Discover your certification today Browse
Open page navigation
changeconnecting processescyber securityframeworksinformation analysisinformation gatheringmanagement processespoliciesresource optimizationriskstakeholder engagementstrategic processes

Get certified with the latest edition of ISACA’s globally accepted framework.

COBIT 5 provides an end-to-end business view of the governance of enterprise IT, reflecting the central role of information technology in creating value for enterprises of all sizes. 

The principles, practices, analytical tools and models and models found in COBIT 5 embody though leadership and guidance form business, IT and governance experts around the world. 

Certify your ability to:

  • Make informed decisions to reduce information security incidents.
  • Understand business requirements, mission objectives and their priorities.
  • Help organizations achieve strategic goals and realise business benefits through the effective and innovative use of IT.
  • Enable organizations to achieve compliance with relevant laws, regulations, contractual agreements and policies.
  • Improve an organization’s integration of information security.

Choose a level to get started

RELATED PRODUCTS

Hummingbird

Agile Programme Management (AgilePgM™)

Responding to change with speed and grace

View more
Rusty truck

ASL®2 Certification - Application Services Library

Ensure your application management methods are up to date and effective

View more
Person stood on a cliff edge looking upon clouds rolling through mountains

The Cloud Industry Forum (CIF) Code of Practice

Ensure your cloud services are a beauty to behold

View more

HAVE A QUESTION?

FAQs

What is COBIT 5?

COBIT 5 is the latest edition of ISACA's globally accepted framework. It provides an end-to-end business view of the governance of enterprise IT, reflecting the central role of information and technology in creating value for enterprises of all sizes. The principles, practices, analytical tools and models found in COBIT 5 embody thought leadership and guidance from business, IT and governance experts around the world.

COBIT 5 provides guidance to executives and those charged with making decisions concerning the use of technology in support of organizational objectives. COBIT 5 helps business leaders address the needs of all stakeholders across the enterprise and ultimately maximize the value from information and technology.

How can I train for the COBIT 5 examinations?

Training is available from the network of COBIT 5 Accredited Training Organizations (ATOs) and accredited COBIT 5 individual trainers who are assessed and certified by APMG International. The full list of COBIT 5 ATOs can be found here.

Do I have to receive training to sit the exam? 

It is not mandatory for COBIT 5 Foundation examination candidates to attend a training course before sitting the exam. It will be possible to sit the examination through our network of public exam centres.

How do I sit the exams?

Accredited Training Organization (ATO) or accredited individual trainer, as part of an accredited training course.

Alternatively, candidates who would prefer to self-study can sit the COBIT 5 Foundation exam through one of our public exam centres.

Please note that the COBIT 5 Implementation, Assessor, Assessor for Security and Implementing the NIST standards using COBIT 5 exams are not available via public exam centres. 

How much does it cost to sit the COBIT 5 examination?

The COBIT 5 Foundation, Implementation, Assessor for Security and Assessor exams can be taken via an If you are sitting the examinations through an accredited training organization, the costs of the exams are generally included in the course fee. APMG-International use a global pricing structure, so for those sitting exams at a public exam centre, the cost is dependent on where the exams are being sat. To find out the cost in your region, please contact the APMG-International Service Desk on +44 (0)1494 452450 or at:servicedesk@apmg-international.com 

Are there any pre-requisites for the COBIT 5 examination?

There are no pre-requisites for the foundation examination and Implementing the NIST Standards using COBIT 5 (INCS) examinations. The pre-requisites for the COBIT 5 Implementation, Assessor and Assessor for Security is that the candidate must have passed the COBIT 5 Foundation exam and have attended an accredited Implementation/Assessor/Assessor for Security/ Implementing the NIST Standards using COBIT 5 (INCS) training course.

What study material is available for COBIT 5 and where can I purchase it?

The COBIT 5 Foundation exam is based on the ISACA publication: COBIT 5 a Business Framework for the Governance and Management of Enterprise IT. This can be purchased directly from ISACA or from APMG Business Books.

There is also a supplementary guide which will be provided to you as part of your training course, or when you book your public exam.

The COBIT 5 Implementation exam is based on two ISACA publications:

COBIT 5 Implementation
COBIT 5 Enabling Processes Guide
These can be purchased directly from ISACA or from APMG Business Books.

The COBIT 5 Assessor and Assessor for Security examinations are based on two ISACA publications:

COBIT 5 Assessor Guide: Using COBIT 5
COBIT Process Assessment Model (PAM): Using COBIT 5
These can be purchased directly from ISACA or from APMG Business Books.

