COBIT 5 Principle 5 Separating Governance from Management

group of people holding pieces of a jigsaw

Sometimes the difference between governance and management is not as clear as it should be. COBIT 5 clarifies this by recognising that each serves a different purpose with different responsibilities and that each requires different types of activities and different supporting organisation structures.

In short COBIT 5 uses the mnemonics EDM for governance and PBRM for management. EDM stands for evaluate, direct and monitor while PBRM stands for plan, build, run and monitor.

• Governance or EDM (evaluate, direct and monitor) is about the ensuring that stakeholder needs are evaluated to identify and agree on objectives that must be achieved, directed through prioritisation and decision making and monitored for performance and compliance against objectives

• Management or PBRM (plan, build, run and monitor) is about ensuring that all activities undertaken and monitored are in alignment with the direction set by the governance function

COBIT 5 includes a process reference model which divides the governance and management processes of enterprise IT into the two main areas above – EDM and PBRM which identifies a series of 37 process across governance and management. COBIT 5 recognises that organisations are different in size, structure and complexity which is why organisations can organise their processes as they see fit, provided of course that all necessary governance and management objectives are covered.

As you get to know COBIT 5 more it will become clear how to use the concept of the enabler (remember Principle 4?) to provide the interactions between the governance and management structures and processes to provide an efficient and effective governance system.

COBIT® 5 is a registered trademark of ISACA in the United States and other countries. ISACA neither supports nor endorses these videos.