COBIT 2019: Integrating COBIT into Your IT Audit Process - ITP241


Organizations are integrating IT with business strategies to achieve their objectives, optimize information value, and capitalize on today’s technologies. COBIT® is the internationally recognized set of IT management best practices, provides a framework for IT governance, control, and audit. This course provides a review of the framework’s contents, how to use it to evaluate the effectiveness of IT activities, and how it compares to other internationally recognized standards and frameworks.


Tuition cost


NASBA Certified CPE

16 Credits


Why you should attend

COBIT is a widely used information technology management and IT governance framework, and audit and IT professionals with knowledge of its content and uses can better perform their duties and advise their clients.

Who should attend

IT Auditors, Managers and Directors; QA personnel; Information Security Managers, Auditors, Directors, and Analysts; CIOs

What You'll learn

You will learn how to use COBIT to plan and conduct audits of IT governance, risk, security management, and business continuity. Also, how to use it to perform a process capability assessment and how it integrates into your audit activities.


  • IT Auditing and Controls - ITG101
  • IT Audit School - ITG121
  • Equivalent Experience


  • Review the COBIT® 2019 Framework
  • Focus on how you can use this globally-recognized framework for evaluating the effectiveness of IT activities
  • Discuss the significant changes incorporated in the new COBIT® 2019 that can be utilized in executing IT audits
  • Highlight how to use COBIT® 2019 in conjunction with other internationally recognized standards and frameworks, including the ISO-27001, ISO-27002, ISO-27005 Security Standards and NIST 800-53
  • Examples during this seminar will include: Assessing IT Governance using COBIT® 2019, Risk Management, Information Security Management, Business Continuity Planning
  • Discuss the COBIT® Foundation, and Design and Implementation Exams
  • Discuss exam preparation techniques
  • Review sample COBIT® Foundation exam questions



COBIT® Background

  • COBIT® 2019 and IT Governance
  • COBIT® history
  • COBIT® Control Practices and Assurance Guide

Summary of COBIT® 2019

  • COBIT®2019 Primary Audience
  • COBIT®2019 Significant Changes
  • COBIT®2019 Principles
  • COBIT®2019 Objectives
  • Enabling Processes vs. Objectives
  • Goals Cascade
  • RACI Charts
  • Inputs and Outputs

International Standards and Frameworks

  • IIA Global Technology Audit Guides
  • COSO – Internal Control Framework
  • ISO-27001 – ISMS – Information Security Management System
  • ISO-27002 – