COBIT as a Framework for Enterprise Governance of IT

De Haes, Steven; Van Grembergen, Wim; Joshi, Anant; Huygh, Tim

doi:10.1007/978-3-030-25918-1_5

Steven De Haes⁵,
Wim Van Grembergen⁵,
Anant Joshi^6,7 &
…
Tim Huygh⁵

Part of the book series: Management for Professionals ((MANAGPROF))

5107 Accesses
16 Citations

Abstract

This chapter discusses Control Objectives for Information and Related Technology (COBIT) as a framework for enterprise governance of information and technology (EGIT). The chapter starts with a brief overview of COBIT’s history. Then, the most recent version of the COBIT framework, i.e., COBIT 2019, is introduced. Next, the six principles that describe the core requirements of an EGIT system as introduced in the COBIT 2019 framework are presented and discussed. This is followed by an overview of the COBIT 2019 core model and its 40 governance and management objectives and the specific guidance contained therein. The COBIT 2019 performance management approach is also introduced. Finally, some insights and examples are provided that demonstrate how the generic guidance contained in COBIT 2019 can be applied to the specific context of an enterprise.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 49.99; Price excludes VAT (USA)

Softcover Book: USD 64.99; Price excludes VAT (USA)

Hardcover Book: USD 79.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

1.
ITGI (2003) recognized value delivery and risk management as outcome areas; and strategic alignment, resource management, and performance measurement as drivers.
2.
Refer to Chap. 3 on business/IT alignment for additional substantiation.
3.
Refer to Chap. 4 on IT business value for additional substantiation.
4.
Refer to Chap. 2 on Enterprise Governance of IT for additional substantiation.
5.
Refer to Chap. 2 on Enterprise Governance of IT for additional substantiation.
6.
Refer to Chap. 4 on IT business value for additional substantiation.
7.
As a side note, this exact management process was indeed part of the COBIT 5 process enabler.
8.
This illustrates the interaction between EGIT components (in this case the process and the organizational structures), i.e., demonstrating that various EGIT components work together in a holistic way.
9.
https://www.sfia-online.org/en/framework/sfia-6.
10.
http://www.ecompetences.eu/e-cf-overview/.
11.
https://na.theiia.org/standards-guidance/mandatory-guidance/Pages/Core-Principles-for-the-Professional-Practice-of-Internal-Auditing.aspx.
12.
https://www.axelos.com/best-practice-solutions/itil/what-is-itil.
13.
It should be noted that ISACA however states that other governance and management component types—i.e., besides processes—(e.g., organizational structures) may also have capability levels defined for them in further COBIT 2019 guidance (ISACA, 2018b).
14.
Refer to Chap. 4 on IT business value for additional substantiation of “information economics”.
15.
Governance objective EDM02 and management objective APO05 are related in the sense that they both are of primary importance for achieving alignment goal “realized benefits from I&T-enabled investments and services portfolio” (AG03).
16.
Refer to Chap. 4 on IT business value for additional substantiation on business cases and the business case process.

References

Beer, S. (1985). Diagnosing the system for organizations. West Sussex: John Wiley & Sons.
Google Scholar
Brown, C. V. (1997). Examining the emergence of hybrid IS governance solutions: Evidence from a single case site. Information Systems Research, 8(1), 69–94.
Article Google Scholar
Brown, A. E., & Grant, G. G. (2005). Framing the frameworks: A review of it governance research. Communications of the Association for Information Systems, 15(1), 696–712.
Google Scholar
De Haes, S., & Van Grembergen, W. (2009). An exploratory study into IT governance implementations and its impact on business/IT alignment. Information Systems Management, 26(2), 123–137.
Article Google Scholar
De Haes, S., Van Grembergen, W., & Debreceny, R. S. (2013). COBIT 5 and enterprise governance of information technology: Building blocks and research opportunities. Journal of Information Systems, 27(1), 307–324.
Article Google Scholar
De Wit, B., & Meyer, R. (2014). Strategy synthesis: Managing strategy paradoxes to create competitive advantage (4th ed.). Cengage Learning India Pvt. Ltd.
Google Scholar
Henderson, J. C., & Venkatraman, N. (1993). Strategic alignment: leveraging information technology for transforming organizations. IBM Systems Journal, 32(1), 4–16.
Article Google Scholar
Huygh, T., & De Haes, S. (2019). Investigating IT governance through the viable system model. Information Systems Management, 36(2), 168–192.
Article Google Scholar
ISACA. (2018a). COBIT 2019 framework: Governance and management objectives.
Google Scholar
ISACA. (2018b). COBIT 2019 framework: Introduction & methodology.
Google Scholar
ISO/IEC. (2015). ISO/IEC standard 38500: Information technology—Governance of IT for the organization.
Google Scholar
IT Governance Institute (ITGI). (2003). Board briefing on IT governance (2nd ed). Retrieved from http://www.isaca.org/knowledge-center/research/researchdeliverables/pages/board-briefing-on-it-governance-2nd-edition.aspx.
Kaplan, R. S., & Norton, D. P. (1996). The balanced scorecard: Translating strategy into action.
Google Scholar
Lawrence, P. R., & Lorsch, J. W. (1967). Organization and environment. Boston, MA: Harvard Business School, Division of Research.
Google Scholar
Peterson, R. R. (2004). Crafting information technology governance. Information Systems Management, 21(4), 7–22.
Article Google Scholar
Preston, D. S., & Karahanna, E. (2009). Antecedents of IS strategic alignment: A nomological network. Information Systems Research, 20(2), 159–179.
Article Google Scholar
Schwarz, A., & Hirschheim, R. (2003). An extended platform logic perspective of IT governance: Managing perceptions and activities of IT. The Journal of Strategic Information Systems, 12(2), 129–166.
Article Google Scholar
Steuperaert, D. (2019). COBIT 2019: A significant update. EDPACS, 59(1), 14–18.
Article Google Scholar
Van Grembergen, W., Saull, R., & De Haes, S. (2003). Linking the IT balanced scorecard to the business objectives at a major Canadian financial group. Journal for Information Technology Cases and Applications, 5(1), 23–45.
Article Google Scholar
Weill, P., & Ross, J. W. (2009). IT savvy: What top executives must know to go from pain to gain. Harvard Business Press.
Google Scholar

Download references

Author information

Authors and Affiliations

Antwerp Management School, University of Antwerp, Antwerp, Belgium
Steven De Haes, Wim Van Grembergen & Tim Huygh
Antwerp Management School, Antwerp, Belgium
Anant Joshi
Maastricht University, Maastricht, The Netherlands
Anant Joshi

Authors

Steven De Haes
View author publications
You can also search for this author in PubMed Google Scholar
Wim Van Grembergen
View author publications
You can also search for this author in PubMed Google Scholar
Anant Joshi
View author publications
You can also search for this author in PubMed Google Scholar
Tim Huygh
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Steven De Haes .

Rights and permissions

Reprints and permissions

Copyright information

About this chapter

Cite this chapter

De Haes, S., Van Grembergen, W., Joshi, A., Huygh, T. (2020). COBIT as a Framework for Enterprise Governance of IT. In: Enterprise Governance of Information Technology. Management for Professionals. Springer, Cham. https://doi.org/10.1007/978-3-030-25918-1_5

Download citation

DOI: https://doi.org/10.1007/978-3-030-25918-1_5
Published: 04 September 2019
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-25917-4
Online ISBN: 978-3-030-25918-1
eBook Packages: Business and ManagementBusiness and Management (R0)

Publish with us

Policies and ethics