Upload File

evaluating system controls cobit 5 integration system controls cobit 5 integration cuav 2017 annual...

  • Home
  • Documents
  • Evaluating System Controls COBIT 5 Integration System Controls COBIT 5 Integration CUAV 2017 Annual Conference May 03, 2017 Glenn R. Wilson ODU IT Audit Manager
14
Evaluating System Controls COBIT 5 Integration CUAV 2017 Annual Conference May 03, 2017 Glenn R. Wilson ODU IT Audit Manager

Upload: phamdieu

Post on 06-May-2018

218 views

Category:

Documents


2 download

Report

TRANSCRIPT

Page 1: Evaluating System Controls COBIT 5 Integration System Controls COBIT 5 Integration CUAV 2017 Annual Conference May 03, 2017 Glenn R. Wilson ODU IT Audit Manager

Evaluating System ControlsCOBIT 5 Integration

CUAV 2017 Annual ConferenceMay 03, 2017

Glenn R. WilsonODU IT Audit Manager

Page 2: Evaluating System Controls COBIT 5 Integration System Controls COBIT 5 Integration CUAV 2017 Annual Conference May 03, 2017 Glenn R. Wilson ODU IT Audit Manager

Framework Based AuditingInternational Standards for the Professional Practice of Internal Auditing

2201 - Planning Considerations

In planning the engagement, internal auditors must consider:

• The objectives of the activity being reviewed and the means by which the activity controls its performance;

• The significant risks to the activity, its objectives, resources, and operations and the means by which the potential impact of risk is kept to an acceptable level;

• The adequacy and effectiveness of the activity's risk management and control processes compared to a relevant control framework or model; and

• The opportunities for making significant improvements to the activity's risk management and control processes.

2

http://www.theiia.org/guidance/standards-and-guidance/ippf/standards/standards-items/?C=3094&i=8272
Page 3: Evaluating System Controls COBIT 5 Integration System Controls COBIT 5 Integration CUAV 2017 Annual Conference May 03, 2017 Glenn R. Wilson ODU IT Audit Manager

COBIT 5 Capability LevelCOBIT 4.1 Maturity Model Levels 0 through 5

COBIT 5 ISO/IEC 15504 Based Capability Level

3

0 - Incomplete1 - Performed2 - Managed3 - Established4 - Predictable5 - Optimized

Page 4: Evaluating System Controls COBIT 5 Integration System Controls COBIT 5 Integration CUAV 2017 Annual Conference May 03, 2017 Glenn R. Wilson ODU IT Audit Manager

COBIT 5 Control Objectives

COBIT 5 does not make reference to specific control objectives.

COBIT 5 defines IT related goals and processes for achieving enterprise goals.

4

Page 5: Evaluating System Controls COBIT 5 Integration System Controls COBIT 5 Integration CUAV 2017 Annual Conference May 03, 2017 Glenn R. Wilson ODU IT Audit Manager

The assessment model enables assessments by enterprisesto support process improvement. Guidance is given in aseparate assessor guide on a scoping approach to select theprocesses to be assessed, including the use of ISACA’spublished COBIT 5 mappings to determine the processes tobe assessed.

These mappings include:

• Linking enterprise goals to enterprise-related IT goals• Linking enterprise-related IT goals to IT processes

Copyright© 2013 ISACA5

Page 6: Evaluating System Controls COBIT 5 Integration System Controls COBIT 5 Integration CUAV 2017 Annual Conference May 03, 2017 Glenn R. Wilson ODU IT Audit Manager

COBIT 5 IT Related Goals and Balanced Scorecard Dimensions

6

17 IT Related Goals • Financial (6)• Customer (2) • Internal (7) • Learning and Growth (2)

37 Defined Processes • Evaluate Direct and Monitor (5)• Align, Plan and Organize (13)• Build, Acquire and Implement (10) • Deliver Service and Support (6)• Monitor Evaluate, Assess (3)

