
 
WhatsApp 📞 Call : 9892124323 ✅Call Girls In Chembur ( Mumbai ) secure service
WhatsApp 📞 Call : 9892124323 ✅Call Girls In Chembur ( Mumbai ) secure serviceWhatsApp 📞 Call : 9892124323 ✅Call Girls In Chembur ( Mumbai ) secure service
WhatsApp 📞 Call : 9892124323 ✅Call Girls In Chembur ( Mumbai ) secure service
 
06_Joeri Van Speybroek_Dell_MeetupDora&Cybersecurity.pdf
06_Joeri Van Speybroek_Dell_MeetupDora&Cybersecurity.pdf06_Joeri Van Speybroek_Dell_MeetupDora&Cybersecurity.pdf
06_Joeri Van Speybroek_Dell_MeetupDora&Cybersecurity.pdf
 
Instant Issue Debit Cards - School Designs
Instant Issue Debit Cards - School DesignsInstant Issue Debit Cards - School Designs
Instant Issue Debit Cards - School Designs
 
The Economic History of the U.S. Lecture 21.pdf
The Economic History of the U.S. Lecture 21.pdfThe Economic History of the U.S. Lecture 21.pdf
The Economic History of the U.S. Lecture 21.pdf
 
Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...
 
02_Fabio Colombo_Accenture_MeetupDora&Cybersecurity.pptx
02_Fabio Colombo_Accenture_MeetupDora&Cybersecurity.pptx02_Fabio Colombo_Accenture_MeetupDora&Cybersecurity.pptx
02_Fabio Colombo_Accenture_MeetupDora&Cybersecurity.pptx
 
The Economic History of the U.S. Lecture 20.pdf
The Economic History of the U.S. Lecture 20.pdfThe Economic History of the U.S. Lecture 20.pdf
The Economic History of the U.S. Lecture 20.pdf
 
Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...
Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...
Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...
 
Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...
Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...
Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...
 
The Economic History of the U.S. Lecture 19.pdf
The Economic History of the U.S. Lecture 19.pdfThe Economic History of the U.S. Lecture 19.pdf
The Economic History of the U.S. Lecture 19.pdf
 
Dharavi Russian callg Girls, { 09892124323 } || Call Girl In Mumbai ...
Dharavi Russian callg Girls, { 09892124323 } || Call Girl In Mumbai ...Dharavi Russian callg Girls, { 09892124323 } || Call Girl In Mumbai ...
Dharavi Russian callg Girls, { 09892124323 } || Call Girl In Mumbai ...
 
The Economic History of the U.S. Lecture 22.pdf
The Economic History of the U.S. Lecture 22.pdfThe Economic History of the U.S. Lecture 22.pdf
The Economic History of the U.S. Lecture 22.pdf
 
Call Girls Service Nagpur Maya Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Maya Call 7001035870 Meet With Nagpur EscortsCall Girls Service Nagpur Maya Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Maya Call 7001035870 Meet With Nagpur Escorts
 
Commercial Bank Economic Capsule - April 2024
Commercial Bank Economic Capsule - April 2024Commercial Bank Economic Capsule - April 2024
Commercial Bank Economic Capsule - April 2024
 

Accountability Corbit Overview 06262007

  • 1. CobiT 4.1 Information Technology Control Objectives & Control Practices John W. Beveridge Office of the State Auditor Enterprise Security Board Security Awareness Day June 26, 2007
  • 2.
  • 3.
  • 4.
  • 5.
  • 6. To Achieve Business Objectives To Avoid Risks, Threats and Exposures Control (as defined by COBIT) The policies, procedures, practices and organizational structures designed to provide reasonable assurance that business objectives will be achieved and that undesired events will be prevented or detected and corrected. Source: COBIT Control Objectives. P. 12.
  • 7. CobiT promotes a healthy understanding about “reasonable assurance” and “residual risk” Knowing the acceptable levels for reasonable assurance and residual risk is a critical success factor for designing and managing an adequate framework of control
  • 8. Assurance Level 100% Residual Risk 0% Reasonable Assurance
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22. COBIT Cube The COBIT framework describes how IT processes deliver the information that the business needs to achieve its objectives. For controlling this delivery, COBIT provides three key components, each forming a dimension of the COBIT cube. Business Requirements for Information Criteria IT Resources IT Processes
  • 23.
  • 24.
  • 25. COBIT Domains : Information Processes (3rd Component) Feedback Feedback Feedback Plan and Organize Acquire and Implement Deliver and Support Monitor and Evaluate
  • 26.
  • 27.