-Mapping—Three detailed mappings: COBIT processes to COSO components, COBIT control objectives to COSO components, and ISO17799 to COBIT control objectives and processes -Presentations—Two general COBIT slide presentations (one long and one summarized), plus presentations on COBIT’s Management Guidelines, COBIT’s new products, COBIT case studies, a mapping of COBIT to other standards (ITIL and BS7799), and results of two surveys (IT governance maturity survey and IT control maturity survey)

-Templates—A PowerPoint document that contains example templates that can be used to support the IT governance implementation activities. The templates are intended to be generic and simple to use and can be tailored to suit a particular organisation.

-COBIT Frequently Asked Questions (FAQ)—Basic information to help the user understand the purpose, framework and structure of COBIT

-Themes-to-risk-factor Diagnostic—Maps a number of risk factors commonly found in IT environments with two sets of themes: the facets of IT governance, and examples of current management concerns. This tool helps in understanding how risks and themes interrelate.

-Themes-to-control Diagnostic—Maps the themes described above to the COBIT IT processes and detailed control objectives. This tool helps in selecting the processes and controls that are likely to be relevant to a particular theme.

-Example IT Balanced Scorecard—An example IT balanced scorecard, along with a high-level implementation process to create it

-Management Awareness Diagnostics—Two tools are provided: one that ranks process importance and performance, and records whether the process is audited, formalised and accountable, and who performs it; and a second that assesses the process importance and checks some key issues about the way the process is being managed.

-Risk Analysis Approach—A generally accepted approach towards risk analysis, which starts with combining the probability of a threat, the degree of vulnerability and the severity of an impact, to conclude on a risk assessment. This is followed by the selection of countermeasures (controls) and an evaluation of their effectiveness, which also identifies residual risk.

-Maturity Measurement Information—An article that describes the purpose of, “health warnings” about and some approaches to maturity measurement, and an Excel tool to help in setting up a maturity measurement for an IT process. It provides a template to decompose the maturity descriptions into a number of statements/attributes per maturity level. Additionally, a weight factor can be assigned to each maturity attribute and maturity level (depending on the organization).

-Reporting Techniques—Sample graphics showing how to communicate COBIT issues and convey key messages to management and other audiences, thus raising awareness and enabling a focus on important topics that are otherwise often lost in lengthy written reports.
Добавлен: 25-мар-2005 Заинтересовались этим товаром: 5944