What is COBIT?

COBIT, to the person who belongs to the IT or IT auditor is not foreign to hear. Control Objectives for Information and related Technology (COBIT) is a standard guide of information technology management practices in which a set of documentation of best practices for IT governance that can help auditors, management and user to bridge the gap between business risks, control needs and technical issues .COBIT was developed by the IT Governance Institute, which is part dariInformation Systems Audit and Control
Association (ISACA). COBIT provides direction (guidelines) are business oriented, and therefore the business process owners and managers, including auditors and users, is expected to take advantage of this guideline as well as possible.COBIT framework consists of several directives (guidelines), namely:Control Objectives: It consists of four high-level control objectives (high-level control objectives) are reflected in the four domains, namely: planning and organization, acquisition and implementation, delivery and support, and monitoring.Audit Guidelines: Contains a total of 318 control objectives that are detailed (detailed control objectives) to assist the auditor in memberikanmanagement assurance and / or suggestions for improvement.Management Guidelines: Contains directives, either in general or specific, about what to do, especially in order to answer the following questions: The extent to which you (TI) has to move, and whether the IT costs incurred in accordance with the benefits that result. What are the indicators for a good performance? What are the factors or conditions must be created in order to achieve successful (critical success factors)? What are the risks that arise, if we do not achieve the specified goals? What about the other companies - what do they do? How do you measure success and how to compare them anyway.The COBIT Framework also include the following matters: Maturity Models - To map the status of maturity of IT processes (in a scale of 0-5) compared with "the best in the class in the Industry" and also the International best practices Critical Success Factors (CSFs) - Referral for management implementation in order to exert control over the IT process. Key Goal Indicators (KGIs) - The performance of IT processes with respect to business requirements Key Performance Indicators (KPIs) - The performance of IT processes in relation denganprocess goals COBIT was developed as a Generally applicable and accepted standard for good Information Technology (IT) security and control practices. The term "Generally applicable and accepted" is explicitly used in the same sense as Generally Accepted Accounting Principles (GAAP).Being, COBIT's "good practices" reflects a consensus among experts worldwide. COBIT IT Governance can be used as tools, and also help companies optimize their IT investments. Another important thing, COBIT can also be used as a reference tool in the event of a kesimpang-siuran in the application of technology.Audit planning a technology-based Information Systems (IT audit) by the Internal Auditor, to begin by defining the relevant areas of greatest risk and, through an analysis of the 34 process. While for the needs of a particular assignment, for example, an audit of IT projects, can be started by selecting the relevant processes of these processes.Further, the auditor can use the Audit Guidelines as additional material for designing audit procedures. In short, especially COBIT guidelines can be modified easily, according to the industry, the condition of IT in the company or organization, or a particular object in the IT environment.It can be used by the auditor, COBIT can be used by management as a bridge between IT risks with the controls needed (IT risk management) and also the main reference is very helpful in the application of IT in corporate governancE