Q
Get started Bring yourself up to speed with our introductory content.

What principles form the COBIT framework?

Can my company implement the COBIT framework for compliance? What does it entail?

COBIT is built on a series of five overarching principles.

The COBIT framework organizes objectives and practices aligned with business needs. It creates a common process roadmap for all parties via process descriptions. Its directives for control outline management requirements for effective IT processes. Management guidelines of the COBIT framework assign responsibilities and measure process performance. Finally, audit guidelines define how to document governance and measure risk.

1.  Align with business

COBIT recognizes that an enterprise exists to create value for stakeholders. This means IT teams must apply governance to balance risks, benefits and resource requirements to deliver goals that meet stakeholders' needs.

2. Adopt the framework at any size

The COBIT framework goes beyond IT, covering the entire enterprise end to end. IT resources and actions are taken into account just like any other business assets. This means COBIT should apply to any enterprise regardless of size, sector or vertical.

3. Standardize on standards

COBIT applies a single integrated framework that can oversee other standards and frameworks an enterprise uses. COBIT aligns with enterprise standards such as ISO/IEC 9000 and ISO/IEC 31000 as well as IT-specific standards like IT Information Library, The Open Group Architecture Framework and Capability Maturity Model Integration.

4. Seven factors to improve IT

The COBIT framework holistically defines the factors that influence governance and management of enterprise IT. These seven factors include process descriptions; organizational structures; the culture and behaviors of individuals and organization; policies and principles that guide management; reporting (information); the underlying services, technologies and applications used by IT; and the people and skills required to accomplish necessary activities.

5. Divide responsibilities to conquer

By separating governance from management, COBIT ensures that enterprise management is the realm of the CEO, while governance -- assessment of risks, benefits and resources -- is primarily delegated to the company's board of directors.

About the author:
Stephen J. Bigelow is senior technology writer in the Data Center and Virtualization group at TechTarget. He has written more than 15 feature books on computer troubleshooting. Find him on Twitter @Stephen_Bigelow.

Next Steps

Get to know COBIT 5

Leadership's role in compliance

The training you need for a COBIT 5 certification

This was last published in October 2015

Dig Deeper on IT compliance and governance strategies

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

What segment of the COBIT framework is most difficult to implement?
Cancel

-ADS BY GOOGLE

SearchWindowsServer

SearchEnterpriseLinux

SearchServerVirtualization

SearchCloudComputing

Close