What is COBIT 2019 Framework?

COBIT helps enterprises to create optimal value from IT by maintaining a balance among realizing benefits, optimizing risk levels, and resource usage. The framework addresses both businesses and IT functional areas across an enterprise. It considers the IT-related interests of internal and external stakeholders. Enterprises of all sizes, whether commercial, not-for-profit, or in the public sector, can benefit from COBIT.

What is COBIT

COBIT is a best-practice framework created by international professional association ISACA for information technology (IT) management and IT governance. Here is the explanatory video of COBIT 2019 from ISACA.

COBIT provides an implementable “set of controls” over information technology and organizes them around a logical framework of IT-related processes and enablers.

It is positioned at a high level and has been aligned with other, more detailed IT standards and good practices such as ITIL, ISO 27000, TOGAF, and PMBOK. However, COBIT is known to provide a mile-wide and inch-deep approach towards creating interfaces between all these individual frameworks. It creates a blanket organizational framework to manage these domains through a holistic approach.

How does COBIT work?

COBIT is the only business framework for the governance and management of enterprise IT. This evolutionary version incorporates the latest thinking in enterprise governance and management techniques. It provides globally accepted principles, practices, analytical tools and models to help increase the trust in, and value from, information systems. COBIT builds and expands on COBIT 4.1 by integrating other major frameworks, standards, and resources, including ISACA’s Val IT and Risk IT, Information Technology Infrastructure Library (ITIL®), and related standards from the International Organization for Standardization (ISO).

For a successful implementation of COBIT 2019 within an Enterprise, a combination of the listed objectives must be used. A specified set of 40 objectives becomes the heart of COBIT 2019. These objectives are to be fulfilled if the enterprise goals are to be achieved.

These objectives are further bifurcated into governance and management objectives, ensuring that the Boards & executive management undertake the governance processes while management implements management processes, respectively.

Governance and Management Objectives in COBIT 2019

COBIT separates the process design activity by segregating it as follows:

  • Governance objectives are grouped in the Evaluate, Direct, and Monitor (EDM) In this domain, the governing body evaluates strategic options, directs senior management on the chosen strategic options and monitors the achievement of the strategy.
  • Management Objectives are grouped into four domains:
  • Align, Plan and Organize (APO) addresses the overall organization, strategy and supporting activities
  • Build, Acquire and Implement (BAI) treats the definition, acquisition, and implementation of solutions and their integration in business processes
  • Deliver, Service and Support (DSS) addresses the operational delivery and support of services, including security
  • Monitor, Evaluate and Assess (MEA) addresses performance monitoring and conformance with internal performance targets, internal control objectives and external requirements

However, to satisfy governance and management objectives, each enterprise needs to establish, tailor, and sustain a governance system built from several components. These components are factors that, individually and collectively, contribute to the proper operations of the enterprise’s governance system.

To Learn More About COBIT 2019 Implementation Please Visit:


Author's Bio: 

Ahmed Sohail has a rich audit and consulting experience of over 3 years. He started off his career as a software developer, however his passion towards information and cyber security propelled him to join the consulting industry. Mr. Ahmed is currently associated with Business Beam as a Sr. Advisor and has provided consultancy to country’s central bank on IT Governance. Mr. Ahmed is an avid reader and loves to contribute in bug bounty and red teaming tournaments.