This extension of the COBIT® family of products explains the 34 processes within this globally accepted IT governance, control and assurance framework.
Control practices provide control approaches consisting of practices that are necessary and sufficient for achieving COBIT® control objectives. These practices support the prevention, detection and correction of undesired events through responsible use of resources, appropriate management of risk and the delivery of value to business.
These statements focus on the details of:
- The COBIT® framework, extending it with more specific implementation focus.
- How each process can assist in controlling and managing risk.
- Managing risk by decreasing the probability of adverse consequences from threats and vulnerabilities, safeguarding the assets, and limiting the impact on the business.
- Increasing business value by achieving efficiency and/or effectiveness gains.
- At least two control practices from each detailed control objective.
Each control practice expands the capabilities of COBIT® by providing the practitioner with an additional level of detail. The COBIT® IT processes, business requirements and control objectives define what needs to be done to implement an effective control structure.
The control practices provide the more detailed how and why needed by management, service providers, end users and control professionals to implement highly specific controls based on an analysis of operational and IT risks.
IT Governance Institute
Format: Spiral Bound
Published: 01 May 2007
Availability: In stock