• Submitted By: szzhbd
  • Date Submitted: 03/31/2010 7:26 PM
  • Category: English
  • Words: 2013
  • Page: 9
  • Views: 353

COBIT Control Objectives

PO - Planning & Organisation

PO1 Define a Strategic IT Plan
1.1 IT as Part of the Organisation's Long- and Short-Range Plan
1.2 IT Long-Range Plan
1.3 IT Long-Range Planning-Approach and Structure
1.4 IT Long-Range Plan Changes
1.5 Short-Range Planning for the IT Function
1.6 Communication of IT Plans
1.7 Monitoring and Evaluating of IT Plans
8. Assessment of Existing Systems

PO2 Define the Information Architecture
2.1 Information Architecture Model
2.2 Corporate Data Dictionary and Data Syntax Rules
2.3 Data Classification Scheme
2.4 Security Levels

PO3 Determine Technological Direction
3.1 Technological Infrastructure Planning
3.2 Monitor Future Trends and Regulations
3.3 Technological Infrastructure Contingency
3.4 Hardware and Software Acquisition Plans
3.5 Technology Standards

PO4 Define the IT Organisation and Relationships
4.1 IT Planning or Steering Committee
4.2 Organisational Placement of the IT Function
4.3 Review of Organisational Achievements
4.4 Roles and Responsibilities
4.5 Responsibility for Quality Assurance
4.6 Responsibility for Logical and Physical Security
4.7 Ownership and Custodianship
4.8 Data and System Ownership
4.9 Supervision
4.10 Segregation of Duties
4.11 IT Staffing
4.12 Job or Position Descriptions for IT Staff
4.13 Key IT Personnel
4.14 Contracted Staff Policies and Procedures
4.15 Relationships

PO5 Manage the IT Investment
5.1 Annual IT Operating Budget
5.2 Cost and Benefit Monitoring
5.3 Cost and Benefit Justification

PO6 Communicate Management Aims and Direction
6.1 Positive Information Control Environment
6.2 Management's Responsibility for Policies
6.3 Communication of Organisation Policies
6.4 Policy Implementation Resources
6.5 Maintenance of Policies
6.6 Compliance with Policies, Procedures and Standards
6.7 Quality Commitment
6.8 Security and Internal Control Framework Policy

Similar Essays