COBIT IT Governance – A Framework for Alignment & Principles

  Information Technology

COBIT (Control Objectives for Information and Related Technologies) is a framework created by ISACA for information technology (IT) management and IT governance. They recognize the critical dependence of many business processes on IT, the need to comply with increasing regulatory compliance demands and the benefits of managing risk effectively. The framework defines a set of generic processes for the management of IT, with each process defined together with process inputs and outputs, key process-activities, process objectives, performance measures and an elementary maturity model.

What does Cobit stand for?

COBIT enables clear policy development and good practice for IT control throughout organizations. COBIT emphasizes regulatory compliance, helps organizations to develop, organize and implement strategies around information management and governance. COBIT’s success as an increasingly internationally accepted set of guidance materials for IT governance has resulted in the creation of a growing family of publications and products designed to assist in the implementation of effective IT governance throughout an enterprise.

What’s in COBIT 2020?

COBIT 2020 updates the framework for modern enterprises by addressing new trends, technologies and security needs. The framework still plays nicely with other IT management frameworks such as ITIL, CMMI and TOGAF, which makes it a great option as an umbrella framework to unify processes across an entire organization.

New concepts and terminology have been introduced in the COBIT Core Model, which includes 40 governance and management objectives for establishing a governance program. The performance management system now allows more flexibility when using maturity and capability measurements. Overall, the framework is designed to give businesses more flexibility when customizing an IT governance strategy.

COBIT Framework and Components

Business and IT goals are linked and measured to create responsibilities of business and IT teams. Five processes are identified: Evaluate, Direct and Monitor (EDM); Align, Plan and Organize (APO); Build, Acquire and Implement (BAI); Deliver, Service and Support (DSS); and Monitor, Evaluate and Assess (MEA). The COBIT framework ties in with COSO, ITIL, BiSL, ISO 27000, CMMI, TOGAF and PMBOK. The framework helps companies follow law, be more agile and earn more.

Few of COBIT Components are listed below:

Benefits of COBIT

The COBIT framework can help IT Businesses to:

  • Improve and maintain high-quality information to support business decisions.
  • Use IT effectively to achieve business goals.
  • Use technology to promote operational excellence.
  • Ensure IT risk is managed effectively.
  • Ensure organisations realise the value of their investments in IT.
  • Achieve compliance with laws, regulations and contractual agreements.

COBIT Principles and Benefits

One major change to COBIT 2020 is that it now encourages feedback from the practitioner community. You will be able to purchase the COBIT 2020 Design Guide, but in early 2020 the ISACA will also release a crowdsourced version of COBIT where practitioners can leave comments, suggest improvements or propose new concepts and ideas.

COBIT 2020 is designed to be more prescriptive to guide companies in developing a governance strategy, while also allowing organizations to more comfortably tailor a unique best-fits governance strategy. It defines the “components to build and sustain a governance system: processes, policies and procedures, organizational structures, information flows, skills, infrastructure, and culture and behaviors,” according to the ISACA. Formerly referred to as “enablers” in COBIT 5, these components better define what businesses need for a strong governance system.

Summary
COBIT IT Governance - A Framework for Alignment & Principles
Article Name
COBIT IT Governance - A Framework for Alignment & Principles
Description
COBIT (Control Objectives for Information and Related Technologies) is a framework created by ISACA for information technology (IT) management and IT governance. They recognize the critical dependence of many business processes on IT, the need to comply with increasing regulatory compliance demands and the benefits of managing risk effectively.
Author
Publisher Name
Plianced Inc.
Publisher Logo