Cybersecurity threats should be a concern for any company and especially for businesses that employ a large number of people and collect substantial quantities of data. The ability of a company to ensure the security of the information they store is an essential component of the brand image and its credibility. COBIT 5 can help companies address the potential cybersecurity threats and mitigate the reputational risks because this framework allows governing the IT system of the entire organization.
COBIT 5 is a control objectives for information and related yechnology framework. The main goal of COBIT is to allow orgnizations to create an alignment between their business goals and the IT systems they are using. According to White (2019), “COBIT is an IT management framework developed by the ISACA to help businesses develop, organize and implement strategies around information management and governance” (para. 10). The use of IT for business activities is routine, and COBIT 5 is designed to help companies reach their objectives.
The more data a company collects and stores, the more difficulties it may face when protecting it from misuse. Moreover, in large companies with more than 1000 employees, it may be difficult to implement an IT system that would address all business needs and align with the IT strategy of the firm. A cybersecurity attack can threaten the businesses’ integrity because of a data breach, and this attack may expose personal information about the firm’s customers or employees. By using a framework, managers can address this issue—they can create a unified system for the business and monitor and prevent cybersecurity attacks.
COBIT 5 and its add-on were released in 2013 and specifically target information governance for businesses and risk management strategies. Moreover, it aligns with other frameworks and systems, such as ITIL or ISO (“COBIT® 5 – the framework for the governance of enterprise IT,” n.d.). This allows the management to support and develop their IT and business objectives.
Under COBIT 5, there are different add-ons that allow addressing different parts of organizational management. For example, COBI 5 for Risk Management is designed to address issues with the implementation of IT systems in a company (Astuti et al., 2017). At the same time, establishing a new IT system for a company of 50 people is easy. Completing the same task for 1000 employees is challenging and time-consuming. The COBIT 5 framework can aid in this task because it provides “guidance and tools to support businesses when developing a “best-fit governance system” (White, 2019, para. 20). Hence, large companies should use COBIT 5 to adequately integrate IT systems into their operations and to address the potential cybersecurity attack.
In summary, modern businesses face a threat of cybersecurity attacks that can damage their reputation and credibility. By using COBIT 5, companies that employ 1000 people or more can establish an alignment across the IT systems of the business because the amount of data these organizations possess is substantial. COBIT 5 helps managers create an alignment between their goals and IT systems.
References
Astuti, H., Muqtadiroh, F., Tyas Darmaningrat, E., & Putri, C. (2017). Risks assessment of information technology processes based on COBIT 5 framework: A case study of ITS service desk. Procedia Computer Science, 124, 569-576. Web.
COBIT® 5 – the framework for the governance of enterprise IT. (n.d.). Web.
White, S. (2021). What is COBIT? A framework for alignment and governance. Web.