Advertisement
IT Control Objectives Framework, A Relationship Between COSO Cobit and ITIL
IT Control Objectives Framework, A Relationship Between COSO Cobit and ITIL
IT Control Objectives Framework, A Relationship Between COSO Cobit and ITIL
IT Control Objectives Framework, A Relationship Between COSO Cobit and ITIL
IT Control Objectives Framework, A Relationship Between COSO Cobit and ITIL
IT Control Objectives Framework, A Relationship Between COSO Cobit and ITIL
IT Control Objectives Framework, A Relationship Between COSO Cobit and ITIL
IT Control Objectives Framework, A Relationship Between COSO Cobit and ITIL
IT Control Objectives Framework, A Relationship Between COSO Cobit and ITIL

Check these out next

Business Impact Analysis
Business Impact Analysis
dlfrench
IT Governance - COBIT 5 Capability Assessment
IT Governance - COBIT 5 Capability Assessment
Eryk Budi Pratama
Enterprise Architecture J.P Morgan Chase
Enterprise Architecture J.P Morgan Chase
Hampus Ahlqvist
An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019
Gregor Polančič
Introduction to NIST Cybersecurity Framework
Introduction to NIST Cybersecurity Framework
Tuan Phan
Building Cybersecurity into a Greenfield ICS Project
Building Cybersecurity into a Greenfield ICS Project
John Cusimano, CFSE, CISSP, GICSP
IT Governance Framework
IT Governance Framework
Sherri Booher
ISO/IEC 27001 as a Starting Point for GRC
ISO/IEC 27001 as a Starting Point for GRC
PECB
1 of 9

IT Control Objectives Framework, A Relationship Between COSO Cobit and ITIL

Aug. 30, 2017
Download to read offline
Technology

BoD and BoC may familiar with COSO framework that used as methodology for evaluating an organization's control. There is always a question for them how to control their Information & Technology Division? This slide may help them to understand the relationship between SOX, COSO, Cobit and ITIL which every framework can be mapped into main objectives.

Alfid Ardyanto
IT & GA Manager Hino Finance Indonesia at Hino Finance Indonesia
Advertisement
Advertisement
Advertisement

Recommended

IT Governance - Capability Assessment using COBIT 5IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5Eryk Budi Pratama3K views24 slides
02 Practical Strategies of Conducting BIA02 Practical Strategies of Conducting BIA
02 Practical Strategies of Conducting BIABCM Institute3.5K views28 slides
SOX- IT PerspectiveSOX- IT Perspective
SOX- IT PerspectiveNeelabh Srivastava1.1K views17 slides
Insight into SOARInsight into SOAR
Insight into SOARDNIF470 views13 slides
BUSINESS IMPACT ‎ANALYSIS- DRMBUSINESS IMPACT ‎ANALYSIS- DRM
BUSINESS IMPACT ‎ANALYSIS- DRMLibcorpio 275 views26 slides
CISA Training - Chapter 1 - 2016CISA Training - Chapter 1 - 2016
CISA Training - Chapter 1 - 2016Hafiz Sheikh Adnan Ahmed13.7K views76 slides

More Related Content

Slideshows for you(20)

