COBIT 4.1 Publications and Products 


The components of COBIT each address uses and applications of COBIT from differing perspectives. From the framework, which outlines the basis of the COBIT philosophy, to the management guidelines, which addresses the concerns of upper management, and through all the other components, each component adds a unique layer of understanding to COBIT.

COBIT is an IT governance framework and supporting toolset that allows managers to bridge the gap between control requirements, technical issues and business risks. COBIT enables clear policy development and good practice for IT control throughout organizations. COBIT emphasizes regulatory compliance, helps organizations to increase the value attained from IT, enables alignment and simplifies implementation of the COBIT framework.



Presents IT governance concepts, roles and responsibilities with checklists and tools to help management initiate and sustain an effective IT governance program. Specific attention is given to the IT strategy committee.Overview.aspx

Building the Business Case for COBIT and Val IT: Executive Briefing

Overview status of COBIT and ValIT frameworks implemented within the enterprises of different size, industry segment and geographic location.   More Information >>

Information Security Governance: Guidance for Boards of Directors and Executive Management, 2nd Edition

Presents information security in business terms and contains tools and techniques to help uncover security-related problems.   More Information >>

Val IT

Enterprise Value: Governance of IT Investments—The Val IT Framework explains how an enterprise can extract optimal value from IT-enabled investments and is based on the CobiT framework.  It is organized into:
  • Three Processes—Value Governance, Portfolio Management and Investment Management
  • IT key management practices—Essential management practices that positively influence the achievement of the desired result or purpose of a particular activity.  They supported the Val IT processes and play roughly the same role as do CobiT's control objective.
Enterprise Value: Governance of IT investments—The business Case, which focus is on one key element of the investment management process.   More Information >>

COBIT helps provide answers to typical management questions:

  • How far should we go in controlling IT, and is the cost justified by the benefit?
  • What are the indicators of good performance?
  • What are the key management practices to apply?
  • What do others do?
  • How do we measure and compare?

COBIT contains the following to help answer these questions:

  • Business, IT, Process Goals
  • Performance & Goal Measures
  • Inputs & Outputs
  • Activities, Roles & Responsibilities
  • Maturity Models
  • Management Guidelines

COBIT® Assessment Program:

IT Governance Using COBIT and Val IT

A set of educational materials that professors and teachers can use to explain and present CobiT in their courses on information systems management, information security management, information auditing and/or accounting information systems. This educational package was constructed using using the advice and counsel of a global group of academics and practitioners. The purpose was to create a more focused approach for teaching and presenting CobiT in the classroom. It is available to all professors who pledge to share their own CobiT teaching materials. The set includes the following material:
  • Student Book, to share with students either in print or electronically
  • PowerPoint Presentation
  • Case Study
  • Caselets
More Information >>

How can I teach COBIT and VAL IT in the classroom?

Implementing and Continually Improving IT Governance

Provides an approach for implementing IT governance in such a way that the implementation team can get started in an effective and efficient manner.

COBIT Online

Allows users to customize a version of CobiT for their own enterprise, then store and manipulate that version as desired. If offers online, real-time surveys, frequently asked questions, benchmarking, and a discussion facility for sharing experiences and questions.

COBIT Security Baseline, 2nd Edition

Focuses on essential steps for implementing information security within the enterprise. The second edition is in development at the time of this writing.

COBIT Training

Several CobiT-related courses are offered including a CobiT exam

COBIT Quickstart, 2nd Edition

Provides a baseline of control for the smaller organization and a possible first step for the larger enterprise

COBIT Security Baseline, 2nd Edition

Focuses on essential steps for implementing information security within the enterprise. The second edition is in development at the time of this writing.

COBIT Mappings

A mapping overview paper and various mappings of COBIT to other international, national and industry standards and frameworks have been published.

COBIT User Guide for Service Managers

Aimed at providing specific guidance on how to use CobiT when performing a particular role.

COBIT and Application Controls: A Management Guide

This publication provides guidance primarily for business executives, business management, and IT management, as well as IT developers and implementers, internal and external auditors and other professionals.

What is the IT governance framework?


Framework—Explains how CobiT organizes IT governance management and control objectives and good practices by IT domains and processes, and links them to business requirements.

Process descriptions—Includes 34 IT processes covering the IT responsibility areas beginning to end

Control objectives—Provide generic best practice management objectives for IT processes

Management guidelines—Offer tools to help assign responsibility, measure performance, and benchmark and address gaps in capability

Maturity models—Provides profiles of IT processes describing possible current and future states

COBIT Control Practices, 2nd Edition

Provides guidance on why controls are worth implementing and how to implement them

How do we assess the IT governance framework?

IT Assurance Guide: Using COBIT

Provides guidance on how CobiT can be used to support a variety of assurance activities together with suggested testing steps for all the IT processes and control objectives.

IT Control Objectives for Sarbanes-Oxley, 2nd Edition

This publication provides CIO's, IT managers, and control and assurance professionals with scoping and assessment ideas, aproaches and quidance in support of the IT-related Committee of Sponsoring Organizations of the Treadway Commission (COSO) internal control objectives for financial reporting.