IT audit frameworks
Area 1: Information Systems and Data Management (35-45%)
Your Progress
0 of 85 questions attempted
Topics
- COBIT and ITIL frameworks
- IT risk assessment methodologies
Lessons
Study Frameworks
IT Governance Frameworks Comparison
| Dimension | COBIT 2019 | ITIL 4 | NIST RMF | COSO |
|---|---|---|---|---|
| Primary focus | IT governance and management | IT service management | Information security risk | Internal control over financial reporting |
| Issued by | ISACA | Axelos/PeopleCert | NIST (U.S. government) | COSO (Treadway Commission) |
| Key structure | 5 domains (EDM, APO, BAI, DSS, MEA) | Service Value System + 34 practices | 7 steps (Prepare through Monitor) | 5 components (Control environment through Monitoring) |
| Maturity model | 6 levels (0-5) CMMI-based | N/A — uses continual improvement | N/A — uses FIPS 199 categorization | N/A — uses effectiveness assessment |
| CPA exam relevance | IT governance questions | Service management concepts | IT risk assessment | ICFR evaluation (primary framework) |