|
COBIT® V4.1 IT Process Name
|
COBIT V4.1 Detailed Control Objectives
|
PRM-IT IT Process Name(s)
|
|
PO1
Define a strategic IT plan
|
PO1.1
IT Value Management
|
|
|
PO1.2
Business-IT alignment
|
|
|
PO1.3
Assessment of current capability and performance
|
|
|
PO1.4
IT strategic plan
|
|
|
PO1.5
IT tactical plan
|
|
|
PO1.6
IT portfolio management
|
|
|
PO2
Define the information architecture
|
PO2.1
Enterprise information architecture model
|
|
|
PO2.2
Enterprise data dictionary and data syntax rules
(See Note 3)
|
|
|
PO2.3
Data classification scheme
|
|
|
PO2.4
Integrity management
|
|
|
PO3
Determine the technological direction
|
PO3.1
Technological direction planning
|
|
|
PO3.2
Technology infractructure plan
|
|
|
PO3.3
Monitor future trends and regulations
|
|
|
PO3.4
Technology standards
|
|
|
PO3.5
IT architecture board
|
|
|
PO4
Define the IT process, organization and relationships
|
PO4.1
IT process framework
|
|
|
PO4.2
IT strategy committee
|
|
|
PO4.3
IT steering committee
|
|
|
PO4.4
Organization placement of the IT function
|
|
|
PO4.5
IT organizational structure
|
|
|
PO4.6
Roles and responsibilities
|
|
|
PO4.7
Responsibility for IT quality assurance
|
|
|
PO4.8
Responsibility for risk, security and compliance
|
|
|
PO4.9
Data and system ownership
|
|
|
PO4.10
Supervision
|
|
|
PO4.11
Segregation of duties
|
|
|
PO4.12
IT staffing
|
|
|
PO4.13
Key IT personnel
|
|
|
PO4.14
Contracted staff policies and procedures
|
|
|
PO4.15
Relationships (See Note 4)
|
|
|
PO5
Manage the IT investment
|
PO5.1
Financial management framework
|
|
|
PO5.2
Prioritization within IT budget
|
|
|
PO5.3
IT budgeting
|
|
|
PO5.4
Cost management
|
|
|
PO5.5
Benefit management
|
|
|
PO6
Communicate management aims and direction
|
PO6.1
IT policy and control environment
|
|
|
PO6.2
Enterprise IT risk and control framework
|
|
|
PO6.3
IT policies management
|
|
|
PO6.4
Policy, standard and procedures rollout
|
|
|
PO6.5
Communication of IT objectives and direction
(See Note 5)
|
|
|
PO7
Manage IT human resources
|
PO7.1
Personnel recruitment and retention
|
|
|
PO7.2
Personnel competencies
|
|
|
PO7.3
Roles and responsibilities
|
|
|
PO7.4
Personnel training
|
|
|
PO7.5
Dependence upon individuals
|
|
|
PO7.6
Personnel clearance procedures
|
|
|
PO7.7
Employee job performance evaluation
|
|
|
PO7.8
Job change and termination
|
|
|
PO8
Manage quality
|
PO8.1
Quality management system
|
|
|
PO8.2
IT standards and quality practices
|
|
|
PO8.3
Development and acquisition standards
|
|
|
PO8.4
Customer focus
|
|
|
PO8.5
Continuous improvement
|
|
|
PO8.6
Quality measurement, monitoring and review
|
|
|
Assess and manage IT risks
|
PO9.1
IT risk management framework
|
|
|
PO9.2
Establishment of risk context
|
|
|
PO9.3
Event identification
|
|
|
PO9.4
Risk assessment
|
|
|
PO9.5
Risk response
|
|
|
PO9.6
Maintenance and monitoring of a risk action plan
|
|
|
PO10
Manage projects
|
PO10.1
Program management framework
|
|
|
PO10.2
Project management framework
|
|
|
PO10.3
Project management approach
|
|
|
PO10.4
Stakeholder commitment
|
|
|
PO10.5
Project scope statement
|
|
|
PO10.6
Project phase initiation
|
|
|
PO10.7
Integrated project plan
|
|
|
PO10.8
Project resources
|
|
|
PO10.9
Project risk management
|
|
|
PO10.10
Project quality plan
|
|
|
PO10.11
Project change control
|
|
|
PO10.12
Project planning of assurance methods
|
|
|
PO10.13
Project performance measurement, reporting and monitoring
|
|
|
PO10.14
Project closure
|
|
