270:
168:
66:
25:
466:) in January 2007 increased awareness of the need for more information and communication technology (ICT) governance components. ISACA inevitably added related components/frameworks with versions 4 and 4.1 in 2005 and 2007 respectively, "addressing the IT-related business processes and responsibilities in value creation (
453:
ISACA first released COBIT in 1996, originally as a set of control objectives to help the financial audit community better maneuver in IT-related environments. Seeing value in expanding the framework beyond just the auditing realm, ISACA released a broader version 2 in 1998 and expanded it even
357:
The framework is business focused and defines a set of generic processes for the management of IT, with each process defined together with process inputs and outputs, key process-activities, process objectives, performance measures and an elementary
492:
ISACA currently offers certification tracks on both COBIT 2019 (COBIT Foundations, COBIT Design & Implementation, and
Implementing the NIST Cybersecurity Framework Using COBIT 2019) as well as certification in the previous version (COBIT 5).
449:
COBIT was initially "Control
Objectives for Information and Related Technologies," though before the release of the framework people talked of "CobiT" as "Control Objectives for IT" or "Control Objectives for Information and Related Technology."
440:
and for designing an IT system. In the first case, COBIT allows you to determine the degree of conformity of the system under study to the best examples, and in the second, to design a system that is almost ideal in its characteristics.
435:
The standard meets all the needs of the practice, while maintaining independence from specific manufacturers, technologies and platforms. When developing the standard, it was possible to use it both for auditing a company's
373:
Five processes are identified: Evaluate, Direct and
Monitor (EDM); Align, Plan and Organize (APO); Build, Acquire and Implement (BAI); Deliver, Service and Support (DSS); and Monitor, Evaluate and Assess (MEA).
378:
422:
Process descriptions: A reference process model and common language for everyone in an organization. The processes map to responsibility areas of plan, build, run, and monitor.
627:
87:
80:
428:
Management guidelines: Helps assign responsibility, agree on objectives, measure performance, and illustrate interrelationship with other processes.
425:
Control objectives: Provides a complete set of high-level requirements to be considered by management for effective control of each IT process.
351:
781:
923:
289:
Please help improve this article by looking for better, more reliable sources. Unreliable citations may be challenged and removed.
928:
394:
386:
758:
667:
610:
568:
347:
322:
304:
251:
149:
52:
232:
130:
204:
102:
517:
189:
211:
109:
720:
811:
283:
218:
116:
462:
in
January 2005 and the more international draft standard ISO/IEC DIS 29382 (which soon after became
359:
690:
370:
Business and IT goals are linked and measured to create responsibilities of business and IT teams.
278:
419:
objectives and good practices by IT domains and processes and links them to business requirements.
200:
98:
789:
561:
Enterprise
Governance of Information Technology: Achieving Alignment and Value, Featuring COBIT 5
178:
76:
869:
833:
185:
38:
556:
481:
COBIT 5 (2012) is based on COBIT 4.1, Val IT 2.0 and Risk IT frameworks, and draws on ISACA's
746:
512:
678:
has great similarities with the CobiT - Control
Objectives for IT - framework (CobiT 1995).
8:
454:
further by adding management guidelines in 2000's version 3. The development of both the
908:
460:
Australian
Standard for Corporate Governance of Information and Communication Technology
431:
Maturity models: Assesses maturity and capability per process and helps to address gaps.
269:
16:
Framework created by ISACA for information technology (IT) management and IT governance
754:
663:
606:
564:
662:. IFIP Advances in Information and Communication Technology. Springer. p. 358.
933:
225:
123:
657:
507:
471:
659:
Information
Systems Security: Facing the Information Society of the 21st Century
917:
675:
527:
502:
463:
416:
855:
903:
883:
747:"10: AS 8015-2005 - Australian Standard for Corporate Governance of ICT"
408:
The framework helps companies follow law, be more agile and earn more.
44:
437:
390:
167:
65:
628:"A COBIT Approach to Regulatory Compliance and Defensible Disposal"
557:"Chapter 5: COBIT as a Framework for Enterprise Governance of IT"
475:
455:
467:
590:
COBIT 2019 Framework: Introduction and
Methodology from ISACA
402:
398:
343:
856:"COBIT Certifications | Get Your COBIT Certificate | ISACA"
522:
382:
340:
Control
Objectives for Information and Related Technologies
554:
655:
694:
870:"COBIT 5 Certification | Get COBIT 5 Certified | ISACA"
600:
782:"ISO/IEC DIS 29382: 2007 Edition, February 1, 2007"
192:. Unsourced material may be challenged and removed.
