COBIT 5: A Business Framework for the Governance and Management of Enterprise IT 




COBIT 5 is the latest edition of ISACA’s globally accepted framework, providing an end-to-end business view of the governance of enterprise IT that reflects the central role of information and technology in creating value for enterprises. The principles, practices, analytical tools and models found in COBIT 5 embody thought leadership and guidance from business, IT and governance experts around the world.


Announcing COBIT Online! Learn More


COBIT 5 is the only business framework for the governance and management of enterprise IT. This evolutionary version incorporates the latest thinking in enterprise governance and management techniques, and provides globally accepted principles, practices, analytical tools and models to help increase the trust in, and value from, information systems. COBIT 5 builds and expands on COBIT 4.1 by integrating other major frameworks, standards and resources, including ISACA’s Val IT and Risk IT, Information Technology Infrastructure Library (ITIL®) and related standards from the International Organization for Standardization (ISO).




COBIT 5 helps enterprises of all sizes:

  • Maintain high-quality information to support business decisions
  • Achieve strategic goals and realize business benefits through the effective and innovative use of IT
  • Achieve operational excellence through reliable, efficient application of technology
  • Maintain IT-related risk at an acceptable level
  • Optimize the cost of IT services and technology
  • Support compliance with relevant laws, regulations, contractual agreements and policies

Webinar: A COBIT 5 Overview 

Webinar: 5 Essential Facts About COBIT

COBIT Focus—Access the latest COBIT case studies; view the current issue or subscribe free.

Download COBIT 5 publications


View a video to learn what experts say about COBIT 5.

Govern and Manage Enterprise IT

Business Benefits

Why Use COBIT 5? English | Spanish

Additional Resources

COBIT 5 helps your enterprise gain trust in, and value from, its information systems. View these documents to learn more—and customize them for your speeches and presentations.


5 Essential



and GRC

to COBIT 5
for Assurance

to COBIT 5
for Information Security

to COBIT 5
for Information Security Espanol
View all Translated Material on the COBIT Product Page
View all Translated Material

In Depth

COBIT 5 helps enterprises create optimal value from IT by maintaining a balance between realizing benefits and optimizing risk levels and resource use. The framework addresses both business and IT functional areas across an enterprise and considers the IT-related interests of internal and external stakeholders. Enterprises of all sizes, whether commercial, not-for- profit or in the public sector, can benefit from COBIT 5.

Based on 5 Principles

COBIT 5 is based on five key principles for governance and management of enterprise IT:

  • Principle 1: Meeting Stakeholder Needs
  • Principle 2: Covering the Enterprise End-to- End
  • Principle 3: Applying a Single, Integrated Framework
  • Principle 4: Enabling a Holistic Approach
  • Principle 5: Separating Governance From Management 

Addresses 7 Enablers

The COBIT 5 framework describes seven categories of enablers:

  • Principles, policies and frameworks are the vehicle to translate the desired behavior into practical guidance for day-to-day management.
  • Processes describe an organized set of practices and activities to achieve certain objectives and produce a set of outputs in support of achieving overall IT-related goals.
  • Organizational structures are the key decision-making entities in an enterprise.
  • Culture, ethics and behavior of individuals and of the enterprise are very often underestimated as a success factor in governance and management activities.
  • Information is required for keeping the organization running and well governed, but at the operational level, information is very often the key product of the enterprise itself.
  • Services, infrastructure and applications include the infrastructure, technology and applications that provide the enterprise with information technology processing and services.
  • People, skills and competencies are required for successful completion of all activities, and for making correct decisions and taking corrective actions.


Looking for COBIT 4.1?

COBIT 4.1 remains available for your continued use. COBIT 5 consolidates and integrates the COBIT 4.1, Val IT 2.0 and Risk IT frameworks,
and also draws significantly from the Business Model for Information Security (BMIS) and ITAF.  Learn More about COBIT 4.1

Comparing COBIT 4.1
with COBIT 5.0