IT Risk Management framework to choose ? CoBIT vs. COSO vs. ....something else ?

Posted on 2012-09-15
Medium Priority
Last Modified: 2012-09-23

I'm confused and wondering which one is the most easy to take or choose for creating IT Risk management reporting for banking and financial company with local / national serving only within a country ?

between CoBIT or COSO or some other management framework that I can adopt ?

any kind of comment and suggestion would be great.

  • 2
LVL 22

Assisted Solution

eeRoot earned 2000 total points
ID: 38419983
Neither one is "easy," but COBIT is more geared towards IT systems than COSO

Author Comment

by:Senior IT System Engineer
ID: 38420128
Cool thanks for the reply, so in this case to examine a company risk based on IT, using CoBIT is  preferred over COSO.

What about ITIL ?
LVL 22

Accepted Solution

eeRoot earned 2000 total points
ID: 38423928
ITIL would be more of a high level set of practices.  COBIT gets into specific systems.  So it depends on what your needs are.  ITIL might be better if you're looking for a first round of risk assessment and compliance baselining, with more system specific reviews to be done later on.

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you put your credit card number into a website for an online transaction, surely you know to look for signs of a secure website such as the padlock icon in the web browser or the green address bar.  This is one way to protect yourself from oth…
Last month Marc Laliberte, WatchGuard’s Senior Threat Analyst, contributed reviewed the three major email authentication anti-phishing technology standards: SPF, DKIM, and DMARC. Learn more in part 2 of the series originally posted in Cyber Defense …
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
Integration Management Part 2
Suggested Courses
Course of the Month15 days, 10 hours left to enroll

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question