Is the COBIT framework superior to the other accepted control models?
Most senior managers are aware of the importance of the general control frameworks with respect to their fiduciary responsibility, such as COSO, Cadbury, CoCo or King II; however, they may not necessarily be aware of the details of each. In addition, management is increasingly aware of the more technical security guidance such as ISO 17799, and service delivery guidance such as ITIL. Although the aforementioned models emphasize business control and IT security and service issues, only COBIT attempts to deal with IT-specific control issues from a business perspective. It should be noted that COSO was used as source material for the business model and ISO 17799 and ITIL, amongst many others, were used to develop the control objectives. COBIT is not meant to replace any of these control models. It is intended to emphasize what control is required in the IT environment while working with and building on the strengths of these other control models.
Most senior managers are aware of the importance of the general control frameworks with respect to their fiduciary responsibility, such as COSO, Cadbury, COCO or King; however they may not necessarily be aware of the details of each. In addition, management is increasingly aware of the more technical security guidance such as, OECD and IFAC IT statements at the high level, and DTI Code of Practices at the detailed level. Although the aforementioned models emphasise business control and IT security issues, only COBIT attempts to deal with IT specific control issues from a business perspective. It should be noted that COSO was used as source material for the business model. Lastly, CobiT is not meant to replace any of these control models. It is intended to provide more detail in the IT environment while building on the strengths of these control models.
Related Questions
- The COBIT framework states that the COBIT maturity models are derived from the SEI Capability Maturity Model (CMM). What is the actual relationship between COBIT and CMM?
- Is Licensed to Kill, Inc concerned that the Framework Convention on Tobacco Control might thwart the companys ambitious plans for global expansion?
- Is the COBIT framework superior to the other accepted control models?
