ISACA’s Digital Trust Ecosystem Framework (DTEF) is new to the scene, but ISACA has long been a respected leader when it comes to developing impactful industry frameworks.
In fact, the COBIT framework is one of ISACA’s best-known resources globally. 如果你正在阅读这篇博文, there is an excellent chance you know a passionate COBIT user or perhaps are one yourself. It is also likely you might be wondering about the relationship between COBIT and DTEF. They are highly complementary (by design) and each supports enterprise business needs. DTEF was expanded and adapted from the Business Model for Internet Security that ISACA released back in 2010. 所以,如果我已经在使用COBIT了,为什么还需要DTEF呢? 让我们试着在这里解决这个问题.
DTEF was designed to be compatible with several existing frameworks and best practices, including COBIT、ITIL、GDPR以及众多ISO和NIST标准. As 在之前的博客文章中提到过, “While COBIT remains the powerhouse framework for enterprise governance of information and technology, DTEF为数字信任提供了更广阔的视角. 这两个框架完美地相互补充, allowing organizations to harness their combined strengths and conquer the digital frontier.”
Let’s go into more detail on both to better understand the potential connection points. DTEF helps define high-level understanding of how the enterprise will implement, 维护和监控利益相关者之间的数字信任. It includes the tenons that form the connective tissue among the domains – things like human factors, 文化, 和通信. DTEF will enable users to understand what needs to be done (by themselves and by third-party 合作伙伴s and providers) to achieve and maintain trust for customers.
Take the common challenge that many organizations are experiencing of how to implement AI. 而不是直接进行技术解释, DTEF will help organizations think through questions like: How can AI help us increase trust? How can AI help us better understand what our customers are looking for? How can we measure whether we are fulfilling those expectations? 从宏观的角度来看, DTEF goes right to the enterprise’s bottom line faster than anything you could devise from a technical standpoint because it frames modern business challenges in easy-to-understand, human terms that will resonate with a wide cross-section of customers, 第三方和其他关键利益相关者.
COBIT, 与此同时, remains a valuable driver of business transformation as the leading framework for governance over information and technology. COBIT identifies and enables practitioners to implement the specific business processes needed to achieve stakeholder objectives, 数字信任因素是其中的一个子集. 另外, COBIT defines a broad target state for the enterprise with specific process systems, 以及实现这种状态的可操作活动, including those processes that affect (or are affected by) the digital trust ecosystem. Best of all, it can be customized to meet the enterprise’s specific governance needs.
长期COBIT用户都知道, COBIT was specifically designed to integrate effectively with other frameworks, 行业标准和最佳实践. So, how can utilizing both DTEF and COBIT bring out the best from each framework? 考虑到DTEF的“生态系统”性质, 值得注意的是,这个模型, 如上所述, is a not a standalone framework and should be adopted alongside an enterprise’s existing governance system. 避免框架过载和耗尽, think about DTEF as middleware between multiple frameworks from a digital trust lens, where middleware strives to enable interactions between complex systems that typically don’t talk to each other. 因此, 考虑每一个现有的框架是至关重要的, as they all approach value creation from different perspectives and can co-exist in an enterprise digital trust ecosystem.
There is a high degree of difficulty in building and preserving trust given today’s climate of cyberthreats, 隐私问题和普遍存在的错误信息, making DTEF a tremendous resource for enterprises that want to do right by their customers – and gain a competitive advantage while doing so. 我们今天所做的一切都与安全有关, 隐私, enterprise risk and governance is about fostering a digital trust relationship. 治理部分, with the ongoing proliferation of data and technology-driven business processes, 比以往任何时候都更具挑战性. That means utilizing COBIT and DTEF together gives organizations an unmatched opportunity to be more secure, more resilient and more trustworthy than their competitors.
