L e a r n I n g o b j e c t I v e s


Enabling a holistic approach



Download 1.2 Mb.
View original pdf
Page11/46
Date20.09.2021
Size1.2 Mb.
#57360
1   ...   7   8   9   10   11   12   13   14   ...   46
Accounting Information Systems 13th Chapter 7
4. Enabling a holistic approach. COBIT 5 provides a holistic approach that results ineffective governance and management of all IT functions in the company.
5. Separating governance from management. COBIT 5 distinguishes between governance and management.
Control Objectives for Information and Related Technology
(COBIT)
- A security and control framework that allows (1) management to benchmark the security and control practices of IT environments, (2) users of IT services to be assured that adequate security and control exist, and (3) auditors to substantiate their internal control opinions and advise on IT security and control matters.

CHAPTER 7
CONTROL AND ACCOUNTING INFORMATION SYSTEMS
As shown in Figure 7-1, the objective of governance is to create value by optimizing the use of organizational resources to produce desired benefits in a manner that effectively addresses risk. Governance is the responsibility of the board of directors who (1) evaluate stakeholder needs to identify objectives, (2) provide management with direction by prioritizing objectives, and (3) monitor management’s performance.
Management is responsible for planning, building, running, and monitoring the activities and processes used by the organization to pursue the objectives established by the board of directors. Management also periodically provides the board of directors with feedback that can be used to monitor achievement of the organization’s objectives and, if necessary, tore- evaluate and perhaps modify those objectives.
The governance and management of IT are ongoing processes. The board of directors and management monitor the organization’s activities and use that feedback to modify existing plans and procedures or develop new strategies to respond to changes in business objectives and new developments in IT.
COBIT 5 is a comprehensive framework that helps enterprises achieve their IT governance and management objectives. This comprehensiveness is one of the strengths of
COBIT 5 and underlies its growing international acceptance as a framework for managing and controlling information systems.
Figure 7-2 is the COBIT 5 process reference model. The model identifies the five governance processes (referred to as evaluate, direct and monitor—or EDM) and 32 management processes. The 32 management processes are broken down into the following four domains:

Download 1.2 Mb.

Share with your friends:
1   ...   7   8   9   10   11   12   13   14   ...   46




The database is protected by copyright ©ininet.org 2024
send message

    Main page