SlideShare ist ein Scribd-Unternehmen logo

Accountability Corbit Overview 06262007

‱
‱
H
Humberto Bruno Pontes Silva
Wirtschaft & Finanzen
1 von 27
CobiT 4.1 Information Technology Control Objectives & Control Practices John W. Beveridge Office of the State Auditor Enterprise Security Board Security Awareness Day June 26, 2007
[object Object],[object Object],CobiT
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],CobiT's Scope
Perspective on CobiT’s Control Definition Information Systems Need to Be Controlled ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Control ( as defined by COBIT ) ,[object Object]
To Achieve Business Objectives To Avoid Risks, Threats and Exposures Control (as defined by COBIT) The policies, procedures, practices and organizational structures designed to provide reasonable assurance that business objectives will be achieved and that undesired events will be prevented or detected and corrected. Source: COBIT Control Objectives. P. 12.
CobiT promotes a healthy understanding about “reasonable assurance” and “residual risk” Knowing the acceptable levels for reasonable assurance and residual risk is a critical success factor for designing and managing an adequate framework of control
Assurance Level 100% Residual Risk 0% Reasonable Assurance
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
IT Management ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
IT Management Issues ,[object Object],[object Object],[object Object],[object Object]
IT Value ,[object Object],[object Object],[object Object],[object Object],[object Object]
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Need for IT Governance Control Framework
To Manage and Control IT, The Answer Lies In : ,[object Object],[object Object],[object Object],[object Object]
Organizations require a structured approach for managing these and other challenges. This will ensure that there are agreed objectives for IT, good management controls in place and effective monitoring of performance to keep on track and avoid unexpected outcomes. ,[object Object],Keeping IT Running Security Value/Cost Managing Complexity Aligning IT with Business Regulatory Compliance
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],PERFORMANCE MEASUREMENT RESOURCE MANAGEMENT RISK MANAGEMENT VALUE DELIVERY STRATEGIC ALIGNMENT www.itgi.org www.itgi.org
IT Governance Focus Areas ,[object Object],[object Object],[object Object],[object Object],[object Object]
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],COBIT helps bridge the gaps between business risks, control needs and technical issues. It provides good practices across a domain and process framework and presents activities in a manageable and logical structure. IT resources need to be managed by a set of naturally grouped processes. C OBI T provides a framework that achieves this objective. ,[object Object]
CobiT is an Authoritative Source ,[object Object],[object Object],[object Object],[object Object]
Organisations will consider and use a variety of IT models, standards and best practices. These must be understood in order to consider how they can be used together, with COBIT acting as the consolidator (‘umbrella’). C OBI T ISO 9000 ISO 17799 ITIL COSO WHAT HOW ,[object Object],SCOPE OF COVERAGE
PERFORMANCE: Business Goals CONFORMANCE Basel II, Sarbanes- Oxley Act, etc. Enterprise Governance IT Governance ISO 9001:2000 ISO 17799 ISO 20000 Best Practice Standards QA Procedures Processes and Procedures Drivers C OBI T COSO Security Principles ITIL Balanced Scorecard ,[object Object]
COBIT Cube The COBIT framework describes how IT processes deliver the information that the business needs to achieve its objectives. For controlling this delivery, COBIT provides three key components, each forming a dimension of the COBIT cube. Business Requirements for Information Criteria IT Resources IT Processes
COBIT: Premise ,[object Object],[object Object],i IT Resources and Processes Information Business Processes Business Objectives provide to for achieving
IT Resource Management ,[object Object]
COBIT Domains : Information Processes (3rd Component) Feedback Feedback Feedback Plan and Organize Acquire and Implement Deliver and Support Monitor and Evaluate
[object Object]
CobiT is Easily Available ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Empfohlen

What is GRC – Governance, Risk and Compliance
What is GRC – Governance, Risk and Compliance What is GRC – Governance, Risk and Compliance
What is GRC – Governance, Risk and Compliance
BOC Group
 
Operational security | How to design your information security GRC (governanc...
Operational security | How to design your information security GRC (governanc...Operational security | How to design your information security GRC (governanc...
Operational security | How to design your information security GRC (governanc...
Maxime CARPENTIER
 
Governance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesGovernance, Risk, and Compliance Services
Governance, Risk, and Compliance Services
Capgemini
 
GRC
GRCGRC
GRC
Maryam Hidayatallah CPFA,MIPA,MA,CICA
 
Grc governance, risk management & compliance
Grc governance, risk management & complianceGrc governance, risk management & compliance
Grc governance, risk management & compliance
HR Globe Consulting
 
Governance risk and compliance
Governance risk and complianceGovernance risk and compliance
Governance risk and compliance
Magdalena Matell
 
GRC - Isaca Training 16.9.2014
GRC - Isaca Training 16.9.2014GRC - Isaca Training 16.9.2014
GRC - Isaca Training 16.9.2014
Paul Simidi
 
Enterprise Governance, Risk and Compliance
Enterprise Governance, Risk and ComplianceEnterprise Governance, Risk and Compliance
Enterprise Governance, Risk and Compliance
Axis Technology, LLC
 

