COBIT 4.0 has a stronger trade focus

The IT Governance Institute (ITGI) has released its latest update of Control Objectives for Information and related Technology (COBIT), an internationally accepted IT governance framework used by major companies worldwide. COBIT 4.0 is meant to provide an authoritative, international set of generally accepted practices that help boards of directors, executives and managers increase the value of IT and reduce related risks.

Although COBIT is also widely used as a tool for Sarbanes-Oxley (SOX) compliance, its earlier editions pre-date much of the current control legislation, including SOX. COBIT 4.0 is available as an open standard at www.isaca.org/cobit.

The new edition—COBIT 4.0—provides a stronger business focus to address the evolving responsibilities of boards and employees. COBIT 4.0 marks the first major update of the COBIT core content since the release of COBIT 3rd Edition in 2000. The first edition was published in 1994.

COBIT 4.0 includes guidance for boards of directors and all levels of management. It consists of the executive overview, the framework, the core content (control objectives, management guidelines and maturity models) and Appendices (mappings, cross-references and a glossary).

The core content is divided according to the 34 IT process and gives a complete picture of how to control, manage and measure each process.

In addition, COBIT 4.0:

Analyses how the detailed control objectives can be mapped to the five IT governance domains to identify potential gaps.

Harmonises and maps COBIT to other standards (ITIL, CMM, COSO, PMBOK, ISF and ISO 17799).

Clarifies key goal indicator (KGI) and key performance indicator (KPI) relationships, identifying how KPIs drive the achievement of KGIs.

Links business goals, IT goals and IT processes (detailed research in eight industries results in a clearer insight into how COBIT processes support the achievement of specific IT goals and, by extension, business goals).

COBIT 4.0 replaces the third edition components Executive Summary, Framework, Control Objectives and Management Guidelines. Work is underway to address Audit Guidelines. The introduction of COBIT 4.0 does not invalidate work done with COBIT 3rd Edition, but provides the opportunity to build on that work.