COBIT (Control Objectives for Information and Related Technologies)

COBIT, developed by ISACA, is a comprehensive governance and management framework that aligns IT strategy with business goals. It defines domains such as Evaluate, Direct and Monitor. Align, Plan and Organize. Build, Acquire and Implement. Deliver, Service and Support and Monitor, Evaluate and Assess each containing processes, control objectives, performance metrics, and maturity models. Large enterprises and public sector bodies leverage COBIT to clarify roles and responsibilities, integrate IT governance into corporate governance, and meet compliance requirements. Unlike ISO 27001 or NIST CSF, COBIT extends beyond cybersecurity into overall IT governance and performance management. It is less hands-on than the CIS Controls’ prescriptive safeguards and broader in scope than the narrowly focused PCI DSS.