Information systems now play a decisive role in the operationality of organizations, by accommodating much of the information related to their core business and in particular financial information.
The strong dependence that organizations have on IT today, the approximation between IT and business strategy, the need for guarantees of reliability and security on all technological components has forced organizations to promote changes in their internal IT processes, through the adoption of good IT Governance practices or good IT management practices. This adoption has proved, in countless organizations, as the best response to deal with a complex and constantly changing reality.
In addition, the fact that industry is subject to increasing demands by regulators, as can be highlighted in an ever-increasing requirement for compliance requirements and audit requirements (often a certification is essential to provide certain types of products/services), has forced organizations to deploy and integrate multiple frameworks and standards.
The agility required of organizations in today’s times forces them to remove/optimize all time-consuming obstacles so that they focus on what they know how to do, which is their core business, while fulfilling regulatory requirements at the same time.
In this context, organizations have demonstrated difficulty in managing the simultaneity of different normative certifications, from an organizational/documentary point of view, and from the operational point of view, with the overlapping of different obligatoriness often having a blocking and resistant effect, contrary than originally planned.
In order to answer these questions, COBRA was created: a continuous evaluation tool for the implementation’s maturity level of IT Governance frameworks and standards to support improvement and/or comparison analysis, making it possible to perceive the maturity level of an organization and recommend the roadmap for achieving other levels of maturity objectives.