Control Objectives for Information and related Technology (COBIT) is an IT governance framework and supporting toolset that allows managers to bridge the gap between control requirements, technical issues and business risks. COBIT enables clear policy development and good practice for IT control throughout organizations.
COBIT emphasizes regulatory compliance, helps organizations to increase the value attained from IT, enables alignment and simplifies implementation of the COBIT framework.
COBIT provides good practices across a domain and process framework and presents activities in a manageable and logical structure. COBIT's good practices represent the concensus of experts. They are focused more on control and less on execution. These practices will help optimize IT-enabled investments, ensure service delivery and provide a measure on which to judge when things do go wrong.
-Strategic alignment focuses on ensuring the linkage of business and IT plans; defining, maintaining and validating the IT value proposition; and aligning IT operations with enterprise operations.
-Value delivery is about executing the value proposition throughout the delivery cycle, ensuring that IT delivers the promised benefits against the strategy, concentrating on optimizing costs and proving the intrinsic value of IT.
-Resource management is about the optimal investment in, and the proper management of critical IT resources: applications, information, infrastructure and people. Key issues relate to the optimization of knowledge and infrastructure.
-Risk management requires risk awareness by senior corporate officers, a clear understanding of the enterprise’s appetite for risk, understanding of compliance requirements, transparency about the significant risks to the enterprise and em bedding of risk management responsibilities into the organization.
-Performance measurement tracks and monitors strategy implementation, project completion, resource usage, process performance and service delivery, using, for example, balanced scorecards that translate strategy into action to achieve goals measurable beyond conventional accounting
To aid organizations in successfully meeting today’s business challenges, the IT Governance Institute (ITGI) has published version COBIT 4.1. COBIT 4.1 can be used to enhance work already done based upon earlier versions; it does not invalidate that previous work.
When major activities are planned for IT governance initiatives, or when an overhaul of the enterprise control framework is anticipated, it is recommended to start fresh with the most recent version of COBIT
When used together, COBIT and ITIL provide a top-to-bottom approach to IT governance and, thus, service management.
COBIT guides management's priorities and objectives within a holistic and complete approach to a full range of IT activities.
This can focus all stakeholders (business and IT management, auditors, and IT professionals) on an integrated and common approach