Chapter 7 - Domain III: Delivery and Support

The chapter discusses the control objectives in the Control Objectives for Information and Related Technologies (COBIT) Delivery and Support domain. The chapter makes recommendations on how a small to medium-sized company can reduce those objectives to a manageable process and suggests possible open source tools. It provides guidelines through which the control objectives in the COBIT Delivery and Support domain can be minimized and customized. It also discusses the service level agreements (SLA). The chapter focuses on security and explains what it means to Sarbanes-Oxley (SOX) compliance. The chapter discusses network security in the context of open source solutions—such as firewalls, and intrusion detection and prevention systems—and then explores network devices.