In April, ISACA released COBIT 5, the latest version of its IT security reference framework that spent four years in development. It provides globally accepted principles, practices, analytical tools, and models designed to assist businesses in maximizing trust in their enterprise’s information and technology assets.
This week, ISACA issued 'COBIT 5 for Information Security', which provides guidance on implementing information security measures within the COBIT 5 framework. The publication is divided into three sections: information security, using COBIT 5 enablers for implementing information security in practice, and adapting COBIT 5 for information security to the enterprise environment.
“The governance and management of information and technology is a large and complex topic", explained Greg Grocholski, international president of ISACA and chief auditor at Dow Chemical. "COBIT helps counter that complexity through relevant, effective and simple-to-use business guidance on specific areas within information systems."
"COBIT 5 for Information Security provides the security-specific perspective of this important business tool, and was designed in response to heavy demand for security guidance that integrates other major frameworks and standards”, he added.