Loading...

Messages

Proposals

Stuck in your homework and missing deadline? Get urgent help in $10/Page with 24 hours deadline

Get Urgent Writing Help In Your Essays, Assignments, Homeworks, Dissertation, Thesis Or Coursework & Achieve A+ Grades.

Privacy Guaranteed - 100% Plagiarism Free Writing - Free Turnitin Report - Professional And Experienced Writers - 24/7 Online Support

Control objectives for information and related technology pdf

30/11/2021 Client: muhammad11 Deadline: 2 Day

Introduction

Ask any IT manager about the challenges in conveying IT risks in terms of business risks, or

about translating business goals into IT goals. It’s a common difficulty, as the worlds of business

and IT do not inherently align. This lack of alignment was unresolved until ISACA developed a

framework called COBIT, first released in 1996. ISACA is an IT professionals’ association

centered on auditing and IT governance. This lab will focus on the COBIT framework. The lab

uses the latest two versions: COBIT 4.1, which is currently the most implemented version, and

COBIT 5, which is the latest version released in June 2012.

Because COBIT 4.1 is freely available at the time of this writing, the lab uses this version to

present handling of risk management. Presentation is done making use of a set of COBIT control

objectives called P09. COBIT P09’s purpose is to guide the scope of risk management for an IT

infrastructure. The COBIT P09 risk management controls help organize the identified risks,

threats, and vulnerabilities, enabling you to manage and remediate them. This lab will also

present how COBIT shifts from the term “control objectives” to a set of principles and enablers

in version 5.

In this lab, you will define COBIT P09, you will describe COBIT P09’s six control objectives,

you will explain how the threats and vulnerabilities align to the definition for the assessment and

management of risks, and you will use COBIT P09 to determine the scope of risk management

for an IT infrastructure.

Learning Objectives

Upon completing this lab, you will be able to:

Define what COBIT (Control Objectives for Information and related Technology) P09 risk

management is for an IT infrastructure.

Describe COBIT P09’s six control objectives that are used as benchmarks for IT risk

assessment and risk management.

Explain how threats and vulnerabilities align to the COBIT P09 risk management definition

for the assessment and management of IT risks.

Use the COBIT P09 controls as a guide to define the scope of risk management for an IT

infrastructure.

Apply the COBIT P09 controls to help organize the identified IT risks, threats, and

vulnerabilities.

Lab #2 Aligning Risks, Threats, and Vulnerabilities to COBIT P09 Risk Management Controls

11

Copyright © 2015 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.

www.jblearning.com Student Lab Manual

Deliverables

Upon completion of this lab, you are required to provide the following deliverables to your

instructor:

1. Lab Report file; 2. Lab Assessments file.

12 | LAB #2 Aligning Risks, Threats, and Vulnerabilities to COBIT P09 Risk Management Controls

Hands-On Steps

Note: This is a paper-based lab. To successfully complete the deliverables for this lab, you will need access to Microsoft® Word or another compatible word processor. For some labs, you may also need access to a graphics line drawing application, such as Visio or PowerPoint. Refer to the Preface of this manual for information on creating the lab deliverable files.

1. On your local computer, create the lab deliverable files.

2. Review the Lab Assessment Worksheet. You will find answers to these questions as you proceed through the lab steps.

3. Review the seven domains of a typical IT infrastructure (see Figure 1).

Figure 1 Seven domains of a typical IT infrastructure

4. On your local computer, open a new Internet browser window.

5. In the address box of your Internet browser, type the URL http://www.isaca.org/Knowledge-Center/cobit/Pages/FAQ.aspx and press Enter to open the Web site.

6. Review the information on the COBIT FAQs page.

13

Copyright © 2015 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.

www.jblearning.com Student Lab Manual

ISACA—45 Years Serving Auditors and Business ISACA is a global organization that defines the roles of information systems governance, security, auditing, and assurance professionals worldwide. ISACA standardizes a level of understanding of these areas through two well- known certifications, the Certified Information Systems Auditor (CISA) and Certified Information Security Manager (CISM). In recent years, ISACA has expanded its certification offerings to include two other certifications around risk and IT governance.

ISACA was previously an acronym expanding to Information Systems Audit and Control Association, but today is known by the name ISACA alone to better serve its wider audience.

