COBIT is an IT governance framework and supporting toolset that allows managers to bridge the gap between control requirements, technical issues and business risks.
COBIT (originally Control Objectives in IT) is owned and supported by ISACA
COBIT was first released in 1996; the current version is 4.1 (2007). Version 5.0 was released in April 2012, to bring together COBIT 4.1, Val IT 2.0 and Risk IT frameworks.
Launch notice: “COBIT 5 is the latest edition of ISACA’s globally accepted framework, providing an end-to-end business view of the governance of enterprise IT that reflects the central role of information and technology in creating value for enterprises. The principles, practices, analytical tools and models found in COBIT 5 embody thought leadership and guidance from business, IT and governance experts around the world.” (Source: ISACA.org)
COBIT focuses on what an enterprise needs to do, not how to do it. The framework provides good practices across a ‘domain’ and process framework (see Figure).
The business orientation of COBIT consists of linking business goals to IT goals, providing metrics and maturity models (level 0 – non-existent – to level 5 – optimized) to measure their achievement, and identifying the associated responsibilities of business and IT process owners. COBIT describes IT processes (organized in four domains of Plan and Organize, Acquire and Implement, Deliver and Support and Monitor and Evaluate), associated control objectives, and management guidelines (activities, accountabilities, responsibilities and performance metrics). Additionally, it supports enterprise management in the development, implementation, continuous improvement and monitoring of good IT-related practices
Senior business management, senior IT management and (IT/EDP) auditors.
ISACA provides an online IT Professional Networking and Knowledge Center. In their own words:
“ISACA’s IT Professional Networking and Knowledge Center is a meeting place for IT professionals who share common professional interests. Participants can consume information, exchange expertise and experience, and build new understanding through collaboration. A wide range of disciplines and practices powers this global professional community, making it a truly unique and holistic resource.” (Source: ISACA.org)
A comprehensive set of products has been developed by ISACA including the COBIT framework. The ISACA COBIT 5 Product Family can be obtained from their online store.
ISACA runs a certification in the areas of: IT Audit, Security, Governance and Risk.
ISACA offers the following certifications:
ISACA also provides IT Professional Education, Conferences and Training.
An up-to-date listing of the current IT Audit and Assurance Standards, Guidelines, and Tools and Techniques is available online for ISACA members.
|Official Sites||ISACA COBIT home page|
|User groups and communities||ISACA membership page|
|ISACA knowledge center|
|Accreditations and Qualifications||ISACA certification page|
|ISACA education page|
|Tooling||Information available to ISACA members|
|Other useful links||IT Governance Institute|
|FREE IBPI documents||Whitepapers|