The Sarbanes-Oxley Act, including COBIT (Control Objectives for Information and Related Technology) Checklist and Review, provides for a standardized structure for Information Technology (IT) governance, accounting controls and compliance. COBIT Control Objectives focus on specific, detailed objectives related with each IT process.

COBIT provides management and business process owners with an Information Technology control model that helps to understand and manage the risks related with IT. COBIT helps link missing items between business risks, control needs, and technical issues.

For each of the 30+ IT structure processes, there are detailed control objectives that align the overall structure with objectives from primary sources comprising standards and regulations relating to IT.

It includes statements of the desired results or objectives to be achieved by implementing specific control procedures within an IT activity and, thereby, provides a clear policy and good practice for IT control throughout the industry and worldwide.

The COBIT Checklist and Review contains the following topics:

  Introduction
  COBIT Control Objectives
  COBIT Component Summary
  COBIT Processes
        Planning and Organization
        Acquisition and Implementation
        Delivery and Support
        Monitoring

Scroll down to the COBIT Checklist and Review example below.