Abstract
This chapter discusses Control Objectives for Information and Related Technology (COBIT) as a framework for enterprise governance of information and technology (EGIT). The chapter starts with a brief overview of COBIT’s history. Then, the most recent version of the COBIT framework, i.e., COBIT 2019, is introduced. Next, the six principles that describe the core requirements of an EGIT system as introduced in the COBIT 2019 framework are presented and discussed. This is followed by an overview of the COBIT 2019 core model and its 40 governance and management objectives and the specific guidance contained therein. The COBIT 2019 performance management approach is also introduced. Finally, some insights and examples are provided that demonstrate how the generic guidance contained in COBIT 2019 can be applied to the specific context of an enterprise.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
ITGI (2003) recognized value delivery and risk management as outcome areas; and strategic alignment, resource management, and performance measurement as drivers.
- 2.
Refer to Chap. 3 on business/IT alignment for additional substantiation.
- 3.
Refer to Chap. 4 on IT business value for additional substantiation.
- 4.
Refer to Chap. 2 on Enterprise Governance of IT for additional substantiation.
- 5.
Refer to Chap. 2 on Enterprise Governance of IT for additional substantiation.
- 6.
Refer to Chap. 4 on IT business value for additional substantiation.
- 7.
As a side note, this exact management process was indeed part of the COBIT 5 process enabler.
- 8.
This illustrates the interaction between EGIT components (in this case the process and the organizational structures), i.e., demonstrating that various EGIT components work together in a holistic way.
- 9.
- 10.
- 11.
- 12.
- 13.
It should be noted that ISACA however states that other governance and management component types—i.e., besides processes—(e.g., organizational structures) may also have capability levels defined for them in further COBIT 2019 guidance (ISACA, 2018b).
- 14.
Refer to Chap. 4 on IT business value for additional substantiation of “information economics”.
- 15.
Governance objective EDM02 and management objective APO05 are related in the sense that they both are of primary importance for achieving alignment goal “realized benefits from I&T-enabled investments and services portfolio” (AG03).
- 16.
Refer to Chap. 4 on IT business value for additional substantiation on business cases and the business case process.
References
Beer, S. (1985). Diagnosing the system for organizations. West Sussex: John Wiley & Sons.
Brown, C. V. (1997). Examining the emergence of hybrid IS governance solutions: Evidence from a single case site. Information Systems Research, 8(1), 69–94.
Brown, A. E., & Grant, G. G. (2005). Framing the frameworks: A review of it governance research. Communications of the Association for Information Systems, 15(1), 696–712.
De Haes, S., & Van Grembergen, W. (2009). An exploratory study into IT governance implementations and its impact on business/IT alignment. Information Systems Management, 26(2), 123–137.
De Haes, S., Van Grembergen, W., & Debreceny, R. S. (2013). COBIT 5 and enterprise governance of information technology: Building blocks and research opportunities. Journal of Information Systems, 27(1), 307–324.
De Wit, B., & Meyer, R. (2014). Strategy synthesis: Managing strategy paradoxes to create competitive advantage (4th ed.). Cengage Learning India Pvt. Ltd.
Henderson, J. C., & Venkatraman, N. (1993). Strategic alignment: leveraging information technology for transforming organizations. IBM Systems Journal, 32(1), 4–16.
Huygh, T., & De Haes, S. (2019). Investigating IT governance through the viable system model. Information Systems Management, 36(2), 168–192.
ISACA. (2018a). COBIT 2019 framework: Governance and management objectives.
ISACA. (2018b). COBIT 2019 framework: Introduction & methodology.
ISO/IEC. (2015). ISO/IEC standard 38500: Information technology—Governance of IT for the organization.
IT Governance Institute (ITGI). (2003). Board briefing on IT governance (2nd ed). Retrieved from http://www.isaca.org/knowledge-center/research/researchdeliverables/pages/board-briefing-on-it-governance-2nd-edition.aspx.
Kaplan, R. S., & Norton, D. P. (1996). The balanced scorecard: Translating strategy into action.
Lawrence, P. R., & Lorsch, J. W. (1967). Organization and environment. Boston, MA: Harvard Business School, Division of Research.
Peterson, R. R. (2004). Crafting information technology governance. Information Systems Management, 21(4), 7–22.
Preston, D. S., & Karahanna, E. (2009). Antecedents of IS strategic alignment: A nomological network. Information Systems Research, 20(2), 159–179.
Schwarz, A., & Hirschheim, R. (2003). An extended platform logic perspective of IT governance: Managing perceptions and activities of IT. The Journal of Strategic Information Systems, 12(2), 129–166.
Steuperaert, D. (2019). COBIT 2019: A significant update. EDPACS, 59(1), 14–18.
Van Grembergen, W., Saull, R., & De Haes, S. (2003). Linking the IT balanced scorecard to the business objectives at a major Canadian financial group. Journal for Information Technology Cases and Applications, 5(1), 23–45.
Weill, P., & Ross, J. W. (2009). IT savvy: What top executives must know to go from pain to gain. Harvard Business Press.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this chapter
Cite this chapter
De Haes, S., Van Grembergen, W., Joshi, A., Huygh, T. (2020). COBIT as a Framework for Enterprise Governance of IT. In: Enterprise Governance of Information Technology. Management for Professionals. Springer, Cham. https://doi.org/10.1007/978-3-030-25918-1_5
Download citation
DOI: https://doi.org/10.1007/978-3-030-25918-1_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-25917-4
Online ISBN: 978-3-030-25918-1
eBook Packages: Business and ManagementBusiness and Management (R0)