Empfohlen

What is GRC – Governance, Risk and Compliance
What is GRC – Governance, Risk and Compliance What is GRC – Governance, Risk and Compliance
What is GRC – Governance, Risk and Compliance
BOC Group
 
Operational security | How to design your information security GRC (governanc...
Operational security | How to design your information security GRC (governanc...Operational security | How to design your information security GRC (governanc...
Operational security | How to design your information security GRC (governanc...
Maxime CARPENTIER
 
Governance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesGovernance, Risk, and Compliance Services
Governance, Risk, and Compliance Services
Capgemini
 
GRC
GRCGRC
GRC
Maryam Hidayatallah CPFA,MIPA,MA,CICA
 
Grc governance, risk management & compliance
Grc governance, risk management & complianceGrc governance, risk management & compliance
Grc governance, risk management & compliance
HR Globe Consulting
 
Governance risk and compliance
Governance risk and complianceGovernance risk and compliance
Governance risk and compliance
Magdalena Matell
 
GRC - Isaca Training 16.9.2014
GRC - Isaca Training 16.9.2014GRC - Isaca Training 16.9.2014
GRC - Isaca Training 16.9.2014
Paul Simidi
 
Enterprise Governance, Risk and Compliance
Enterprise Governance, Risk and ComplianceEnterprise Governance, Risk and Compliance
Enterprise Governance, Risk and Compliance
Axis Technology, LLC
 
CMLGroup - What is GRC?
CMLGroup - What is GRC?CMLGroup - What is GRC?
CMLGroup - What is GRC?
CML Group
 
it grc
it grc it grc
it grc
9535814851
 
GRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance ExecutiveGRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance Executive
Max Neira Schliemann
 
Ten Slides in Ten Minutes - Company Realities - GRC
Ten Slides in Ten Minutes - Company Realities - GRCTen Slides in Ten Minutes - Company Realities - GRC
Ten Slides in Ten Minutes - Company Realities - GRC
Bill Graham CP.APMP
 
Governance, Risk, Compliance & Trust (OCEG graphics removed)
Governance, Risk, Compliance & Trust (OCEG graphics removed)Governance, Risk, Compliance & Trust (OCEG graphics removed)
Governance, Risk, Compliance & Trust (OCEG graphics removed)
Alex Todd
 
GRC 101 ISACA Bengaluru on 28th Dec 2013
GRC 101 ISACA Bengaluru on 28th Dec 2013GRC 101 ISACA Bengaluru on 28th Dec 2013
GRC 101 ISACA Bengaluru on 28th Dec 2013
FixNix Inc.,
 
Simplifying IT GRC
Simplifying IT GRCSimplifying IT GRC
Simplifying IT GRC
anand choudhary
 
Thematic compliance
Thematic complianceThematic compliance
Thematic compliance
Maryam Hidayatallah CPFA,MIPA,MA,CICA
 
Governance Risk and Compliance - in Higher Education - Australia
Governance Risk and Compliance - in Higher Education - AustraliaGovernance Risk and Compliance - in Higher Education - Australia
Governance Risk and Compliance - in Higher Education - Australia
Marissa McCauley
 
Governance, Risk & Compliance Management Solution
Governance, Risk & Compliance Management SolutionGovernance, Risk & Compliance Management Solution
Governance, Risk & Compliance Management Solution
Rishabh Software
 
Fix nix, inc
Fix nix, incFix nix, inc
Fix nix, inc
FixNix Inc.,
 
Governance, risk and compliance framework
Governance, risk and compliance frameworkGovernance, risk and compliance framework
Governance, risk and compliance framework
Ceyeap
 
GRC Fundamentals
GRC FundamentalsGRC Fundamentals
GRC Fundamentals
3Sixty Insights
 
138 Ù…ŰšŰ§ŰŻŰ±Ű© #ŰȘÙˆŰ§Ű”Ù„_ŰȘŰ·ÙˆÙŠŰ± Ű§Ù„Ù…Ű­Ű§Ű¶Ű±Ű© Ű§Ù„ 138 من Ű§Ù„Ù…ŰšŰ§ŰŻŰ±Ű© ŰŻÙƒŰȘÙˆŰ± Ù…Ù‡Ù†ŰŻŰł / ŰŁÙƒŰ±Ù… Ű­ŰłÙ† ۧ۳...
138 Ù…ŰšŰ§ŰŻŰ±Ű© #ŰȘÙˆŰ§Ű”Ù„_ŰȘŰ·ÙˆÙŠŰ± Ű§Ù„Ù…Ű­Ű§Ű¶Ű±Ű© Ű§Ù„ 138 من Ű§Ù„Ù…ŰšŰ§ŰŻŰ±Ű© ŰŻÙƒŰȘÙˆŰ± Ù…Ù‡Ù†ŰŻŰł / ŰŁÙƒŰ±Ù… Ű­ŰłÙ† ۧ۳...138 Ù…ŰšŰ§ŰŻŰ±Ű© #ŰȘÙˆŰ§Ű”Ù„_ŰȘŰ·ÙˆÙŠŰ± Ű§Ù„Ù…Ű­Ű§Ű¶Ű±Ű© Ű§Ù„ 138 من Ű§Ù„Ù…ŰšŰ§ŰŻŰ±Ű© ŰŻÙƒŰȘÙˆŰ± Ù…Ù‡Ù†ŰŻŰł / ŰŁÙƒŰ±Ù… Ű­ŰłÙ† ۧ۳...
138 Ù…ŰšŰ§ŰŻŰ±Ű© #ŰȘÙˆŰ§Ű”Ù„_ŰȘŰ·ÙˆÙŠŰ± Ű§Ù„Ù…Ű­Ű§Ű¶Ű±Ű© Ű§Ù„ 138 من Ű§Ù„Ù…ŰšŰ§ŰŻŰ±Ű© ŰŻÙƒŰȘÙˆŰ± Ù…Ù‡Ù†ŰŻŰł / ŰŁÙƒŰ±Ù… Ű­ŰłÙ† ۧ۳...
Egyptian Engineers Association
 
