Gisya Nafilah AIS Assignment
Gisya Nafilah AIS Assignment
Gisya Nafilah AIS Assignment
Lecturer :
Sir Safiq
Arranged by :
Gisya Nafilah
(0082202300048)
Accounting Class 1
COBIT Framework
The Information Systems Audit and Control Association (ISACA) developed the Control
Objectives for Information and Related Technology (COBIT) framework. COBIT consolidates
control standards from many different sources into a single framework that allows (1)
management to benchmark security and control practices of IT environments, (2) users to be
assured that adequate IT security and controls exist, and (3) auditors to substantiate their internal
control opinions and to advise on IT security and control matters.
The COBIT 5 framework describes best practices for the effective governance and management
of IT. COBIT 5 is based on the following five key principles of IT governance and management.
These principles help organizations build an effective governance and management framework
that protects stakeholders’ investments and produces the best possible information system.
1. Meeting stakeholder needs. COBIT 5 helps users customize business processes and procedures
to create an information system that adds value to its stakeholders. It also allows the company to
create the proper balance between risk and reward.
2. Covering the enterprise end-to-end. COBIT 5 does not just focus on the IT operation, it
integrates all IT functions and processes into companywide functions and processes.
3. Applying a single, integrated framework. COBIT 5 can be aligned at a high level with other
standards and frameworks so that an overarching framework for IT governance and management
is created.
4. Enabling a holistic approach. COBIT 5 provides a holistic approach that results in effective
governance and management of all IT functions in the company.
5. Separating governance from management. COBIT 5 distinguishes between governance and
management.
COBIT 5 is a comprehensive framework that helps enterprises achieve their IT governance and
management objectives. This comprehensiveness is one of the strengths of COBIT 5 and
underlies its growing international acceptance as a framework for managing and controlling
information systems.