Article Preview
Top1. Introduction
To successfully compete and thrive in the ever-changing world of business, organizations need to leverage information assets for strategic advantage. Data and Informational assets play a significant role in driving the business. Hence, the management and protection of these assets have become a top priority. Organizations also need to ensure those information assets are adequately safeguarded and put to efficient use throughout their lifecycle from inception to the eventual destruction. Information Technology (IT) capabilities are instrumental in the management and effective use of available information assets. As IT has become a critical business-enabling function from being a mere support function, it is imperative that the board and management of organizations accept IT as a vital aspect of their business. To justify the strategic value of IT, enterprises require a framework that can help them identify the IT best practices, align the IT objectives to the business objectives, and ensure effective IT governance and management. This motivation has led to the development of the widely used framework, COBIT.
With the growing need for proper alignment between the IT functions and the goals of the enterprises, the focus of the executive management has increased exponentially towards the following areas:
- •
Ensuring compliance with the ever-increasing list of rules and regulations;
- •
Leveraging information and IT assets for competitive advantage and using them to make business-critical decisions;
- •
Maintaining IT Risk at an acceptable level;
- •
Optimizing the costs of information technology and services;
- •
Creating business value by efficient use of IT;
- •
Improving operational efficiency by reliable use of IT.
Other than addressing the above-mentioned areas, COBIT acts as a comprehensive framework that has incorporated and is compatible with numerous other standards and the best practices that are vital for the optimal utilization of information assets resulting in the escalated growth of the enterprises. Business executives can no longer delegate, or avoid the incorporation of IT into the business decisions. In this context, many organizations have started with the implementation of the COBIT framework to achieve the synergy between business and IT which has helped attain the much-required IT involvement in executive management. This study reviews the prior literature on COBIT that has appeared in various journals, conferences, book chapters, white papers etc. to trace the evolution of this framework, since its genesis to the present. The findings of this study help in understanding each version of COBIT, the gaps in different versions of the framework and how they are addressed in each advanced version. We make a salient contribution by providing a detailed account of how COBIT 5 framework identifies, manages and mitigates organization risk through better IT governance. The final section of the research discusses the current challenges faced by organizations during its implementation and concludes with suggesting avenues for future research.