COBIT is an IT governance framework and supporting toolset that allows managers to bridge the gap between control requirements, technical issues and business risks. COBIT enables clear policy development and good practice for IT control throughout organizations. COBIT emphasizes regulatory compliance, helps organizations to increase the value attained from IT, enables alignment and simplifies implementation of the COBIT framework.

COBIT provides benefits to managers, IT users, and auditors. Managers benefit from COBIT because it provides them with a foundation upon which IT related decisions and investments can be based. Decision making is more effective because COBIT aids management in defining a strategic IT plan, defining the information architecture, acquiring the necessary IT hardware and software to execute an IT strategy, ensuring continuous service, and monitoring the performance of the IT system. IT users benefit from COBIT because of the assurance provided to them by COBIT's defined controls, security, and process governance. COBIT benefits auditors because it helps them identify IT control issues within a company’s IT infrastructure. It also helps them corroborate their audit findings.

At BP it was very important to implement internally ways of assessing and testing control over IT systems and financial reporting and support external audits of control.

Typical controls are:

• Employees are aware of their responsibilities for the control activities.
• The control is clearly understood.
• The control is effective in preventing, detecting, or correcting risk.
• The operating effectiveness of the control activity is adequately evaluated on a regular basis.
• The standards and assertions required to execute the control are clearly understood.
• Deficiencies are identified and remedied in a timely manner.
• The performance of the control can be documented.
• The controls, policies, and procedures are documented.
   

At Kariminia we directed definition of hierarchical levels between Process/Dept, SOX Applications, App Approvers, Violation rules and pre-defined Roles and implemented key business vision and complex requirements into practical implementation plan and solutions.

We also effectively assessed risks, managed costs, timescale, co-ordination of multiple director level stakeholders and resources to ensure success of project.

At Kariminia we established, communicated and educated team members (including on/off shore teams) on interoperability between different systems, data migration and integration between SOX applications using new process and accountability driven IT standards.

The end result enabled the business with new set off implemented processes to effectively identify any violation, respond to auditors guidelines and report to regulatory in shorter timeframes.

 

This page last updated on 21 June 2008 - ©1996-2008 Kariminia LTD All Rights Reserved
 

To discuss how we can help your organization to achieve rewarding business solution with maximum efficiency

Call us at (+44) 01202 862 640 or send us an eMail.