COBIT was first developed in 1996 by the Information Systems Audit and Control Association (ISACA), with the latest version โ COBIT 5 โ released in 2012.
The aim of this framework is to support organisations in the setting of their control objectives for IT, helping them to deliver value in this area of their operations, ensure the systems can be relied upon, and manage the associated risks.
Initially, COBIT was an acronym for Control Objectives for Information and Related Technology, however, this has since been shortened to Control Objectives for IT. This covers the process of defining the governing of generic IT processes, which includes performance measures, the setting of objectives, and the definition of inputs and outputs.
However, COBIT doesnโt just cover the tech side of a company, even though it is IT process-orientated. It can also be applied to core business processes like procurement, marketing and operations, and support processes like HR and administration.
This is because IT now forms a key part of so many elements of an organisation, so the success of the framework can have a knock-on effect across the entire firm.
Just like COSO, COBIT is made up of five components that leaders need to monitor to ensure maximum impact and minimum risk exposure. These are:
- Control objectives
- Framework
- Process descriptions
- Maturity models
- Management guidelines