Based on this framework,

1. What are the governance and management domains, objectives and components?
What are the hierarchies involved with objectives? Can you depict these diagram of
your own hierarchically?
2. Choosing your own real or ideal company from any sector, align corporate objectives
to security governance and management objectives
Note: You will present Friday 21st of Jan during the workshop class. It is assessed from
10%.
Chapter 3
Structure of COBIT Governance and Management Objectives
Governance and Management Objectives
COBIT® 2019 includes 40 governance and management objectives, organized into five
domains.
Governance objectives are grouped in the Evaluate, Direct and Monitor (EDM) domain.
In this domain, the governing body evaluates strategic options, directs senior
management on the chosen strategic options and monitors the achievement of the
strategy.
Governance domain
 Evaluate, Direct and Monitor (EDM)
Management objectives are grouped in four domains.
 Align, Plan and Organize (APO) addresses the overall organization, strategy and
supporting activities for I&T.
 Build, Acquire and Implement (BAI) treats the definition, acquisition and
implementation of I&T solutions and their integration in business processes.
 Deliver, Service and Support (DSS) addresses the operational delivery and
support of I&T services, including security.
 Monitor, Evaluate and Assess (MEA) addresses performance monitoring and
conformance of I&T with internal performance targets, internal control
objectives and external requirements.
Management domains
 Align, Plan and Organize (APO)
 Build, Acquire and Implement (BAI)
 Deliver, Service and Support (DSS)
 Monitor, Evaluate and Assess (MEA)