|
COBIT® V4.1 IT Process Name
|
COBIT V4.1 Detailed Control Objectives
|
PRM-IT IT Process Name(s)
|
|
DS1
Define and Manage Service Levels
|
DS1.1
Service Level Management Framework
|
|
|
DS 1.2
Definition of Services
|
|
|
DS 1.3
Service Level Agreements
|
|
|
DS 1.4
Operating Level Agreements
|
|
|
DS 1.5
Monitoring and Reporting of Service Level Achievements
|
|
|
DS 1.6
Review of service level agreements and contracts
|
|
|
DS2
Manage Third-Party Services
|
DS2.1
Identification of all supplier relationships
|
|
|
DS 2.2
Supplier Relationship Management
|
|
|
DS 2.3
Supplier Risk Management
|
|
|
DS 2.4
Supplier Performance Monitoring
|
|
|
DS3
Manage Performance and Capacity
|
DS3.1
Performance and Capacity Planning
|
|
|
DS 3.2
Current Performance and Capacity
|
|
|
DS 3.3
Future Performance and Capacity
|
|
|
DS 3.4
IT Resources Availability
|
|
|
DS 3.5
Monitoring and Reporting
|
|
|
DS4
Ensure Continuous Service
|
DS4.1
IT Continuity Framework
|
|
|
DS4.2
IT Continuity Plans
|
|
|
DS4.3
Critical IT Resources
|
|
|
DS4.4
Maintenance of the IT Continuity Plan
|
|
|
DS4.5
Testing of the IT Continuity Plan
|
|
|
DS4.6
IT Continuity Plan Training
|
|
|
DS4.7
Distribution of the IT Continuity Plan
|
|
|
DS4.8
IT Services Recovery and Resumption
|
|
|
DS4.9
Offsite Backup Storage
|
|
|
DS4.10
Post-Resumption Review
|
|
|
DS5
Ensure Systems Security
|
DS5.1
Management of IT Security
|
|
|
DS5.2
IT Security Plan
|
|
|
DS5.3
Identity Management
|
|
|
DS5.4
User Account Management
|
|
|
DS5.5
Security Testing, Surveillance and Monitoring
|
|
|
DS5.6
Security Incident Definition
|
|
|
DS5.7
Protection of Security Technology
|
|
|
DS5.8
Cryptographic Key Management
|
|
|
DS5.9
Malicious Software Prevention, Detection and Correction
|
|
|
DS5.10
Network Security
|
|
|
DS5.11
Exchange of Sensitive Data
|
|
|
DS6
Identify and Allocate Costs
|
DS6.1
Definition of Services
|
|
|
DS6.2
IT Accounting
|
|
|
DS6.3
Cost Modeling and Charging
|
|
|
DS6.4
Cost Model Maintenance
|
|
|
DS7
Educate and Train Users
|
DS7.1
Identification of Education and Training Needs
|
|
|
DS7.2
Delivery of Training and Education
|
|
|
DS7.3
Evaluation of Training Received
|
|
|
DS8
Manage Service Desk and Incidents
|
DS8.1
Service Desk
|
|
|
DS8.2
Registration of Customer Queries
|
|
|
DS8.3
Incident Escalation
|
|
|
DS8.4
Incident Closure
|
|
|
DS8.5
Reporting and Trend Analysis
|
|
|
DS9
Manage the Configuration
|
DS9.1
Configuration Repository and Baseline
(See Note 1)
|
|
|
DS9.2
Identification and Maintenance of Configuration Items
|
|
|
DS9.3
Configuration Integrity Review
|
|
|
DS10
Manage Problems
|
DS10.1
Identification and Classification of Problems
|
|
|
DS10.2
Problem Tracking and Resolution
|
|
|
DS10.3
Problem Closure
|
|
|
DS10.4
Integration of Configuration, Incident and Problem Management
|
|
|
DS11
Manage Data
|
DS11.1
Business Requirements for Data Management
|
|
|
DS11.2
Storage and Retention Arrangements
|
|
|
DS11.3
Media Library Management System
|
|
|
DS11.4
Disposal
|
|
|
DS11.5
Backup and Restoration
|
|
|
DS11.6
Security Requirements for Data Management
|
|
|
DS12
Manage the Physical Environment
|
DS12.1
Site Selection and Layout
|
|
|
DS12.2
Physical Security Measure
|
|
|
DS12.3
Physical Access
|
|
|
DS12.4
Protection Against Environmental Factors
|
|
|
DS12.5
Physical Facilities Management
|
|
|
DS13
Manage Operations
|
DS13.1
Operations Procedures and Instructions
|
|
|
DS13.2
Job Scheduling
|
|
|
DS13.3
IT Infrastructure Monitoring
|
|
|
DS13.4
Sensitive Documents and Output Devices
|
|
|
DS13.5
Preventive Maintenance for Hardware
|
|
