ISACA issues COBIT 5 for assurance
New Guide helps enterprises perform business-relevant assessments
Auckland, 31 May 2013 - Establishing confidence in IT processes and controls is important, but audit and assurance
processes often represent a pain point for business partners. Their perception is that assurance processes consume
resources, slow activities and can lead to additional work—all to achieve goals they may not understand. ISACA’s new COBIT 5 for Assurance bridges the gap by translating assurance activities into a common language that is meaningful to business and
technology partners and ties assessment goals directly to business goals. Building on the globally recognised COBIT 5
framework, COBIT 5 for Assurance provides practical guidance for unifying business, IT and assurance professionals around a shared approach when
planning and performing assurance reviews.
COBIT 5 for Assurance helps enterprises enable efficient and effective IT assurance activities so they can have a level of comfort in the
processes they are following and how they are managing risk. It provides a defined road map based on internationally
accepted assurance approaches.
“Enterprises can use COBIT 5 for Assurance to benefit from the consistency, structure, context and vocabulary of the COBIT 5 framework,” said Tony Noble, CISA,
chair of the publication’s development team and vice president of IT audit at Viacom. “When assurance professionals base
their reviews on the same framework used by business and IT managers to maximise the value of information and
technology, everyone involved will be using a common language and have a common goal.”
COBIT 5 for Assurance is designed for internal and external auditors, audit committees and regulators, as well as boards and business
management. It offers example audit/assurance programs related to change management, risk management and bring your own
device (BYOD).
This latest guide is part of the comprehensive COBIT 5 family of publications, which also includes COBIT 5 for Information Security.
“The governance and management of information and technology is a large and complex topic. COBIT helps counter that
complexity through relevant, effective and simple-to-use business guidance on specific areas within information systems. COBIT 5 for Assurance provides the assurance-specific perspective of this important business framework, and was designed in response to heavy
demand for audit and assurance guidance using the proven, structured approach of COBIT 5,” said Greg Grocholski, CISA,
international president of ISACA and global business finance director for the Ventures and Business Development unit
within The Dow Chemical Company.
ISACA’s COBIT 5 framework is a business framework for the governance and management of enterprise information and
technology. It provides globally accepted principles, practices, analytical tools and models designed to help business
and IT leaders maximise trust in and value from their enterprise’s information and technology assets. The framework and
related documents have been downloaded more than 100,000 times in the year since its release.
COBIT 5 for Assurance is available for US $35 to ISACA members and US $175 for nonmembers at www.isaca.org/cobit5forassurance. The COBIT 5 framework is available as a free download.
About ISACA
With more than 100,000 constituents in 180 countries, ISACA® (www.isaca.org) is a leading global provider of knowledge, certifications, community, advocacy and education on information systems
(IS) assurance and security, enterprise governance and management of IT, and IT-related risk and compliance. Founded in
1969, the nonprofit, independent ISACA hosts international conferences, publishes the ISACA® Journal, and develops international IS auditing and control standards, which help its constituents ensure trust in, and value
from, information systems. It also advances and attests IT skills and knowledge through the globally respected Certified
Information Systems Auditor® (CISA®), Certified Information Security Manager® (CISM®), Certified in the Governance of
Enterprise IT® (CGEIT®) and Certified in Risk and Information Systems Control™ (CRISC™) designations.
ISACA continually updates and expands the practical guidance and product family based on the COBIT® framework. COBIT
helps IT professionals and enterprise leaders fulfill their IT governance and management responsibilities, particularly
in the areas of assurance, security, risk and control, and deliver value to the business.
ENDS