2007-04-17

How COBIT 4.1 Changed From 4.0

COBIT 4.1, an incremental update to COBIT 4.0, includes:

  • Enhanced executive overview
  • Explanation of goals and metrics in the framework section
  • Better definitions of the core concepts. It is important to mention that the definition of a control objective changed, shifting more toward a management practice statement.
  • Improved control objectives resulting from updated control practices and Val IT development activity. Some control objectives were grouped and/or reworded to avoid overlaps and make the list of control objectives within a process more consistent. These changes resulted in the renumbering of the remaining control objectives. Some other control objectives were reworded to make them more action-oriented and consistent in wording. Specific revisions include:

    - AI5.5 and AI5.6 were combined with AI5.4
    - AI7.9, AI7.10 and AI7.11 were combined with AI7.8
    - ME3 was revised to include compliance with contractual requirements in addition to legal and regulatory requirements
  • Application controls have been reworked to be more effective, based on work to support controls effectiveness assessment and reporting. This resulted in a list of six application controls replacing the 18 application controls in COBIT 4.0, with further detail provided in COBIT Control Practices, 2nd Edition.
  • The list of business goals and IT goals in appendix I was improved, based on new insights obtained during validation research executed by the University of Antwerp Management School (Belgium).
  • The pull-out has been expanded to provide a quick reference list of the COBIT processes, and the overview diagram depicting the domains has been revised to include reference to the process and application control elements of the COBIT framework.
  • Improvements identified by COBIT users (COBIT 4.0 and COBIT Online) have been reviewed and incorporated as appropriate.

没有评论: