A wide range of well-known organisations from many European countries are showing an increased interest in adopting the COBIT framework. COBIT aims to link business goals to IT objectives, and provides metrics and maturity models to measure their accomplishment, as well as identifying the associated responsibilities of business and IT process owners.

COBIT 5, released in early 2012, is the latest iteration of COBIT and incorporates the governance activities of ISO 38500 and other ISACA frameworks.

In 2005 the European Union Commission selected COBIT as one of three internationally accepted standards to be used to provide information security and control over its paying agencies, which are now required to select COBIT as the basis for their information systems security. Click here for more information on how COBIT has been adopted in Europe.

Quick Links:

What is COBIT?

COBIT® (Control Objectives for Information and Related Technology) is an IT governance control framework that helps organisations meet today’s business challenges in the areas of regulatory compliance, risk management and the alignment of IT strategy with organisational goals. COBIT, which is recognised globally, was updated from version 4.1 to version 5 in 2012.

COBIT 5 expands on the guidance in COBIT 4.1 by integrating other major frameworks, standards and resources, including ISACA's Val IT and Risk IT, ITIL® and other related standards from ISO, including ISO 38500.

This latest evolutionary version of COBIT takes into account the latest thinking on the governance of information technology. COBIT 5 provides principles, analytical tools and models to increase trust in, and the value derived from, information systems.

Download our free green paper on COBIT here.

Benefits of using COBIT

The COBIT framework can help organisations of all sizes to:

  • improve and maintain high quality information to support business decisions;
  • use IT effectively to achieve business goals;
  • use technology to promote operational excellence;
  • ensure IT risk is managed effectively;
  • ensure ROI on the expenditure of IT services and technology; and
  • achieve compliance with laws, regulations and contractual agreements.

COBIT 5 is an important milestone in the governance of an organisation’s IT, enabling businesses to simplify their efforts by implementing a single organisation-wide Governance, Risk and Compliance (GRC) framework. If a company is just starting, COBIT 5 will help by mapping a roadmap for a fast-track approach. COBIT also gives a better handle to the Governance of Enterprise IT (GEIT) if a company already has a GRC environment in place.

42% of respondents to a survey conducted by ISACA stated that the business outcomes of Governance of Enterprise IT were the improved management of IT-related risks, 40% that the business outcomes were improved relationships and communication between business and IT, 38% that there were lower IT costs, 37% that there was an improved delivery of business objectives, and 28% that there was improved business competitiveness.

How is COBIT structured?

COBIT 5 clearly differentiates between the governance and management of IT, and works around five principles:

  • COBIT Principle 1: Meeting Stakeholder Needs
  • COBIT Principle 2: Covering the Enterprise End-to-End
  • COBIT Principle 3: Applying a Single Integrated Framework
  • COBIT Principle 4: Enabling a Holistic Approach
  • COBIT Principle 5: Separating Governance from Management

Additionally, there are seven 'enablers' and a Process Reference Model (PRM) which identifies five sets of processes:

  • COBIT Process 1: Evaluate, Direct and Monitor
  • COBIT Process 2: Align, Plan and Organise
  • COBIT Process 3: Build, Acquire and Implement
  • COBIT Process 4: Deliver, Service and Support
  • COBIT Process 5: Monitor, Evaluate and Assess

There are 37 processes in total: five for governance and 32 for management. Unlike COBIT 4.1, which used a process maturity model, COBIT 5 uses a Process Assessment Model (PAM) designed in accordance with the set of technical standards ISO15504.

COBIT 5 is a more sophisticated and complex framework than COBIT 4.1 and you can get to grips with it by reading the full set of COBIT 5 publications.

COBIT Resources

Our EU website is the first place to come for COBIT 5 resources. We offer a complete range of COBIT books and toolkits.

These include a COBIT Bookshop, which features:

  • COBIT 5 Manual, the official COBIT 5 reference manual from ISACA
  • COBIT 5 Documentation Toolkit, which provides documentation templates that cover all 37 COBIT processes, and ready-to-use policies and procedures. This toolkit will save you huge amounts of time and money when implementing COBIT. It will accelerate the implementation of your IT governance project and structure while helping you to avoid dead-ends. Take a free trial of the COBIT 5 Documentation Toolkit here.
  • COBIT 5 Publication Suite, the most complete and up-to-date version of this important IT governance framework.

We deliver publications everywhere in Europe with shipping costs lower than ever. Find out more about our delivery rates.

COBIT 5 Training Courses

We currently offer the APMG-accredited COBIT 5 Foundation course and COBIT Implementation course, where you will have the opportunity to build your knowledge and understanding of the framework and how effective COBIT implementation can help your organisation achieve its strategic IT goals.

based in the UK, we welcome European professionals to our training courses and are happy to support overseas delegates by helping them with their travel arrangements. We can also deliver in-house training if you need to train a whole team.

For more information on our COBIT and IT governance classroom and in-house courses please contact us on 00 800 48 484 484 or email

Please note that our training courses are delivered in English only.

COBIT and other frameworks

COBIT, ITIL and ISO 27002 can be used together to achieve process improvement. COBIT does not supply a “how-to” route map for implementation of IT or Information Security best practices and this is where ISO 27002 and ITIL come in. They supply best practice information and processes. COBIT provides you with a framework of controls which you can use to structure the processes contained in ITIL and which, through the addition of ISO 27002, can be leveraged for process improvement.

Our extensive bookstore offers a wide range of ITIL publications, COBIT publications and the ISO 27002 Standard.

You may be also interested in: