Compliance

Effective & Successful Audits

Cobit Compliance Requirements

The Control Objectives for Information and related Technology (COBIT) is a set of best practices (framework) for information technology (IT) management. The framework was created by the Information Systems Audit and Control Association (ISACA), and the IT Governance Institute (ITGI) back in 1996. COBIT provides not only IT users, but also managers and auditors with a set of generally accepted measures, indicators, processes and best practices to assist them in maximizing the benefits derived through the use of information technology.

Further you can use Cobit to develop appropriate IT governance and control in a company. As with all IT-related frameworks and processes, the overall goal is to automate as many processes as possible, leave the actual work to the computers while human beings do the actual creative work of designing and improving the overall operations. This is where CFEngine comes into play.

Using CFEngine as part of your Cobit-process, you will quickly learn how CFEngine can automate your processes, create reports and logs and ensure compliance on different levels.

The 4 domains of Cobit and CFEngine

Cobit defines IT activities in a generic process model within four domains. These domains are (1) Plan and Organise, (2) Acquire and Implement, (3) Deliver and Support and (4) Monitor and Evaluate. The illustration shows these four domains and how they interrelate. Marked with a red star we have indicated the areas in which CFEngine can be used for automation. Across the 4 domains, Cobit has identified 34 IT processes that are generally used.

Below is a list of the processes CFEngine can help automate.