Similarly, COBIT was originally an acronym for Control Objectives for Information and related Technology. Now, ISACA refers to the framework as just COBIT, in part because the concept of “control objectives” ends with COBIT version 4.1. COBIT 5 focuses on business-centric concepts and definitions, distinguishes between governance and management, and includes a product family of “enabler guides” and “practice guides.” The recent release of COBIT version 5 is a complete break from COBIT 4. In addition, COBIT 5 also incorporates other ISACA products, including Val IT and Risk IT.

7. In your Lab Report file, describe the primary goal of the COBIT v4.1 Framework. Define COBIT.

8. On the left side of the COBIT Web site, click the COBIT 4.1 Controls Collaboration link.

9. At the top of the page, read about the COBIT Controls area within ISACA’s Knowledge Center.

10. In your Lab Report file, describe the major objective of the Controls area.

11. Scroll down the Web page to the COBIT Domains and Control Objectives section.

12. Click the Text View tab.

13. In your Lab Report file, list each of the types of control objectives and briefly describe them based on the descriptions on the Web site. Include the following:

 Plan and Organize

 Acquire and Implement

 Monitor and Evaluate

 Delivery and Support

 Process Controls

 Application Controls

14. On the Web site, under the Plan and Organize Control Objective description, click the View all the PO Control Objectives link.

14 | LAB #2 Aligning Risks, Threats, and Vulnerabilities to COBIT P09 Risk Management Controls

15. Scroll down and find the P09 Control Objectives, which are labeled Assess and Manage IT Risks.

Note: COBIT 5 is not an evolutionary but a revolutionary change. Naturally, risk management is covered, but it is done in a holistic, end-to-end business approach, rather than in an IT-centered approach.

16. Click the P09.1, IT Risk Management Framework link.

17. Scroll down to about the middle of the page to read about the IT Risk Management Framework.

18. Expand the View value and Risk Drivers and View Control Practices links to learn more.

19. In your Lab Report file, describe what this objective covers.

20. Click the other P09 Control Objectives by first clicking the back button to return to the COBIT Domains and Control Objectives section of the COBIT 4.1 Controls

Collaboration page.

21. Click the Text View tab.

22. Click the View all the PO Control Objectives link.

23. Scroll down to the P09 Control Objectives.

24. Finally, click the P09.2, Establishment of Risk Context link.

25. Repeat this set of instructions for each of the other P09 listings.

26. Read about each of these.

27. In your Lab Report file, explain how you use the P09 Control Objectives to organize identified IT risks, threats, and vulnerabilities so you can then manage and remediate the

risks, threats, and vulnerabilities in a typical IT infrastructure.

Note: This completes the lab. Close the Web browser, if you have not already done so.

15

Copyright © 2015 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.

www.jblearning.com Student Lab Manual

Evaluation Criteria and Rubrics

The following are the evaluation criteria for this lab that students must perform:

1. Define what COBIT (Control Objectives for Information and related Technology) P09 risk management is for an IT infrastructure. – [20%]

2. Describe COBIT P09’s six control objectives that are used as benchmarks for IT risk assessment and risk management. – [20%]

3. Explain how threats and vulnerabilities align to the COBIT P09 risk management definition for the assessment and management of IT risks. – [20%]

4. Use the COBIT P09 controls as a guide to define the scope of risk management for an IT infrastructure. – [20%]

5. Apply the COBIT P09 controls to help organize the identified IT risks, threats, and vulnerabilities. – [20%]

Homework is Completed By:

Writer Writer Name Amount Client Comments & Rating
Instant Homework Helper

ONLINE

Instant Homework Helper

$36

She helped me in last minute in a very reasonable price. She is a lifesaver, I got A+ grade in my homework, I will surely hire her again for my next assignments, Thumbs Up!

Order & Get This Solution Within 3 Hours in $25/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 3 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 6 Hours in $20/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 6 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 12 Hours in $15/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 12 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

6 writers have sent their proposals to do this homework:

Coursework Help Online
Exam Attempter
Assignment Guru
Solutions Store
Solution Provider
Buy Coursework Help
Writer Writer Name Offer Chat
Coursework Help Online

ONLINE

Coursework Help Online

I reckon that I can perfectly carry this project for you! I am a research writer and have been writing academic papers, business reports, plans, literature review, reports and others for the past 1 decade.

$31 Chat With Writer
Exam Attempter

ONLINE

Exam Attempter

I have worked on wide variety of research papers including; Analytical research paper, Argumentative research paper, Interpretative research, experimental research etc.

$27 Chat With Writer
Assignment Guru

ONLINE

Assignment Guru

I will be delighted to work on your project. As an experienced writer, I can provide you top quality, well researched, concise and error-free work within your provided deadline at very reasonable prices.

