Recommending a COBIT-Based IT Security Framework for a...

Recommending a COBIT-Based IT Security Framework for a Midsize Organization The current objective is to provide the medium sized insurance organization with the most effective draft of and IT security policy framework. In reviewing the literature, it is clear that recent implementations of a COBIT model have proven incredibly successful in keeping with an efficient and productive organizational IT structure. As such, it is recommended that COBIT serve as a primary model for the foundation of the proposed IT security policy framework. Working with security policies at any level of business and industry can be incredibly complex. Here, the research suggests that developing an IT policy framework from scratch can be very daunting challenge for even the most experienced audit professionals (ISACA, 2012). A mid sized firm simply does not have the resources or the time to build a network from scratch and have it work seamlessly. Building such networks is extremely costly and requires a great amount of effort, which an insurance agency may not be able to provide. As such, the most effective manner for reestablishing IT policy framework is to utilize something already in place and adjusted in order to fit the unique needs of a particular organization. Drawing from proven designs can help save time and effort in the trial and error process. Looking to external sources, successful strategies for framework can be drawn from the literature. One of the most potentially lucrative