Cobit Is a Tool That Allows Managers

COBIT is a tool that allows managers to communicate and bridge the gap with respect to control requirements, technical issues, and business risks" (Lainhart IV, 2000). The main objective of COBIT is to enable managers to develop clear policies and good practices for IT control using a defined framework. The guidelines can be used to develop clear policies that are specific to the organization and enable the organization to maintain compliance and governance in their individual industry.

The Planning and Organization (Plan) stage (Kyleen, 2003) enables the organization to define and determine policies for specific needs of the organization, such as financial information. For example, a majority of auditors have adopted COBIT guidelines and best practices for Sarbanes-Oxley compliance (Lahti, 2005). COBIT guidelines and best practices are used to ensure the organization is in compliance with laws, such as SOX, and is used to design and maintain governance that permeates the entire organization. The Acquisition and Implementation (Do) stage puts the guidelines and best practices in action. This is the stage that aligns the organization with law and governance. With clearly defined policies, employees learn best practices to ensure the financial information adheres to law as well as being protected.

The Monitoring (Check) stage is used as a measure of maturity as well as a continual measure of how the organization and guidelines are performing. As laws change, the process is taken back to the Plan stage to ensure that new law is also adhered to. Any publicly traded company can use the COBIT framework to ensure compliance as well as IT control. Other businesses can also use the framework to control IT and protect their businesses.

Securing Assets with COBIT

"COBIT is control objectives for information and related technology published by the IT Governance Institute" (Kyleen, 2003). The objectives contain four domains of control, plan, do, check, and correct, that is designed for consistent measurements of policies and best practices. They enable organizations to define key goal indicators and key performance indicators that are specific to the individual business and industry.

COBIT includes 318 control objectives to support 34 high level objectives that are all intended to provide management advice for improvement and assurance. The objectives include material that addresses specific needs of management, business, governance, assurance, control, and security (COBIT-Control Objectives for Information and related Technology). The controls are designed to support effectiveness, efficiency, confidentiality, integrity, availability, compliance, and reliability.