—Control Objectives for Information and Related Technology (COBIT) becomes very popular in recent years and is regarded as the most comprehensive IT governance framework. However, its actual utilization and effectiveness are not clear due to the lack of academic studies. Also, the proliferation of other IT standards and best practices, such as ISO27000 series and ITIL, creates great challenges for organizations to understand their relations and to take advantage of them. The main objective of this research is to explore the practicability of COBIT framework and its actual usage. A pilot COBIT program within an IT department was carried out to collect primary data. The actual usage of COBIT tools is analyzed and compared to their theoretical design. Practical problems of COBIT framework are identified. A COBIT-BSC model is proposed to illustrate a simple way of structuring COBIT control objectives. This study will contribute some practical insights to COBIT framework and help organizations take advantage of COBIT as well as other IT control frameworks.
—COBIT, IT Governance, balanced scorecard, control frameworks, IT standards, ISO27000, ITIL, IT audit.
S. Zhang is with Leiden University, Verlengde Wassenaarseweg 16H Oegstgeest, 2342BG, the Netherlands (e-mail: Sophie112zsn@gmail.com).
H. LeFever is with Leiden Institute of Advanced Computer Science, Postbus 9512, 2300 RA Leiden (e-mail:email@example.com).
Cite:Shengnan Zhang and Hans Le Fever, "An Examination of the Practicability of COBIT Framework and the Proposal of a COBIT-BSC Model," Journal of Economics, Business and Management vol. 1, no. 4, pp. 391-395, 2013.