Compliance Framework
Compliance FrameworkCompliance Framework
Compliance Framework
barnetdh
 
Security Governance by Risknavigator 2010
Security Governance by Risknavigator 2010Security Governance by Risknavigator 2010
Security Governance by Risknavigator 2010
Lennart Bredberg
 
Busines Continuity And Compliance
Busines Continuity And ComplianceBusines Continuity And Compliance
Busines Continuity And Compliance
salamali
 
Compliance framework
Compliance frameworkCompliance framework
Compliance framework
Manoj Agarwal
 
Third Party Risk Management
Third Party Risk ManagementThird Party Risk Management
Third Party Risk Management
EC-Council
 
Creating Value Through Enterprise Risk Management
Creating Value Through Enterprise Risk Management Creating Value Through Enterprise Risk Management
Creating Value Through Enterprise Risk Management
Risk Management Institution of Australasia
 
Simple php backdoor_by_dk
Simple php backdoor_by_dkSimple php backdoor_by_dk
Simple php backdoor_by_dk
Stan Adrian
 
Certificados Digitais
Certificados DigitaisCertificados Digitais
Certificados Digitais
Humberto Bruno Pontes Silva
 

Weitere Àhnliche Inhalte

Was ist angesagt?

Governance, Risk, Compliance & Trust (OCEG graphics removed)
Governance, Risk, Compliance & Trust (OCEG graphics removed)Governance, Risk, Compliance & Trust (OCEG graphics removed)
Governance, Risk, Compliance & Trust (OCEG graphics removed)
Alex Todd
 
Simplifying IT GRC
Simplifying IT GRCSimplifying IT GRC
Simplifying IT GRC
anand choudhary
 
Governance, Risk & Compliance Management Solution
Governance, Risk & Compliance Management SolutionGovernance, Risk & Compliance Management Solution
Governance, Risk & Compliance Management Solution
Rishabh Software
 
Governance, risk and compliance framework
Governance, risk and compliance frameworkGovernance, risk and compliance framework
Governance, risk and compliance framework
Ceyeap
 
138 Ù…ŰšŰ§ŰŻŰ±Ű© #ŰȘÙˆŰ§Ű”Ù„_ŰȘŰ·ÙˆÙŠŰ± Ű§Ù„Ù…Ű­Ű§Ű¶Ű±Ű© Ű§Ù„ 138 من Ű§Ù„Ù…ŰšŰ§ŰŻŰ±Ű© ŰŻÙƒŰȘÙˆŰ± Ù…Ù‡Ù†ŰŻŰł / ŰŁÙƒŰ±Ù… Ű­ŰłÙ† ۧ۳...
138 Ù…ŰšŰ§ŰŻŰ±Ű© #ŰȘÙˆŰ§Ű”Ù„_ŰȘŰ·ÙˆÙŠŰ± Ű§Ù„Ù…Ű­Ű§Ű¶Ű±Ű© Ű§Ù„ 138 من Ű§Ù„Ù…ŰšŰ§ŰŻŰ±Ű© ŰŻÙƒŰȘÙˆŰ± Ù…Ù‡Ù†ŰŻŰł / ŰŁÙƒŰ±Ù… Ű­ŰłÙ† ۧ۳...138 Ù…ŰšŰ§ŰŻŰ±Ű© #ŰȘÙˆŰ§Ű”Ù„_ŰȘŰ·ÙˆÙŠŰ± Ű§Ù„Ù…Ű­Ű§Ű¶Ű±Ű© Ű§Ù„ 138 من Ű§Ù„Ù…ŰšŰ§ŰŻŰ±Ű© ŰŻÙƒŰȘÙˆŰ± Ù…Ù‡Ù†ŰŻŰł / ŰŁÙƒŰ±Ù… Ű­ŰłÙ† ۧ۳...
138 Ù…ŰšŰ§ŰŻŰ±Ű© #ŰȘÙˆŰ§Ű”Ù„_ŰȘŰ·ÙˆÙŠŰ± Ű§Ù„Ù…Ű­Ű§Ű¶Ű±Ű© Ű§Ù„ 138 من Ű§Ù„Ù…ŰšŰ§ŰŻŰ±Ű© ŰŻÙƒŰȘÙˆŰ± Ù…Ù‡Ù†ŰŻŰł / ŰŁÙƒŰ±Ù… Ű­ŰłÙ† ۧ۳...
Egyptian Engineers Association
 
