COBIT

COBIT (Control Objectives for Information and Related Technology) is an international open standard that defines requirements for the control and security of sensitive data and provides a reference framework. COBIT was first produced in the 1990s by the IT Governance Institute.

COBIT consists of an executive summary, management guidelines, framework, control objectives, implementation toolset and audit guidelines. Extensive support is provided, including a list of critical success factors for measuring security program effectiveness and benchmarks for auditing purposes

COBIT has been revised several times since inception and upgrades are published at regular intervals.

Read more about COBIT: - The Information Systems Audit and Control Association (ISACA) provides an overview of COBIT along with links and downloads. - The ControlIT User Group offers COBIT-related support and information.

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT COSO and COBIT: The value of compliance frameworks for SOX In this tip, contributor Mike Rothman examines these compliance paradigms and offers insights on how they can help organizations and auditors speak... ISO 17799: A methodical approach to partner and service provider security management In this tip, Richard Mackey explains how ISO 17799, a standard set of security best practices, can help infosec pros perform partner and service... Mapping the path toward information security program maturity In this tip, Ed Moyle explains why creating a security program maturity map is a sensible way to not only track a program's growth, but also isolate...