Control Objectives for Information and Related Technology (COBIT) is a comprehensive framework developed by ISACA for IT management and IT Governance. This toolset helps managers bridge the gap between control requirements, technical challenges, and business risks. COBIT supports the development of clear policies and best practices for IT control across organisations. It emphasises regulatory compliance, enhances the value derived from IT, and simplifies the implementation of an organisation’s IT governance and control framework.

Introducing COBIT 5

In June 2012, ISACA released COBIT 5, the latest version of the framework. COBIT 5 incorporates the most current thinking in enterprise governance and management, offering globally accepted principles, practices, analytical tools, and models to help increase trust in, and value from, information systems. This version builds on and expands COBIT 4.1 by integrating other major frameworks, standards, and resources, including ISACA’s Val IT and Risk IT, the Information Technology Infrastructure Library (ITIL®), and relevant standards from the International Organisation for Standardisation (ISO).

COBIT 5: Focus on Processes

COBIT 5 centres on processes, which are divided into governance and management areas. These areas are further broken down into five domains, each with three-letter acronyms, encompassing a total of 37 processes.

Governance of Enterprise IT

• Evaluate, Direct and Monitor (EDM) – 5 processes
• Management of Enterprise IT
• Monitor, Evaluate and Assess (MEA) – 3 processes
• Align, Plan and Organise (APO) – 13 processes
• Build, Acquire and Implement (BAI) – 10 processes
• Deliver, Service and Support (DSS) – 6 processes