Control Objectives for Information and related Technology (COBIT) is an increasingly internationally accepted set of guidance materials for IT governance designed to assist in the implementation of effective IT governance throughout an enterprise.
For an organisation to be successful in delivering IT resources against business requirements, IT management should put an internal control system or control framework in place.

The COBIT control framework contributes to these needs by:

  • Making a link to business requirements
  • providing an set of Business Processes for IT Management
  • Identifying the major IT resources to be leveraged - These are modelled in an Enterprise Architecture repository.
  • Defining the management control objectives to be considered for each process

Version 4.1 of COBIT is much more aligned to Enterprise Architecture than previous versions.
In the COBIT Cube diagram below, the IT resources are the same as the (current state and future state) Enterprise Architecture model.


Likewise in the main COBIT diagram below, the IT resources shown in the centre are modelled in the Enterprise Architecture repository.

The Enterprise Architecture becomes the central repository for IT resources accessed by the COBIT IT Management processes around it.


COBIT Processes

IT Governance Areas

  • Strategic alignment focuses on ensuring the linkage of business and IT plans; defining, maintaining and validating the IT value proposition; and aligning IT operations with enterprise operations.
  • Value delivery is about executing the value proposition throughout the delivery cycle, ensuring that IT delivers the promised benefits against the strategy, concentrating on optimising costs and proving the intrinsic value of IT.
  • Resource management is about the optimal investment in, and the proper management of, critical IT resources: applications, information, infrastructure and people. Key issues relate to the optimisation of knowledge and infrastructure.
  • Risk management requires risk awareness by senior corporate officers, a clear understanding of the enterprise’s appetite for risk, understanding of compliance requirements, transparency about the significant risks to the enterprise and embedding of risk management responsibilities into the organisation.
  • Performance measurement tracks and monitors strategy implementation, project completion, resource usage, process performance and service delivery, using, for example, balanced scorecards that translate strategy into action to achieve goals measurable beyond conventional accounting.

Business and EA Goals

The following diagram illustrates how the Enterprise Strategy leads to Business Goals for IT, IT Goals, Enterprise Architecture for IT which are ultimately measured by an IT Scorecard.
Although this is a very IT only view of Enterprise Architecture, which comprises both Business and IT views, it helps to understand the use of COBIT with Enterprise Architecture.


Source: COBIT 4.1 documentation

Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License