COBIT 4.1 Controls Collaboration 


Discuss - Share - Learn

The COBIT Controls area within ISACA's Knowledge Center promotes collaboration and sharing of information, solutions and experience among COBIT users. Each of the 222 COBIT Control Objectives is a separate topic and includes specific Control Practice statements.

You must be an ISACA member to access community functionality and member-only content. However, everyone is welcome to browse the Knowledge Center to read and explore all discussions.




To Get Started

  • Click on a Control Objective in the graph or text list at the bottom of this page. In the pop-up screen, click on a control objective topic link.
  • Once linked to the topic page, click “Join This Community” to actively participate in all topic features.
  • Topic members may add a discussion or respond to an existing one, upload and share documents and links, and create and participate in wikis.

For ease of access to all COBIT control objectives, you may wish to bookmark this page.

Give Us Your Feedback

Does the COBIT discussions forum work well for you? Please share your thoughts.

COBIT Domains and Control Objectives

Click on a Control Objective to access its corresponding Knowledge Center collaboration page.

Acquire and Implement Deliver and Support Monitor and Evaluate Plan and Organize Process Controls Application Controls

PO – Plan and Organize – PO1-PO10

This domain covers strategy and tactics, and concerns the identification of the way IT can best contribute to the achievement of the business objectives. The realization of the strategic vision needs to be planned, communicated and managed for different perspectives. A proper organization as well as technological infrastructure should be put in place.

View all the PO Control Objectives

AI – Acquire and Implement – AI1-AI7

To realize the IT strategy, IT solutions need to be identified, developed or acquired, as well as implemented and integrated into the business process. In addition, changes in and maintenance of existing systems are covered by this domain to make sure the solutions continue to meet business objectives.

View all the AI Control Objectives

ME – Monitor and Evaluate – ME1-ME4

All IT processes need to be regularly assessed over time for their quality and compliance with control requirements. This domain addresses performance management, monitoring of internal control, regulatory compliance and governance.

View all the ME Control Objectives

DS – Delivery and Support – DS1-DS13

This domain is concerned with the actual delivery of required services, which includes service delivery, management of security and continuity, service support for users, and management of data and operational facilities.

View all the DS Control Objectives

PC – Process Controls – PC1-PC6

Each COBIT process has generic control requirements that are identified by PCn, for process control number. They should be considered together with the process control objectives to have a complete view of control requirements.

View all the PC Control Objectives

AC – Application Controls – AC1-AC6

COBIT assumes the design and implementation of automated application controls to be the responsibility of IT, covered in the Acquire and Implement domain, based on business requirements defined using COBIT’s information criteria. The COBIT IT processes cover general IT controls, but only the development aspects of application controls.

View all the AC Control Objectives