Strengthening IT Governance and Controls Using COBIT

Abstract

With the emergence of COBIT in 1996, organizations were introduced to a framework that aimed to combine the best practices and provide essential guidelines for the successful business development along with the growth of competitiveness of the organization. Today, COBIT 5 has been adopted by numerous organizations as the primary business framework for the governance and management of enterprise IT. This article explores the evolution of the framework since its genesis to the present. The authors perform a systematic literature review taking into account a total of 93 publications that relate to various aspects of COBIT. The research papers have been categorized on the basis of their scope and on their nature (empirical, conceptual or descriptive). The data collected from these publications are analyzed to identify various trends- commonalities, differences, themes, and the nature of the study. This article also provides an overview in terms of the need of COBIT, the strengths and weaknesses of each version of the framework and how each version addresses the shortcomings of its predecessors. The research article also comprehensively discusses the state of art version of the framework COBIT 5. Further, they present a detailed analysis of how this framework is currently leveraged by organizations to identify and mitigate IT and organizational risk through better governance. In conclusion, this article also discusses the issues faced by the enterprises in its implementation today and scope of future research.