909:A user case of the COBIT Framework: San Marcos, TX
625:
915:
714:
712:
774:
738:
619:
683:
649:
550:
548:
546:
544:
542:
718:
709:
563:(2nd ed.). Springer. pp. 103–128.
744:
365:
53:Learn how and when to remove these messages
656:Katsikas, S.; Gritzalis, D., eds. (1996).
539:
804:
753:. Van Haren Publishing. pp. 95–102.
584:
323:Learn how and when to remove this message
305:Learn how and when to remove this message
252:Learn how and when to remove this message
150:Learn how and when to remove this message
749:. In van Bon, J.; Verheijen, T. (eds.).
693:. ISACA. 18 October 1996. Archived from
826:
487:Business Model for Information Security
916:
348:information technology (IT) management
86:Please improve this article by adding
626:Luellig, Lorrie; Frazier, J. (2013).
555:Haes, S.D.; Grembergen, W.V. (2015).
263:
190:adding citations to reliable sources
161:
59:
18:
13:
812:"COBIT 5 for Information Security"
14:
945:
924:Information technology governance
897:
377:The COBIT framework ties in with
34:This article has multiple issues.
268:
166:
64:
23:
876:
862:
848:
177:needs additional citations for
42:or discuss these issues on the
593:
518:Information quality management
1:
533:
88:secondary or tertiary sources
929:Information technology audit
751:Frameworks for IT Management
602:ITIL Foundation: 4th edition
411:Below are COBIT components:
342:) is a framework created by
7:
496:
10:
950:
788:. IHS, Inc. Archived from
444:
888:knowyourprivacyrights.org
721:"Introduction to COBIT 5"
691:"Welcome to the ISACA/F"
366:Framework and components
834:"COBIT 5 for Assurance"
277:Some of this article's
483:IT Assurance Framework
75:relies excessively on
719:Stroud, R.E. (2012).
513:Information assurance
415:Framework: Organizes
745:da Cruz, M. (2006).
186:improve this article
904:COBIT page at ISACA
786:IHS Standards Store
697:on 7 November 1996
333:
332:
325:
315:
314:
307:
262:
261:
254:
236:
160:
159:
152:
134:
57:
941:
892:
891:
880:
874:
873:
866:
860:
859:
852:
846:
845:
843:
841:
830:
824:
823:
821:
819:
808:
802:
801:
799:
797:
778:
772:
771:
769:
767:
742:
736:
735:
733:
731:
725:
716:
707:
706:
704:
702:
687:
681:
680:
653:
647:
646:
644:
642:
623:
617:
616:
605:. AXELOS. 2019.
597:
591:
588:
582:
581:
579:
577:
552:
328:
321:
310:
303:
299:
296:
290:
272:
264:
257:
250:
246:
243:
237:
235:
194:
170:
162:
155:
148:
144:
141:
135:
133:
92:
68:
60:
49:
27:
26:
19:
949:
948:
944:
943:
942:
940:
939:
938:
914:
913:
900:
895:
882:
881:
877:
868:
867:
863:
854:
853:
849:
839:
837:
832:
831:
827:
817:
815:
810:
809:
805:
795:
793:
792:on 23 June 2016
780:
779:
775:
765:
763:
761:
743:
739:
729:
727:
723:
717:
710:
700:
698:
689:
688:
684:
670:
654:
650:
640:
638:
624:
620:
613:
599:
598:
594:
589:
585:
575:
573:
571:
553:
540:
536:
508:Data governance
499:
485:(ITAF) and the
472:risk management
447:
368:
329:
318:
317:
316:
311:
300:
294:
291:
288:
273:
258:
247:
241:
238:
195:
193:
183:
171:
156:
145:
139:
136:
93:
91:
85:
81:primary sources
69:
28:
24:
17:
12:
11:
5:
947:
937:
936:
931:
926:
912:
911:
906:
899:
898:External links
896:
894:
893:
875:
861:
847:
825:
803:
773:
759:
737:
708:
682:
676:McCumber model
668:
648:
618:
611:
592:
583:
569:
537:
535:
532:
531:
530:
525:
