A Quick Overview of COBIT 2019

People these days want to be able to absorb important information quickly. So, if you want to know more about what COBIT 2019 is and involves, then hopefully this article will give you all the important stuff as quickly as possible. All thanks to the efficiency of bullet points.

1. COBIT 2019 was launched in November 2019. It replaces 2012’s v5.
2. It’s not simply an IT service management (ITSM) best practice approach. Instead, it’s “a framework for the governance and management of enterprise information and technology (I&T), aimed at the whole organization.”
3. It’s also no longer an acronym for “Control Objectives for Information and Related Technologies” – like ITIL, it’s now just a name.
4. COBIT 2019 offers best practice guidance on a number of key IT management areas: keeping IT running, cost management and value optimization, the better aligning of IT with the business, compliance, and benchmarking.
5. As to how it helps, COBIT 2019 “…defines the components to build and sustain a governance system: processes, policies and procedures, organizational structures, information flows, skills, infrastructure, and culture and behaviors.”
6. It’s designed to integrate with other industry frameworks and standards such as ISO, ITIL, and TOGAF. It doesn’t want to replace what your organization currently uses and instead should be used in tandem for better business outcomes.
7. COBIT is about more than processes (a change that also came with ITIL 4). It also covers six other “enablers” that are deemed to be essential for effective governance: principles, policies and frameworks; organizational structures; culture, ethics, and behaviors; information; services, infrastructure, and applications; and people, skills, and competencies.
8. COBIT is currently underappreciated and underused in ITSM, with the 2018 HDI Technical Support Practices & Salary Report showing COBIT to be used by only 14% of North American IT service desks (versus ITIL’s 71% adoption).
9. The 2019 update addresses some of the more recent trends in IT including DevOps and Agile, cloud, service integration and management (SIAM), and the Internet of Things (IoT).
10. COBIT’s guidance should be viewed as “prescriptive.” In that the governance components are a prescription for how to set up a customized governance system for I&T. As with ITIL, your organization will need to “adopt and adapt” COBIT rather than treating the guidance as to the only way to do things.
11. COBIT 2019’s initial messaging also described what it’s not. That it “Is not a full description of the whole I&T environment of an organization. Is not a framework to organize business processes. Is not an (IT) technical framework to manage all technology. Does not make or prescribe any IT-related decisions … Instead, it defines all the components that describe which decisions should be taken, and how and by whom they should be taken.”
12. COBIT 2019 differentiates between governance and management. That “Management plans, builds, runs, and monitors activities, in alignment with the direction set by the governance body, to achieve the enterprise objectives.” Whereas “Governance ensures that: Stakeholder needs, conditions and options are evaluated to determine balanced, agreed-on enterprise objectives. Direction is set through prioritization and decision making. Performance and compliance are monitored against agreed-on direction and objectives.”
13. The COBIT Performance Management (CPM) model is new in the 2019 update. It’s inspired by CMMI – with the scoring of processes from 0-5 within each of its governance and management objectives.
14. COBIT 2019 has adopted an “open-source” model such that people can proactively provide feedback and propose enhancements for future evolutions.

Hopefully, you found this a useful read on COBIT 2019. What else would you add to help others? Please let me know in the comments.