Discover your certification today Browse
Open page navigation
Cyber SecurityIT Management

Sue Milton looks at the three components influencing governance.

Governance is changing because of the:

  1. Demand for good corporate behaviour.
  2. Desire for better corporate culture.
  3. Domination of IT innovation.

Can COBIT® 5 cope with the change?

The starting points are the three components influencing governance..

Good corporate behaviour

The UK’s Financial Reporting Council, the FRC, is consulting on changes to the UK Corporate Governance Code  The revisions focus on aligning strategy with values beyond the financials through sound engagement with all stakeholders. 

Beyond the code are some substantial regulatory changes, such as the MiFID2, Open Banking, GDPR, AI, IoT, Block Chain and Cryptocurrencies.  Fintech firms offer a different approach to banking  Tech companies influence daily life, with the likes of Uber, Airbnb and Netflix disrupting the way business is done, blurring of boundaries between what is a platform and what is a retailer  

The blurring not only challenges how business is done but also the culture in which it should be done.

Corporate culture

Put simply, culture is the ‘way we do things here’ and is influenced by its business sector and market expectations.  Corporate and regulatory legislation provides the business parameters.  Corporate codes throughout the world provide behavioural parameters.  The codes vary in whom they see as the main beneficiary of board behaviour, ranging from shareholders to wider society.  All codes support creating financial value but some codes also focus on non-financial benefits.  If you have the time, glance through the codes at

The Great Financial Crash and subsequent scandals, such as VW’s emissions misreporting, have shown that the quest for profit is at the expense of society, hence the desire for better behaviour within the organisation and better relationships with stakeholders.  Society no longer wants to pick up the bill for failure. 

The moral compass is changing.

IT innovation

IT is everywhere.  The combination of the Internet, Big Data, AI, Machine Learning and IoT means the data collection, analysis, decision-making and actions are increasingly automated.  There are articles galore that explain the impact on various markets.  This short, objective article looks at jobs  And now bitcoin, for the first time, is being accepted for property purchases

IT’s domination is finally being taken seriously.  The Institute of Directors, UK, on the 24th January 2018 hosted a webinar called “Value added: The tech changes transforming business leadership”.  One of the key points was the need by firms to focus on information strategy.  Firms that did were leading their sector, those that did not were fading.  Information strategy was explained as adopting   technological innovations and the new, integrated partnerships between data analytics, IT experts and business experts.

This shift requires Business to rethink its approach.  COBIT 5 has been around to help organisations identify the opportunities, threats and safeguards since 2012.  Can COBIT 5 still do this in 2018?

The new business paradigm and COBIT 5

COBIT originally focused on IT but has adapted over the years to focus on an integrated approach to business and IT, including culture and people.

To test COBIT 5, I have listed key things organisations must think about in their business models.  The table sets out which aspects of COBIT 5 are relevant to the old and new business approaches.  Financials have been broadly ignored because they tend to restrict ideas (my view is that financials act as a subsequent, useful sanity check).  All COBIT 5 goals come from COBIT 5 Enabling Processes, available free to ISACA members at  There are enterprise goals (EG) and IT-related goals (IG). 



COBIT 5 has this amazing advantage over other frameworks because it understands that IT is pervasive throughout business.  COBIT 5 helps business models change so that, from objective setting to HR policies, each aspect of the model can seamlessly absorb IT.

The table is based on my experience working with organisations and shows that COBIT  5 was leading the way in revealing IT’s importance. 

Now the world is catching up.


Mysterious technology


Transform your organization's IT by implementing the DASA DevOps principles

View more
sprinting leopard

Lean IT Association (LITA)

A streamlined approach to optimizing IT operations

View more
Golden pyramid

Service Desk Institute (SDI®) Certification

Achieve a gold standard service desk

View more