What are the COBIT 5 and its product family? Explain the principles of
COBIT stands for Control Objectives for Information and Related Technology. It is basically a
business framework that is used for the management and governance of the IT enterprise.
Powered from ISACA, COBIT packs the latest methodology in management techniques and
enterprise governance. Furthermore, it offers globally accepted practices, principles, models, and
analytic tools to increase the reliability of information systems. Its latest version is termed as
COBIT 5 which is an upgraded version of COBIT 4.1.
The COBIT 5 Product Family includes:
COBIT 5: A Business Framework for the Governance and Management of Enterprise IT
COBIT 5: Implementation
COBIT 5: Enabling Processes
COBIT 5: Enabling Information
COBIT 5 for Assurance, COBIT 5 for Information Security and COBIT 5 for Risk provide
practitioner-level guidance specific to those respective professional areas.
Additional COBIT resources include:
Process Assessment Model (PAM)
COBIT Assessor Guide
COBIT Self-Assessment Guide
There also is COBIT-related guidance on topics such as business benefits realization,
configuration management, cybersecurity and mobile devices.
There also is COBIT-related guidance on topics such as business benefits realization, configuration management, cybersecurity and mobile devices.
Principle of COBIT 5 :
- Meeting stakeholder needs
- Covering the enterprise end-to-end
- Applying a single integrated framework
- Enabling a holistic approach
- Separating governance from management
The Principles can be listed as follows:
The first principle is meeting the stakeholders’ needs:
This principle is about identifying the key stakeholders, their needs and how value is created for enterprises by addressing those needs through the cascading of goals.
The second principle is covering the enterprise end-to-end:
This principle is about covering all the functions and processes wherever information is processed in the enterprise.
The third principle is applying a single integrated framework:
This principle is about having a single and integrated framework that consists of the various established frameworks and standards required for the governance and management of enterprise IT.
The fourth principle is enabling a holistic approach:
This principle is about using a set of enablers for an all-inclusive or holistic approach to support the governance and management of enterprise IT.
The fifth principle is separating governance from management:
This principle is about differentiating between the governance and management roles, activities and responsibilities.