ISACA, the not-for-profit IT security association, has taken the wraps off COBIT 5 for Information Security, which is billed as building on the recently released COBIT 5 framework to provide practical guidance for those interested in security at all levels of an enterprise.
As reported previously, COBIT 5 is a business framework for the governance and management of enterprise IT systems – as such it includes the latest thinking in enterprise governance and management techniques, and provides globally accepted principles, practices, analytical tools and models to help increase the trust in, and value from, information systems
According to ISACA, over the last 12 months, close to one in four (22pc) of enterprises have experienced a security breach and 21pc have faced mobile device security issues [Source: ISACA GET-IT survey of 3,700 IT professionals].
In the next 12 months, the association predicts that data leaks and employee-related issues will top the list of hot-button IT issues most likely to challenge an organisation’s network security
Announcing the new framework, Christos Dimitriadis, CISA, CISM, CRISC, ISACA’s international vice president, said that it will help enterprises reduce their risk profile by managing security appropriately.
“Information and related technologies are increasingly core to the enterprise, but information security is core to stakeholder trust,” he said.
COBIT 5 for Information Security is divided into three major sections: Information Security, Using COBIT 5 Enablers for Implementing Information Security in Practice, and Adapting COBIT 5 for Information Security to the Enterprise Environment.
This latest guide is part of the comprehensive COBIT 5 family of publications. It provides additional guidance on the enablers within the COBIT framework and equips security professionals with the knowledge they need to use COBIT for more effective delivery of business value.
Greg Grocholski, CISA, also an international president of ISACA and chief audit executive at Dow Chemical, said that the governance and management of information and technology is a large and complex topic.
“COBIT helps counter that complexity through relevant, effective and simple-to-use business guidance on specific areas within information systems,” he said.
“COBIT 5 for Information Security provides the security-specific perspective of this important business tool, and was designed in response to heavy demand for security guidance that integrates other major frameworks and standards,” he added.
COBIT 5 for Information Security is available for US $35 to ISACA members and US $175 for non-members at www.isaca.org/cobit.