SlideShare a Scribd company logo

San Francisco Isaca Fall Security Conference G32 A Modest Via Cobi T Proposal 4.2

Download as PPT, PDF
P
Pw Carey

The document maps the control objectives of ITIL V3, ISO/IEC 27002, and CobiT 4.1 frameworks. It provides mappings for each process area (Acquire and Implement, Deliver and Support, Monitor and Evaluate, Plan and Organize) and lists the relevant control objectives from each framework. Tables and diagrams are used to visually depict the mappings between frameworks. The document aims to show alignments between the frameworks to benefit business.

1 of 60
G32 The Changing Influences of Social Media, WikiLeaks and Whistleblowers A Modest Proposal: The Future of IT Auditing by Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives • AI (Acquire & Implement) • 1, 2, 3 & 4 --- 6 & 7 • DS (Deliver & Support) • 3, 4, & 5 --- 8, 9, 10, 11, 12 & 13 • ME (Monitor & Evaluate) • 1&2 • PO (Plan & Organize) • 1, 2, & 3 --- 5 & 6 --- 8, 9, & 10 2
Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control Objectives: Acquire and Implement (AI) 3
Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control Objectives: Acquire and Implement (AI) 4
Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control Objectives: Acquire and Implement (AI) 5
Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control Objectives: Acquire and Implement (AI) 6
Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control Objectives: Acquire and Implement (AI) 7
Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control Objectives: Acquire and Implement (AI) 8
Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control Objectives: Acquire and Implement (AI) 9
Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control Objectives: Acquire and Implement (AI) 10
Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control Objectives: Acquire and Implement (AI) 11
Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control Objectives: Acquire and Implement (AI) 12
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS)
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS)
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS)
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 16
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 17
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 18
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 19
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 20
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 21
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 22
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 23
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 24
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 25
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 26
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 27
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 28
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 29
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 30
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 31
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 32
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 33
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Monitor and Evaluate (ME) 34
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Monitor and Evaluate (ME) 35
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Monitor and Evaluate (ME) 36
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Monitor and Evaluate (ME) 37
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Monitor and Evaluate (ME) 38
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 39
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 40
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 41
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 42
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 43
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 44
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 45
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 46
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 47
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 48
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 49
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 50
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 51
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 52
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 53
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 54
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 55
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 56
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 57
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 58
Summary, Conclusions & Questions Thank you all for your courteous time and attention today: • Please Note: We’ll be open to and available for discussing any & all areas addressed during this presentation. Respectfully yours, Pw Carey Consultant CISA-CISSP Compliance Partners, LLC 1250 Grove Avenue, Suite 200 Barrington, IL 60010 pwc.pwcarey@gmail.com/ pwcarey@complysys.com 650-278-3731 or 224-633-1378 Fax: 847-381-2067 59
Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives References 1. Aligning Cob iT® 4.1, ITIL® V3 and ISO/IEC 27002 for Business Benefit ® A Management Briefing From ITGI and OGC Reservation of Rights © 2008 ITGI. All rights reserved. No part of this publication may be used, copied, reproduced, modified, distributed, displayed, stored in a retrieval system, or transmitted in any form by any means (electronic, mechanical, photocopying, recording or otherwise), without the prior written authorisation of ITGI. Reproduction and use of all or portions of this publication are solely permitted for academic, internal and non- commercial use and for consulting/advisory engagements, and must include full attribution of the material’s source. No other right or permission is granted with respect to this work. © Crown Copyright material 2008, published in conjunction with the Office of Government Commerce, is reproduced with the permission of the controller of HMSO and Queen’s Printer for Scotland. ISACA and ITGI are registered trademarks of ISACA. Co b i T® is a registered trademark of ISACA and ITGI. ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. IT Infrastructure Library® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. Copies of ISO/IEC 27002:2005 and all ISO standards can be purchased from the American National Standards Institute (ANSI) at http://webstore.ansi.org, phone: +1.212.642.4980; BSI in the UK (www.bsi- global.com/shop.html); and ISO (www.iso.org/iso/store.htm). 60

