What kind of training do you recommend for individuals within an organization pursuing COBIT 5 certification?
Ask the Expert!
Got a vexing problem for Mike Chapple or any of our other experts? Ask your enterprise-specific questions today! (All questions are anonymous.)
The Information Systems Audit and Control Association (ISACA) provides the Control Objectives for Information Technology (COBIT) as an industry-standard framework for governing enterprise IT. Earlier this year, they released the fifth version of COBIT, which consolidates this framework and several other documents on risk management, business value and information security into a single framework. Many organizations choose to adopt the COBIT framework as their approach to achieving compliance with the Sarbanes-Oxley Act (SOX).
This widespread reliance on COBIT creates a demand for the training and certification of IT governance professionals. The best training path for you depends upon both your prior experience with COBIT and your role within your organization. If you're familiar with COBIT 4 and wish to upgrade your knowledge base, or you only need a passing familiarity with COBIT, ISACA offers a one-day Introduction to COBIT 5 workshop that should fit the bill.
If you need a more advanced understanding of COBIT 5, there are four programs available. The COBIT 5 Foundation Course and the IT Process Level Course provide a solid foundation for IT governance professionals. The COBIT Implementation course is designed for individuals who are directly responsible for implementing the COBIT framework either for their own organizations or for clients. Finally, the COBIT Assessment course provides training for individuals seeking to assess the COBIT status of other organizations. More information about these courses is available on ISACA's website.
ISACA plans to accredit third-party trainers and training organizations to facilitate officially sanctioned COBIT 5 training programs. Watch for more details and the first accredited trainers, because this will likely increase the training options available to you.
Dig Deeper on Security audit, compliance and standards
Related Q&A from Mike Chapple
It's not possible to eradicate the risk of DoS attacks, but there are steps infosec pros can take to reduce their impact. Mike Chapple shares ... Continue Reading
The HHS OCR ruled that healthcare ransomware attacks are HIPAA violations, so these covered entities need to react according to the HHS's guidance. ... Continue Reading
HIPAA regulations incorporate NIST guidelines and standards, so do healthcare organizations need to be compliant with both? Expert Mike Chapple ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.