CobiT definition:
Applications are made available in line with business requirements. This process covers the design of the applications, the proper inclusion of application controls and security requirements, and the development and configuration in line with standards. This allows organisations to properly support business operations with the correct automated applications.
Control over the IT process of
Acquire and maintain application software
that satisfies the business requirement for IT of
aligning available applications with business requirements, and doing so in a timely manner and at a reasonable cost
by focusing on
ensuring that there is a timely and cost-effective development process
is achieved by
- Translating business requirements into design specifications
- Adhering to development standards for all modifications
- Separating development, testing and operational activities
and is measured by
- Number of production problems per application causing visible downtime
- Percent of users satisfied with the functionality delivered
Control objectives:
AI2 Acquire and Maintain Application Software
AI2.1 High-level Design
AI2.2 Detailed Design
AI2.3 Application Control and Auditability
AI2.4 Application Security and Availability
AI2.5 Configuration and Implementation of Acquired Application Software
AI2.6 Major Upgrades to Existing Systems
AI2.7 Development of Application Software
AI2.8 Software Quality Assurance
AI2.9 Applications Requirements Management
AI2.10 Application Software Maintenance
Check out the links for details on the control objectives.
No related posts.