520:
515:
510:
505:
498:
495:
446:
443:
433:
432:
429:
426:
423:
420:
367:
364:
360:maturity model
331:
330:
313:
312:
295:September 2024
279:listed sources
276:
274:
267:
260:
259:
242:September 2024
174:
172:
165:
158:
157:
72:
70:
63:
58:
32:
31:
29:
22:
15:
9:
6:
4:
3:
2:
946:
935:
932:
930:
927:
925:
922:
921:
919:
910:
907:
905:
902:
901:
889:
885:
879:
871:
865:
857:
851:
835:
829:
813:
807:
791:
787:
783:
777:
762:
760:9789077212905
756:
752:
748:
741:
722:
715:
713:
696:
692:
686:
679:
677:
671:
669:9780412781209
665:
661:
660:
652:
637:
633:
632:ISACA Journal
629:
622:
614:
612:9780113316076
608:
604:
603:
596:
587:
572:
570:9783319145471
566:
562:
558:
551:
549:
547:
545:
543:
538:
529:
528:ISO/IEC 38500
526:
524:
521:
519:
516:
514:
511:
509:
506:
504:
503:IT governance
501:
500:
494:
490:
488:
484:
479:
477:
473:
469:
465:
464:ISO/IEC 38500
461:
457:
451:
442:
439:
430:
427:
424:
421:
418:
417:IT governance
414:
413:
412:
409:
406:
404:
400:
396:
392:
388:
384:
380:
375:
371:
363:
361:
355:
353:
352:IT governance
349:
345:
341:
337:
327:
324:
309:
306:
298:
286:
285:
280:
275:
271:
266:
265:
256:
253:
245:
234:
231:
227:
224:
220:
217:
213:
210:
206:
203: –
202:
198:
197:Find sources:
191:
187:
181:
180:
175:This article
173:
169:
164:
163:
154:
151:
143:
132:
129:
125:
122:
118:
115:
111:
108:
104:
101: –
100:
96:
95:Find sources:
89:
83:
82:
78:
73:This article
71:
67:
62:
61:
56:
54:
47:
46:
41:
40:
35:
30:
21:
20:
887:
878:
864:
850:
838:. Retrieved
828:
816:. Retrieved
806:
794:. Retrieved
790:the original
785:
776:
764:. Retrieved
750:
740:
728:. Retrieved
699:. Retrieved
695:the original
685:
673:
658:
651:
639:. Retrieved
635:
631:
621:
601:
595:
586:
574:. Retrieved
560:
491:
486:
482:
480:
459:
452:
448:
434:
410:
407:
376:
372:
369:
356:
339:
335:
334:
319:
301:
292:
281:
248:
239:
229:
222:
215:
208:
196:
184:Please help
179:verification
176:
146:
137:
127:
120:
113:
106:
94:
74:
50:
43:
37:
36:Please help
33:
282:may not be
918:Categories
534:References
212:newspapers
140:April 2017
110:newspapers
77:references
39:improve it
438:IT system
391:ISO 27000
45:talk page
497:See also
489:(BMIS).
284:reliable
934:Privacy
840:24 June
836:. ISACA
818:24 June
814:. ISACA
796:23 June
766:23 June
730:24 June
726:. ISACA
701:24 June
641:24 June
576:24 June
476:Risk IT
456:AS 8015
445:History
226:scholar
201:"COBIT"
124:scholar
99:"COBIT"
884:"Home"
757:
666:
609:
567:
470:) and
468:Val IT
228:
221:
214:
207:
199:
126:
119:
112:
105:
97:
724:(PDF)
403:PMBOK
399:TOGAF
344:ISACA
336:COBIT
233:JSTOR
219:books
131:JSTOR
117:books
842:2016
820:2016
798:2016
768:2016
755:ISBN
732:2016
703:2016
674:The
664:ISBN
643:2016
607:ISBN
578:2016
565:ISBN
523:ITIL
478:)."
401:and
395:CMMI
387:BiSL
383:ITIL
379:COSO
350:and
346:for
205:news
103:news
188:by
79:to
920::
886:.
784:.
711:^
672:.
634:.
630:.
559:.
541:^
458::
405:.
397:,
393:,
389:,
385:,
381:,
362:.
354:.
90:.
48:.
890:.
872:.
858:.
844:.
822:.
800:.
770:.
734:.
705:.
645:.
636:5
615:.
580:.
474:(
338:(
326:)
320:(
308:)
302:(
297:)
293:(
287:.
255:)
249:(
244:)
240:(
230:·
223:·
216:·
209:·
182:.
153:)
147:(
142:)
138:(
128:·
121:·
114:·
107:·
84:.
55:)
51:(
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.