What is COBIT?

COBIT is an IT management framework developed by ISACA to help companies develop, organize and implement strategies around information management and governance.

Originally published in 1996, COBIT (Control Objectives for Information Technology and Related Technologies) was originally conceived as a set of computer control objectives designed to help the financial audit community better manage the growth of information technology. computer environments. In 1998, ISACA released version 2, which extended the framework to an application outside the audit community. Later, in the 2000s, ISACA developed version 3, which integrated the IT management and information governance techniques used in the current framework.

COBIT 4 was published in 2005, followed by COBIT 4.1 in 2007. These updates included more information on the governance of information and communication technologies. COBIT 5 was published in 2012 and in 2013, ISACA published a supplement to COBIT 5, which included more information for companies in risk management and information governance. .

The ISACA has announced an updated version of COBIT in 2018, giving up the version number and calling it COBIT 2019. This updated version of COBIT is designed to constantly evolve with "updates to day more frequent and more fluid, "according to ISACA. COBIT 2019 was introduced to develop more flexible, collaborative and adaptive governance strategies for new and evolving technologies.

What's new in COBIT 2019?

COBIT 2019 updates the framework of modern companies taking into account new trends, technologies and security needs. The framework still works well with other IT management frameworks such as ITIL, CMMI, and TOGAF, making it a great option as a general framework for unifying processes across the enterprise.

New concepts and terminologies have been introduced into the COBIT Core Model, which includes 40 governance and management objectives for the implementation of a governance program. The performance management system now offers more flexibility when using maturity and capacity measures. Overall, the framework is designed to give companies more flexibility when customizing an IT governance strategy.

Like other IT management frameworks, COBIT helps align business objectives with IT objectives by connecting them and creating a process to reduce the gap between IT silos (or IT silos) and IT silos. external services.

A major difference between COBIT and other executives is that it focuses specifically on security, risk management and information governance. This is emphasized in COBIT 2019, with better definitions of what COBIT is and what it is not. For example, ISACA states that COBIT 2019 is not a framework for organizing business processes, managing technologies, making IT decisions, or determining IT strategies or architecture. Instead, it is designed strictly as a framework for corporate governance and management of IT across the organization. It's better clarified for companies in the updated version, so there's less confusion about how COBIT should be used and implemented.

Objectives COBIT 2019

According to ISACA, COBIT 2019 has been updated to include:

  • Areas of intervention and design factors to clarify the creation of a governance system that meets the needs of the business
  • Better alignment with global standards, frameworks and best practices to enhance the relevance of the framework
  • An open-source model that allows comments from the global governance community to encourage faster updates and improvements
  • Regular updates published on an ongoing basis
  • More tips and tools to help companies develop an "optimal governance system, making COBIT 2019 more prescriptive"
  • A better tool for measuring IT performance and alignment on CMMI
  • More support for decision making, including new online collaboration features
  • COBIT 2019 also introduces concepts of "areas of intervention" describing specific governance issues and issues, which can be addressed through management or governance objectives. Small and medium-sized businesses, cybersecurity, digital transformation, and cloud computing are some examples of these areas of intervention. Focus areas will be added and modified as needed based on trends, research and feedback – there is no limit to the number of areas of intervention that can be included in COBIT 2019.

    COBIT 2019 components

  • COBIT 2019 Framework: Introduction and Methodology: The main guide presenting the basic principles of COBIT as well as the structure of the general framework.
  • COBIT 2019 Framework: Governance and Management Objectives: A companion guide to COBIT's core model and 40 governance and management objectives. Each objective is described, including its purpose, its connection to the company and its alignment with the objectives.
  • COBIT 2019 Design Guide: A companion guide that provides step-by-step instructions for developing a bespoke governance system for your organization.
  • Implementation Guide COBIT 2019: The fourth complementary guide to the framework, which guides companies in the implementation of the governance strategy once it has been developed. This includes best practices, ways to avoid pitfalls and integrating your COBIT 2019 strategy with your COBIT 5 strategy.
  • Principles and benefits of COBIT

    One of the key changes made to COBIT 2019 is that it now encourages feedback from the practitioner community. You will be able to purchase the COBIT 2019 Design Guide, but in early 2019, ISACA will also release an externalized version of COBIT in which practitioners can leave comments, suggest improvements or propose new concepts and ideas.

    COBIT 2019 is designed to be more prescriptive to guide companies in developing a governance strategy, while enabling organizations to more easily adapt a unique and optimal governance strategy. It defines "components for building and maintaining a governance system: processes, policies and procedures, organizational structures, information flows, skills, infrastructure, culture and behaviors," according to ISACA. Formerly called "catalysts" in COBIT 5, these components better define what businesses need to have a strong governance system.

    According to ISACA, COBIT 2019 is best suited for customers using multiple frameworks – such as ITIL, ISO / IEC 2000 and CMMI – with some silos within the computer using their own framework or standard. It is also suitable for organizations that must comply with specific regulatory directives from the government and local authorities.

    The COBIT 2019 framework helps companies align existing frameworks within the organization and understand how each executive will fit into the overall strategy. It can also help companies monitor the performance of these other frameworks, particularly in terms of security compliance, information security and risk management.

    It is also designed to help senior managers better understand how technology can align with organizational goals. You can directly map the company's pain points to certain aspects of the framework, emphasizing the need for "control-oriented computing," according to ISACA. This framework offers CIOs and other IT managers a way to demonstrate the ROI of an IT project and how it will contribute to the achievement of key business objectives.

    COBIT certification

    If you are already certified in ISACA by COBIT 5 or in the process of obtaining it, ISACA will continue to support the accreditation and issuance of COBIT 5 training and certifications and "will continue to live alongside training COBIT 2019 ".

    The certifications for COBIT 2019 include:

  • COBIT Bridge Workshop: A one-day course covering the key concepts, models and definitions of COBIT 2019, focusing on the differences between COBIT 5 and COBIT 2019.
  • COBIT 2019 Basic Exam: Prepares participants for the COBIT 2019 Basic Certification Exam, covering "the background, components, benefits and key reasons. COBIT is used as a governance framework for information and technology. "You will be able to get your certificate in COBIT 2019 Foundations after a two-day course.
  • COBIT 2019 design and implementation review: This certification will be launched in April 2019 and will cover the design of a bespoke governance system tailored to COBIT's assistance.
  • At the time of writing this document, it is the only information available on the COBIT 2019 certification system, but ISACA notes that the COBIT 2019 product family and training are open to all . ISACA will continue to evaluate the development of future training modules based on market feedback and needs. "

    For more IT management certifications, see "10 IT Management Certifications for IT Managers."