New ISACA & News


COBIT® Mapping: Mapping FFIEC With COBIT® 4.1

ffiec-with-cobit4_1-coverThis is a mapping of the Federal Financial Institutions Examination Council (FFIEC) Information Technology (IT) Examination Handbook with COBIT 4.1. US financial institutions, examiners/auditors, and external assurance and advisory professionals that have regulatory requirements or interests under the FRB, FDIC, NCUA, OCC and OTS are the primary target audience of FFIEC.

The content of the FFIEC IT Examination Handbook Booklets is divided into sections and sub-sections. However, there is no numerical categorization to logically identify each of the sections and sub-sections in the booklets. Therefore, as part of this mapping exercise, a numerical index of the FFIEC sections (including subsections) was developed for each of the booklets.

The FFIEC IT Examination Handbook—Information Security Booklet provides guidance for storage of data on media, which is to be secured physically with environmental controls. This k section was mapped to the following COBIT control objectives:

  • DS11.6 Security requirements for data management
  • DS12.1 Site selection and layout
  • DS12.3 Physical access
  • DS12.4 Protection against environmental factors

 to download click here


Value Management Guidance for Assurance Professionals: Using Val IT 2.0

acfd1fbThis publication provides guidance for assurance professionals by leveraging the Val IT 2.0 framework and the IT Assurance Guide: Using COBIT. It provides guidance on how to use Val IT to support an assurance review focused on the governance of IT-enabled business investments for each of the Val IT domains of Value Governance, Portfolio Management and Investment Management. A comprehensive set of assurance tests covering the full scope of Val IT is included. Guidance is provided on how to plan and scope a review to focus on the most significant aspects.

 to download click here


The Business Case Guide: Using Val IT™ 2.0

bus-case-using-valit2_0-coverThis easy-to-follow guide based on the Val IT 2.0 framework provides guidance to create, maintain and use the business case. It builds on and enhances the earlier version of this guide issued by ISACA in 2006: Enterprise Value: Governance of IT Investments, The Business Case. This new publication is now fully aligned with Val IT 2.0. It provides ‘how to do it’ tips, maturity models, examples and references to other materials for using and implementing the business case processes as powerful operational tools.

Note that although this publication is focused on business cases for IT-enabled investments, its content is applicable to all types of investment in business change. It is applicable and scalable to all enterprises, regardless of industry sector or size, and their status as public or private, for profit or not for profit. Understanding the relevance of business cases is of primary importance to all management levels across both the business and IT parts of the enterprise—from the chief executive officer (CEO) and the C-suite to those directly involved in and responsible for the selection, procurement, development, implementation, deployment and benefits realization processes.

This publication provides business and IT executives, organizational leaders, business sponsors and program managers with an easy-to-follow guide on getting from ‘why’ through ‘what’ to ‘how’ in creating, maintaining and using the business case as an operational tool. It enables them to understand what information they need to identify, gather and analyze to assess the viability of their proposed investments. This information covers the process during initial selection, implementation and ongoing operation of assets from the investment and discusses keeping the business case up to date.

to download click here


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Copy Protected by Chetan's WP-Copyprotect.