"> COBIT 2019 – Process-Symphony – ITSM Knowledge Orchestrators

Search Knowledge

COBIT 2019

COBIT(Registered trademark) is a business framework for the governance and management of enterprise IT.  Enterprise IT means all the technology and information processing the enterprise puts in place to achieve its goals, regardless of where this happens in the enterprise. Enterprise IT is not limited to the IT department of an organization but certainly includes it

COBIT 2019 is the latest version of COBIT. Some of the enhancements from the previous version of COBIT ( i.e., COBIT 5) are:

  • introduction of design factors. Design factors provide guidelines to organisation to tailor the guidelines to suit their needs
  • introduction of focus areas.
    A focus area describes a certain governance topic, domain or issue that can be addressed by a collection of governance and management objectives and their components. Examples of focus areas include small and medium enterprises, cybersecurity, digital transformation, cloud computing, privacy, and DevOps
  • Component: Components are factors that, individually and collectively, contribute to the good operations of the enterprise’s governance system over IT. Components interact with each other, resulting in a holistic governance system for IT. Processes, Organisational Structures, Policies, Competencies are some of the examples of Components.
  • Component can be defined at Generic level and a Variant can exist. DevOps exemplifies both a component variant and a focus area. DevOps requires specific guidance, making it a focus area. DevOps includes a number of generic governance and management objectives of the core COBIT model, along with a number of variants of development-, operational- and monitoring-related processes and organizational structures

The governance and management objectives in COBIT are grouped into five domains.

Evaluate, Direct and Monitor (EDM) domain groups the governance objectives. In this domain, the governing body evaluates strategic options, directs senior management on the chosen strategic options and monitors the achievement of the strategy.

Management objectives are grouped in four domains.

Align, Plan and Organize (APO) addresses the overall organization, strategy and supporting activities for I&T.

Build, Acquire and Implement (BAI) treats the definition, acquisition and implementation of I&T solutions and their integration in business processes.

Deliver, Service and Support (DSS) addresses the operational delivery and support of I&T services, including security.

Monitor, Evaluate and Assess (MEA) addresses performance monitoring and conformance of I&T with internal performance targets, internal control objectives and external requirement

Context Diagram

COBIT is a comprehensive framework that covers Governance , Plan, Build, Run stages of  IT.  COBIT is set of control objectives that can be audited. COBIT does not specify any implementation guidelines, practices or tools. The organisations often chose a lower level framework to implement COBIT’s control objectives.

Summary Ratings

COBIT is first released in 19961 and celebrated its 20th anniversary in 2016. COBIT has been periodically updated by the sponsoring organisation ISACA.2.  It is one of the widely adopted framework for organisations pursuing IT Governance. The rating 4 given is because there is no legislative or regulatory requirements in Australia to enforce COBIT in Government or financial sector.

COBIT is tool agnostic.There are multiple tools required to govern and manage IT guided by COBIT framework.

ISACA provides extensive training support and assessment support for COBIT.

Please refer the Rating Criteria.

Longevity5 out of 5 stars (5 / 5)
Industry Adoption4 out of 5 stars (4 / 5)
Tool Support1 out of 5 stars (1 / 5)
Training Support5 out of 5 stars (5 / 5)
Assessment Support5 out of 5 stars (5 / 5)

Life Cycle Phases/Domains


SFIA Enterprise IT Governance

Defining and operating a framework for making decisions, managing stakeholder relationships, and identifying legitimate authority.

LEVEL 6: Implements the governance framework to enable governance activity to be conducted.

LEVEL 7: Directs the definition, implementation, and monitoring of the governance framework to meet the organisation’s obligations under regulation, law, or contracts.

Please visit SFIA portal for more information.





ISO/IEC 20000



{{ reviewsOverall }} / 5 Users (0 votes)
What people say... Login to rate
Order by:

Be the first to leave a review.

/ 5
{{{review.rating_comment | nl2br}}}

Show more
{{ pageNumber+1 }}
  1. http://www.isaca.org/COBIT/Pages/COBIT-20th-Anniversary.aspx
  2.  http://www.isaca.org/about-isaca/Pages/default.aspx

Leave a Reply