Compliance Framework
Compliance FrameworkCompliance Framework
Compliance Framework
barnetdh
 
Security Governance by Risknavigator 2010
Security Governance by Risknavigator 2010Security Governance by Risknavigator 2010
Security Governance by Risknavigator 2010
Lennart Bredberg
 
Busines Continuity And Compliance
Busines Continuity And ComplianceBusines Continuity And Compliance
Busines Continuity And Compliance
salamali
 

Was ist angesagt? (20)

CMLGroup - What is GRC?
CMLGroup - What is GRC?CMLGroup - What is GRC?
CMLGroup - What is GRC?
 
it grc
it grc it grc
it grc
 
GRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance ExecutiveGRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance Executive
 
Ten Slides in Ten Minutes - Company Realities - GRC
Ten Slides in Ten Minutes - Company Realities - GRCTen Slides in Ten Minutes - Company Realities - GRC
Ten Slides in Ten Minutes - Company Realities - GRC
 
Governance, Risk, Compliance & Trust (OCEG graphics removed)
Governance, Risk, Compliance & Trust (OCEG graphics removed)Governance, Risk, Compliance & Trust (OCEG graphics removed)
Governance, Risk, Compliance & Trust (OCEG graphics removed)
 
GRC 101 ISACA Bengaluru on 28th Dec 2013
GRC 101 ISACA Bengaluru on 28th Dec 2013GRC 101 ISACA Bengaluru on 28th Dec 2013
GRC 101 ISACA Bengaluru on 28th Dec 2013
 
Simplifying IT GRC
Simplifying IT GRCSimplifying IT GRC
Simplifying IT GRC
 
Thematic compliance
Thematic complianceThematic compliance
Thematic compliance
 
Governance Risk and Compliance - in Higher Education - Australia
Governance Risk and Compliance - in Higher Education - AustraliaGovernance Risk and Compliance - in Higher Education - Australia
Governance Risk and Compliance - in Higher Education - Australia
 
Governance, Risk & Compliance Management Solution
Governance, Risk & Compliance Management SolutionGovernance, Risk & Compliance Management Solution
Governance, Risk & Compliance Management Solution
 
Fix nix, inc
Fix nix, incFix nix, inc
Fix nix, inc
 
Governance, risk and compliance framework
Governance, risk and compliance frameworkGovernance, risk and compliance framework
Governance, risk and compliance framework
 
GRC Fundamentals
GRC FundamentalsGRC Fundamentals
GRC Fundamentals
 
138 Ù…ŰšŰ§ŰŻŰ±Ű© #ŰȘÙˆŰ§Ű”Ù„_ŰȘŰ·ÙˆÙŠŰ± Ű§Ù„Ù…Ű­Ű§Ű¶Ű±Ű© Ű§Ù„ 138 من Ű§Ù„Ù…ŰšŰ§ŰŻŰ±Ű© ŰŻÙƒŰȘÙˆŰ± Ù…Ù‡Ù†ŰŻŰł / ŰŁÙƒŰ±Ù… Ű­ŰłÙ† ۧ۳...
138 Ù…ŰšŰ§ŰŻŰ±Ű© #ŰȘÙˆŰ§Ű”Ù„_ŰȘŰ·ÙˆÙŠŰ± Ű§Ù„Ù…Ű­Ű§Ű¶Ű±Ű© Ű§Ù„ 138 من Ű§Ù„Ù…ŰšŰ§ŰŻŰ±Ű© ŰŻÙƒŰȘÙˆŰ± Ù…Ù‡Ù†ŰŻŰł / ŰŁÙƒŰ±Ù… Ű­ŰłÙ† ۧ۳...138 Ù…ŰšŰ§ŰŻŰ±Ű© #ŰȘÙˆŰ§Ű”Ù„_ŰȘŰ·ÙˆÙŠŰ± Ű§Ù„Ù…Ű­Ű§Ű¶Ű±Ű© Ű§Ù„ 138 من Ű§Ù„Ù…ŰšŰ§ŰŻŰ±Ű© ŰŻÙƒŰȘÙˆŰ± Ù…Ù‡Ù†ŰŻŰł / ŰŁÙƒŰ±Ù… Ű­ŰłÙ† ۧ۳...
138 Ù…ŰšŰ§ŰŻŰ±Ű© #ŰȘÙˆŰ§Ű”Ù„_ŰȘŰ·ÙˆÙŠŰ± Ű§Ù„Ù…Ű­Ű§Ű¶Ű±Ű© Ű§Ù„ 138 من Ű§Ù„Ù…ŰšŰ§ŰŻŰ±Ű© ŰŻÙƒŰȘÙˆŰ± Ù…Ù‡Ù†ŰŻŰł / ŰŁÙƒŰ±Ù… Ű­ŰłÙ† ۧ۳...
 
