Assessing an IT system using the COBIT framework

O

opelboy

Member
Joined
Nov 28, 2005
Messages
25
Reaction score
4
Location
Durban
My company has asked me to perform an assessment focusing on their current email system, based on the COBIT framework. I have no idea where to even start! Anyone have any pointers? I.e. what specific things do I need to assess? Is there a kind of checklist I can follow?

I have looked at the COBIT manual and it is pages and pages of non-specific and vague terms in my opinion. I am a practical IT guy so I am not too clued up on corporate governance and the like.
 
Hi there opelboy,
It seems you have been thrown into the deep end of Governance but at the same time they are giving you an opportunity to excel.
COBIT when you read the manual is pretty dry and dusty as you have already found out. Herehttp://pineapplie.wordpress.com/2009/02/27/cobit-for-dummies/ is a very brief synopsis of what it is about.
ISACA which devised the framework does offer a number of guides but you need to be a member. I would encourage you to look at that and have the company pay if you are not prepared to pay for yourself. It is USD135 per annum (details here)
Remember that what COBIT is trying to do is ensure that the business strategy and requirements are being met from an IT perspective. So in your case with the email you would need to establish the areas of the business that need or use email and assess if the elements of the email system are meeting the requirements of the business.
You would also need to cover elements such as training and level of expertese of the end users. Do you have the backup procedures and skills in place to handle Exchange for instance.

I think you have an opportunity here to get to grips with what is becoming ver important namely good Governance.

Go for it

Regards

Tim
 
Also look at getting yourself certified
have a look at ITIL Information Technology Infrastructure Library (ITIL) and than mabee move over too COBIT also have a look at King III.
corporate Governance is very important , and in my view if the company wants you to do it they should pay for your certifications.
 
Fishman,
I agree with you. Go the ITIL and get certified and then the Cobit. I would also have the company pay for it. If not it could be worthwhile finding the bucks yourself as certification and a few good months of Cobit and you could literally write your own check

Regards

Tim
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X