Homepage ISACA newsroom

New COBIT Resources Help Organisations Navigate I&T Risk and DevOps

Announcement posted by ISACA 20 Jul 2021

Sydney, Australia (20 July 2021) –Mitigating information and technology risk and advancing digital transformation are among the top priorities for today’s enterprises. To provide business and technology leaders with new tools to support these efforts, ISACA has developed COBIT Focus Area: Information and Technology Risk and COBIT Focus Area: DevOps. Both new resources offer guidance based on COBIT 2019 to optimise governance and management practices for enterprise risk functions and for enterprises implementing DevOps.   

COBIT Focus Area: Information and Technology Risk demonstrates how COBIT 2019 can be tailored as an information and technology (I&T) framework and system, examining COBIT concepts from an I&T risk perspective and showing how COBIT can be used to design, implement, govern and manage I&T risk capabilities in the enterprise. The publication outlines the benefits that boards and executive management, operational risk managers, risk function and corporate risk managers, information security practitioners, internal auditors, CFOs and other stakeholders can realise from following guidance related to this focus area, including:

  • A better understanding of risk impact on the enterprise 
  • Knowledge of how to capitalise on investments related to I&T risk management practices
  • A complete risk profile, identifying the full enterprise risk exposure and enabling better utilisation of enterprise resources
  • End-to-end guidance on how to manage risk, including an extensive set of measures

“Information and technology risk is ever present in an enterprise and is closely intertwined with business risk,” says Esanju Maseka, IT risk assurance specialist and member of ISACA’s Emerging Trends Working Group. “Risk governance and management approaches need to factor in the entire spectrum of I&T-related risk, and having a relevant, customised governance framework and system with this in mind can offer an advantage in managing this risk and reduce business impact.” 

COBIT Focus Area: DevOps Using COBIT 2019 provides tailored guidance specific to the governance and management system components relevant to DevOps. The global digital transformation drive has created a demand for effective and efficient development and delivery of software products, services and solutions. This publication outlines the concepts and guidance that DevOps teams can adopt and practitioners in risk and assurance can consider to help ensure the benefits of DevOps are realised while potential risk is mitigated. DevOps Focus Area benefits include:

  • Establishing alignment of DevOps with enterprise goals and strategic objectives
  • Integrating DevOps with the enterprise architecture 
  • Understanding of governance and management systems applicable to DevOps
  • Providing a consistent governance and management framework and system related to DevOps

Both focus area publications offer a detailed overview and description of COBIT roles and organisational structures, COBIT terminology and key concepts including the components of a governance system and COBIT governance and management objectives as they pertain to I&T risk and DevOps. COBIT Focus Area: Information and Technology Risk also includes examples of I&T risk scenarios, a template for risk register entry, IT risk reporting examples and sample risk maps. COBIT Focus Area: DevOps includes a goals cascade mappings table.

“With the introduction of these additional focus areas, business leaders have new enhanced tools for building and maintaining a governance system aligned with standards, frameworks and regulations that meets their needs in addressing I&T risk and implementing DevOps,” says Nader Qaimari, ISACA chief product officer. “By continuing to evolve our COBIT resources, ISACA is committed to delivering to our global community the best practices and governance solutions to further drive business success.” 

Both publications are available to ISACA members in a digital format for US $50 and in print for $60. For non-members, the digital format is available for $90 and the print version is $100. COBIT Focus Area: Information and Technology Risk is available at www.isaca.org/bookstore/bookstore-cobit_19-digital/wcb19irfa. COBIT Focus Area: DevOps Using COBIT 2019 is available at www.isaca.org/bookstore/bookstore-cobit_19-digital/wcb19do



For more than 50 years, ISACA® (www.isaca.org) has advanced the best talent, expertise and learning in technology. ISACA equips individuals with knowledge, credentials, education and community to progress their careers and transform their organisations, and enables enterprises to train and build quality teams. ISACA is a global professional association and learning organisation that leverages the expertise of its more than 150,000 members who work in information security, governance, assurance, risk and privacy to drive innovation through technology. It has a presence in 188 countries, including more than 220 chapters worldwide. In 2020, ISACA launched One In Tech, a philanthropic foundation that supports IT education and career pathways for under-resourced, under-represented populations.


Twitter: www.twitter.com/ISACANews
LinkedIn: www.linkedin.com/company/isaca
Facebook: www.facebook.com/ISACAGlobal 
Instagram: www.instagram.com/isacanews



Karen Keech, karen@establishedmedia.com, 0411 052 408 

Media Contacts

Karen Keech

Senior Consultant

0411 052 408

Additional Resources

Download our logo