COBIT (Control Objectives for Information and Related Technologies) is a framework created by ISACA for information technology (IT) management and IT governance. [1]

The framework defines a set of generic processes for the management of IT, with each process defined together with process inputs and outputs, key process-activities, process objectives, performance measures and an elementary maturity model.[1]


COBIT was initially "Control Objectives for Information and Related Technologies," though before the release of the framework people talked of "CobiT" as "Control Objectives for IT"[4] or "Control Objectives for Information and Related Technology."[5]

ISACA first released COBIT in 1996, originally as a set of control objectives to help the financial audit community better maneuver in IT-related environments.[1][6] Seeing value in expanding the framework beyond just the auditing realm, ISACA released a broader version 2 in 1998 and expanded it even further by adding management guidelines in 2000's version 3. The development of both the AS 8015: Australian Standard for Corporate Governance of Information and Communication Technology in January 2005[7] and the more international draft standard ISO/IEC DIS 29382 (which soon after became ISO/IEC 38500) in January 2007[8] increased awareness of the need for more information and communication technology (ICT) governance components. ISACA inevitably added related components/frameworks with versions 4 and 4.1 in 2005 and 2007 respectively, "addressing the IT-related business processes and responsibilities in value creation (Val IT) and risk management (Risk IT)."[1][6]

COBIT 5, released in 2012 bases on COBIT 4.1, Val IT 2.0 and Risk IT frameworks and draws on ISACA's IT Assurance Framework (ITAF) and the Business Model for Information Security (BMIS).[9][10]

The newer version COBIT 2019 was released in 2018.

See also


  1. Haes, S.D.; Grembergen, W.V. (2015). "Chapter 5: COBIT as a Framework for Enterprise Governance of IT". Enterprise Governance of Information Technology: Achieving Alignment and Value, Featuring COBIT 5 (2nd ed.). Springer. pp. 103–128. ISBN 9783319145471. Retrieved 24 June 2016.
  2. COBIT 2019 Framework: Introduction and Methodology from ISACA
  3. Luellig, L.; Frazier, J. (2013). "A COBIT Approach to Regulatory Compliance and Defensible Disposal". ISACA Journal. 5. Retrieved 24 June 2016.
  4. Katsikas, S.; Gritzalis, D., eds. (1996). Information Systems Security: Facing the Information Society of the 21st Century. IFIP Advances in Information and Communication Technology. Springer. p. 358. ISBN 9780412781209. The McCumber model has great similarities with the CobiT - Control Objectives for IT - framework (CobiT 1995).
  5. "Welcome to the ISACA/F". ISACA. 18 October 1996. Archived from the original on 7 November 1996. Retrieved 24 June 2016.
  6. Stroud, R.E. (2012). "Introduction to COBIT 5" (PDF). ISACA. Retrieved 24 June 2016.
  7. da Cruz, M. (2006). "10: AS 8015-2005 - Australian Standard for Corporate Governance of ICT". In van Bon, J.; Verheijen, T. (eds.). Frameworks for IT Management. Van Haren Publishing. pp. 95–102. ISBN 9789077212905. Retrieved 23 June 2016.
  8. "ISO/IEC DIS 29382: 2007 Edition, February 1, 2007". IHS Standards Store. IHS, Inc. Archived from the original on 23 June 2016. Retrieved 23 June 2016.
  9. "COBIT 5 for Information Security". ISACA. Retrieved 24 June 2016.
  10. "COBIT 5 for Assurance". ISACA. Retrieved 24 June 2016.

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.