Recommended

San Francisco Isaca Fall Security Conference G32 A Modest Via Cobi T Proposal...
San Francisco Isaca Fall Security Conference G32 A Modest Via Cobi T Proposal...San Francisco Isaca Fall Security Conference G32 A Modest Via Cobi T Proposal...
San Francisco Isaca Fall Security Conference G32 A Modest Via Cobi T Proposal...
Pw Carey
 
C24 Fraud In The Workplace 3 Mock Trials)[1]
C24 Fraud In The Workplace 3 Mock Trials)[1]C24 Fraud In The Workplace 3 Mock Trials)[1]
C24 Fraud In The Workplace 3 Mock Trials)[1]
Pw Carey
 
San Francisco Isaca Fall Security Conference G32 Wiki Leaks Social Media &amp...
San Francisco Isaca Fall Security Conference G32 Wiki Leaks Social Media &amp...San Francisco Isaca Fall Security Conference G32 Wiki Leaks Social Media &amp...
San Francisco Isaca Fall Security Conference G32 Wiki Leaks Social Media &amp...
Pw Carey
 
San Francisco Isaca Fall Security Conference G32 Wiki Leaks Social Media &amp...
San Francisco Isaca Fall Security Conference G32 Wiki Leaks Social Media &amp...San Francisco Isaca Fall Security Conference G32 Wiki Leaks Social Media &amp...
San Francisco Isaca Fall Security Conference G32 Wiki Leaks Social Media &amp...
Pw Carey
 
San Francisco Isaca 2010 Fall Security Conference C24 Fraud In The Workplac...
San Francisco Isaca 2010 Fall Security Conference C24 Fraud In The Workplac...San Francisco Isaca 2010 Fall Security Conference C24 Fraud In The Workplac...
San Francisco Isaca 2010 Fall Security Conference C24 Fraud In The Workplac...
Pw Carey
 
ISACA San Francisco 2011 Fall Security Conference G32 A Modest Proposal
ISACA San Francisco 2011 Fall Security Conference G32 A Modest ProposalISACA San Francisco 2011 Fall Security Conference G32 A Modest Proposal
ISACA San Francisco 2011 Fall Security Conference G32 A Modest Proposal
Pw Carey
 
Sns소셜미디어(북2룩)
Sns소셜미디어(북2룩)Sns소셜미디어(북2룩)
Sns소셜미디어(북2룩)
Sunho Heo
 
2011 GMC Terrain For Sale In Marshfield WI | Wheelers Automotive
2011 GMC Terrain For Sale In Marshfield WI | Wheelers Automotive2011 GMC Terrain For Sale In Marshfield WI | Wheelers Automotive
2011 GMC Terrain For Sale In Marshfield WI | Wheelers Automotive
Wheelers Automotive
 

Recommended

San Francisco Isaca Fall Security Conference G32 A Modest Via Cobi T Proposal...
San Francisco Isaca Fall Security Conference G32 A Modest Via Cobi T Proposal...San Francisco Isaca Fall Security Conference G32 A Modest Via Cobi T Proposal...
San Francisco Isaca Fall Security Conference G32 A Modest Via Cobi T Proposal...
Pw Carey
 
C24 Fraud In The Workplace 3 Mock Trials)[1]
C24 Fraud In The Workplace 3 Mock Trials)[1]C24 Fraud In The Workplace 3 Mock Trials)[1]
C24 Fraud In The Workplace 3 Mock Trials)[1]
Pw Carey
 
San Francisco Isaca Fall Security Conference G32 Wiki Leaks Social Media &amp...
San Francisco Isaca Fall Security Conference G32 Wiki Leaks Social Media &amp...San Francisco Isaca Fall Security Conference G32 Wiki Leaks Social Media &amp...
San Francisco Isaca Fall Security Conference G32 Wiki Leaks Social Media &amp...
Pw Carey
 
