Posted by: Robert Davis
Acquire and Implement, Availability, COBIT Domains, Confidentiality, Control Objectives, Deliver and Support, Effectiveness, Efficiency, Integrity, Monitor and Evaluate, Plan and Organize, Planning Committee, Reliability
Using SWOT, each IT objectives analysis team member should have conversations with at least four other individuals from the entity to solicit their situational assessment of the current state of IT controls. At a minimum, the four individuals — queried independently by each team member involved in the SWOT exercise — should include: someone two levels senior from themselves, someone from a different functional area, someone known for creative thinking, and someone with a reputation for levelheaded decisions. Subsequently, in a group setting, IT team members should discuss and compare their individual perspectives to arbitrate and document IT control consensus.
“View Part I of the Governing IT: Setting Control Objectives series here“