Freely subscribe to our NEWSLETTER

After conducting a global survey in 2010 to determine market need, ISACA found that 89% of the nearly 1,400 respondents expressed a need for a rigorous and reliable IT process capability assessment. To fill the gap, ISACA has released the three-part COBIT Assessment Programme based on COBIT 4.1 and ISO/IEC 15504-2:2003 Information technology-Process assessment-Part 2: Performing an assessment:

. COBIT Process Assessment Model: Using COBIT 4.1

. COBIT Assessor Guide: Using COBIT 4.1

. COBIT Self-Assessment Guide: Using COBIT 4.1

"The new assessment program provides a methodology that results in repeatable, reliable and robust assessments of process capability," said Max Shanahan, CISA, CGEIT, FCPA, a member of the development team. "In addition to delivering immediate added market value from process capability assessment results, COBIT Assessment Programme also provides the basis for the establishment of broader maturity assessments."

Norman Kromberg, CISA, CGEIT, CRISC, participated in the pilot program for the COBIT Assessment Programme with Alliance Data, where he serves as IT audit director.

"The COBIT Assessment Programme is not only workable, but also an effective tool for IT auditors to supplement their existing scope. It fills a gap by putting the lens on process capability," said Kromberg. "Auditors and consultants will find it particularly useful, as will large and medium-sized organizations that are heavily regulated, such as banks and financial institutions, health care companies, government and state departments, and technology and service providers."

The COBIT process assessment approach will be integrated into the upcoming COBIT 5 in early 2012. COBIT provides a comprehensive approach to ensure that IT is enabling the achievement of strategic business objectives. It is available as a free download at www.isaca.org/cobit.

The COBIT Assessment Programme guides are available at http://www.isaca.org/cobit-assessment-programme.