Por ser um framework para boas práticas de governança de TI. THE NEED FOR A CONTROL FRAMEWORK FOR IT GOVERNANCE
A control framework for IT governance defines the reasons IT governance is needed, the stakeholders and what it needs to accomplish.
Why
IT good practices have become significant due to a number of factors:
• The need to meet regulatory requirements for IT controls in areas such as privacy and financial reporting (e.g., the
US Sarbanes-Oxley Act, Basel II) and in specific sectors such as finance, pharmaceutical and healthcare
Inclusive possui publicações que são utilizadas para esse propósito. APPENDIX VIII—COBIT AND RELATED PRODUCTS
...
IT Control Objectives for Sarbanes-Oxley: The Role of IT in the Design and Implementation of Internal Control Over Financial
Reporting, 2nd Edition—Provides guidance on how to assure compliance for the IT environment based on the COBIT control
objectives