San Francisco Isaca Fall Security Conference G32 Wiki Leaks Social Media &amp...
San Francisco Isaca Fall Security Conference G32 Wiki Leaks Social Media &amp...San Francisco Isaca Fall Security Conference G32 Wiki Leaks Social Media &amp...
San Francisco Isaca Fall Security Conference G32 Wiki Leaks Social Media &amp...
Pw Carey
 
San Francisco Isaca 2010 Fall Security Conference C24 Fraud In The Workplac...
San Francisco Isaca 2010 Fall Security Conference C24 Fraud In The Workplac...San Francisco Isaca 2010 Fall Security Conference C24 Fraud In The Workplac...
San Francisco Isaca 2010 Fall Security Conference C24 Fraud In The Workplac...
Pw Carey
 
ISACA San Francisco 2011 Fall Security Conference G32 A Modest Proposal
ISACA San Francisco 2011 Fall Security Conference G32 A Modest ProposalISACA San Francisco 2011 Fall Security Conference G32 A Modest Proposal
ISACA San Francisco 2011 Fall Security Conference G32 A Modest Proposal
Pw Carey
 
Sns소셜미디어(북2룩)
Sns소셜미디어(북2룩)Sns소셜미디어(북2룩)
Sns소셜미디어(북2룩)
Sunho Heo
 
2011 GMC Terrain For Sale In Marshfield WI | Wheelers Automotive
2011 GMC Terrain For Sale In Marshfield WI | Wheelers Automotive2011 GMC Terrain For Sale In Marshfield WI | Wheelers Automotive
2011 GMC Terrain For Sale In Marshfield WI | Wheelers Automotive
Wheelers Automotive
 
My goals
My goals My goals
My goals
tambololy
 
Austen house
Austen houseAusten house
Austen house
austen5beaumont
 
Raggi, WayBank
Raggi, WayBankRaggi, WayBank
Raggi, WayBank
Maria Elena Rossi
 
Paradigmas
ParadigmasParadigmas
Paradigmas
Andrés Ramírez
 
Grasslands
GrasslandsGrasslands
Grasslands
kkriner72
 
TCD 2011 - Nytt kurs innen Arbeidstillatelse og Sikker Jobbanalyse v/Carsten ...
TCD 2011 - Nytt kurs innen Arbeidstillatelse og Sikker Jobbanalyse v/Carsten ...TCD 2011 - Nytt kurs innen Arbeidstillatelse og Sikker Jobbanalyse v/Carsten ...
TCD 2011 - Nytt kurs innen Arbeidstillatelse og Sikker Jobbanalyse v/Carsten ...
Mintra Trainingportal - Training for the Oil and Gas Industry
 
Aniversario de comaja
Aniversario de comajaAniversario de comaja
Aniversario de comaja
Eduardo Goncalvez
 
Pedagogisk design (e-læring) - Presentasjon hos Innovasjon Norge
Pedagogisk design (e-læring) - Presentasjon hos Innovasjon NorgePedagogisk design (e-læring) - Presentasjon hos Innovasjon Norge
Pedagogisk design (e-læring) - Presentasjon hos Innovasjon Norge
Mintra Trainingportal - Training for the Oil and Gas Industry
 
Remember when you were young
Remember when you were youngRemember when you were young
Remember when you were young
richardbran
 
Gestione Fermata Straordinaria Bi
Gestione Fermata Straordinaria BiGestione Fermata Straordinaria Bi
Gestione Fermata Straordinaria Bi
maxvannu
 
Digiconta Kobra General Catalogue Pt
Digiconta Kobra General Catalogue PtDigiconta Kobra General Catalogue Pt
Digiconta Kobra General Catalogue Pt
Alexandre Sequeira
 
