COBIT® 5 Implementation—Supplemental Tools and Materials


With 95,000 constituents in 160 countries, ISACA ( is a leading global provider of knowledge,
certifications, community, advocacy and education on information systems (IS) assurance and security,
enterprise governance and management of IT, and IT-related risk and compliance. Founded in 1969, the
nonprofit, independent ISACA hosts international conferences, publishes the ISACA
Journal, and develops
international IS auditing and control standards, which help its constituents ensure trust in, and value from,
information systems. It also advances and attests IT skills and knowledge through the globally respected Certified
Information Systems Auditor
), Certified Information Security Manager
), Certified in the
Governance of Enterprise IT
) and Certified in Risk and Information Systems Control
designations. ISACA continually updates COBIT
, which helps IT professionals and enterprise leaders fulfil their
IT governance and management responsibilities, particularly in the areas of assurance, security, risk and control, and
deliver value to the business.

ISACA has designed this publication, COBIT
5 Implementation—Supplemental Tools and Materials (the
‘Work’), primarily as an educational resource for governance of enterprise IT (GEIT), assurance, risk and
security professionals. ISACA makes no claim that use of any of the Work will assure a successful outcome.
The Work should not be considered inclusive of all proper information, procedures and tests or exclusive of
other information, procedures and tests that are reasonably directed to obtaining the same results. In
determining the propriety of any specific information, procedure or test, readers should apply their own
professional judgement to the specific GEIT, assurance, risk and security circumstances presented by the
particular systems or information technology environment.

Copyright for Supplemental Tools and Materials: See individual documents.

3701 Algonquin Road, Suite 1010
Rolling Meadows, IL 60008 USA
Phone: +1.847.253.1545
Fax: +1.847.253.1443
Web site:

Participate in the ISACA Knowledge Center:
Follow ISACA on Twitter:
J oin the COBIT conversation on Twitter: #COBIT
J oin ISACA on LinkedIn: ISACA (Official),
Like ISACA on Facebook:

COBIT® 5 Implementation—Supplemental Tools and Materials
ISBN 978-1-60420-238-0
COBIT® 5 Implementation—Supplemental Tools and Materials

Table of Contents
5 Implementation is supported by a zip file of supplemental tools and materials. The
tools are in Microsoft
Office Word
, PowerPoint
and Excel
or Adobe
PDF format. The tools
in the zip file are organised as follows.

•PowerPoint presentations:
02. COBIT 5 Introduction—This 44-slide presentation includes nine slides of 03. COBIT 5 Executive
Summary and discusses the first three COBIT 5 publications (COBIT 5, COBIT 5: Enabling
Processes and COBIT 5 Implementation).
03. COBIT 5 Executive Summary—These nine slides indicate that the COBIT 5 principles allow the
enterprise to build an effective governance and management framework based on a holistic set of
enablers to optimise information and technology investment and use for the benefit of stakeholders.
04. COBIT 5 Compare With 4.1—This presentation contains 32 slides describing how COBIT 5 builds on
previous versions of COBIT (and Val IT and Risk IT) so that enterprises can build on what they have
developed using earlier versions.
05. COBT 5 for Information Security Introduction—This 33-slide presentation introduces the professional
guide for security practitioners
06. COBIT 5 and Information Security Spanish—These 26 slides describe the connection of COBIT 5
with the Business Model for Information Security (BMIS™) in Spanish.
07. COBT 5 for Assurance Introduction—This 17-slide presentation introduces the professional guide for
assurance practitioners
08. COBIT 5 and GRC—This 31-slide presentation explains that the COBIT 5 framework includes the
necessary guidance to support enterprise governance, risk and compliance (GRC) objectives and
supporting activities.
09. IT BSC Example—These two slides illustrate the balanced score card (BSC) and its implementation.
10. COBIT 5 Key Audience Messages—This Word document provides key audience messages to assist
with customising the PowerPoint presentations.

•Self-assessment, measurement and diagnostic tools Excel files:
11. Process Activities—The activities in the detailed process descriptions describe the functional purpose of
the process—what the process is supposed to deliver. This file provides all of the process activities in a
12. Management Awareness Diagnostic—This is a list of the COBIT 5 processes.

•Related article, further explanation and resource PDFs:
13. Balanced Scorecard Case Study—The case study Linking the IT Balanced Scorecard to the Business
Objectives at a Major Canadian Financial Group was conducted by the IT Alignment and
Governance (ITAG) Research Institute at the University of Antwerp in 2008.
14. FAQs—This document contains 15 frequently asked questions (FAQs) and answers about COBIT 5.
15. Framework Overview (laminate)—These 11 figures from COBIT 5 provide a pictorial overview of
the COBIT 5 framework.
16. ‘Where Have All the Control Objectives Gone?’—This article in the J uly2011 ISACA® Journal
describes the move from the ‘control objectives’ term to governance and management practices.
17. Overview of ISACA Frameworks and Guidance Integrated Into COBIT 5—This describes the
frameworks (COBIT 4.1, Risk IT and Val IT) and guidance (Board Briefing on IT Governance, 2nd
Edition, Business Model for Information Security [BMIS], IT Assurance Framework™ [ITAF™],
Taking Governance Forward [TGF]) integrated into COBIT 5.