COBIT was first developed in 1996 by the Information Systems Audit and Control Association (ISACA), with the latest version – COBIT 5 – released in 2012.
The aim of this framework is to support organisations in the setting of their control objectives for IT, helping them to deliver value in this area of their operations, ensure the systems can be relied upon, and manage the associated risks.
Initially, COBIT was an acronym for Control Objectives for Information and Related Technology, however, this has since been shortened to Control Objectives for IT. This covers the process of defining the governing of generic IT processes, which includes performance measures, the setting of objectives, and the definition of inputs and outputs.
However, COBIT doesn’t just cover the tech side of a company, even though it is IT process-orientated. It can also be applied to core business processes like procurement, marketing and operations, and support processes like HR and administration.
This is because IT now forms a key part of so many elements of an organisation, so the success of the framework can have a knock-on effect across the entire firm.
Just like COSO, COBIT is made up of five components that leaders need to monitor to ensure maximum impact and minimum risk exposure. These are:
- Control objectives
- Process descriptions
- Maturity models
- Management guidelines
Management guidelines in particular offer the heads of department a range of tools to enable them to carry out self-assessment and decide upon how they will implement control measures and improve IT. In addition to this, they can measure how IT processes are performing and the progress being made towards goal achievement.
If you want to learn more about COBIT and how it can help your firm, then check out our 2015 training programme today, with the issue being covered across some of our advanced management courses.