Goal-Process Map

Page 7: Evaluating System Controls COBIT 5 Integration System Controls COBIT 5 Integration CUAV 2017 Annual Conference May 03, 2017 Glenn R. Wilson ODU IT Audit Manager

COBIT 5

7

Page 8: Evaluating System Controls COBIT 5 Integration System Controls COBIT 5 Integration CUAV 2017 Annual Conference May 03, 2017 Glenn R. Wilson ODU IT Audit Manager

8

Page 9: Evaluating System Controls COBIT 5 Integration System Controls COBIT 5 Integration CUAV 2017 Annual Conference May 03, 2017 Glenn R. Wilson ODU IT Audit Manager

Processes and Primary Goals

9

Page 10: Evaluating System Controls COBIT 5 Integration System Controls COBIT 5 Integration CUAV 2017 Annual Conference May 03, 2017 Glenn R. Wilson ODU IT Audit Manager

10

Page 11: Evaluating System Controls COBIT 5 Integration System Controls COBIT 5 Integration CUAV 2017 Annual Conference May 03, 2017 Glenn R. Wilson ODU IT Audit Manager

11Copyright© 2014 ISACA

Page 12: Evaluating System Controls COBIT 5 Integration System Controls COBIT 5 Integration CUAV 2017 Annual Conference May 03, 2017 Glenn R. Wilson ODU IT Audit Manager

12

Page 13: Evaluating System Controls COBIT 5 Integration System Controls COBIT 5 Integration CUAV 2017 Annual Conference May 03, 2017 Glenn R. Wilson ODU IT Audit Manager

13

Composite Doc

Page 14: Evaluating System Controls COBIT 5 Integration System Controls COBIT 5 Integration CUAV 2017 Annual Conference May 03, 2017 Glenn R. Wilson ODU IT Audit Manager

Evaluating System ControlsCOBIT 5 Integration

14

Questions?

Glenn R. WilsonODU IT Audit Manager

[email protected]


COBIT 5 - · PDF fileている。COBIT 5は、ITガバナンスおよびIT ... 「COBIT 5 for Assurance」「COBIT 5 for Risk」「COBIT Assessment Programme

COBIT 5 & COBIT 5 for Risk An overview - ISACA · • Cobit 5.0 SME Reviewer • Cobit for Risk development workshop and SME reviewer • Cobit for Risk Scenarios Guide Task Force

Communications Ltd. - AF Business...Communications Ltd. ... –ISO 27001 and 27002 ... COBIT Foundation, COBIT Implementation, COBIT Assessor, COBIT INCS, CISSP, CPA, CMA, CMC, ITIL

ICETEX€¦ · COBIT el de TI COBIT: Alineamiento con otros Estándares Frameworks COBIT: Cum limiento con Le es Re ulaciones. COBIT SOX COBIT: COBIT: Online COBIT: QuickStart Guía

Intro To COBIT IT Controls And Cost Benefit Analysis

Introduction to COBIT 5 - NUS STMI · Introduction to COBIT 5 About COBIT 5 This one-day “Introduction to COBIT 5” course provides an introduction to the COBIT 5 governance framework

COBIT® 5 Supplementary Guide for the COBIT 5 Process ...campus.itpreneurs.com/itpreneurs/LPEngine/Cobit/Foundation/English... · COBIT® 5 Supplementary Guide for the COBIT 5 Process

Enterprise Governance of IT - s u · Implementation status COBIT and VALIT . 2,50 2,60 2,70 2,80 2,90 3,00 3,10 3,20 3,30 3,40 3,50 COBIT PO COBIT AI COBIT DS COBIT ME COBIT Total

COBIT Framework 5 - cis.hr · COBIT 5 objedinjuje i integrira COBIT 4.1, Val IT 2.0 i Risk IT okvir i izvodi se iz ISACA IT ... COBIT 5 Framework, COBIT 5 Implementation, COBIT Framework