$23 Chat With Writer
Solutions Store

ONLINE

Solutions Store

Being a Ph.D. in the Business field, I have been doing academic writing for the past 7 years and have a good command over writing research papers, essay, dissertations and all kinds of academic writing and proofreading.

$47 Chat With Writer
Solution Provider

ONLINE

Solution Provider

I have done dissertations, thesis, reports related to these topics, and I cover all the CHAPTERS accordingly and provide proper updates on the project.

$27 Chat With Writer
Buy Coursework Help

ONLINE

Buy Coursework Help

I will provide you with the well organized and well research papers from different primary and secondary sources will write the content that will support your points.

$27 Chat With Writer

Let our expert academic writers to help you in achieving a+ grades in your homework, assignment, quiz or exam.

Similar Homework Questions

Humanities vs science dr radhakrishnan summary - Telstra our customer terms - Annual compliance report template - The cask of amontillado quiz - Nutrition and drugs - Transformer primary and secondary winding resistance - Analysis of case study healing and autonomy - Enterprise Risk Management - Motivation - What wholesale clubs accept discover - Case study - Psychodynamic model of personality worksheet answers - Annotated bibliography - Math playground sofia's world - STR/580 wk5 Apply Signature Assignment: Strategic Analysis - Nema stepper motor frame sizes chart - Edith hamilton mythology chapter 3 pdf - Social - Hypothetico deductive method ppt - Markus prior news vs entertainment - Employee Benefits Package - Cowdroy 1830mm triumph 4 leaf folding door track system - Case Study: Implementation Strategies - Dhcp excluded address cisco - Math made easy praxis - DURBAN )][@][(^ ^) VIP, GENUINE, UNIQUE +27835179056 PILLS E~^££ ABORTION IN STANGER DURBAN PINETOWN limpopo polokwane - The assessment process bshs 395 - Alex szepietowski net worth - Allsp cdu - 1 1 diethyl 2 2 dicarbocyanine iodide color - Argument - Atomic spectroscopy lab answers - Did edward snowden break the law - Should students be allowed to use cell phones in school - Esmee fairbairn collections fund - Mcmaster university nursing admission - Robert arias recently inherited a stock portfolio - What assumption did you make about the reaction of kmno4 - Research Paper - Mind tools time management quiz - Discussion post - Orthographic and oblique projection - The things they carried setting importance - Week7 health discussion assignment 450 - Oh my darling clementine meaning - A database driver is software that lets the - Using the indirect method patent amortization expense for the period - Deliverable 6 - Successful Change Management - Cipd level 3 assignment answers - Which of the following price indices comes closest - The thrill of the grass sparknotes - Engineering economy 16th edition solutions - Lrc3 monmouth army mil nsn nsdata - The crown v clarke case summary - Fed up video questions answers - Xmlpad 3.0 2.1 free download - Disadvantages of steam power plant - Did the aztecs invent chocolate - Examples of personal fitness plans - Palliative care - One of britain's largest children's hospitals working with a ferrari racing team is an example of: - How does the proposition that “state intervention is criminogenic” “hold up” to scrutiny in labeling theory? - Outbreak at watersedge answers - Why does wheeled coach have excess inventory - Asme part numbering system - Civic responsibility lesson plan - Abraham and isaac play summary - Greenville health system leadership - Percent recovery formula organic chemistry - Physics vector problems worksheet - How to get brasso out of cracks - Edu 540 week 8 discussion - Business strategy game low cost strategy - Custom Snapback Caps in Sharjah - Thumbs up elbows back feet apart - Best practices for it infrastructure security policies - Unit 6 Discussion 1 - Social psychology 9th edition pdf aronson - Georges marvellous medicine characters - Enable data integrity access lookup wizard - El hombre les muestra su hotel - Food hygiene level 2 answers - Brawn behind the pawn book - Essay about china culture - Anna laetitia barbauld a summer evening's meditation - Fortune telling fish experiment - Short-Writing #4 - Good examples of advertising directed toward elderly consumers - How would one define business intelligence (B1)? Identify and briefly discuss a real-world application of B1How would one define business intelligence (B1)? Identify and briefly discuss a real-world application of B1 - Statistics - Denial in death of a salesman - Alpha flight services mascot - The saints and the roughnecks summary - Phases of the helping process in social work pdf - Assignment 7 - Conflict of the song of roland - Making snow from diapers - Tvs unidirectional vs bidirectional - Steiner and steiner business government and society - Why cell phones should not be banned in schools