When it comes to enterprise architecture frameworks, The Open Group Architecture Framework (TOGAF) and Control Objectives for Information and Related Technologies (COBIT) complement each other to give leadership a better understanding of the business.
That’s because TOGAF mainly centers around developing an information technology architecture to align with the goals of the business while COBIT largely focuses on governance. COBIT gives context to TOGAF by relating enterprise architecture processes to every other information technology process.
Organizations that want to apply structure as well as improve security and compliance efforts often use multiple frameworks together for maximum coverage.
TOGAF is an enterprise architecture framework that offers an end-to-end approach for the designing, planning, deployment, and governance of an enterprise IT architecture. The core of the TOGAF framework is the Architecture Development Method, which explains the step-by-step approach to develop or change an enterprise architecture.
Developed by the Information Systems Audit and Control Association (ISACA), the COBIT framework helps organizations create, monitor, and maintain IT governance and management practices.
ISACA released COBIT 5 in 2012. Then in 2013, the organization released an add-on to COBIT 5 that included additional details for companies regarding information governance and risk management. In 2018, ISACA introduced COBIT 2019, an updated version that included more flexible and collaborative governance strategies that addressed new and changing technology.
COBIT stresses regulatory compliance, allows enterprises to get more value from information technology, and helps align IT with the goals of the business. COBIT brings together business practices and standards, such as ISO 27001, ISO 27002, ITIL, and the Project Management Body of Knowledge (PMBOK), a set of standard terminology and guidelines for project management.
The key relationship between TOGAF and COBIT is that one of the processes described in COBIT is enterprise architecture. In fact, most of the TOGAF methodology can be found in the COBIT “Manage Enterprise Architecture” process.
COBIT also adds other information and insights. For example, it links all the IT-related objectives to the goals of the business, enabling leaders to understand how enterprise architecture contributes to those goals.
Thank you for subscribing to the Risk Insiders newsletter!
Why sign up for the Risk Insiders newsletter?
To stay in the know! Get new blogs, resources, CPE opportunities, industry research & more — direct to your inbox.