Tcd 2014 tirsdag_05 mintra_mobile_enheter
Tcd 2014 tirsdag_05 mintra_mobile_enheterTcd 2014 tirsdag_05 mintra_mobile_enheter
Tcd 2014 tirsdag_05 mintra_mobile_enheter
Mintra Trainingportal - Training for the Oil and Gas Industry
 
Systematikk
SystematikkSystematikk
Systematikk
Martin Støver
 
ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?
PECB
 
ITSM Foundation Course Material
ITSM Foundation Course MaterialITSM Foundation Course Material
ITSM Foundation Course Material
stefanhenry
 
ITIL and ISO 20000: Fundamentals and necessary compliance Synergies
ITIL and ISO 20000: Fundamentals and necessary compliance SynergiesITIL and ISO 20000: Fundamentals and necessary compliance Synergies
ITIL and ISO 20000: Fundamentals and necessary compliance Synergies
PECB
 
Cobit5 owerwiev and implementation proposal
Cobit5 owerwiev and implementation proposalCobit5 owerwiev and implementation proposal
Cobit5 owerwiev and implementation proposal
Emilio Gratton
 
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to KnowCMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
PECB
 
Presentation_P5_4560310_ISO_19650_inWebGIS.pdf
Presentation_P5_4560310_ISO_19650_inWebGIS.pdfPresentation_P5_4560310_ISO_19650_inWebGIS.pdf
Presentation_P5_4560310_ISO_19650_inWebGIS.pdf
Arief Rahman
 
Bs 0 2011 principles of standardisation
Bs 0 2011 principles of standardisationBs 0 2011 principles of standardisation
Bs 0 2011 principles of standardisation
Normdocs
 
Cobit® 5 Comparação com Cobit® 4
Cobit® 5 Comparação com Cobit® 4Cobit® 5 Comparação com Cobit® 4
Cobit® 5 Comparação com Cobit® 4
brunise
 
Cobit5 compare-with-4.1
Cobit5 compare-with-4.1Cobit5 compare-with-4.1
Cobit5 compare-with-4.1
AVASP - Ambiente Virtual de Aprendizado de São Paulo
 

More Related Content

Viewers also liked

Remember when you were young
Remember when you were youngRemember when you were young
Remember when you were young
richardbran
 
Gestione Fermata Straordinaria Bi
Gestione Fermata Straordinaria BiGestione Fermata Straordinaria Bi
Gestione Fermata Straordinaria Bi
maxvannu
 

Viewers also liked (13)

My goals
My goals My goals
My goals
 
Austen house
Austen houseAusten house
Austen house
 
Raggi, WayBank
Raggi, WayBankRaggi, WayBank
Raggi, WayBank
 
Paradigmas
ParadigmasParadigmas
Paradigmas
 
Grasslands
GrasslandsGrasslands
Grasslands
 
TCD 2011 - Nytt kurs innen Arbeidstillatelse og Sikker Jobbanalyse v/Carsten ...
TCD 2011 - Nytt kurs innen Arbeidstillatelse og Sikker Jobbanalyse v/Carsten ...TCD 2011 - Nytt kurs innen Arbeidstillatelse og Sikker Jobbanalyse v/Carsten ...
TCD 2011 - Nytt kurs innen Arbeidstillatelse og Sikker Jobbanalyse v/Carsten ...
 
