Compliance Glossary

COBIT 5 is built on five key principles that help organizations manage and govern their IT:

Principle 1: Meeting stakeholder needs
This principle underscores the view that organizational requirements should be aligned with stakeholders’ requirements because organizations are established on such demands. Erosion of trust is mostly about knowing stakeholders and ensuring their demands are in tune with the overall organizational strategy. 

Principle 2: Covering the enterprise end-to-end
COBIT 5 links IT governance with the organizational governance system and comprehensively addresses all information and technology management procedures. It links business flow and IT management and is seen as an opportunity to determine a company’s likely threats.

Principle 3: Applying a single integrated framework
Given the many frameworks and theories available, nothing is better than keeping things as simple as possible. COBIT 5 addresses this by supporting a single integrated framework to improve the organization’s governance and management.

Principle 4: Enable a holistic approach
This principle emphasizes using a wide-angle lens when responding to business risks and opportunities. COBIT 5 is focused on helping organizations shift from confined thinking and embrace an integrated IT governance and management framework.Principle 5: Separate governance from management
The concepts of governance and management need to be separated even if they work hand in hand for the following reasons: COBIT 5 points out that these functions need to be separated but should have a close relationship. Therefore, it becomes easy to contain decision-making processes, particularly if their functions have been defined and authority and accountability are improved.