Governance and Management Objectives

  1. Home
  2. Governance and Management Objectives

COBIT 2019 framework has governance and management objectives grouped into 5 domains which express the key purpose and areas of activity, as

  • Evaluate, Direct and Monitor (EDM)
  • Align, Plan and Organize (APO)
  • Build, Acquire and Implement (BAI)
  • Deliver, Service and Support (DSS)
  • Monitor, Evaluate and Assess (MEA)

Governance objectives are grouped under the EDM domain. In this domain, the governing body evaluates strategic options, directs senior management on the chosen strategic options and monitors achievement of the strategy as mentioned previously in the 3 essential tasks. EDM encompasses the goal cascades and determination of stakeholder drivers and needs.

Management objectives are grouped in these 4 domains:

  • APO—Addresses the overall organization, strategy and supporting activities for enterprise I&T
  • BAI—Treats the definition, acquisition and implementation of I&T solutions and their integration into business processes
  • DSS—Addresses operational delivery and support of I&T services, including security
  • MEA—Addresses performance monitoring and conformity of I&T to internal performance targets, internal control objectives and external requirements

For each governance and management objective, following are components are present.

COBIT 2019 Governance and Management Objectives
Source: ISACA®, COBIT® 2019 Framework: Introduction and Methodology, USA, 2018

Process

Every objective has several process practices with each process having activities. Metrics for each process measure the achievement and its contribution to the overall objective.

Processes in every governance and management objective can operate at different capability level   as per maturity. COBIT 2019 supports a Capability Maturity Model Integration ® (CMMI) – based process-capability scheme which ranges from  0 to 5.

Organizational structures

It enlists levels of responsibility and accountability for process practices with individual roles from both business and IT.

The COBIT  2019 defines following roles and organizational structures

  • Board
  • Executive Committee
  • CEO (Chief Executive Officer)
  • CFO (Chief Financial Officer)
  • COO (Chief Operating Officer)
  • CRO (Chief Risk Officer)
  • CIO (Chief Information Officer)
  • CTO (Chief Technology Officer)
  • CDO (Chief Digital Officer)
  • I&T Governance Board
  • Architecture Board
  • Enterprise Risk Committee
  • Chief Information Security Officer
  • Business Process Owner
  • Portfolio Manager
  • Steering (Programs/Projects) Committee
  • Program Manager
  • Project Manager
  • Project Management Office
  • Head Human Resources
  • Data Management Function
  • Head Architect
  • Relationship Manager
  • Head IT Operations
  • Head IT Administration
  • Service Manager
  • Head Development
  • Information Security Manager
  • Business Continuity Manager
  • Privacy Officer
  • Legal Counsel
  • Compliance
  • Audit

The different levels of involvement is divided into

  • Responsible (R) roles- main operational stake or the person who gets the task done.
  • Accountable (A) roles- Overall accountability. Cannot be shared. The person accountable for success and achievement of the task

The two levels of involvement as

  • Consulted (C) roles – who provide input
  • Informed (I) roles – who receive information

All depends on organizational context amd priorities.

Information Flows and Items

It guides the information flows and items linked with process practices. An input can be output of another. Every output is sent to specific single or multiple COBIT processes

People, skills and competencies

It identify human resources and skills needed for achieving the governance or management objectives. COBIT 2019 is based on the Skills Framework for the Information Age (SFIA ) version 6.

Policies and procedures

It guides on policies and procedures that are pertinent for the governance or management objectives

Culture, ethics and behavior

It guides on cultural elements within the organization which carry  the achievement of a governance or management objectives.

Services, infrastructure and application

It guides on 3rd party services, infrastructure types and applications to achieve the governance or management objectives.

There are 13 enterprise goals and 13 alignment goals in COBIT 2019. There are no additional IT-related goals in COBIT 2019. Both enterprise goals and alignment goals have been updated and simplified.

Go back to COBIT 2019 Tutorial page

COBIT 2019 Foundation.
Menu