Aniversario de comaja
Aniversario de comajaAniversario de comaja
Aniversario de comaja
 
Pedagogisk design (e-læring) - Presentasjon hos Innovasjon Norge
Pedagogisk design (e-læring) - Presentasjon hos Innovasjon NorgePedagogisk design (e-læring) - Presentasjon hos Innovasjon Norge
Pedagogisk design (e-læring) - Presentasjon hos Innovasjon Norge
 
Remember when you were young
Remember when you were youngRemember when you were young
Remember when you were young
 
Gestione Fermata Straordinaria Bi
Gestione Fermata Straordinaria BiGestione Fermata Straordinaria Bi
Gestione Fermata Straordinaria Bi
 
Digiconta Kobra General Catalogue Pt
Digiconta Kobra General Catalogue PtDigiconta Kobra General Catalogue Pt
Digiconta Kobra General Catalogue Pt
 
Tcd 2014 tirsdag_05 mintra_mobile_enheter
Tcd 2014 tirsdag_05 mintra_mobile_enheterTcd 2014 tirsdag_05 mintra_mobile_enheter
Tcd 2014 tirsdag_05 mintra_mobile_enheter
 
Systematikk
SystematikkSystematikk
Systematikk
 

Similar to San Francisco Isaca Fall Security Conference G32 A Modest Via Cobi T Proposal 4.2

ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?
PECB
 
ITSM Foundation Course Material
ITSM Foundation Course MaterialITSM Foundation Course Material
ITSM Foundation Course Material
stefanhenry
 
ITIL and ISO 20000: Fundamentals and necessary compliance Synergies
ITIL and ISO 20000: Fundamentals and necessary compliance SynergiesITIL and ISO 20000: Fundamentals and necessary compliance Synergies
ITIL and ISO 20000: Fundamentals and necessary compliance Synergies
PECB
 
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to KnowCMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
PECB
 
Presentation_P5_4560310_ISO_19650_inWebGIS.pdf
Presentation_P5_4560310_ISO_19650_inWebGIS.pdfPresentation_P5_4560310_ISO_19650_inWebGIS.pdf
Presentation_P5_4560310_ISO_19650_inWebGIS.pdf
Arief Rahman
 
Bs 0 2011 principles of standardisation
Bs 0 2011 principles of standardisationBs 0 2011 principles of standardisation
Bs 0 2011 principles of standardisation
Normdocs
 

Similar to San Francisco Isaca Fall Security Conference G32 A Modest Via Cobi T Proposal 4.2 (9)

ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?
 
ITSM Foundation Course Material
ITSM Foundation Course MaterialITSM Foundation Course Material
ITSM Foundation Course Material
 
ITIL and ISO 20000: Fundamentals and necessary compliance Synergies
ITIL and ISO 20000: Fundamentals and necessary compliance SynergiesITIL and ISO 20000: Fundamentals and necessary compliance Synergies
ITIL and ISO 20000: Fundamentals and necessary compliance Synergies
 
Cobit5 owerwiev and implementation proposal
Cobit5 owerwiev and implementation proposalCobit5 owerwiev and implementation proposal
Cobit5 owerwiev and implementation proposal
 
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to KnowCMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
 
Presentation_P5_4560310_ISO_19650_inWebGIS.pdf
Presentation_P5_4560310_ISO_19650_inWebGIS.pdfPresentation_P5_4560310_ISO_19650_inWebGIS.pdf
Presentation_P5_4560310_ISO_19650_inWebGIS.pdf
 
Bs 0 2011 principles of standardisation
Bs 0 2011 principles of standardisationBs 0 2011 principles of standardisation
Bs 0 2011 principles of standardisation
 
Cobit® 5 Comparação com Cobit® 4
Cobit® 5 Comparação com Cobit® 4Cobit® 5 Comparação com Cobit® 4
Cobit® 5 Comparação com Cobit® 4
 
Cobit5 compare-with-4.1
Cobit5 compare-with-4.1Cobit5 compare-with-4.1
Cobit5 compare-with-4.1
 

San Francisco Isaca Fall Security Conference G32 A Modest Via Cobi T Proposal 4.2