Business Impact AnalysisBusiness Impact Analysis
Business Impact Analysis
dlfrench11.9K views
IT Governance - COBIT 5 Capability AssessmentIT Governance - COBIT 5 Capability Assessment
IT Governance - COBIT 5 Capability Assessment
Eryk Budi Pratama8.9K views
Enterprise Architecture J.P Morgan ChaseEnterprise Architecture J.P Morgan Chase
Enterprise Architecture J.P Morgan Chase
Hampus Ahlqvist8K views
An Introduction to IT Management with COBIT 2019An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019
Gregor Polančič734 views
Introduction to NIST Cybersecurity FrameworkIntroduction to NIST Cybersecurity Framework
Introduction to NIST Cybersecurity Framework
Tuan Phan9.4K views
Building Cybersecurity into a Greenfield ICS ProjectBuilding Cybersecurity into a Greenfield ICS Project
Building Cybersecurity into a Greenfield ICS Project
John Cusimano, CFSE, CISSP, GICSP938 views
IT Governance FrameworkIT Governance Framework
IT Governance Framework
Sherri Booher2.9K views
ISO/IEC 27001 as a Starting Point for GRCISO/IEC 27001 as a Starting Point for GRC
ISO/IEC 27001 as a Starting Point for GRC
PECB 2.3K views
Problem ManagementProblem Management
Problem Management
Pankaj Maheshwari458 views
IT4IT Overview (A new standard for IT management)IT4IT Overview (A new standard for IT management)
IT4IT Overview (A new standard for IT management)
Charles Betz39.8K views
Cobit 5 - An OverviewCobit 5 - An Overview
Cobit 5 - An Overview
Anurag Purohit3.4K views
Why ISO27001 For My OrganisationWhy ISO27001 For My Organisation
Why ISO27001 For My Organisation
Vigilant Software1.8K views
Iso27001 The Road To CertificationIso27001 The Road To Certification
Iso27001 The Road To Certification
tschraider3.1K views
Vulnerability and Patch ManagementVulnerability and Patch Management
Vulnerability and Patch Management
n|u - The Open Security Community7.4K views
It governance & cobit 5It governance & cobit 5
It governance & cobit 5
Laddawan Rattanaruang73.1K views
Patch Management Best Practices Patch Management Best Practices
Patch Management Best Practices
Ivanti9.9K views
SABSA Implementation(Part V)_ver1-0SABSA Implementation(Part V)_ver1-0
SABSA Implementation(Part V)_ver1-0
Maganathin Veeraragaloo2.2K views
Introduction to JIRA & Agile Project ManagementIntroduction to JIRA & Agile Project Management
Introduction to JIRA & Agile Project Management
Dan Chuparkoff65.5K views
Project plan for ISO 27001Project plan for ISO 27001
Project plan for ISO 27001
technakama4.1K views
Security & Segregation of Duties for PeopleSoftSecurity & Segregation of Duties for PeopleSoft
Security & Segregation of Duties for PeopleSoft
Smart ERP Solutions, Inc.2.4K views

Similar to IT Control Objectives Framework, A Relationship Between COSO Cobit and ITIL(20)

Cobit 2019 framework by ISACACobit 2019 framework by ISACA
Cobit 2019 framework by ISACA
MDFazlaRabbiAbir527 views
Cobit 4.1 indriCobit 4.1 indri
Cobit 4.1 indri
dwiza indri181 views
Internal controls & ai ssInternal controls & ai ss
Internal controls & ai ss
Kashif Rana ACCA2.5K views
COBIT 5 Basic ConceptsCOBIT 5 Basic Concepts
COBIT 5 Basic Concepts
Spyros Ktenas757 views
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500
PECB Webinar: Aligning COBIT 5.0 and ISO/IEC 38500
PECB 2.5K views
Cobi t 4.1-brochureCobi t 4.1-brochure
Cobi t 4.1-brochure
Deloitte539 views
Cobit 4.1 ivo oktaviantiCobit 4.1 ivo oktavianti
Cobit 4.1 ivo oktavianti
darminritonga amy63 views
Cobit 4.1 ivo oktaviantiCobit 4.1 ivo oktavianti
Cobit 4.1 ivo oktavianti
darminritonga amy218 views
Cobit 4.1 ivooktaviantiCobit 4.1 ivooktavianti
Cobit 4.1 ivooktavianti
Ivo Oktavianti52 views
El-Paso SOX TestingTraining- June 2007El-Paso SOX TestingTraining- June 2007
El-Paso SOX TestingTraining- June 2007
Danial Khan1.2K views
IFC Knowldge Sharing 23.02.20 (1).pptxIFC Knowldge Sharing 23.02.20 (1).pptx
IFC Knowldge Sharing 23.02.20 (1).pptx
SejalJain17898012 views
COBITCOBIT
COBIT
Ai Lun Wu169 views
Donna FebrianiDonna Febriani
Donna Febriani
Donna Febriani216 views
ICT Governance for Enterprise Control & Value Creation - Day1ICT Governance for Enterprise Control & Value Creation - Day1
ICT Governance for Enterprise Control & Value Creation - Day1
Jenny Tsuboyama energizIN1.8K views
References & ExamplesReferences & Examples
References & Examples
Jean-Louis CABROLIER600 views
Auditing SOX ITGC ComplianceAuditing SOX ITGC Compliance
Auditing SOX ITGC Compliance
seanpizzy352 views
Recent COSO Internal Control and Risk Management DevelopmentsRecent COSO Internal Control and Risk Management Developments
Recent COSO Internal Control and Risk Management Developments
International Federation of Accountants10.8K views
Agile in a highly regulated organizationAgile in a highly regulated organization
Agile in a highly regulated organization
Tami Flowers358 views
GRC in Australia slidesGRC in Australia slides
GRC in Australia slides
InSync Conference264 views
Internal Financial Controls (IFC) / Internal Control over Financial Reporting...Internal Financial Controls (IFC) / Internal Control over Financial Reporting...
Internal Financial Controls (IFC) / Internal Control over Financial Reporting...
Kirtane Pandit8.4K views
Advertisement

