Page 95 - DCAP307_PLANNING_AND_MANAGING_IT_INFRASTRUCTURE
P. 95
Unit 5: Corporate Governance and IT
are grouped into four main domains: planning and organisation, acquisition and implementation, Notes
delivery and support, and monitoring. Corresponding to each of the control objectives are
detailed control objectives (see Table 5.2).
Planning and organising: This domain covers a whole range of topics. Included are the
strategy and tactics used by IT to achieve business objectives, strategy planning, strategy
communication, strategy management, risk management, and resource management,
which insures that the required technology infrastructure and human capital are in place.
Acquisition and implementation: For IT to realise its strategy, it must identify, develop or
acquire, and implement solutions to business processes. Additionally, it must manage the
life cycle of existing systems through maintenance, enhancements, and retirements.
Delivery and support: On its most basic level, IT delivers services to its customers (users).
This domain concerns service and support issues including performance and security, and
it also includes training.
Monitoring: All IT processes need to be regularly assessed for their quality and compliance
with control requirements. The monitoring domain addresses management’s oversight
of the organisation’s control processes.
Table 5.2: COBIT Control Objectives
Source: http://i.bnet.com/whitepapers/051103656300.pdf
More recently, COBIT added a set of action-oriented management guidelines to provide
management direction for monitoring achievement of organisational goals, for monitoring
performance within each IT process, and for benchmarking organisational achievement.
LOVELY PROFESSIONAL UNIVERSITY 89
