ISACA refreshes COBIT framework to address latest business technology trends and standards

ISACA released its first update to the COBIT framework in nearly seven years. The new version, COBIT 2019, provides guidance to help enterprises better govern and manage their information and technology. The COBIT framework is used by enterprises in all industries around the globe, and COBIT publications have been downloaded more than one million times.

ISACA introduced COBIT in 1996 to provide and organize a set of controls for IT. The new iteration of COBIT will come in four phases and will include focus areas reflecting trends and priorities in technology (e.g., DevOps, cybersecurity), updates aligned with the latest industry standards, and a design guide that provides flexibility and guidance to help organizations tailor a governance system to their needs.

“The COBIT framework has thrived for 20-plus years because it addresses core business principles that are every bit as true now as they were in the 1990s,” said Mark Thomas, a COBIT trainer and founder of Escoute Consulting, who blogged about the COBIT update here. “But it had become important to provide updated guidance related to key drivers of the current technology landscape, and COBIT 2019 takes a big step forward in that regard.”

The first, released phase, includes:

  • COBIT 2019 Framework: Introduction and Methodology—Details governance principles, provides key concepts and examples, and lays out the structure of the overall framework, including the COBIT Core Model.
  • COBIT 2019 Framework: Governance and Management Objectives— Provides description of the COBIT Core Model and its 40 governance/management objectives, which are defined and then matched up with the related process, enterprise goals, and governance and management practices.

Both are available to ISACA members and nonmembers free of charge, and a complimentary tool kit is included.

In December, ISACA will release:

  • COBIT 2019 Design Guide: Designing an Information and Technology Governance Solution—Offers how-to information to design a tailored governance system for organizations.
  • COBIT 2019 Implementation Guide: Implementing and Optimizing an Information and Technology Governance Solution—Provides a roadmap for continuous governance improvement.

Among the changes from COBIT 5, COBIT 2019 uses a maturity model based on the CMMI Institute’s Capability Maturity Model Integration to assess enterprises’ capability levels for each activity in COBIT. COBIT 2019 adds three additional management objectives (processes), as well as design factors.

“COBIT 2019 provides world-class guidance that can increase the value derived from information and technology assets through better governance and management,” said ISACA Board Chair Rob Clyde, CISM. “This kind of guidance spurs new growth and innovation while fortifying organizations worldwide against threats and risks.”

COBIT 2019 helps enterprises govern information and technology—from a single project-based implementation, to use by a particular team or business unit, to full, enterprisewide implementation.

“COBIT 2019 offers enterprises flexibility to design practical governance solutions specific to organizations’ business goals and their specific context,” said Dirk Steuperaert, lead developer of COBIT 2019. “Those that adopt COBIT 2019 will benefit from optimized resource use, increased efficiency, and better management of their information and technology.”

Are you protecting your users and sensitive O365 data from being leaked? Learn how Specops Authentication for O365 can help.