Compliance Framework
Compliance FrameworkCompliance Framework
Compliance Framework
 
Security Governance by Risknavigator 2010
Security Governance by Risknavigator 2010Security Governance by Risknavigator 2010
Security Governance by Risknavigator 2010
 
Busines Continuity And Compliance
Busines Continuity And ComplianceBusines Continuity And Compliance
Busines Continuity And Compliance
 
Compliance framework
Compliance frameworkCompliance framework
Compliance framework
 
Third Party Risk Management
Third Party Risk ManagementThird Party Risk Management
Third Party Risk Management
 
Creating Value Through Enterprise Risk Management
Creating Value Through Enterprise Risk Management Creating Value Through Enterprise Risk Management
Creating Value Through Enterprise Risk Management
 

Andere mochten auch

Simple php backdoor_by_dk
Simple php backdoor_by_dkSimple php backdoor_by_dk
Simple php backdoor_by_dk
Stan Adrian
 
àčƒàžšàžȘàžĄàž±àž„àžŁàž›àžŁàžŽàžàžàžČàč‚àž—
àčƒàžšàžȘàžĄàž±àž„àžŁàž›àžŁàžŽàžàžàžČàč‚àž—àčƒàžšàžȘàžĄàž±àž„àžŁàž›àžŁàžŽàžàžàžČàč‚àž—
àčƒàžšàžȘàžĄàž±àž„àžŁàž›àžŁàžŽàžàžàžČàč‚àž—
chetbouw
 
Nouveau document texte
Nouveau document texteNouveau document texte
Nouveau document texte
Sai Ef
 
Props c
Props cProps c
Props c
mkhairyh
 
Premio nacional ampliaciĂłn de los plazos
Premio nacional ampliaciĂłn de los plazosPremio nacional ampliaciĂłn de los plazos
Premio nacional ampliaciĂłn de los plazos
OxĂ­geno Bolivia
 
Competencias genéricas
Competencias genéricasCompetencias genéricas
Competencias genéricas
Cristian Rivera
 

Andere mochten auch (15)

Simple php backdoor_by_dk
Simple php backdoor_by_dkSimple php backdoor_by_dk
Simple php backdoor_by_dk
 
Certificados Digitais
Certificados DigitaisCertificados Digitais
Certificados Digitais
 
Motive Power Technician - Technical Offering Focuses on Hands-on Skills
Motive Power Technician - Technical Offering Focuses on Hands-on SkillsMotive Power Technician - Technical Offering Focuses on Hands-on Skills
Motive Power Technician - Technical Offering Focuses on Hands-on Skills
 
Plazast12012 sinnombres.docx (1)
Plazast12012 sinnombres.docx (1)Plazast12012 sinnombres.docx (1)
Plazast12012 sinnombres.docx (1)
 
àčƒàžšàžȘàžĄàž±àž„àžŁàž›àžŁàžŽàžàžàžČàč‚àž—
àčƒàžšàžȘàžĄàž±àž„àžŁàž›àžŁàžŽàžàžàžČàč‚àž—àčƒàžšàžȘàžĄàž±àž„àžŁàž›àžŁàžŽàžàžàžČàč‚àž—
àčƒàžšàžȘàžĄàž±àž„àžŁàž›àžŁàžŽàžàžàžČàč‚àž—
 
Nouveau document texte
Nouveau document texteNouveau document texte
Nouveau document texte
 
Props c
Props cProps c
Props c
 
Premio nacional ampliaciĂłn de los plazos
Premio nacional ampliaciĂłn de los plazosPremio nacional ampliaciĂłn de los plazos
Premio nacional ampliaciĂłn de los plazos
 
Gamc festa della donna - invito
Gamc festa della donna - invitoGamc festa della donna - invito
Gamc festa della donna - invito
 
Competencias genéricas
Competencias genéricasCompetencias genéricas
Competencias genéricas
 
Acerca de las pilas
Acerca de las pilasAcerca de las pilas
Acerca de las pilas
 
Primeros Auxilios y ReanimaciĂłn Cardio Pulmonar
Primeros Auxilios y ReanimaciĂłn Cardio PulmonarPrimeros Auxilios y ReanimaciĂłn Cardio Pulmonar
Primeros Auxilios y ReanimaciĂłn Cardio Pulmonar
 
2016 GMekong Forum - S13 - intro to NSHD-M
2016 GMekong Forum - S13 - intro to NSHD-M2016 GMekong Forum - S13 - intro to NSHD-M
2016 GMekong Forum - S13 - intro to NSHD-M
 
Edema agudo de pulmon
Edema agudo de pulmon Edema agudo de pulmon
Edema agudo de pulmon
 
Caramel
CaramelCaramel
Caramel
 

Ähnlich wie Accountability Corbit Overview 06262007

It governance in_higher_education_by_james_yung
It governance in_higher_education_by_james_yungIt governance in_higher_education_by_james_yung
It governance in_higher_education_by_james_yung
norsaidatul_akmar
 
02. cobit 41 dan iso 17799
02. cobit 41 dan iso 1779902. cobit 41 dan iso 17799
02. cobit 41 dan iso 17799
Mulyadi Yusuf
 
