Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » COBIT » COBIT domains

COBIT domains

COBIT 4.1 breaks down IT governance and management into four key domains, each focusing on specific areas of IT processes. 

Evaluate, Direct, and Monitor (EDM): EDM forms the major component of the COBIT 5 model and concerns itself with the optimal accomplishment of IT business integration and governance. This domain includes identifying directions for IT’s strategic growth, evaluating outcomes and achievements, and creating guarantees of activities’ conformity to standards and regulations.  

Align, Plan, and Organize (APO): APO, on the other hand, is more focused on turning corporate strategies into executable IT projects. This can be defined as taking and documenting IT choices to coordinate IT actions with a company’s goals.

Build, Acquire, and Implement (BAI): In the BAI domain, more emphasis is placed on the practical implementation of IT projects, from development to procurement and integration. It has some features associated with risk management, quality assurance, and good project work.  

Deliver, Service, and Support (DSS): DSS stands for the management of information technology solutions in organizations after implementation. This entails service provision for an organization’s needs, management of events or occurrences, and support for the total IT services to guarantee their efficiency.  

Monitor, Evaluate, and Assess (MEA): MEA is central to proving continuity toward improving IT governance. It is an ongoing process of monitoring IT processes, IT performance, and even the outcomes of IT governance and management practices.

Additional reading

Blogs

Sprinto Vs Secureframe: Compare all Features & Differences in 2025

Choosing the right security compliance product can be challenging, and sometimes the smallest differences make the biggest impact over time. Arming yourself with as much information as possible will save you from future regrets and ensure you make a confident decision. In this article, we’ll break down ten key features and capabilities of Sprinto and…
Blogs

How to Strengthen Your Organization’s Security Culture

Over the years, stringent laws have come into effect, along with the introduction of most advanced threat detection and prevention technologies. However we continue to encounter familiar breach stories—employees using weak passwords, opening malicious emails, misusing too many permissions, etc. No matter the geography, hackers worldwide have been playing on human behaviors, attitudes, cognition, and…
What is Cybersecurity
Blogs

What is Cybersecurity? A Simple Guide to Online Protection

As digital landscapes continue to evolve at an accelerated pace, new tools, technologies, and systems are added to them daily. These are necessary tools for businesses to grow, but they also open up doors to new vulnerabilities and threats. This is why cybersecurity has become ubiquitous in our digital world.  Cybersecurity is the process of…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales