the Information Systems Audit and Control Association (ISACA), and
the IT Governance Institute (ITGI) first released a set of best
practices (framework) for IT management called the Control
Objectives for Information and related Technologies (CobIT). Since
then, CobIT has continued to be enhanced, with the most recent
version referred to as CobIT Version 4.1.
focuses on four high level stages of IT Governance:
Plan and Organize:
This stage of IT Governance focuses on defining the strategic IT
plan, determining technology directions, and defining IT processes,
organization and relationships. Further, it is the responsibility of
the governance board to manage the IT investment, communicate
management aims and direction, manage IT human resources and manage
all projects including quality and inherent potential risk.
Acquire and Implement:
This stage focuses on identifying IT requirements, acquiring and
implementing what is required based on current business practices,
and the development of a maintenance plan in order to prolong the
life of an IT system.
Deliver and Support:
This stage focuses on the delivery and support
aspects of systems. Within this domain resides areas such as the
execution of the applications, and the support processes that enable
the effective and efficient execution of these systems. Included within
this responsibility are security and training issues.
Monitor and Evaluate:
This stage focuses on continuously monitoring and
confirming that IT strategy remains consistent with the objectives
with which it was designed and the evaluation of the effectiveness
of IT systems to meet the business objectives of the company.