  • 1. G32 The Changing Influences of Social Media, WikiLeaks and Whistleblowers A Modest Proposal: The Future of IT Auditing by Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives
  • 2. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives • AI (Acquire & Implement) • 1, 2, 3 & 4 --- 6 & 7 • DS (Deliver & Support) • 3, 4, & 5 --- 8, 9, 10, 11, 12 & 13 • ME (Monitor & Evaluate) • 1&2 • PO (Plan & Organize) • 1, 2, & 3 --- 5 & 6 --- 8, 9, & 10 2
  • 3. Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control Objectives: Acquire and Implement (AI) 3
  • 4. Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control Objectives: Acquire and Implement (AI) 4
  • 5. Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control Objectives: Acquire and Implement (AI) 5
  • 6. Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control Objectives: Acquire and Implement (AI) 6
  • 7. Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control Objectives: Acquire and Implement (AI) 7
  • 8. Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control Objectives: Acquire and Implement (AI) 8
  • 9. Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control Objectives: Acquire and Implement (AI) 9
  • 10. Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control Objectives: Acquire and Implement (AI) 10
  • 11. Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control Objectives: Acquire and Implement (AI) 11
  • 12. Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control Objectives: Acquire and Implement (AI) 12
  • 13. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS)
  • 14. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS)
  • 15. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS)
  • 16. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 16
  • 17. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 17
  • 18. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 18
  • 19. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 19
  • 20. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 20
  • 21. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 21
  • 22. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 22
  • 23. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 23
  • 24. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 24
  • 25. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 25
  • 26. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 26
  • 27. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 27
  • 28. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 28
  • 29. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 29
  • 30. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 30
  • 31. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 31
  • 32. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 32
  • 33. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 33
  • 34. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Monitor and Evaluate (ME) 34
  • 35. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Monitor and Evaluate (ME) 35
  • 36. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Monitor and Evaluate (ME) 36
  • 37. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Monitor and Evaluate (ME) 37
  • 38. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Monitor and Evaluate (ME) 38
  • 39. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 39
  • 40. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 40
  • 41. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 41
  • 42. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 42
  • 43. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 43
  • 44. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 44
  • 45. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 45
  • 46. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 46
  • 47. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 47
  • 48. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 48
  • 49. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 49
  • 50. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 50
  • 51. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 51
  • 52. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 52
  • 53. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 53
  • 54. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 54
  • 55. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 55
  • 56. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 56
  • 57. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 57
  • 58. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 58
  • 59. Summary, Conclusions & Questions Thank you all for your courteous time and attention today: • Please Note: We’ll be open to and available for discussing any & all areas addressed during this presentation. Respectfully yours, Pw Carey Consultant CISA-CISSP Compliance Partners, LLC 1250 Grove Avenue, Suite 200 Barrington, IL 60010 pwc.pwcarey@gmail.com/ pwcarey@complysys.com 650-278-3731 or 224-633-1378 Fax: 847-381-2067 59
  • 60. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives References 1. Aligning Cob iT® 4.1, ITIL® V3 and ISO/IEC 27002 for Business Benefit ® A Management Briefing From ITGI and OGC Reservation of Rights © 2008 ITGI. All rights reserved. No part of this publication may be used, copied, reproduced, modified, distributed, displayed, stored in a retrieval system, or transmitted in any form by any means (electronic, mechanical, photocopying, recording or otherwise), without the prior written authorisation of ITGI. Reproduction and use of all or portions of this publication are solely permitted for academic, internal and non- commercial use and for consulting/advisory engagements, and must include full attribution of the material’s source. No other right or permission is granted with respect to this work. © Crown Copyright material 2008, published in conjunction with the Office of Government Commerce, is reproduced with the permission of the controller of HMSO and Queen’s Printer for Scotland. ISACA and ITGI are registered trademarks of ISACA. Co b i T® is a registered trademark of ISACA and ITGI. ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. IT Infrastructure Library® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. Copies of ISO/IEC 27002:2005 and all ISO standards can be purchased from the American National Standards Institute (ANSI) at http://webstore.ansi.org, phone: +1.212.642.4980; BSI in the UK (www.bsi- global.com/shop.html); and ISO (www.iso.org/iso/store.htm). 60