IT Assurance Guide Using COBIT Author:IT Governance Institute IT Assurance Guide provides detailed guidance on how COBIT can be used to support a variety of assurance activities, such as planning, scoping and assessing risks and how an assurance review can be performed for each of the 34 COBIT processes. Assurance steps and advice are provided for:
Generic controls that apply to all processes (... more »identified by PC.n in COBIT)
Specific process controls (identified by domain identification and process number, e.g., PO6.3, AI4.1)
Application controls (identified by AC.n in COBIT to:
Test the control design of the control objective
Test the outcome of the control objective (operational effectiveness)
Document control weaknesses and their impact.
The assurance guide is intended for assurance professionals who require guidance in providing reliable assurance on internal controls, process improvement, financial support audit, etc. In addition, the assurance guide can be used by IT professionals who may be asked for their opinions and recommendations regarding proposed improvements.« less