The World According to COBIT.

Posted by Don Casson
on June 7, 2005
Category: CobiT

So what are companies supposed to do, you ask? Faced with increase scrutiny on budgetary spending and pressure from regulators, companies are stuck between a rock and a hard place. Already burned by attempting to fix fundamental business issues with technology, companies understand that implementing new technology in a like for like fashion on a foundation of flawed business processes will lead to only to project failure.

So if there is not a magic box, how can companies obtain the proper controls required to alleviate SOX issues, higher audit costs, and most importantly keep Wall Street at bay? This can be achieved by first improving the way business is conducted before implementing any enterprise technology. One way of completing this is by adopting a best of bread process model. This is nothing that should be done in blind faith; each component of a model should be rationalized to the organization. While there may be commonality in the approach used to apply a model to an organization, this is clearly not a one size fits all kind of undertaking. Taking a top-down approach where governances are addressed initially, allows processes to fit within the logical boundaries of governance. This is where the COBIT framework fits into an organization. While COBIT has been established as a framework for sometime, the demand for this framework has increased due to the pressure the SEC has placed on the Private Sector. What is the buzz all about?

In the next weeks, I would like to dust off my virtual book shelf and get into the COBIT Framework. (COBIT is broken down in the following hierarchical structure: 4 Domains, 34 Process, and 318 Control Objectives.) I will be publishing an abstract for each of the processes that make up COBIT. My intent is to initiate a productive dialogue where participants can share thoughts and obtain a better understanding of COBIT. I want to discuss where theory fall short of reality and where Mr. COBIT needs to pay a visit to Real World University. That being said, I welcome thoughts, ideas, and feedback. Let the games begin.

*Source: http://www.isaca.org

—–

No Comments »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a comment

© 2005 - 2008 Evergreen Systems, Inc, a provider of ITIL consulting and other IT process improvement services for Fortune 500 clientele. All rights reserved.