COBIT 5, the much-awaited and debated version of COBIT (Control Objectives for Information and related Technology), is currently undergoing extensive development by a global team of IT and business experts. COBIT 5's launch is slated for late 2011. Excitement over COBIT 5 is palpable from the fact that COBIT 5's draft design paper, which had its first public exposure earlier this year by ISACA (Information Systems Audit & Control Association), received nearly 3,000 comments from more than 600 business and IT professionals (including those from India).
The new framework is generating interest worldwide, given its increased focus on governance issues. That is because, apart from incorporating the evolved COBIT framework, COBIT 5 will be equipped with the latest management guidance for IT governance. As Sanjay Bahl, CISM and a member of ISACA India Growth Initiative Task Force informs, "COBIT 5 will include COBIT 4.1, Val IT and Risk IT. It will also draw from ISACA's Business Model for Information Security (BMIS) and IT Assurance Framework (ITAF). COBIT 5 will provide more robust functionality with better integration, by offering a cohesive and comprehensive picture."
COBIT 5 will also continue to map with frameworks and standards such as ITIL (IT Infrastructure Library), ISO (International Organization for Standardization), PMBOK (Project Management Body of Knowledge), PRINCE2 (PRojects IN Controlled Environments), and FFIEC (Federal Financial Institutions Examination Council). Thus, COBIT 5 is an integrated version of COBIT. Going into further details of COBIT 5, Bahl adds, "Enterprise leadership needs to be the champion of effective governance and management of enterprise IT. COBIT 5 will help on this front. COBIT 5 will encourage learning by facilitating interaction and collaboration with IT professionals, as well as providing a common language that crosses professional disciplines."
Offering examples on how COBIT 5 will find wide acceptance after its launch, Bahl explains that COBIT as a framework is slowly getting adopted by Indian enterprises and government departments. "The office of the Comptroller and Auditor General of India extensively uses COBIT for its audits, and has conducted training on COBIT for its staff. Government of Kerala's IT department has issued an order accepting COBIT as the IT governance standard as part of its national e-governance plan." So COBIT 5 will certainly gain from the framework's existing presence.
Throwing more light on COBIT 5's likely adoption in India, Bahl mentions that ISACA has 10 chapters in India with 6,000 members. Hence, with ISACA's strong presence and outreach in India, there are various processes from the COBIT domains such as: plan and organize; acquire and implement; delivery and support; monitor and evaluate, which have been adopted as best practices by progressive Indian organizations including ITeS, banks and the audit community. Bahl feels that this mindshare will enable COBIT 5 to make a mark soon after its launch.
Organizations with previous versions of COBIT need not be concerned, as COBIT 5 builds and expands on COBIT 4.1. Hence, businesses already using an earlier COBIT version will be able to leverage their existing capabilities and migrate. ISACA plans to provide guidance and support to organizations transitioning from earlier versions to COBIT 5, as well as for those new to COBIT.