Unit 2 Lab
Michael Sherman
Unit 2 Lab
COBIT is the Control Objectives for Information and related Technology. It is designed to provide a framework for the control of IT functions and is a set of good practices for IT management. COBIT was written by the IT Governance Institute (ITGI) with ISACA, formerly known as the Information Systems Audit and Control Association who now only goes by the acronym. COBIT is referenced in many other standards and is well respected. The basic COBIT principle reinforces IT’s role as a support tool for business requirements and needs to be managed just as well as any other resource. The principle states that there is a cycle between IT and business requirements. Business requirements drive investments in IT resources; IT resources are used by IT processes; IT processes deliver enterprise information; and Enterprise information responds to business requirements.
COBIT is organized in four IT domains that are process oriented. Each domain interacts with the others and is focused on the organizations activities. The first domain, Plan and Organize, covers tactics and strategy, comparing its IT resources to the strategic vision of the organization. The second domain, Acquire and Implement, is where the organization purchases and implements new IT solutions. The third, Deliver and Support, uses these resources to deliver their data or services and ensures the IT services are supporting business requirements. The final domain, Monitor and Evaluate, is used to detect problems and implements controls to ensure the IT resources remain effective and efficient.
CMMI is the Capability Maturity Model Integration, which is a management approach to improve processes by determining different levels of maturity. CMMI is used in three areas of interest; product and service development; service establishment, management, and delivery; and product and service acquisition. Security levels are measured under six levels, from Level 0 (no security
Unit 2 Lab
COBIT is the Control Objectives for Information and related Technology. It is designed to provide a framework for the control of IT functions and is a set of good practices for IT management. COBIT was written by the IT Governance Institute (ITGI) with ISACA, formerly known as the Information Systems Audit and Control Association who now only goes by the acronym. COBIT is referenced in many other standards and is well respected. The basic COBIT principle reinforces IT’s role as a support tool for business requirements and needs to be managed just as well as any other resource. The principle states that there is a cycle between IT and business requirements. Business requirements drive investments in IT resources; IT resources are used by IT processes; IT processes deliver enterprise information; and Enterprise information responds to business requirements.
COBIT is organized in four IT domains that are process oriented. Each domain interacts with the others and is focused on the organizations activities. The first domain, Plan and Organize, covers tactics and strategy, comparing its IT resources to the strategic vision of the organization. The second domain, Acquire and Implement, is where the organization purchases and implements new IT solutions. The third, Deliver and Support, uses these resources to deliver their data or services and ensures the IT services are supporting business requirements. The final domain, Monitor and Evaluate, is used to detect problems and implements controls to ensure the IT resources remain effective and efficient.
CMMI is the Capability Maturity Model Integration, which is a management approach to improve processes by determining different levels of maturity. CMMI is used in three areas of interest; product and service development; service establishment, management, and delivery; and product and service acquisition. Security levels are measured under six levels, from Level 0 (no security