 "ISACA Issues COBIT Assessment Programme")
For the past 15 years, enterprises around the world have been using COBIT to improve and assess their IT processes. Until now, however, a there has been no consistent approach for internal and external professionals to assess these processes. ISACA’s new COBIT Assessment Programme provides consistency and reliability so business and IT leaders can have confidence in the assessment process and the quality of the results as they maximise the business value of their IT investments.
After conducting a global survey in 2010 to determine market need, ISACA found that 89 percent of the nearly 1,400 respondents expressed a need for a rigorous and reliable IT process capability assessment. To fill the gap, ISACA has released the three-part COBIT Assessment Programme based on COBIT 4.1 and ISO/IEC 15504-2:2003 viz. Information technology—Process assessment—Part 2: Performing an assessment: COBIT Process Assessment Model: Using COBIT 4.1, COBIT Assessor Guide: Using COBIT 4.1, COBIT Self-Assessment Guide: Using COBIT 4.1
“COBIT is the recognised framework globally for IT Governance and has been adopted by various organisations. In India, COBIT has been recognised by the Reserve Bank, SEBI and the C&AG. By bringing the COBIT Process Assessment Model and other related documents, ISACA is helping organisations gauge independently their adherence to the international best practices. Indian enterprises would benefit immensely from this release”, said Niraj Kapasi, International Vice President, ISACA and Chairman of ISACA India Task Force.
Norman Kromberg, CISA, CGEIT, CRISC, participated in the pilot program for the COBIT Assessment Programme with Alliance Data, where he serves as IT audit director.
“The COBIT Assessment Programme is not only workable, but also an effective tool for IT auditors to supplement their existing scope. It fills a gap by putting the lens on process capability,” said Kromberg. “Auditors and consultants will find it particularly useful, as will large and medium-sized organisations that are heavily regulated, such as banks and financial institutions, health care companies, government and state departments, and technology and service providers,” he said.
The COBIT process assessment approach will be integrated into the upcoming COBIT 5 in early 2012. COBIT provides a comprehensive approach to ensure that IT is enabling the achievement of strategic business objectives.