COBIT 5: Strategy to reality – have your say!

I have been involved in ISACA for some time in various roles from member to committee member and am now a member of the ISACA board of Directors. Fundamental to each of these roles has been my involvement in ISACA frameworks and their development. For some time ISACA staff and volunteers have been developing the strategy for the future of the ISACA COBIT 5 framework. This week is a significant one with the first external deliverable available, the “COBIT® 5 Design Paper Exposure Draft for review and comment by the community.


COBIT 5 is the next evolution of the ongoing development of the ISACA frameworks and standards including COBIT, VALIT, RISKIT, ITAF and BMIS and will look to both consolidate and integrate these, but more importantly the resultant framework will be easier to use and extensible. COBIT 5 will take into account recent global governmental and market-driven enterprise and IT governance initiatives, such as sustainability and green IT, will be easier to use and will deliver guidance on how to implement including migration from previous versions. Of special interest to me personally will be the focused guidance on functional responsibility and organization views to allow practitioners to focus on specific domain and how COBIT can assist them in their role. 


I personally plan to provide feedback on the use of practical components including aspects such as KPI’s (Key Performance Indicators), maturity models, integration with other frameworks such as ITIL, PMI and standards such as ISO\IEC 38500:2008 and the applicability and application against compliance requirements.


I encourage you to download the exposure draft and to complete the online questionnaire, providing input and validating ISACA assumptions. This is a rare opportunity to be involved at the ground level so I encourage your involvement and make a contribution.

The following two tabs change content below.

Robert Stroud

Vice President Strategy & Innovation IT Business Management at CA Technologies
Robert Stroud is vice president of innovation and strategy for IT Business Management at CA Technologies. Rob is dedicated to the development of industry trends, strategy and communication of industry best practices. Rob is a strong advocate for the governance, security, risk and assurance communities working closely with the community to author, develop and communicate standards and best practices. Rob also advises organizations on their implementations to ensure they drive maximum business value from their investments in IT-enabled business governance. Following a four-year term as an ISACA International vice president, Rob served on the ISACA Strategic Advisory Council, and is currently serving as ISACA ISO Liaison sub-committee. Earlier, Rob served on the itSMF International Board as Treasurer and Director Audit, Standards and Compliance, the itSMF ISO liaisons to multiple working groups and spent multiple years on the board of the itSMF USA. An accomplished author and blogger, Rob is widely recognized for perspectives on industry trends. He also has contributed to multiple standards publications including COBIT 4.0, 4.1 and COBIT 5, Guidance for Basel II and several ISO standards. Rob served as an active member of the ITIL Update Project Board for ITIL 2011 and in various roles in the development of ITIL v3 including the Advisory Group, mentor and reviewer. Prior to joining CA Technologies, Rob spent more than 15 years in the finance industry successfully managing multiple initiatives in both IT and retail banking sectors related to security, service management and process governance. Follow Rob on Twitter: @RobertEStroud

This article has 1 comment

  1. Titilola L.N Awogboro
    Sunday 16 May 2010, 5:35 pm

    Following the recent release of COBIT 5 Design (Exposure Draft), I wrote in April to the ‘ISACA Research Department’ the following email. I have not received any response but in part your publication above hints to some sort of answer with regards to performance management …

    My mail to ISACA: Congratulation on the new consolidated view, impressive work!!!

    This is long overdue and thanks to the high level of thought and work that has very obviously been done to come up with this us consultants will find it much easier to implement. We are most grateful!

    I am sure when the details become available some of my question will be answered, but I was wondering if the new model makes any reference to the following:
    • Performance Management and Reporting (Human and Machine)
    • Does your RACI Model give any indication on the handshake between Corporate Governance and IT Governance

    I found during my career in IT that ITIL and COBIT avoided giving any guide to users like me on how to link human and machine performance or even how to best measure these for the organisation. Has your work on COBIT covered this?

    Also in the work environment the two Governance functions tend to be on a perpetual stand off as hazy boundaries inhibit both functions from being as effective as possible, specific areas would include project management, release and change management. Is this addressed in any way?

    I am hoping you can asks these questions.

Leave a Reply