The Control Objectives for Information and related Technology (COBIT) is a set of best practice guidelines that have been created by the Information Systems Audit and Control Association (ISACA) and the IT Governance Institute (ITGI). The ISACA organization is comprised of primarily financial organizations such as banks, lending institutions, investment firms and insurance companies. The COBIT framework has been adopted by many companies and auditors who are required to report their status with respect to the Sarbanes-Oxley (SOX) act of 2002.
COBIT identifies more than 34 high level objectives and 215 control objectives that are grouped into the following four domains:
Plan and Organize
Acquire and Implement
Deliver and Support
Monitor and Evaluate
Many of these controls can be monitored and audited with Tenable technology that monitors logs, vulnerabilities, change, configurations and more.
For example, Control objective DS8 - Manage Service Desk and Incidents can benefit from VSI's Security Center and Log Correlation Engine. All help desk functions such as troubleshooting and general management of information about particular hosts can benefit from Tenable's solutions. Help Desk personnel can use the Security Center to access a variety of information about servers, applications, logs and performance.