COBIT - The Control Objectives for Information and related Technology (COBIT)
COBIT is now in its fourth revision and it is a publication by ISACA (Information System Audit and Control Association). COBIT was released in 1996 and it is comprised of four domains and 34 processors. The COBIT framework provides information that an organisation needs to achieve its objectives and it can help an organisation to maintain effective control over IT.
Currently, ISACA is finalizing version 5 of COBIT, which will integrate Val IT, Risk framework and COBIT 4.1 into one version. The final release date is set for 2011.
ISO 17799 - The International Organisation for Standardizations
ISO 17799 known as: Information Technology Code of Practice for Information Security Management.
ISO 17799 now known as ISO / IEC 27002, part of the ISO 27000 series provides recommendations for use by those in information security management.
ISO was first released in December 2000 and it is based on the British Standard 7799. The standard has the following high level groupings:
- Security Policy
- Organisational Security
- Asset Classification
- Asset Control
- Personal Security
- Environmental and Physical Security
- Communications and Operations Management
- Access Control
- Systems Development and Maintenance
- Business Continuity Management and Compliance
ITIL - The Information Technology Infrastructure Library (ITIL)
ITIL was developed in late 1980s and is maintained by United Kingdom’s Office of Government Commerce (OGC).
ITIL provides a framework for planning, identifying, supporting and delivering IT service to business. ITIL also provides guidance to organisations to help on how to use IT as a tool and to facilitate changes within an organisation.
ITIL is currently in version 3 (ITIL v3) comprises of:
- Service Strategy
- Service Design
- Service Transition
- Service Operation
- Continual Service Improvement