Perbedaan cobit 4.1 dan cobit 5

AI Risk and Controls matrix · COBIT area . Align, Plan and Organise . Please select a category for managing risks and controls for AI solutions. 2018 KPG LLP, a K limited liability

C12 - COBIT Fundamentals - ISACA · C12 ‐‐COBIT Fundamentals and Uses Miguel (Mike) O. Villegas, CISA, CISSP 2007 SF ISACA Fall Conference San ... controls replaced the 18 application

A Sunera How To: Information Technology General Controls ... · Mapping PCAOB AS 5 to COBIT 5 Processes to Identify Relevant ITGC controls • COBIT 5 processes mapped to PCAOB Auditing

COBIT 5 | Foundation - ITpreneurscampus.itpreneurs.com/itpreneurs/LPEngine/Cobit/Foundation/English… · — co COBIT 5 Process Mapping COBIT 5 IT-related Goals to Processes (Contd.)

Cobit 4.1 vs Cobit 5

Shedding Light on Key Controls IT AUDITING FOR NON-IT AUDITORS Michelle Workman George Mason University Glenn Wilson Old Dominion University CUAV 2015

COBIT 5 Online Collaborative Environmentitil.se/itilse_documents/COBIT5-Laminate.pdf · COBIT® 5: Enabling Information COBIT® 5: Enabling Processes Other Enabler Guides COBIT®

Framework Assessing 20 Critical Controls ISO 15504 COBIT 5

Internal Control Using COBIT 5 - community.mis.temple.edu · COBIT® 5 Abstract Internal controls are often not well understood in business. They may even be shunned in enterprises

CobiT CobiT CobiT CobiT CobiT CobiT CobiT CobiT , ITIL and

Internal Control Using COBIT 5 - Temple Fox MIScommunity.mis.temple.edu/mis5202online2016/files/... · Internal Control Using COBIT® 5 Abstract Internal controls are often not well

Comparing COBIT 4.1 and COBIT 5 - ISACA

COBIT Ecopetrol S.A. IT COBIT 5 - Information … · COBIT® Process Assessment Model PAM :Using COBIT ... Sai K. Honig CISA CIA IT 10 Honig COBIT ITIL HIPAA ... 2014 COBIT 5 Risk

Cloud computing: COBIT-mapped benefits, risks and controls for

Cobit v5.0 BSC de TI con COBIT

COBIT Self-Assessment Guide Using COBIT 5-Libre

COBIT 5 ISACA's new Framework for IT Governance, Risk ... COBIT 5.0 Framework.pdf · COBIT 5 ISACA’s new framework for IT Governance, Risk, ... COBIT 5© ISACA Mapping IT ... COBIT

CobiT - Alex Kornev...CobiT - limited ISO 17799 - limited ITIL-limited CobiT v3 Metrics People Controls Structure & Roles Processes Technology ©2002 PricewaterhouseCoopers LLP. PricewaterhouseCoopers

COBIT 5 Online Collaborative Environment - · PDF file2/15/2014 · COBIT® 5 COBIT 5 Online Collaborative Environment ... COBIT® 5 for Risk Other Professional Guides COBIT 5 Principles

Comparing COBIT 4.1 and COBIT 5 Comparing COBIT 4.1 and COBIT 5 Presented by

mountainview Achieving IT Governance with COBIT, ITIL ... · Achieving IT Governance with COBIT, ITIL, ISO20000, CMM, ISO17799, etc. Abstract: ... The enforcement of IT controls and

COBIT 5 ISACA MTY 2012 05 v1.3m.isaca.org/chapters7/Monterrey/Events/Documents/20120305 CobiT 5.pdf · V. Diferencias de COBIT 5 con COBIT 4.1 VI. Futuros productos COBIT. I. Introducción

Comparación de CobiT 5 con CobiT 4.1

IIA Standards Briefing CUAV 2011 Williamsburg Virginia May 23, 2011

committed to compliance the necessary - Safeguard Properties/media/Ho… · committed to compliance and the necessary ... Related Technology (COBIT) controls, ... • Network vulnerability