Sign Up Now
Get instant access to over 1 million+ study documents
OR
Already registered? click here to login
By creating your account, you agree to our terms of service, privacy policy and student honor code.
COBIT is a tool that allows managers to communicate and bridge the gap with respect to control requirements, technical issues, and business risks" (Lainhart IV, 2000). The main objective of COBIT is to enable managers to develop clear policies and good practices for IT control using a defined framework. The guidelines can be used to develop clear policies that are specific to the organization and enable the organization to maintain compliance and governance in their individual industry.
The Planning and Organization (Plan) stage (Kyleen, 2003) enables the organization to define and determine policies for specific needs of the organization, such as financial information. For example, a majority of auditors have adopted COBIT guidelines and best practices for Sarbanes-Oxley compliance (Lahti, 2005). COBIT guidelines and best practices are used to ensure the organization is in compliance with laws, such as SOX, and is used to design and maintain governance that permeates the entire...
The Acquisition and Implementation (Do) stage puts the guidelines and best practices in action. This is the stage that aligns the organization with law and governance. With clearly defined policies, employees learn best practices to ensure the financial information adheres to law as well as being protected.
The Monitoring (Check) stage is used as a measure of maturity as well as a continual measure of how the organization and guidelines are performing. As laws change, the process is taken back to the Plan stage to ensure that new law is also adhered to. Any publicly traded company can use the COBIT framework to ensure compliance as well as IT control. Other businesses can also use the framework to control IT and protect their businesses.
Securing Assets with COBIT
"COBIT is control objectives for information and related technology published by the IT Governance Institute" (Kyleen, 2003). The objectives contain four domains…
Bibliography
COBIT-Control Objectives for Information and related Technology. (n.d.). Retrieved from The Data Manager's Public Library: http://www.sox-online.com/cobit.html
Kyleen, W.H. (2003). Using COBIT to secure information assets. Journal of Government Financial Management, 52(2), 22-22.
Lahti, C.P. (2005, Dec). Introduction to COBIT for SOX compliance. Retrieved from Search Security: http://searchsecurity.techtarget.com/feature/Introduction-to-COBIT-for-SOX-compliance
Lainhart IV, J.W. (2000). COBIT: A Methodology for Managing and Controlling Information and Information Technology Risks and Vulnerabilities. Journal of Information Systems, 14(1), 21-25.
ERP and Information Security Introduction to ERP Even though the plans of information security include the prevention of outsiders to gain access of internal network still the risk from the outsiders still exists. The outsiders can also represent themselves as authorized users in order to cause damage to the transactions of the business systems. Therefore, strict prevention measures should be taken to avoid such situations. The threats of both the hackers have been
Security A broad definition of information security is given in ISO/IEC 17799 (2000) standard as: "The preservation of confidentiality (ensuring that information is accessible only to those authorized to have access), integrity (safeguarding the accuracy and completeness of information and processing methods), and availability (ensuring that authorized users have access to information and associated assets when required" (ISO/IEC 17799, 2000, p. viii). Prior to the computer and internet security emerged as we
This software is used to perform common tasks like storage, data back up and data transfers. Small and medium businesses have embraced this technology because it involves no start up costs (like servers, hard disks, technicians etc.) therefore making it cost effective. Basically payment is based on the storage space taken by the user, again, this makes it user friendly. It may also be referred to as hosted storage. The flying