Japanese Version of COBIT 4.0 (Global IT Governance Framework)
Released on US ISACA Website
Released on US ISACA Website
March 15, 2007
NRI SecureTechnologies, Ltd.
NRI SecureTechnologies, Ltd.
NRI SecureTechnologies, Ltd. (NRI Secure: Tokyo, Japan; Hiroshi Masutani, President) has translated “COBIT (Control Objectives for Information and related Technology) 4.0,” a global IT governance framework, into Japanese. This translation project was made possible through the close collaboration of three entities: ITGI Japan assuming the responsibility for translation, ISACA Tokyo Chapter reviewing the translated material and NRI Secure taking part in the main translation work and providing full support for review. The completed Japanese version of COBIT 4.0 was recently released on the ISACA (Information Systems Audit and Control Association) website in the US, which is linked from the ITGI Japan website (http://www.itgi.jp/download.html).
COBIT consists of the IT governance guidelines published by the IT Governance Institute (ITGI) headquartered in the US. Since its first edition issued in 1996, COBIT has been widely and globally used to establish IT governance in many organizations. One example of the recent applications of this framework is the coverage of the compliance with the SOX (Sarbanes-Oxley Act) in the US. The fourth version (the latest English version) was released in December 2005.
With Japanese companies facing greater needs to establish IT governance and internal control, there have been strong demands for the Japanese version of COBIT 4.0. NRI Secure, noting the importance and usefulness of COBIT 4.0 in Japan, participated in the main translation work and provided full support for the project. NRI Secure considers that the released Japanese version of COBIT 4.0 will be of great help for many companies and organizations to establish and/or improve their IT governance and internal control systems.
COBIT consists of the IT governance guidelines published by the IT Governance Institute (ITGI) headquartered in the US. Since its first edition issued in 1996, COBIT has been widely and globally used to establish IT governance in many organizations. One example of the recent applications of this framework is the coverage of the compliance with the SOX (Sarbanes-Oxley Act) in the US. The fourth version (the latest English version) was released in December 2005.
With Japanese companies facing greater needs to establish IT governance and internal control, there have been strong demands for the Japanese version of COBIT 4.0. NRI Secure, noting the importance and usefulness of COBIT 4.0 in Japan, participated in the main translation work and provided full support for the project. NRI Secure considers that the released Japanese version of COBIT 4.0 will be of great help for many companies and organizations to establish and/or improve their IT governance and internal control systems.
Major Features of COBIT 4.0
| 1) | COBIT 4.0 provides a framework utilizing a risk-based approach, linking IT governance with business risks and/or goals. |
| 2) | COBIT 4.0 provides a maturity model for management processes, enabling the evaluation of the effectiveness of IT control processes in terms of maturity. |
| 3) | To help the organizations adopt and integrate COBIT 4.0 more easily with other guidelines, such as ITIL, ISO/IEC17799, PMBOK, etc., the terms and principles used within COBIT 4.0 have been better harmonized with such standards/concepts. |
| 4) | COBIT 4.0 adopts the concept of enterprise architecture (EA) and clarifies the role and responsibility of each process by using RACI charts, specifying who is responsible, accountable, consulted and informed. |
| 5) | COBIT 4.0 describes the detailed relationship between key goal indicators (KGIs) and key performance indicators (KPIs), clarifying the interactions between the objectives of management processes and evaluation items. |
To establish IT governance and internal controls, and to enable such systems to function effectively in the organizations, information security management is essential and is one of the most important themes serving as keys to successful control. For the purpose of supporting the promotion of effective information security management in Japanese organizations, NRI Secure has been paying great attention to the useful materials/concepts from abroad and actively translating such materials as its own projects and in collaboration with other organizations. NRI Secure will continue to engage in activities to disseminate useful information to Japan in the areas of information security and IT governance.
References
1.Features of COBIT and its utilization methods
Features:
COBIT is a set of systematized guidelines that embrace the results of all discussions and consent by experts throughout the world regarding IT governance. It provides a general-purpose management framework to enable IT to function fully in response to business requirements, regulatory compliance, international standards and ever changing IT environments. Its application is of effective help in establishing IT governance and internal control systems.
Utilization methods:
| 1) | Use the "RACI chart" *1 to clarify responsibilities and roles related to IT management. |
| 2) | Use "control objectives" to create the rules and/or procedures regarding IT management. |
| 3) | Use "KGI/KPI" *2 to introduce evaluation indices for IT management. |
| 4) | Use the "maturity model" to evaluate the level of IT management of a company. |
| 5) | Create a manual for internal audits based on the activities described above. |
| 6) | Ensure a stronger commitment on the part of company executives and users to IT management. |
| 7) | Improve the quality of evaluations by external audits and build greater customer trust. |
*1: The RACI chart clarifies the following:
| (1) | Who is responsible (R) |
| (2) | Who is accountable (A) |
| (3) | Who is consulted (C) |
| (4) | Who is informed (I) |
*2: KGI = key goal indicator; KPI = key performance indicator
2.Overview of the COBIT framework
 |
 |
 |
Overall COBIT Framework (IT Governance Institute, COBIT 4.0, 2005, Page 25)
To List of Press Releases
Copyright(c) 2007 Nomura Research Institute, Ltd. All rights reserved.
No reproduction or republication without written permission.
No reproduction or republication without written permission.