For what its worth and from recent experience, Auditors (External & Internal) are moving to a common risk based approach and I am seeing a trend where they are applying CoBIT as their framework for their review. I am not recommending every organization adopt CoBIT or that it is a one size fit all, but if you want to get ahead of the curve, I would recommend you identify the controls/processes that would benefit & fit your organization, implement them, and assess yourself against CoBIT’s assessment guidance.

Nice to see you writing. Keep up the good work!

-Mike
P.S. Got my CISA recently. Welcome me to the dark side.