Glossary of Compliance
Compliance Glossary
Our list of curated compliance glossary offers everything you to know about compliance in one place.
COBIT domains
COBIT 4.1 breaks down IT governance and management into four key domains, each focusing on specific areas of IT processes.
Evaluate, Direct, and Monitor (EDM): EDM forms the major component of the COBIT 5 model and concerns itself with the optimal accomplishment of IT business integration and governance. This domain includes identifying directions for IT’s strategic growth, evaluating outcomes and achievements, and creating guarantees of activities’ conformity to standards and regulations.
Align, Plan, and Organize (APO): APO, on the other hand, is more focused on turning corporate strategies into executable IT projects. This can be defined as taking and documenting IT choices to coordinate IT actions with a company’s goals.
Build, Acquire, and Implement (BAI): In the BAI domain, more emphasis is placed on the practical implementation of IT projects, from development to procurement and integration. It has some features associated with risk management, quality assurance, and good project work.
Deliver, Service, and Support (DSS): DSS stands for the management of information technology solutions in organizations after implementation. This entails service provision for an organization’s needs, management of events or occurrences, and support for the total IT services to guarantee their efficiency.
Monitor, Evaluate, and Assess (MEA): MEA is central to proving continuity toward improving IT governance. It is an ongoing process of monitoring IT processes, IT performance, and even the outcomes of IT governance and management practices.
Additional reading
Becoming a Chief Compliance Officer: Skills, Duties and Pathway
Best Risk Assessment Tools for Managing Cyber Risk
PCI Automation: How To Get Started
Sprinto: Your growth superpower
Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.