摘要:Open source application becomes more and more a viable solution for organizations. The access to the source code enables organizations to adapt the capabilities of the applications to the business processes that are supported by the application. The cost constraints and the opportunity to improve the application in order to respond to the changes on the economic environment, requires the auditor to identify the associated risks and the controls that mitigate those risks. In this paper we present a selection of controls from the COBIT framework that we considered mandatory for open source applications.