Chap2 2007 Cisa Review Course
Chap2 2007 Cisa Review CourseChap2 2007 Cisa Review Course
Chap2 2007 Cisa Review Course
Desmond Devendran
 

Ähnlich wie Accountability Corbit Overview 06262007 (20)

Cobit 41 framework
Cobit 41 frameworkCobit 41 framework
Cobit 41 framework
 
01 intro-cobit
01 intro-cobit01 intro-cobit
01 intro-cobit
 
COBIT 4.0
COBIT 4.0COBIT 4.0
COBIT 4.0
 
IT Governance - COBIT Perspective
IT Governance - COBIT PerspectiveIT Governance - COBIT Perspective
IT Governance - COBIT Perspective
 
gray_audit_presentation.ppt
gray_audit_presentation.pptgray_audit_presentation.ppt
gray_audit_presentation.ppt
 
It governance in_higher_education_by_james_yung
It governance in_higher_education_by_james_yungIt governance in_higher_education_by_james_yung
It governance in_higher_education_by_james_yung
 
It Governance Methodology Cox
It Governance Methodology CoxIt Governance Methodology Cox
It Governance Methodology Cox
 
CISSPills #3.02
CISSPills #3.02CISSPills #3.02
CISSPills #3.02
 
02. cobit 41 dan iso 17799
02. cobit 41 dan iso 1779902. cobit 41 dan iso 17799
02. cobit 41 dan iso 17799
 
MAKING SENSE OF IT GOVERNANCE
MAKING SENSE OF IT GOVERNANCEMAKING SENSE OF IT GOVERNANCE
MAKING SENSE OF IT GOVERNANCE
 
CobiT And ITIL Breakfast Seminar
CobiT And ITIL Breakfast SeminarCobiT And ITIL Breakfast Seminar
CobiT And ITIL Breakfast Seminar
 
Audit rizkie hafizzah
Audit rizkie hafizzahAudit rizkie hafizzah
Audit rizkie hafizzah
 
IT Governance Framework
IT Governance FrameworkIT Governance Framework
IT Governance Framework
 
Chap2 2007 Cisa Review Course
Chap2 2007 Cisa Review CourseChap2 2007 Cisa Review Course
Chap2 2007 Cisa Review Course
 
rethinking marketing
rethinking marketingrethinking marketing
rethinking marketing
 
Governance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 FrameworkGovernance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 Framework
 
Sharpening the Lens
Sharpening the LensSharpening the Lens
Sharpening the Lens
 
Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)
 
IT Governance Vs IT Management Presentation V0.1
IT Governance Vs IT Management Presentation V0.1IT Governance Vs IT Management Presentation V0.1
IT Governance Vs IT Management Presentation V0.1
 
COBIT 2019 - DIGITAL TRUST FRAMEWORK
COBIT 2019 - DIGITAL TRUST FRAMEWORKCOBIT 2019 - DIGITAL TRUST FRAMEWORK
COBIT 2019 - DIGITAL TRUST FRAMEWORK
 

Mehr von Humberto Bruno Pontes Silva

Confraria samba choro
Confraria samba choroConfraria samba choro
Confraria samba choro
Humberto Bruno Pontes Silva
 

Mehr von Humberto Bruno Pontes Silva (20)

Confraria samba choro
Confraria samba choroConfraria samba choro
Confraria samba choro
 
Aula08 Sc
Aula08 ScAula08 Sc
Aula08 Sc
 
Ruy C Pq D Cbc 1 2007 10 29
Ruy C Pq D Cbc 1 2007 10 29Ruy C Pq D Cbc 1 2007 10 29
Ruy C Pq D Cbc 1 2007 10 29
 
Palestra Daniel Dias1
Palestra Daniel Dias1Palestra Daniel Dias1
Palestra Daniel Dias1
 
Portuguese Scrum
Portuguese ScrumPortuguese Scrum
Portuguese Scrum
 
RegulaçãO3
RegulaçãO3RegulaçãO3
RegulaçãO3
 
Backdoors
BackdoorsBackdoors
Backdoors
 
Apresentacao Aula04 So
Apresentacao Aula04 SoApresentacao Aula04 So
Apresentacao Aula04 So
 
Apresentacao Aula03 So
Apresentacao Aula03 SoApresentacao Aula03 So
Apresentacao Aula03 So
 
Ch06
Ch06Ch06
Ch06
 
2contecsi B
2contecsi B2contecsi B
2contecsi B
 
Apresentacao Aula02 So
Apresentacao Aula02 SoApresentacao Aula02 So
Apresentacao Aula02 So
 
Spin72
Spin72Spin72
Spin72
 
Spin72
Spin72Spin72
Spin72
 
Licitacoes
LicitacoesLicitacoes
Licitacoes
 
10 P R O C E S S O N O T C U
10 P R O C E S S O N O T C U10 P R O C E S S O N O T C U
10 P R O C E S S O N O T C U
 
Secex Sc Conhecendo O Tcu
Secex Sc Conhecendo O TcuSecex Sc Conhecendo O Tcu
Secex Sc Conhecendo O Tcu
 
