- Building the Business Case for COBIT® and Val IT™: Executive Briefing
This research explores and demonstrates the business
value of COBIT and Val IT. The enormous dataset resulting from the research
offers many analysis opportunities and, in addition to clarifying the
relationship between enterprise governance of IT and business performance, also
provides a good indication of the current implementation status of the COBIT and
Val IT frameworks within enterprises of different size, industry segment and
geographic location. An overview of the significant market findings is presented
in this executive briefing.
- COBIT and Application Controls: A management Guide
This guide helps business executives, business
management, and IT management, as well as IT developers and implementers,
internal and external auditors and other professionals manage and provide
assurance regarding application controls.
- COBIT User Guide for Service Managers
Aimed at providing specific guidance on how to use COBIT when performing a particular role, this guide focuses on service managers,
providing them a better understanding of the need for IT governance and how to apply good practices in their specific roles and responsibilities. It
facilitates easier use and adoption of COBIT and ITIL concepts and approaches, and encourages integration of COBIT with ITIL.
- ITGI™ Enables ISO/IEC 38500:2008 Adoption
This document explains the practical implications of each
principle of ISO/IEC 38500:2008–Corporate governance of information
technology, together with how ITGI’s guidance enables good practice. It
summarizes how COBIT, Val IT and related guidance support adoption of the
standard’s principles and implementation approach. A list of currently available
products and web links is included in this document.
- ITGI Roundtable Discussions
From time to time, ITGI sits down with industry experts and discusses the current state of IT governance, then shares their thoughts, concerns and suggestions on this increasingly important topic.
- IT Governance and Process Maturity
This project achieved the research objective of
developing robust benchmark information and providing a means for organizations
to answer the question, ‘How do we compare with our peers?’
- Understanding How Business Goals Drive IT Goals
This white paper presents a solid and strong list of 17
generic business goals and 18 generic IT goals, validated and prioritized over
different sectors. More detailed information regarding the full research
methodology and resulting data by specific industry, size or geographic location
is available in the complete research report Identifying and Aligning Business
Goals and IT Goals.
- Identifying and Aligning Business Goals and IT Goals
The focus of this research is better understanding of the cascading relationship amongst business goals, IT goals and IT processes. A strong list of top 10 most important business and IT goals was identified over the different sectors and further analysis by sector and geographic location identified interesting deviations, which increases the practical relevance for companies operating in a specific sector that want to use these lists to help them identify a good set of business/IT goals.
- Information Security Governance: Guidance for Information Security Managers
This publication discusses how to develop an information security strategy within the organization’s governance framework and how to drive that strategy through an information security program. It provides guidance on determining information security objectives and how to measure progress toward achieving them.
- COBIT Security Baseline: An Information Security Survival Kit, 2nd Edition
This guide, based on COBIT 4.1, consists of a comprehensive set of resources that contains the information organizations need to adopt an IT governance and control framework. COBIT covers security in addition to all the other risks that can occur with the use of IT. COBIT Security Baseline focuses on the specific risk of IT security in a way that is simple to follow and implement for the home user or the user in small to medium enterprises, as well as executives and board members of larger organizations.
- COBIT 4.1
This newest version of ISACA’s world-renowned IT governance and control framework offers incremental changes to version 4.0, presenting a streamlined, pragmatic and business-focused approach to implementing IT governance enterprisewide.
- IT Control Objectives for Sarbanes-Oxley 2nd Edition
ITGI has released an updated edition of its well-received publication, IT Control Objectives for Sarbanes-Oxley. The first edition, published in 2004, has been downloaded more than 250,000 times. Companies around the world have used it as a tool for evaluating IT controls in support of Sarbanes-Oxley compliance. Experts from many organizations, including the top 10 accounting and professional firms, provided input and direction for the update. Now available in Japanese and Italian.
- IT Governance Domains Practices and Competencies: IT Alignment - Who Is in Charge?
For any enterprise to achieve long-term sustainable success, it is essential that employees in all elements that comprise the enterprise fully understand corporate objectives and work together in a properly controlled and coordinated way to ensure that those objectives are met. This publication explains why IT alignment is important and discusses various means to achieve alignment, such as the IT strategy committee, IT steering committee and IT investment committee. Concludes with a case study.
- IT Governance Domains Practices and Competencies: Governance of Outsourcing
This volume focuses on outsourcing IT activities, which has become common practice around the world as organizations strive for more effective and efficient IT services. The research examines:
- The primary reasons for outsourcing
- The level of satisfaction
- What works, and what does not work
- The customer’s responsibilities - Is the customer in
- Who should be responsible for what
- How to monitor the provider’s capability
- Information Security Governance—Top Actions for Security Managers (PPT, 336K)
This PowerPoint presentation for complimentary download.
Information Security Governance—Top Actions for Security Managers
furthers the research published by ITGI in 2001, Information Security
Governance: Guidance for Boards of Directors and Executive Management. It
takes the list of questions and creates a list of actions for information
security managers and CISOs. It addresses:
Uncovering the information security issues in an
enterprise from a business and management perspective
Dealing with management’s perception of information
security and security risk management issues
Positioning information security as a component of
IT and business governance
Establishing what is required to ensure that
information security governance is successfully implemented within the
- IT Governance Domains Practices and Competencies: Optimising Value Creation from IT Investments
This volume, one of the five-part IT Governance Domains Practices and Competencies series, focuses on a frequently raised issue in most
organizations, the challenge of achieving adequate returns on IT investment. It examines the relevance of value to IT governance, categories of IT investment, value return targets, the hurdle rate concept, defining and quantifying expected
benefits, realizing the benefits and managing the IT investment portfolio.
- IT Governance Domains Practices and Competencies: Information Risks—Whose Business Are They?
This volume, part of IT Governance Domains Practices and Competencies series, focuses on information risk management, which is a key IT
governance area and a top management concern. It examines why information risk management is important, the risks themselves, information risk management best practices, responsibility for the management of IT risks and a suggested action plan.
- Board Briefing on IT Governance, 2nd Edition
Board Briefing on IT Governance explores the meaning of IT governance, its relationship to enterprise governance and the actions boards and senior management should take to effect IT governance. The newly revised second edition offers insight into a newly defined facet of IT governance—resource management—and includes detailed material on the roles and responsibilities of those involved in various aspects of the IT governance framework. Now available in German, Japanese, and Spanish (1st Edition).
- COBIT Quickstart
This is an abbreviated version of COBIT designed for small to medium enterprises, or those organizations in which IT is not strategically critical to enterprise success. Available from the ISACA Bookstore.