Core Publications

These four core publications provide the foundation for creating a customized governance program for information and technology, right-sized to the needs of your enterprise. Good governance is a vital element of strategy formulation and business transformation success, and COBIT 2019 can help chart that path forward.


COBIT 2019 Framework:

Introduction and Methodology

The heart of the COBIT framework incorporates an expanded definition of governance and updates COBIT principles while laying out the structure of the overall framework.

  • New concepts are introduced and terminology is explained—the COBIT Core Model and its 40 management objectives provide the platform for establishing your governance program
  • The performance management system is updated and allows the flexibility to use maturity measurements as well as capability measurements
  • Introductions to design factors and focus areas offer additional practical guidance on flexible adoption of COBIT 2019, whether for specific projects or full implementation.

Learn More


COBIT 2019 Framework:

Governance and Management Objectives

This publication contains a detailed description of the COBIT Core Model and its 40 governance/management objectives. Each governance/management objective and its purpose are defined and then matched up with the related process, Alignment Goals and Enterprise Goals.

Learn More





Designing an Information and Technology Governance Solution

This new publication fills an important need for COBIT users—how to put COBIT to practical use. It offers prescriptive how-to information for the user, such as:

  • Tailoring a governance system to the enterprise’s unique circumstances and context
  • Defining and listing various design factors and how they relate to the new COBIT 2019 concepts
  • Describing the potential impact these design factors have on implementation of a governance system, and
  • Recommending workflows for creating the right-sized design for your governance system

Learn More



Implementing and Optimizing an Information and Technology Governance Solution

This guide is an updated version of the previous COBIT 5 Implementation Guide, taking a similar approach to implementation. However, the new terminology and concepts of COBIT 2019, including the design factors, are built into this guidance. When combined with the COBIT 2019 Design Guide, COBIT implementation has never been more practical and custom-tailored to specific governance needs.

Learn More

Additional Guidance


Many enterprises lack an approach that integrates cybersecurity standards and enterprise governance of I&T (EGIT) to establish systematic—yet flexible and achievable—governance and management objectives, processes and capability levels to make measured improvements toward cybersecurity goals This publication describes proven practices to anticipate, understand and optimize I&T risk by implementing the US National Institute of Standards and Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity version 1.1 using COBIT 2019. Features of this publication include:

  • NIST CSF Implementation
  • Correlating CSF guidance with measurable governance and management practices
  • Mapping of CSF steps and activities to COBIT 2019
  • Appendices for quick reference and further considerations

Learn More