Recently uploaded(20)

Komunikasi Maritime.pdfKomunikasi Maritime.pdf
Komunikasi Maritime.pdf
ChaeriahWael21 view
MSP NOC Services With HEX64 provided BY 24-7 support.docxMSP NOC Services With HEX64 provided BY 24-7 support.docx
MSP NOC Services With HEX64 provided BY 24-7 support.docx
HEX640 views
PyCon Italia 2023.pptxPyCon Italia 2023.pptx
PyCon Italia 2023.pptx
ssuser59b75e0 views
GitHub Copilot: An AI Agent of Change for Civic CodersGitHub Copilot: An AI Agent of Change for Civic Coders
GitHub Copilot: An AI Agent of Change for Civic Coders
Alicia Brown0 views
Vin secure solutions PPT (1).pdfVin secure solutions PPT (1).pdf
Vin secure solutions PPT (1).pdf
vin secure solutions0 views
Brand Boost.docxBrand Boost.docx
Brand Boost.docx
Mayur Agrawal0 views
Network Design.pptxNetwork Design.pptx
Network Design.pptx
HamzaAmin790 views
Internet Internet
Internet
Butterfly education 0 views
Exploring the Cutting-Edge Mobile App Development Technologies: A Look into t...Exploring the Cutting-Edge Mobile App Development Technologies: A Look into t...
Exploring the Cutting-Edge Mobile App Development Technologies: A Look into t...
aTeam soft solutions2 views
traffic-management-100.pdftraffic-management-100.pdf
traffic-management-100.pdf
Prasetyo Bawono0 views
How to Maximize Data Governance in Snowflake Test EnvironmentHow to Maximize Data Governance in Snowflake Test Environment
How to Maximize Data Governance in Snowflake Test Environment
Jade Global0 views
PyCon LT .pptxPyCon LT .pptx
PyCon LT .pptx
ssuser59b75e0 views
FFT Scan tutorial.pptxFFT Scan tutorial.pptx
FFT Scan tutorial.pptx
ssuser8f883c0 views
Blockchain Development KitBlockchain Development Kit
Blockchain Development Kit
Huda Seyam0 views
How to build an AI-powered chatbot.pdfHow to build an AI-powered chatbot.pdf
How to build an AI-powered chatbot.pdf
AnastasiaSteele100 views
The Capital Stack - Mastersfund Curriculum copy.pdfThe Capital Stack - Mastersfund Curriculum copy.pdf
The Capital Stack - Mastersfund Curriculum copy.pdf
Gillian Muessig0 views
Next Generation Digital TransformationNext Generation Digital Transformation
Next Generation Digital Transformation
Vishal Sharma0 views
IMTs testimonials: The case of IMAPS in the GR Public SectorIMTs testimonials: The case of IMAPS in the GR Public Sector
IMTs testimonials: The case of IMAPS in the GR Public Sector
Yannis Charalabidis0 views
2021 ECSE Certificate Design-Sella Septiana.pdf2021 ECSE Certificate Design-Sella Septiana.pdf
2021 ECSE Certificate Design-Sella Septiana.pdf
Sella Serafina2 views
Steel_Bridge_Code.pdfSteel_Bridge_Code.pdf
Steel_Bridge_Code.pdf
DharmPalJangra10 views

