Scribd Logo
Fazer o upload

Bem-vindo(a) ao Scribd!

  • Mapping COBIT®, ITIL® & ISO27002 v3

    Enviado por

    Yulian Sani
    2K visualizações19 páginas
    LINKING COBIT(r), ITIL(r) and ISO27001 / 2. ITIL is a Registered Trade Mark of the Office of Government Commerce. ISO27001 defines requirements for an ISMS (information security management system)

    Descrição original:

    Direitos autorais

    © Attribution Non-Commercial (BY-NC)

    Formatos disponíveis

    PDF, TXT ou leia online no Scribd

    Você considera este documento útil?

    Este conteúdo é inapropriado?

    Denunciar este documento
    LINKING COBIT(r), ITIL(r) and ISO27001 / 2. ITIL is a Registered Trade Mark of the Office of Government Commerce. ISO27001 defines requirements for an ISMS (information security management system)

    Direitos autorais:

    Attribution Non-Commercial (BY-NC)
    Baixe no formato PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    2K visualizações19 páginas

    Mapping COBIT®, ITIL® & ISO27002 v3

    Enviado por

    Yulian Sani
    LINKING COBIT(r), ITIL(r) and ISO27001 / 2. ITIL is a Registered Trade Mark of the Office of Government Commerce. ISO27001 defines requirements for an ISMS (information security management system)

    Direitos autorais:

    Attribution Non-Commercial (BY-NC)
    Baixe no formato PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    de 19

    LINKING COBIT, ITIL & ISO27001/2

    Presented by: Marianne Coop


    ITIL is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries

    Assumptions / Misconceptions:
    COBIT is only for IT Auditors ITIL is only for Techies ISO27001/2 is only for IT Security boffs These are mutually exclusive Only one of can be primary governance for an organisation
    Linking COBIT, ITIL & ISO27001/2

    Aim of this session

    Linking COBIT, ITIL & ISO27001/2

    Why These Three?

    What COBIT ISO 27001 How ITIL ISO 27001 Guidance ISO 27002

    Linking COBIT, ITIL & ISO27001/2

    Common Ground:
    Business Strategy IT Management COBIT

    ITIL

    Success

    ISO27001/2

    Effective Efficient

    Linking COBIT, ITIL & ISO27001/2

    Brief bit about COBIT 4.1:


    Common IT control framework. Generic set of IT processes. Globally accepted. Monitoring & managing IT activities. Maturity Model.

    Linking COBIT, ITIL & ISO27001/2

    COBIT Lifecycle:

    Linking COBIT, ITIL & ISO27001/2

    COBIT Framework (Simpler picture):


    Business Objectives Governance Objectives

    Information Criteria Monitor & Evaluate IT Resources Develop & Support Acquire & Implement
    Linking COBIT, ITIL & ISO27001/2

    Plan & Organise

    Brief bit about ITIL V3 :


    For IT Service Managers. Not dictate business processes. Strives for continuous improvement. Guidance to demonstrate compliance to:
    ISO/IEC 20000:2005 standard COBIT Control Objectives

    Linking COBIT, ITIL & ISO27001/2

    ITIL Framework :

    Linking COBIT, ITIL & ISO27001/2

    Brief bit about ISO27001/2:


    ISO 27001 defines requirements for an ISMS
    (Information Security Management System).

    ISO 27002 provides guidance for an ISMS. Certified as compliant to ISO 27001. It is a best practice that can be adopted without being certified.

    Linking COBIT, ITIL & ISO27001/2

    ISO27001/2 ISMS Processes:


    Plan Establish ISMS

    Maintain & improve ISMS

    Implement & operate ISMS

    Monitor & review ISMS Check


    Linking COBIT, ITIL & ISO27001/2

    IT Service Management Pyramid:

    Mapping COBIT, ITIL & ISO27001/2

    How they link together:


    Business Objectives Plan & Organise Service Strategy Establish ISMS Acquire & Implement Service Design Service Transition Develop & Support Service Operation Monitor & Evaluate Continual Improvement Maintain & improve ISMS

    Implement & operate ISMS

    Monitor & review ISMS

    IT Resources
    Mapping COBIT, ITIL & ISO27001/2

    ITGIs Products Support Adoption of ISO/IEC 38500:

    Mapping COBIT, ITIL & ISO27001/2

    How they link together:

    Mapping COBIT, ITIL & ISO27001/2

    Links to further reading:


    ISACAs COBIT Pages:
    COBIT Home page
    www.isaca.org/Knowledge-Center/COBIT/Pages/Overview.aspx

    COBIT Download Page


    www.isaca.org/Knowledge-Center/cobit/Pages/Downloads.aspx

    Enabling Adoption of ISO 3850


    www.isaca.org/Knowledge-Center/Research/ResearchDeliverables/Pages/ITGI-Enables-ISO-IEC-38500-2008-Adoption-.aspx

    COBIT Downloads:
    A good overview: Excerpt and Executive Summary All of COBIT 4.1: COBIT 4.1 pdf
    http://www.isaca.org/Knowledge-Center/cobit/Documents/CobiT_4.1.pdf

    COBIT Mapping:
    www.isaca.org/Knowledge-Center/Research/ResearchDeliverables/Pages/Aligning-COBIT-4-1-ITIL-V3-and-ISO-IEC-27002-for-BusinessBenefit.aspx

    Mapping COBIT, ITIL & ISO27001/2

    Links to further reading:


    ITIL:
    Official ITIL Website
    http://www.itil-officialsite.com/home/home.asp

    Overview: An Introductory Overview of ITIL V3.pdf


    http://www.best-management-practice.com/gempdf/itSMF_An_Introductory_Overview_of_ITIL_V3.pdf

    Service Management - ITIL Version 3 Publications


    http://www.best-management-practice.com/Publications-Library/IT-Service-Management-ITIL/?DI=603118#GEMS6415420

    ISO:
    ISO Online
    http://www.27001-online.com/index.htm

    Official Site: BSI


    http://www.bsigroup.co.uk/

    Mapping COBIT, ITIL & ISO27001/2

    Thank you
    And Enjoy

    Mapping COBIT, ITIL & ISO27001/2

    Você também pode gostar