Ch10
Ch10Ch10
Ch10
 
Ch03
Ch03Ch03
Ch03
 
Ch04
Ch04Ch04
Ch04
 

KĂŒrzlich hochgeladen

VIP Call Girl Service Andheri West ⚡ 9920725232 What It Takes To Be The Best ...
VIP Call Girl Service Andheri West ⚡ 9920725232 What It Takes To Be The Best ...VIP Call Girl Service Andheri West ⚡ 9920725232 What It Takes To Be The Best ...
VIP Call Girl Service Andheri West ⚡ 9920725232 What It Takes To Be The Best ...
dipikadinghjn ( Why You Choose Us? ) Escorts
 
VIP Call Girl in Mira Road 💧 9920725232 ( Call Me ) Get A New Crush Everyday ...
VIP Call Girl in Mira Road 💧 9920725232 ( Call Me ) Get A New Crush Everyday ...VIP Call Girl in Mira Road 💧 9920725232 ( Call Me ) Get A New Crush Everyday ...
VIP Call Girl in Mira Road 💧 9920725232 ( Call Me ) Get A New Crush Everyday ...
dipikadinghjn ( Why You Choose Us? ) Escorts
 
VIP Independent Call Girls in Andheri đŸŒč 9920725232 ( Call Me ) Mumbai Escorts...
VIP Independent Call Girls in Andheri đŸŒč 9920725232 ( Call Me ) Mumbai Escorts...VIP Independent Call Girls in Andheri đŸŒč 9920725232 ( Call Me ) Mumbai Escorts...
VIP Independent Call Girls in Andheri đŸŒč 9920725232 ( Call Me ) Mumbai Escorts...
dipikadinghjn ( Why You Choose Us? ) Escorts
 
VIP Independent Call Girls in Mira Bhayandar đŸŒč 9920725232 ( Call Me ) Mumbai ...
VIP Independent Call Girls in Mira Bhayandar đŸŒč 9920725232 ( Call Me ) Mumbai ...VIP Independent Call Girls in Mira Bhayandar đŸŒč 9920725232 ( Call Me ) Mumbai ...
VIP Independent Call Girls in Mira Bhayandar đŸŒč 9920725232 ( Call Me ) Mumbai ...
dipikadinghjn ( Why You Choose Us? ) Escorts
 
VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...
VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...
VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...
Call Girls in Nagpur High Profile
 
Kharghar Blowjob Housewife Call Girls NUmber-9833754194-CBD Belapur Internati...
Kharghar Blowjob Housewife Call Girls NUmber-9833754194-CBD Belapur Internati...Kharghar Blowjob Housewife Call Girls NUmber-9833754194-CBD Belapur Internati...
Kharghar Blowjob Housewife Call Girls NUmber-9833754194-CBD Belapur Internati...
priyasharma62062
 
(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7
(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7
(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 
Booking open Available Pune Call Girls Wadgaon Sheri 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Wadgaon Sheri 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Wadgaon Sheri 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Wadgaon Sheri 6297143586 Call Hot Ind...
Call Girls in Nagpur High Profile
 
Call Girls in New Ashok Nagar, (delhi) call me [9953056974] escort service 24X7
Call Girls in New Ashok Nagar, (delhi) call me [9953056974] escort service 24X7Call Girls in New Ashok Nagar, (delhi) call me [9953056974] escort service 24X7
Call Girls in New Ashok Nagar, (delhi) call me [9953056974] escort service 24X7
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 

KĂŒrzlich hochgeladen (20)

TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...
TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...
TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...
 
VIP Call Girl Service Andheri West ⚡ 9920725232 What It Takes To Be The Best ...
VIP Call Girl Service Andheri West ⚡ 9920725232 What It Takes To Be The Best ...VIP Call Girl Service Andheri West ⚡ 9920725232 What It Takes To Be The Best ...
VIP Call Girl Service Andheri West ⚡ 9920725232 What It Takes To Be The Best ...
 
The Economic History of the U.S. Lecture 20.pdf
The Economic History of the U.S. Lecture 20.pdfThe Economic History of the U.S. Lecture 20.pdf
The Economic History of the U.S. Lecture 20.pdf
 
Gurley shaw Theory of Monetary Economics.
Gurley shaw Theory of Monetary Economics.Gurley shaw Theory of Monetary Economics.
Gurley shaw Theory of Monetary Economics.
 
VIP Call Girl in Mira Road 💧 9920725232 ( Call Me ) Get A New Crush Everyday ...
VIP Call Girl in Mira Road 💧 9920725232 ( Call Me ) Get A New Crush Everyday ...VIP Call Girl in Mira Road 💧 9920725232 ( Call Me ) Get A New Crush Everyday ...
VIP Call Girl in Mira Road 💧 9920725232 ( Call Me ) Get A New Crush Everyday ...
 
Mira Road Awesome 100% Independent Call Girls NUmber-9833754194-Dahisar Inter...
Mira Road Awesome 100% Independent Call Girls NUmber-9833754194-Dahisar Inter...Mira Road Awesome 100% Independent Call Girls NUmber-9833754194-Dahisar Inter...
Mira Road Awesome 100% Independent Call Girls NUmber-9833754194-Dahisar Inter...
 
