Effective Governance
Effective governance over information and technology is critical to business success, and this new release further cements COBIT’s continuing role as an important driver of innovation and business transformation.
More Implementation Resources
In addition to the updated framework, COBIT now offers more implementation resources, practical guidance and insights, as well as comprehensive training opportunities. Implementation is now more flexible, enabling you to right-size your governance solution using COBIT, and training opportunities will help you to derive maximum ROI from your solution.
Easy Integration
COBIT 2019 is specifically designed to play well with others. Guidance is provided to help you integrate the industry standards, guidelines, regulations and best practices unique to your enterprise into your governance solution using COBIT.
COBIT Case Studies
COBIT case studies demonstrate the benefits, common applications, and uses of COBIT. Explore our library of case studies, or submit one yourself.
Industry News Articles
A collection of the latest relevant articles providing insight, practical tips and knowledge sharing from experts in security, risk, governance, privacy and audit.
Get a great read and clearer understanding of COBIT 2019.
Optimize enterprise governance of information and technology (EGIT), and learn how to implement the framework for maximum enterprise value.
COBIT for DevOps Audit Program
ISACA developed this audit program as a companion to COBIT Focus Area: DevOps, Using COBIT® 2019. The focus area publication describes how COBIT framework concepts apply to DevOps and is intended to help enterprises evaluate management practices important to the development of an effective governance system over DevOps.
IT Control Objectives for Sarbanes-Oxley, 4th Edition
ISACA’s IT Control Objective for Sarbanes-Oxley, 4th Edition provides guidance on the assessment of the effectiveness of internal control over financial reporting (ICFR) in attestation of the management assessment, to comply with the Sarbanes-Oxley Act of 2002 (SOX).
COBIT 2019 for Small and Medium Enterprises
This is a focused publication that can serve IT governance functionaries in small and medium enterprises looking for detailed guidance on the applying the COBIT 2019 Model to their organizations.
COBIT Focus Area: DevOps Using COBIT 2019
The term “DevOps” is used to refer to a set of concepts and practices that bring together, align and functionally conjoin software developers and other participants in the software development life cycle. COBIT Focus Area: DevOps Using COBIT 2019 offers guidance for the governance and management of DevOps.
COBIT Focus Area: Information and Technology Risk
COBIT Focus Area: Information & Technology Risk provides guidance related to information and technology (I&T) risk and how to apply COBIT to I&T risk practices. The publication is based on the COBIT core guidance for governance and management objectives, and it enhances the core guidance by highlighting risk-specific practices and activities as well as providing risk-specific metrics.
COBIT Focus Area: Information Security
COBIT Focus Area: Information Security provides guidance related to information security and how to apply COBIT to specific information security topics/practices within an enterprise. The publication is based on the COBIT core guidance for governance and management objectives, and enhances the core guidance by highlighting security-specific practices and activities as well as providing information security-specific metrics.
COBIT 2019 Framework: Introduction and Methodology
The heart of the COBIT framework incorporates an expanded definition of governance and updates COBIT principles while laying out the structure of the overall framework.
- New concepts are introduced and terminology is explained—the COBIT Core Model and its 40 management objectives provide the platform for establishing your governance program
- The performance management system is updated and allows the flexibility to use maturity measurements as well as capability measurements
- Introductions to design factors and focus areas offer additional practical guidance on flexible adoption of COBIT 2019, whether for specific projects or full implementation.
COBIT 2019 Framework: Governance and Management Objectives
This publication contains a detailed description of the COBIT Core Model and its 40 governance/management objectives. Each governance/management objective and its purpose are defined and then matched up with the related process, Alignment Goals and Enterprise Goals.
COBIT 2019 Design Guide: Designing an Information and Technology Governance Solution
This new publication fills an important need for COBIT users—how to put COBIT to practical use. It offers prescriptive how-to information for the user, such as:
- Tailoring a governance system to the enterprise’s unique circumstances and context
- Defining and listing various design factors and how they relate to the new COBIT 2019 concepts
- Describing the potential impact these design factors have on implementation of a governance system, and
- Recommending workflows for creating the right-sized design for your governance system
COBIT 2019 Implementation Guide: Implementing and Optimizing an Information and Technology Governance Solution
This guide is an updated version of the previous COBIT 5 Implementation Guide, taking a similar approach to implementation. However, the new terminology and concepts of COBIT 2019, including the design factors, are built into this guidance. When combined with the COBIT 2019 Design Guide, COBIT implementation has never been more practical and custom-tailored to specific governance needs.
Implementing the NIST Cybersecurity Framework Using COBIT 2019
Many enterprises lack an approach that integrates cybersecurity standards and enterprise governance of I&T (EGIT) to establish systematic—yet flexible and achievable—governance and management objectives, processes and capability levels to make measured improvements toward cybersecurity goals This publication describes proven practices to anticipate, understand and optimize I&T risk by implementing the US National Institute of Standards and Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity version 1.1 using COBIT 2019. Features of this publication include:
- NIST CSF Implementation
- Correlating CSF guidance with measurable governance and management practices
- Mapping of CSF steps and activities to COBIT 2019
- Appendices for quick reference and further considerations
Other COBIT Publications
Gain additional insight and guidance on leveraging the COBIT framework to create and maintain the most effective governance of enterprise technology and information.
Affirm your ability to optimize enterprise governance of I&T with a globally accepted COBIT credential.
Prep for COBIT exam success with your choice of training.
COBIT Training Partners
Our COBIT Accredited Trainers have met the requirements necessary to give you the most timely and valuable training and education experiences across ISACA's COBIT product and topics.
