For years, organizations have suffered from a crucial gap that existed between business objectives and IT governance. IT activities were not always aligned with business goals, information technology risks were not always addressed and leaders were not able to grasp the value that IT provides to the organization.
COBIT is a framework that was created in 1993 by ISACA to address these issues. It is based on the following 5 key principles:
- Meeting stakeholder needs.
- Covering the enterprise end-to-end.
- Applying a single integrated framework.
- Enabling a holistic approach.
- Separating governance from management.
COBIT applies to the overall IT activities of the organization with the main goal of reducing IT risks.
COBIT 5 defines 37 processes separated into 5 domains: Evaluate, Direct and Monitor (EDM); Align, Plan and Organize(APO); Build, Acquire and Implement (BAI); Deliver, Service and Support (DSS); Monitor, Evaluate and Assess (MEA).