00_Main ppt_MeetupDORA&CyberSecurity.pptx
00_Main ppt_MeetupDORA&CyberSecurity.pptx00_Main ppt_MeetupDORA&CyberSecurity.pptx
00_Main ppt_MeetupDORA&CyberSecurity.pptx
 
The Economic History of the U.S. Lecture 19.pdf
The Economic History of the U.S. Lecture 19.pdfThe Economic History of the U.S. Lecture 19.pdf
The Economic History of the U.S. Lecture 19.pdf
 
VIP Independent Call Girls in Andheri đŸŒč 9920725232 ( Call Me ) Mumbai Escorts...
VIP Independent Call Girls in Andheri đŸŒč 9920725232 ( Call Me ) Mumbai Escorts...VIP Independent Call Girls in Andheri đŸŒč 9920725232 ( Call Me ) Mumbai Escorts...
VIP Independent Call Girls in Andheri đŸŒč 9920725232 ( Call Me ) Mumbai Escorts...
 
VIP Independent Call Girls in Mira Bhayandar đŸŒč 9920725232 ( Call Me ) Mumbai ...
VIP Independent Call Girls in Mira Bhayandar đŸŒč 9920725232 ( Call Me ) Mumbai ...VIP Independent Call Girls in Mira Bhayandar đŸŒč 9920725232 ( Call Me ) Mumbai ...
VIP Independent Call Girls in Mira Bhayandar đŸŒč 9920725232 ( Call Me ) Mumbai ...
 
The Economic History of the U.S. Lecture 21.pdf
The Economic History of the U.S. Lecture 21.pdfThe Economic History of the U.S. Lecture 21.pdf
The Economic History of the U.S. Lecture 21.pdf
 
The Economic History of the U.S. Lecture 30.pdf
The Economic History of the U.S. Lecture 30.pdfThe Economic History of the U.S. Lecture 30.pdf
The Economic History of the U.S. Lecture 30.pdf
 
The Economic History of the U.S. Lecture 25.pdf
The Economic History of the U.S. Lecture 25.pdfThe Economic History of the U.S. Lecture 25.pdf
The Economic History of the U.S. Lecture 25.pdf
 
VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...
VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...
VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...
 
Stock Market Brief Deck (Under Pressure).pdf
Stock Market Brief Deck (Under Pressure).pdfStock Market Brief Deck (Under Pressure).pdf
Stock Market Brief Deck (Under Pressure).pdf
 
Kharghar Blowjob Housewife Call Girls NUmber-9833754194-CBD Belapur Internati...
Kharghar Blowjob Housewife Call Girls NUmber-9833754194-CBD Belapur Internati...Kharghar Blowjob Housewife Call Girls NUmber-9833754194-CBD Belapur Internati...
Kharghar Blowjob Housewife Call Girls NUmber-9833754194-CBD Belapur Internati...
 
(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7
(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7
(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7
 
Booking open Available Pune Call Girls Wadgaon Sheri 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Wadgaon Sheri 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Wadgaon Sheri 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Wadgaon Sheri 6297143586 Call Hot Ind...
 
03_Emmanuel Ndiaye_Degroof Petercam.pptx
03_Emmanuel Ndiaye_Degroof Petercam.pptx03_Emmanuel Ndiaye_Degroof Petercam.pptx
03_Emmanuel Ndiaye_Degroof Petercam.pptx
 
Call Girls in New Ashok Nagar, (delhi) call me [9953056974] escort service 24X7
Call Girls in New Ashok Nagar, (delhi) call me [9953056974] escort service 24X7Call Girls in New Ashok Nagar, (delhi) call me [9953056974] escort service 24X7
Call Girls in New Ashok Nagar, (delhi) call me [9953056974] escort service 24X7
 

Accountability Corbit Overview 06262007

  • 1. CobiT 4.1 Information Technology Control Objectives & Control Practices John W. Beveridge Office of the State Auditor Enterprise Security Board Security Awareness Day June 26, 2007
  • 2.
  • 3.
  • 4.
  • 5.
  • 6. To Achieve Business Objectives To Avoid Risks, Threats and Exposures Control (as defined by COBIT) The policies, procedures, practices and organizational structures designed to provide reasonable assurance that business objectives will be achieved and that undesired events will be prevented or detected and corrected. Source: COBIT Control Objectives. P. 12.
  • 7. CobiT promotes a healthy understanding about “reasonable assurance” and “residual risk” Knowing the acceptable levels for reasonable assurance and residual risk is a critical success factor for designing and managing an adequate framework of control
  • 8. Assurance Level 100% Residual Risk 0% Reasonable Assurance
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22. COBIT Cube The COBIT framework describes how IT processes deliver the information that the business needs to achieve its objectives. For controlling this delivery, COBIT provides three key components, each forming a dimension of the COBIT cube. Business Requirements for Information Criteria IT Resources IT Processes
  • 23.
  • 24.
  • 25. COBIT Domains : Information Processes (3rd Component) Feedback Feedback Feedback Plan and Organize Acquire and Implement Deliver and Support Monitor and Evaluate
  • 26.
  • 27.