COBIT adoption in Europe
In 2005, the European Commission selected COBIT as one of the three internationally accepted standards to be used to provide information security and controls over its agricultural paying agencies.
Regulation (EC) No 465/2005 was adopted on 22 March 2005. Paying agencies associated with the European Agricultural Guidance and Guarantee Fund (EAGGF) and, from 2007, its successors – the EAGF (European Agricultural Guarantee Fund) and EAFRD (European Agricultural Fund for Rural Development) – were required to select either COBIT, ISO 17799 or IT-Grundschutz as the basis for their information security.
The European Court of Audit uses COBIT in the performance of its audits, including IT governance reviews. The Val IT framework is recognised and used by the European Parliament IT Directorate, the central IT service provider for the whole of parliament, and Val IT is used to prioritise IT investments and business-as-usual work requests into four different business domains.
COBIT in the public sector
The benefits of COBIT implementation have been achieved by public sector and governmental agencies across Europe. The table below lists where COBIT is used within the regulatory bodies throughout Europe.
- Greece - COBIT framework recognised and standards based on COBIT were adopted by the banking industry
- Lithuania - COBIT is being used by the National Audit Office of the Lithuanian Republic for auditing the IT activities in the government sector. COBIT was translated into Lithuanian as only material in the state language can be used in state-approved methodologies. COBIT is used as the official material for governmental organisations, and private audit and consulting companies, especially if they have business relations with government institutions.
- Poland - COBIT is recognised by the Inspector General of Poland.
- Romania - COBIT has been adopted for internal use within the public sector and government agencies.
Source: ISACA
COBIT in the private sector
Company name
|
How is COBIT used?
|
Why COBIT?
|
European Network of Transmission System Operators for Electricity (ENTSO-E) |
The IT director of the European Network of Transmission System Operators for Electricity (ENTSO-E) undertook a pragmatic approach to implementing COBIT 5 at the organisation in 2014.
Taking a practical approach to implementing a program for the governance of enterprise IT (GEIT) based on COBIT 5, ENTSO-E focused on prioritising the processes, the development of these processes and the practical issues to overcome during the implementation of a new way of working.
|
COBIT 5 was chosen for having an overarching governance and management framework and to enable ENTSO-E to identify the major IT processes that needed to be in place to fulfil the enterprise goals. (Notably, COBIT was not selected in January 2014; the decision was made to start working with COBIT 5 in June 2014.) |
What happened?
|
The web service provider suffered a colossal data breach after an employee fell victim to a phishing attack in early 2014. |
Maitland |
Maitland used COBIT to create a structure to understand information and communication technology (ICT) and to learn its purpose and impact on the enterprise. Maitland’s aim was to increase business oversight and accountability for ICT. |
COBIT is globally recognised and provides applicable governance principles to increase business oversight.
- Source: ISACA
|
What happened?
|
Consumer credit company Equifax recorded $87.5 million in expenses and a 27% drop in net income after the personal data of 47.9 million of its users was compromised in what has arguably been the cyber security scandal of the decade. |
What happened?
|
A lesson in the importance of supply-chain security: Ticketmaster discovered that a malware infection on a third-party support product was exfiltrating customer data to an unknown third party. |
Discover our range of bestselling COBIT products and services
The COBIT 5 Publication Suite
COBIT toolkit
IT Governance Control Framework Implementation Toolkit
- The IT Governance Control Framework Implementation Toolkit has been designed to simplify the complex process of COBIT implementation. It provides documentation templates that cover all 37 of the COBIT processes and ready-to-use policies and procedures that will save you time and money when implementing COBIT.
Speak to an expert
Please contact our team for advice and guidance on our COBIT products and services.