Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary Β» COBIT Β» COBIT domains

COBIT domains

COBIT 4.1 breaks down IT governance and management into four key domains, each focusing on specific areas of IT processes. 

Evaluate, Direct, and Monitor (EDM): EDM forms the major component of the COBIT 5 model and concerns itself with the optimal accomplishment of IT business integration and governance. This domain includes identifying directions for IT’s strategic growth, evaluating outcomes and achievements, and creating guarantees of activities’ conformity to standards and regulations.  

Align, Plan, and Organize (APO): APO, on the other hand, is more focused on turning corporate strategies into executable IT projects. This can be defined as taking and documenting IT choices to coordinate IT actions with a company’s goals.

Build, Acquire, and Implement (BAI): In the BAI domain, more emphasis is placed on the practical implementation of IT projects, from development to procurement and integration. It has some features associated with risk management, quality assurance, and good project work.  

Deliver, Service, and Support (DSS): DSS stands for the management of information technology solutions in organizations after implementation. This entails service provision for an organization’s needs, management of events or occurrences, and support for the total IT services to guarantee their efficiency.  

Monitor, Evaluate, and Assess (MEA): MEA is central to proving continuity toward improving IT governance. It is an ongoing process of monitoring IT processes, IT performance, and even the outcomes of IT governance and management practices.

Additional reading

An Overview of ISO 31000: The Risk Management Standard

Managing cybersecurity risk is not as simple as it sounds. You’ll often hear terms like β€œavoid,” β€œmitigate,” or β€œtransfer,” but when you dig deeper, you realize these are broad strategies. The real challenge is translating them into actionable steps that measurably reduce risk. What does it mean to β€œavoid” risk? Is it simply removing a…

BuyerAssist gets to SOC 2 in just 6 sessions!

Milestone alert: BuyerAssist is now SOC-2 certified! ✅ 🚀 We are thrilled to announce that one of our prestigious customers, BuyerAssist, has cleared the audit and is now SOC-2 certified in just 6 sessions with the help of Sprinto.  Wait, what? Yes, BuyerAssist’s strong team + Sprinto’s powerful automation tool made it possible.  What’s SOC 2? …

How to conduct a user access review?

On May 2023, a disgruntled Tesla ex-employee used his privileges as a service technician to gain access to data of 75,735 employees, including personal details and financial information. The breach attracted a $3.3 billion fine under GDPR.  While breaches due to external and unknown factors are not under an organization’s control, such incidents can be…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales