COBIT® 5 Overview and Key Features Tutorial

Overview and Key Features of COBIT® 5.0

Let us begin with lesson 1 of the COBIT® 5 Foundation Certification Course. The purpose of the COBIT® 5 Foundation certification is to confirm that a candidate has sufficient knowledge and understanding of the COBIT® 5 guidance. In line with this purpose, this lesson covers an overview of the COBIT® 5 framework including the reasons for the development of COBIT® 5, the evolution of COBIT® 5 and the drivers and benefits of using COBIT® 5. This lesson also provides an insight into the Format and Product architecture.

Let us begin with the objectives of this tutorial.

Objectives

By the end of the COBIT 5 Overview and Key Features Tutorial you will be able to:

  • Discuss COBIT® 5 and the reasons for its development 

  • Explain the evolution of COBIT® 5

  • Describe the drivers for the development of a framework 

  • Identify the scope of COBIT® 5 

  • List the ways to fulfil enterprise IT requirements 

Let us move on to the next section to discuss the reasons for the development of COBIT® 5.

You too can join the high earners' club. Enroll in our COBIT 5 Course and earn more today.

Reasons for the Development of COBIT 5

COBIT® 5 stands for Control Objectives for Information and Related Technology. The development of COBIT® 5 was initially proposed by the ISACA® (read as EESAKA) Board. It was decided to make COBIT® a single, comprehensive framework. 

COBIT® 5 was developed to achieve the following:

  •  To tie together and reinforce all ISACA® knowledge assets with COBIT®
  •  To provide a renewed and authoritative governance and management framework for enterprise information and related technology
  •  To integrate other major ISACA® frameworks and guidance such as Val IT®, Risk IT®, BMIS™, ITAF™ and Board Briefing 
  • To provide organizations with a reliable backbone structure for their work environments 
  • To take the governance forward in the organization 
  •  To align with other major frameworks and standards in the marketplace, including ITIL® and ISO standards.

 Let us now move on to the next section to discuss the evolution of COBIT® 5 framework.

Evolution of COBIT® 5

COBIT® 5 provides the next generation of ISACA®’s guidance on the enterprise governance and management of IT. 

The following are a few facts on the evolution of COBIT® 5: 

  • It is built on more than 15 years of practical usage and application of COBIT® by many enterprises and users from the business, IT, risk, security and assurance communities. 

  • COBIT® has evolved from its initial focus on the Information Systems or IS Audit in 1996. 

  • Each version has evolved to be better in meeting the needs of the business to manage its information and Information Technology or IT, the most important medium which supports business information. 

  • Prior to 1996, COBIT® existed as the ISACA® “Control Objectives” for Information Security or IS auditors which was issued as a loose-leaf manual to all ISACA® members who at the time, were primarily IS auditors. 

In the next section, we will look into the various stages of COBIT® 5 evolution.

Stages of COBIT®5 Evolution

The table shown below depicts the various stages of COBIT® evolution:

Stage of COBIT Evolution

Year of Release

Major Feature of Evolution Stage

First Stage of COBIT Evolution (COBIT® 1)

1996

Main Focus on Information Systems (IS) Audit.

Second Stage of COBIT Evolution (COBIT® 2)

1998

Introduced Control Practices Activities in the COBIT® Framework

Third Stage of COBIT Evolution (COBIT® 3)

2000

Inclusion of Management Guidelines in the framework

Fourth Stage of COBIT Evolution (COBIT® 4)

2005 - 2007

Consisted of additional offerings including IT Governance, BMIS, and Val IT

Fifth Stage of COBIT Evolution (COBIT® 5)

2012

Focus on Governance of Enterprise IT

  • In 1996, the first framework of COBIT® was created. The main focus was on the Information Systems or IS Audit and it was created primarily for the IT auditors. The version was named as COBIT® 1. 

  • In 1998, COBIT® 2 was developed. It witnessed the introduction of the control practices and control activities in the COBIT® framework. 

  • Subsequently, in 2000, the third version of the COBIT® framework, COBIT® 3, was developed. The major change was the inclusion of the management guidelines in the framework. 

  • COBIT® 4, the fourth revision of the COBIT® framework, was developed between 2005 and 2007. The framework had additional offerings, namely BMIS™ (read B-M-I-S), Val IT® (read as Value I-T), and Risk IT® (read as Risk I-T) for IT Governance. 

  • The latest version of the COBIT® framework, COBIT® 5, has evolved to suit and be relevant for today’s enterprise environment. Enterprises have recognised that their executive functions need to embrace IT like any other significant part of the business. As a result, business and IT functions must collaborate and work together so that IT is included within the governance and management approach. 

Let us focus on the drivers for the development of a framework in the next section.

Preparing for a career in Cyber SecurityCheck out our Course Preview on COBIT 5 here!

Drivers for the Development of a Framework

The major drivers for the development of a framework include the following: 

  • Providing further guidance in areas of high interest, such as, enterprise architecture, asset and service management, emerging sourcing and enterprise models and innovation and emerging technologies. 

- This includes creativity, inventiveness, developing new products, making the existing products more compelling to customers and reaching new types of customers. 

- Innovation also implies the streamlining of product development, manufacturing and supply chain processes to deliver products to the market with increasing levels of efficiency, speed and quality. 

  • There is a need to cover:

- full end-to-end business and IT functional responsibilities. 

- all aspects that lead to the effective governance and management of enterprise IT (read as I-T), such as organizational structures, policies and culture, over and above processes.

  •  There is a need to get better control over the increasing user-initiated and user-controlled IT solutions. 

The drivers outlined here are meant for the development of all frameworks. They are market and business driven as organizations face ever-increasing challenges. There are also additional drivers that are directed explicitly at business needs and the requirement that COBIT® should cross- reference to all relevant internationally recognised standards and frameworks.

This has resulted in a need for the enterprise to achieve:

  • better value creation through the effective and innovative use of enterprise IT

  •  increased business user satisfaction with the IT engagement and services

  • increased compliance with the relevant laws, regulations, and policies

  •  improved relationship between the business needs and IT objectives

  •  increased financial return from governance over enterprise IT by obtaining the greatest value from investments in technology

  •  a connection and alignment with other major frameworks and standards in the marketplace, such as Information Technology Infrastructure Library or ITIL®, The Open Group Architecture Forum or TOGAF, Project Management Body of Knowledge or PMBOK®, PRojects IN Controlled Environments 2 or PRINCE2®, Committee of Sponsoring Organizations of the Treadway Commission or COSO and International Organization for Standardization or ISO standards.

In the next section, we will discuss the scope of COBIT® 5.

Scope of COBIT® 5

The scope of the applicability of COBIT® 5 and information, which is the key enabler of COBIT® 5, is not limited only to IT companies but also applied to the following entities:  

  • global organizations 

  • multinational businesses

  • national and local governments

  • charities and not-for-profit enterprises

  • small and medium enterprises 

  • clubs and associations. 

COBIT® 5 is also meant for governing and managing information end-to-end in the enterprise, irrespective of the medium used. 
In the following section, we shall examine the importance of information in an IT Framework.


Importance of Information in an IT Framework

Information is important to every enterprise. Large enterprises must control and manage IT to make global decisions. The following signifies the importance of information: 

  • Information is the business currency of the 21st century.

  •  Information is equally important for the government, small enterprises and not-for-profit enterprises. 

  • Every form of enterprise must be able to rely on quality information to support quality executive decisions. The quality information is dependent on the lifecycle of the Information as it is created, used, retained, disclosed and destroyed. Technology plays a key role in these lifecycle actions and is becoming pervasive in all aspects of business and personal life.

 In the next section, we will look into enterprise IT requirements.

You can check the Course Preview of COBIT 5 Course here!

Enterprise IT Requirements

To fulfil enterprise IT requirements, the enterprises and their executives strive to: 

  • maintain quality information to support business decisions. 

  • generate business value from IT-enabled investments, that is, to achieve the strategic goals and realise the business benefits through the effective and innovative use of IT. This is done by: business and IT collaboration, leading to business user satisfaction with the IT engagement and services.

  • achieving operational excellence through reliable and efficient application of technology.

  • maintaining IT-related risks at an acceptable level.

  • optimising the cost of IT services and technology.

  • complying with ever-increasing relevant laws, regulations and policies.

 The COBIT® 5 framework addresses how the mentioned benefits can be realized to create enterprise stakeholder value. In the next section, we will focus on creating stakeholder value.

Creating Stakeholder Value

Delivering enterprise stakeholder value requires good governance and management of information and technology or IT (read as I-T) assets. The following are some important information that will ensure the creation of stakeholder value:

  • Enterprise boards, executives and management have to embrace IT like any other significant part of the business.

  • IT should be treated as a partner, and not as a separate utility function, for fulfilling the vision of the enterprise.

  • Information security is a part of the larger IT scope. It creates value for stakeholders as it helps in meeting legal, regulatory and compliance requirements for the enterprise. 

  • COBIT® 5 provides a comprehensive framework that assists enterprises to achieve their goals and deliver value through effective governance and management of enterprise IT.

Summary

Let us summarise what we have learned in this article: 

  • COBIT® 5 was developed to tie together and reinforce all ISACA® knowledge assets, to take governance forward and to align with other major frameworks and standards in the marketplace. 

  • COBIT® 5 is built on more than 15 years of practical usage and application by many enterprises and users from business, IT and security. 

  • Some of the drivers for the development of a framework include providing guidance in areas of high interest, such as enterprise architecture and asset and service management, and a need to cover full end-to-end business and IT functional responsibilities. 

  • The scope of COBIT® 5 includes entities such as global, multinational businesses, national and local governments, and small and medium enterprises. 

  • To fulfil enterprise IT requirements, enterprises must achieve operational excellence through reliable and efficient application of technology.

​The next lesson talks about COBIT® 5 and other IT Governance Frameworks.

  • Disclaimer
  • PMP, PMI, PMBOK, CAPM, PgMP, PfMP, ACP, PBA, RMP, SP, and OPM3 are registered marks of the Project Management Institute, Inc.

Request more information

For individuals
For business
Name*
Email*
Phone Number*
Your Message (Optional)
We are looking into your query.
Our consultants will get in touch with you soon.

A Simplilearn representative will get back to you in one business day.

First Name*
Last Name*
Email*
Phone Number*
Company*
Job Title*