"This practical guidance was created for enterprises using or considering using cloud computing. It provides a governance and control framework based on COBIT 5 and an audit program using COBIT 5 for Assurance. This information can assist enterprises in assessing the potential value of cloud investments to determine whether the risk is within the acceptable level. In addition, it provides a list of publications and resources that can help determine if cloud computing is the appropriate solution for the data and processes being considered."--

Information is a key resource for all enterprises. From the time information is created to the moment it is destroyed, technology plays a significant role in containing, distributing and analysing information. Technology is increasingly advanced and has become pervasive in enterprises and the social, public and business environments.

Building on the COBIT 5 framework, this guide focuses on assurance and provides more detailed and practical guidance for assurance professionals and other interested parties at all levels of the enterprise on how to use COBIT 5 to support a variety of IT assurance activities.

COBIT 5 provides a comprehensive framework that assists enterprises in achieving their objectives for the governance and management of enterprise IT. COBIT 5 enables IT to be governed and managed in a holistic manner for the entire enterprise, taking into account the full end-to-end business and IT functional areas of responsibility, considering IT-related interests of internal and external stakeholders.

IT Security governance is becoming an increasingly important issue for all levels of a company. IT systems are continuously exposed to a wide range of threats, which can result in huge risks that threaten to compromise the confidentiality, integrity, and availability of information. This book will be of use to those studying information security, as well as those in industry.

Featuring numerous case examples from companies around the world, this second edition integrates theoretical advances and empirical data with practical applications, including in-depth discussion on the COBIT 5 framework which can be used to build, measure and audit enterprise governance of IT approaches. At the forefront of the field, the authors of this volume draw from years of research and advising corporate clients to present a comprehensive resource on enterprise governance of IT (EGIT). Information technology (IT) has become a crucial enabler in the support, sustainability and growth of enterprises. Given this pervasive role of IT, a specific focus on EGIT has arisen over the last two decades, as an integral part of corporate governance. Going well beyond the implementation of a superior IT infrastructure, enterprise governance of IT is about defining and embedding processes and structures throughout the organization that enable boards and business and IT people to execute their responsibilities in support of business/IT alignment and value creation from their IT-enabled investments. Featuring a variety of elements, including executive summaries and sidebars, extensive references and questions and activities (with additional materials available on-line), this book will be an essential resource for professionals, researchers and students alike