An extended case study in which students can apply their COBIT
knowledge to a real-life situation
C O B I T ® i n A c a d e m i a T M I T G o v e r n a n c e I n s t i t u t e 1
IT Governance Institute®
The IT Governance Institute (ITGI) (www.itgi.org) was established in 1998 to advance international thinking and standards in directing andcontrolling an enterprise’s information technology. Effective IT governance helps ensure that IT supports business goals, optimises business investment in IT, and appropriately manages IT-related risks and opportunities. The IT Governance Institute offers symposia, original research and case studies to assist enterprise leaders and boards of directors in their IT governance responsibilities.
InformationSystems Audit and Control Association®
With more than 35,000 members in more than 100 countries, the Information Systems Audit and Control Association (ISACA®) (www.isaca.org) is a recognised worldwide leader in IT governance, control, security and assurance. Founded in 1969, ISACA sponsors international conferences, publishes the Information Systems Control Journal®, develops internationalinformation systems auditing and control standards, and administers the globally respected Certified Information Systems Auditor™ (CISA®) designation, earned by more than 35,000 professionals since inception, and the Certified Information Security Manager® (CISM®) designation, a groundbreaking credential earned by 5,000 professionals in its first two years.
The IT Governance Institute,Information Systems Audit and Control Association [the “Owner(s)”] and the authors have designed and created COBIT in Academia and its related publications, titled COBIT® Case Study: TIBO, COBIT® Student Book, COBIT® Caselets and COBIT® Presentation Package, (the “Work”), primarily as an educational resource for educators. The Owners make no claim that use of any of the Work will assure asuccessful outcome. The Work should not be considered inclusive of any proper information, procedures and tests or exclusive of other information, procedures and tests that are reasonably directed to obtaining the same results. In determining the propriety of any specific information, procedure or test, the educator should apply his/her own professional judgement to the specific circumstances presented bythe particular systems or information technology environment.
Copyright © 2004 IT Governance Institute. All rights reserved. This publication is intended solely for academic use and shall not be used in any other manner (including for any commercial purpose). Reproductions of selections of this publication are permitted solely for the use described above and must include the followingcopyright notice and acknowledgement: “Copyright © 2004 IT Governance Institute. All rights reserved. Reprinted by permission.” COBIT in Academia may not otherwise be used, copied, or reproduced, in any form by any means (electronic, mechanical, photocopying, recording or otherwise), without the prior written permission of the IT Governance Institute. Any modification, distribution, performance,display, transmission, or storage, in any form by any means (electronic, mechanical, photocopying, recording or otherwise) of COBIT in Academia is strictly prohibited. No other right or permission is granted with respect to this work.
IT Governance Institute
3701 Algonquin Road, Suite 1010
Rolling Meadows, IL 60008 USA
Phone: +1.847.590.7491 Fax: +1.847.253.1443
E-mail: email@example.comWeb sites: www.itgi.org and www.isaca.org
ISBN 1-893209-96-2 COBIT in Academia
Printed in the United States of America
2 C O B I T ® i n A c a d e m i a T M I T G o v e r n a n c e I n s t i t u t e
IT GOVERNANCE INSTITUTE WISHES TO RECOGNISE:
The Board of Trustees
Marios Damianides, CISA, CISM, CA, CPA, Ernst & Young LLP, USA, International...