Overview
Organizations are integrating IT with business strategies to achieve their objectives, optimize information value, and capitalize on today’s technologies. COBIT® is the internationally recognized set of IT management best practices, provides a framework for IT governance, control, and audit. This course provides a review of the framework’s contents, how to use it to evaluate the effectiveness of IT activities, and how it compares to other internationally recognized standards and frameworks.
Learning Options
Below are the available learning options for this course:
Enterprise Solutions
Tailored Experience
Bring this course to your organization at your convenience. ACI Learning can deliver this instructor-led course for your team at a chosen location or virtually. Alternatively, choose the topic(s) you need and ACI will craft a training solution to keep your team future-proof.
Customize Your TrainingNASBA Certified CPE
Auditing
Why you should take this course
COBIT is a widely used information technology management and IT governance framework, and audit and IT professionals with knowledge of its content and uses can better perform their duties and advise their clients.
Who should take this course
IT Auditors, Managers and Directors; QA personnel; Information Security Managers, Auditors, Directors, and Analysts; CIOs.
What You'll learn
You will learn how to use COBIT to plan and conduct audits of IT governance, risk, security management, and business continuity. Also, how to use it to perform a process capability assessment and how it integrates into your audit activities.
Prerequisites
- IT Auditing and Controls - ITG101
- IT Audit School - ITG121
- Equivalent Experience
- Review the COBIT® 2019 Framework
- Focus on how you can use this globally-recognized framework for evaluating the effectiveness of IT activities
- Discuss the significant changes incorporated in the new COBIT® 2019 that can be utilized in executing IT audits
- Highlight how to use COBIT® 2019 in conjunction with other internationally recognized standards and frameworks, including the ISO-27001, ISO-27002, ISO-27005 Security Standards and NIST 800-53
- Examples during this seminar will include: Assessing IT Governance using COBIT® 2019, Risk Management, Information Security Management, Business Continuity Planning
- Discuss the COBIT® Foundation, and Design and Implementation Exams
- Discuss exam preparation techniques
- Review sample COBIT® Foundation exam questions
Agenda
COBIT® Background
- COBIT® 2019 and IT Governance
- COBIT® history
- COBIT® Control Practices and Assurance Guide
Summary of COBIT® 2019
- COBIT®2019 Primary Audience
- COBIT®2019 Significant Changes
- COBIT®2019 Principles
- COBIT®2019 Objectives
- Enabling Processes vs. Objectives
- Goals Cascade
- RACI Charts
- Inputs and Outputs
International Standards and Frameworks
- IIA Global Technology Audit Guides
- COSO – Internal Control Framework
- ISO-27001 – ISMS – Information Security Management System
- ISO-27002 – Security Code of Practice
- ISO-27005 – Security Risk Management
- ITIL – IT Infrastructure Library
- FISMA – FIPS 199, NIST 800-53
Assessing IT Governance Using COBIT® 2019
- IIA Governance Definitions
- Defining IT Governance
- Linking Enterprise and IT Governance
- IT Governance Practices
- Governance Frameworks, Standards and Guidelines
- Using COBIT® 2019 to Assess IT Governance
- ISO 38500 – Corporate Governance of IT
- COBIT® 5 Evaluate, Direct and Monitor (EDM)
- EDM-01 – Ensured Governance Framework Setting and Maintenance
- EDM-02 – Ensured Benefits Delivery
- EDM-03 – Ensured Risk Optimization
- EDM-04 – Ensured Resource Optimization
- EDM-05 – Ensured Stakeholder Transparency
Risk Management
- Risk Definitions
- Risk Analysis
- COSO – Risk Assessment
- COSO Enterprise Risk Management
- COBIT® 2019 - Risk Management
- EDM-03 – Ensured Risk Optimization
- APO-12 – Managed Risk
- IIA GTAG – Developing the IT Audit Plan
- ISACA – Risk IT Framework
- ISO 27001 – ISMS Risk Assessment / Management
- ISO 27002 – Section 4 – Risk Assessment
- ISO 27005 – Information Security Risk Management
- NIST 800-30 – Risk Management Guide for IT Systems
- ISACA Risk Standards / Guidelines
Information Security Management
- COBIT® 2019 – Security Management
- APO-13 – Managed Security
- DSS-05 – Managed Security Services
- Information Security Resources
Business Continuity Planning
- COBIT® 2019 DSS-04 – Managed Continuity
- IIA GTAG – Business Continuity Management
- ISO-27002 – Section 14 - Business Continuity Management
- NIST 800-53 – Section CP – Contingency Planning
COBIT® 2019 Resources
- Risk IT Framework
- Val IT Framework
- VIT Assurance Framework
- Board Briefing on IT Governance
- COBIT® 2019 Design and Implementation Guides
Learning Options
Below are the available learning options for this course:
Enterprise Solutions
Tailored Experience
Bring this course to your organization at your convenience. ACI Learning can deliver this instructor-led course for your team at a chosen location or virtually. Alternatively, choose the topic(s) you need and ACI will craft a training solution to keep your team future-proof.
Customize Your TrainingACI Learning is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.nasbaregistry.org.