RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2
2011/05/05 21:59:48

CobIT

This abbreviation is decrypted as "Control Objectives for Information Related Technology" (The control purposes for technology of information processing). It is the international standard setting security requirements and to control of confidential data. It includes a set of the best methods of protection and control of confidential information, the corresponding metrics quantitatively to estimate efficiency of the measures ensuring its safety, and tests for check. This document contains the general report, the principles of management, the basic scheme, the control purposes, instruments of implementation and the rule of control check.

According to Analysys Mason, requirements of CobIT observe about 8% of suppliers of cloud services.

International association of control and audit of IT-systems (Information Systems Audit and Control Association – ISACA) published in May, 2011 the preliminary draft of the new version of the international standard in the field of decrease in IT risks of COBIT 4.1, Computerworld reports.

Having polled nearly 1400 IT managers, ISACA established that 89% from them consider necessary existence of the reliable and standardized system of assessment of IT processes. "Many organizations already use COBIT for efficiency evaluation of the IT-systems and their improvement. However until recently we had no consecutive and reliable system of such assessment", - the team member of COBIT developers Roger Southgate says. According to it published today the project gives to business and IT heads reliable model of quality evaluation of work and results of IT-systems.

CobIT 5

The international non-profit association of audit and control of the information systems ISACA published the 5th version of the COBIT standard in which optimal methods of management and the strategic management of IT are collected in May, 2012. Documents are available to free downloading.

According to the statement of ISACA "naturally supports the COBIT 5 standard continuously St of business on a joint of corporate IT departments and main business divisions". In COBIT 5 "the principles accepted around the world, methods, analytical means and models created for the help to business and heads of IT services in achievement of the maximum return from IT resources" are collected.

Derek Oliver, the cochairman of the working group COBIT 5, emphasized: "Information is a currency of the 21st century, and COBIT helps the enterprises to manage and dispose effectively of this crucial resource".

Along with improvements in the field of risk management, use of COBIT 5 will allow the companies to gain with the maximum simplicity maximum benefit from investments into IT. According to Oliver, the need for updating was extremely big.

"The interest shown to COBIT 5 at a development stage was very big. The enterprises need instructions for management of the growing information volumes and extraction from this information of the maximum value worldwide, and the technologies which are offered for this purpose become more difficult" — Oliver noted.

The COBIT 5 standard was developed taking into account that it could be applied to the company of specific industry with a specific corporate business model, a technology environment, location and corporate culture. The openness of the specification means that it can be applied to data protection, risk management, management and the order by corporate IT resources, supports of warranty obligations, ensuring compliance to regulatory and legal requirements and preparation of financial statements.

Integration into other standards, including TOGAF, PMBOK, Prince2, COSO, ITIL, PCI DSS, the Sarbanes-Oxley law and Basel III is provided in the new version of COBIT. Also survey results, the carried-out ISACA in parallel with work on the standard are published. According to poll, 75% of representatives of the companies consider investments into IT "very important" for core business and 44% reported that they are going to increase selectively investments into IT within next year.

Besides, poll revealed the growing need for comprehensive frameworks of this kind. More than 40% of the polled IT heads said that they had to invest the large amounts of solutions with low or unknown level of return on investment, and nearly a half of respondents were recognized that they often face an overexpenditure of means in projects.

Success of COBIT 5 can define how use of rather new approaches to corporate IT calculations is reflected in it, for example to cloud computing.

Recently ISACA published six main reasons which, according to it, need to be taken into account when developing corporate cloud strategies. The growing use of cloud computing can give "significant gain", but most the organizations do not consider danger of rearrangement of solutions in the field of IT from specialists in the field of technologies on heads of business divisions.