IT Control Objectives Framework, A Relationship Between COSO Cobit and ITIL

  1. IT CONTROL OBJECTIVES FRAMEWORK COMPLIANCE WITH COSO AND SARBANES-OXLY ACT Alfid Ardyanto PT Hino Finance Indonesia
  2. SARBANES-OXLY ACT - SOX • SOX is designed to ensure public companies have controls in place over financial reporting; controls that support the assertions that are made in public disclosures of financial statements. SOX Section 302 SOX Section 404 Who Corporate management, executive and financial officer Corporate management, executive and financial officer What 1. Evaluate effectiveness of disclosure controls (with focus on changes since the most recent evaluation) 1. Evaluate design and operating effectiveness of internal controls over financial reporting 2. Evaluate changes in internal control over financial reporting 2. Disclose all known controls, significant deficiencies 3. Disclose all known control deficiencies and weaknesses 3. Disclose acts of fraud 4. Disclose acts of fraud How Often Quarterly Assessment by management Annual assessment by management and independent auditors
  3. COSO - COMMITTEE OF THE SPONSORING ORGANIZATIONS OF THE TREADWAY COMMISSION • Comprehensive framework for evaluating an organization’s controls; process-oriented and controls-based. • Focuses on fiduciary controls; lends itself well to evaluating business processes for SOX. • 3 objective categories. • Operations, Financial Reporting, and Compliance. • 5 control components. • Control Environment, Risk Assessment, Control Activities, Information & Communication, Monitoring. • More information available online (www.coso.org).
  4. CONTROL OBJECTIVES FOR INFORMATION AND RELATED TECHNOLOGY - COBIT IT framework established by IT Governance Institute (ITGI) and Information System Audit and Control Association (ISACA). Comprehensive framework with 4 domains: Plan and Organize, Acquire and Implement, Deliver and Support, and Monitor and Evaluate. ITGI/ISACA recently issued the second edition of “IT Control Objectives for Sarbanes-Oxley”. Maps 12 (of 34) high-level objectives from COBIT to the PCAOB’s 4 categories for General Computer Controls: Program Changes, Program Development, Computer Operations, and Access to Programs and Data. More information available at ITGI (www.itgi.org) or ISACA (www.isaca.org).
  5. IT INFRASTCTURE LIBRARY - ITIL • While COSO and COBIT are widely utilized, there are other frameworks available that can also be leveraged in support of SOX. • IT Infrastructure Library (ITIL) – www.itil.co.uk • ITIL is owned and maintained by the UK Office of Government Commerce (OGC). • International Organization for Standardization (ISO) 17799 – www.iso.org • Can be used to augment COBIT security objectives.
  6. RELATIONSHIPS BETWEEN COSO, COBIT AND ITIL COSOComponents •Control Environment •Risk Assessment •Control Activities •Information and Communication •Monitoring Section302 Section404 CobiT Objectives •Plan and Organize •Acquire and Implementation •Delivery and Support •Monitor and Evaluation
  7. MAPPING COSO & COBIT
  8. MAPPING COBIT & ITIL
  9. END OF PRESENTATION
Advertisement