COBIT 5: Enabling Processes

COBIT 5: Enabling Processes complements COBIT 5. This publication contains a detailed reference guide to the processes that are defined in the COBIT 5 process reference model.

The COBIT 5 framework is built on five basic principles, which are covered in detail, and includes extensive guidance on enablers for governance and management of enterprise IT.

Download COBIT 5: Enabling Processes  ebook



IT Forensic ISO IEC 17021

Certification of a management system, such as a quality or environmental management system of an organization, is one means of providing assurance that the organization has implemented a system for the management of the relevant aspects of its activities, in line with its policy.

This International Standard specifies requirements for certification bodies. Observance of these requirements is intended to ensure that certification bodies operate management system certification in a competent, consistent and impartial manner, thereby facilitating the recognition of such bodies and the acceptance of their certifications on a national and international basis. This International Standard serves as a foundation for facilitating the recognition of management system certification in the interests of international trade. Continue reading

IT Forensic ISO 19011

Since the first edition of this International Standard was published in 2002, a number of new management system standards have been published. As a result, there is now a need to consider a broader scope of management system auditing, as well as providing guidance that is more generic.

In 2006, the ISO committee for conformity assessment (CASCO) developed ISO/IEC 17021, which sets out requirements for third party certification of management systems and which was based in part on the guidelines contained in the first edition of this International Standard. Continue reading

IT Forensic ISO 200911

Organizations of all types and sizes face a range of risks that may affect the achievement of their objectives.

These objectives may relate to a range of the organization’s activities, from strategic initiatives to its operations, processes and projects, and be reflected in terms of societal, environmental, technological, safety and security outcomes, commercial, financial and economic measures, as well as social, cultural, political and reputation impacts. Continue reading


The Risk IT Framework describes a detailed process model for the management of IT-related risk. In this model, multiple references are made to risk analysis, risk profile, responsibilities, key risk indicators (KRIs) and many other risk-related terms.

The Risk IT Practitioner Guide contains practical and more detailed guidance on how to accomplish some of the activities described in the process model. Continue reading