Select regional store:

COBIT® (Control Objectives for Information and Related Technology)

What is COBIT?

COBIT certification helps organizations meet business challenges in the areas of regulatory compliance, risk management and aligning IT strategy with organizational goals. COBIT 5, the latest iteration of the framework, was released in 2012.

The programme provides an integrated ‘learning path’ that enables an organisation to fully benefit from the implementation of COBIT 5 and the individual to obtain an industry-recognised ISACA qualification awarded by APMG International.

COBIT 5 summarized

COBIT 5 is based on five principles that are essential for the effective management and governance of enterprise IT:

  • Principle 1: Meeting stakeholder needs
  • Principle 2: Covering the enterprise end to end
  • Principle 3: Applying a single integrated framework
  • Principle 4: Enabling a holistic approach
  • Principle 5: Separating governance from management

These five principles enable an organization to build a holistic framework for the governance and management of IT that is built on seven ‘enablers’:

  1. People, policies, and frameworks
  2. Processes
  3. Organizational structures
  4. Culture, ethics and behaviour
  5. Information
  6. Services, infrastructure, and applications
  7. People, skills, and competencies

Together, the principles and enablers allow an organization to align its IT investments with its objectives to realise the value of those investments

The benefits of adopting COBIT 

Adopting the COBIT framework will enable organizations to:

  • Improve and maintain high-quality information to support business decisions
  • Use IT effectively to achieve business goals
  • Use technology to promote operational excellence
  • Ensure IT risk is managed effectively
  • Ensure organizations realize the value of their investments in IT
  • Achieve compliance with laws, regulations and contractual agreements

COBIT 5 and other frameworks

COBIT and Sarbane–-Oxley compliance

The Sarbanes–Oxley Act (SOX) was introduced in 2002 to improve the accountability and reliability of corporate disclosures for all US public companies. It aims to ensure that every publicly traded company has an internal system of control in place to ensure the disclosure of accurate financial information and mandates that organizations must produce an internal control report, which must be included in their annual Exchange Act report.

COBIT is the most widely-recognized internal control framework used to achieve IT SOX compliance. Please see our dedicated Sarbanes–Oxley webpage for further information on this subject.

COBIT, ISO27002, and ITIL®

ISO/IEC 27002 is the international standard that provides best practice advice and guidance on Information Security. ITIL® is the source of best practice information and processes relating to the delivery of IT as a service (e.g service strategy, designs, and operation). COBIT, ISO27002, and ITIL can be used together to achieve process improvement.

COBIT does not supply an explanatory route map for the implementation of IT or Information Security best-practices, but it provides a framework of controls that allow you to use the processes contained in ISO27002 and ITIL.

Discover our range of bestselling COBIT products and services 

IT Governance offers a complete range of books, toolkits, e-learning, training, software and consultancy relating to all areas of IT governance, risk and compliance.

COBIT toolkit

IT Governance Control Framework Implementation Toolkit

  • The IT Governance Control Framework Implementation Toolkit has been designed to simplify the complex process of COBIT implementation. It provides documentation templates that cover all 37 of the COBIT processes and ready-to-use policies and procedures that will save you time and money when implementing COBIT.

COBIT books

The COBIT 5 Publication Suite

COBIT training

Speak to an expert

For more information on our COBIT products and services, speak to one of our experts today.

This website uses cookies. View our cookie policy