The Implementing the NIST Standards using COBIT 5 (INCS) exam is based on two ISACA publications:

COBIT 5: A Business Framework for the Governance and Management of Enterprise IT. This can be purchased directly from ISACA or from APMG Business Books..
Implementing NIST Cybersecurity Framework Using COBIT 5. This can be purchased directly from ISACA

Which languages is the COBIT 5 examination available in?

The COBIT 5 Foundation exam is currently available in English, French, German, Latin American Spanish, Brazilian Portuguese and Polish. The COBIT 5 Implementation, Assessor, Assessor for Security and Implementing the NIST Standards using COBIT 5 (INCS) examinations are available in English only.

How long will it take to learn the COBIT 5 material?

Training courses are generally delivered over 3 days. It is worth investigating with individual providers, as many will offer tailored and blended learning solutions. If you are self-studying for the exam, the amount of time required to learn the material will depend on the individual.

How long is the COBIT 5 qualification valid for?

The COBIT 5 qualifications are not valid for a defined period and do not expire.

When can I expect the results of my COBIT 5 examination?

Your result will be sent to your ATO approximately 7-10 days after your exam date. Your ATO should notify you of your results so please contact them for further details.

For candidates sitting the Foundation exam through a public centre, results will be issued within one week of APMG receiving your completed exam pack from the exam venue.

When will I receive my certificate?

A foundation certificate will be dispatched to you approximately 2 weeks after we have received your exam paper back into our offices, if you only took the foundation exam.

If you sat the Implementation, Assessor or Assessor for Security exams a practitioner certificate will be dispatched 2 weeks after the practitioner results have been released.

Please note that if you have taken your examinations via an ATO, certificates will be dispatched based on the preferences that the ATO selected when booking the exam. The ATO can select either an e-certificate or hard copy and whether this type is sent to the ATO or directly to the candidate.

If you have not received your certificate shortly after the above time frame please contact our Customer Interaction Team – servicedesk@apmg-international.com

What is the pass mark for the COBIT 5 examination?

Candidates must achieve a score of 25/50 (50%) to pass the COBIT 5 Foundation.

Candidates will need to score 40 marks out of 80 (50%) to pass the COBIT 5 Implementation, Assessor and Assessor for Security examinations.

Candidates will need to score 35/70 (50%) to pass the Implementing the NIST Standards using COBIT 5 (INCS) examination.

What pass mark is required to be eligible to become a COBIT 5 trainer?

To be eligible to apply to become a COBIT 5 trainer individuals must achieve:

A score of 66% (33/50) in the Foundation exam
A score of 66% (53/80) in the Implementation, Assessor and Assessor for Security exams
A score of 66% (46/70) in the Implementing the NIST Standards using COBIT 5 (INCS) exam

How do I find out if I scored enough to be eligible to become a trainer?

To find out if you scored enough to be eligible as a trainer, please email servicedesk@apmg-international.com noting your interest. A representative of the Service Desk will be able to advise.

How do I become a COBIT 5 Trainer?

To become a COBIT 5 trainer you will either need to be ‘sponsored’ by an APMG accredited COBIT 5 training organization (ATO) or you can apply to be accredited as an individual trainer.

Please contact the ATO directly to express your interest in becoming an accredited trainer. The ATO will then be responsible for liaising directly with APMG to process your application and undergo accreditation to become a trainer. 

If you would like to be accredited as an individual trainer, please contact your local APMG office for further details on the application process.

How does my organization become a COBIT 5 Accredited Training Organization (ATO)?

An organization wishing to become a COBIT 5 ATO must first submit an application form to either the APMG-International Service Desk or the relevant APMG-International office. Where appropriate, an invoice will be raised and the organization will then be subject to APMG-International's ATO assessment process.

Can I earn CPE credits for passing the COBIT 5 examination?

ISACA does not review and approve specific courses for CPE credit other than those that they offer. However each certification accepts a broad array of topics that will be accepted by ISACA for credit. These topics are covered by the knowledge statements of each certification and include technical and managerial training that is directly applicable to the:

CISA: assessment of information systems or the improvement of audit, control, security or managerial skills (CISA job practice). CPE hours related to management skills must be relevant to management of audits and/or audit resources.
CISM: management, design or assessment of an enterprise’s information security or the improvement of those skills (CISM job practice).
CGEIT: management and governance of enterprise IT governance (CGEIT job practice).
CRISC: risk identification, assessment, evaluation, response and monitoring and the design, implementation, monitoring, and maintenance of IS controls (CRISC job practice).