COBIT Training Courses from SMArt

More strategic perspective, more leadership and yeah, some day more compensation...

Instructor Led Training Courses

View our Training Course Calendar

Online Training Courses

View our Training Course Calendar

Cobit stands for Control Objectives for IT related Technology. From a strategy perspective Cobit can provide the guidance for further improvements in IT. Our Cobit trainers are consultants that have been involved in strategy implementations with a variety of customers and have lead major IT improvements programs.

View Video - The Benefits of COBIT

Our Cobit Training Course is designed to help three distinct audiences:

1. Management, who need to balance risk and control investment in an often unpredictable IT environment.
2. Users, who need to obtain assurance on the security and controls of the IT services upon which they
   depend to deliver their products and services to internal and external customers.
3. Auditors, who can use it to substantiate their opinions and/or provide advice to management on internal controls.

Our Cobit Training Courses are offered through Canada and the United States including:

• Calgary

• Vancouver

• Edmonton

• Victoria

Cobit starts by grouping IT processes into four broad groups:

• Planning and Organisation.

• Acquisition and Implementation.

• Delivery and Support.

• Monitoring.

It then defines high-level Business Control Objectives for the processes, clearly linked to business objectives, and supports these with Detailed Control Objectives to provide management assurance and/or advice for improvement.

The Control Objectives are supported by Audit Guidelines which enable auditors and managers to review specific IT processes against these in order to help assure management where controls are sufficient, or to advise management where processes need to be improved. The third main component is CobiT's Management Guidelines.

Cobit Management Guidelines
Managers in every organisation need to understand the status of their own IT systems and decide what security and control they should provide. Neither aspect of this issue - understanding of and deciding on the required level of control - is straightforward.

It is far from easy for managers to obtain an objective measure of an organisation's own level of control and risk - what should be measured and how? As well as the need to measure where an organisation is, there is a need for continuous improvement in IT security and control, and for a management toolkit to monitor this improvement. It is equally difficult to decide what the right level of security and control is.

Senior managers are frequently asked to consider a business case for expenditure to improve their control over, and the security of, their organisation's information infrastructure. While few would argue that this is not a good thing, all must occasionally ask themselves: 'How far should we go, and is the cost justified by the benefit?'

This question can be answered by using the CobiT Management Guidelines which define the following:

• Benchmarks for IT control practices (expressed as Maturity Models).

• Performance and key goal indicators of the IT processes ­ for their outcome and their performance.

• Critical success factors for getting these processes under control.

Development of CobiT
First published by the Information Systems Audit and Control Foundation in 1996, CobiT is now in its third edition. The second edition, in 1998, broadened the resource base on which the control objectives are based and added a practical implementation toolkit. The current edition marked a transfer to the IT Governance Institute and, with the addition of the management guidelines, from the field of IT auditing into that of corporate governance.

The research and publication activities were supported by significant grants from PriceWaterhouseCoopers, donations from ISACA chapters and members worldwide, research material from the European Security Forum (ESF) and quality assurance and other support from The Gartner Group.

CobiT is a genuine distillation of global best practice from a wide range of sources including:

• Technical standards from ISO, EDIFACT, etc.

• Codes of Conduct issued by the Council of Europe, OECD, ISACA, etc.

• Qualification criteria for IT systems and processes: ITSEC, TCSEC, ISO 9000, SPICE, TickIT, Common Criteria, etc.

• Professional standards for internal control and auditing: COSO, IFAC, AICPA, CICA, ISACA, IIA, PCIE, GAO, etc.

• Industry practices and requirements from industry forums (ESF, I4) and government-sponsored platforms (IBAG, NIST, DTI), etc.

• Emerging industry-specific requirements from banking, electronic commerce, and IT manufacturing.

Benefits of Cobit
In an age of increasing electronic business and technology dependence, organisations will have to demonstrably attain increasing levels of security and control. Every organisation must understand its own performance and must measure its progress. Benchmarking and measuring progress against peers and the enterprise strategy is one way of achieving a competitive level of IT security and control. The CobiT Management Guidelines provide management not only with pragmatic guidance via these maturity models, but also critical success factors and suggested performance measures to answer the perpetual question: 'What is the right level of control for my IT such that it supports my enterprise objectives?'

copyright: Service Management Art Inc. ® - Suite 100 3015, 12 St. NE Calgary Canada T2E 7J2 - 403 219-4195

Cobit Foundation Training | ISO 20000 Certification | ITIL Service Management Training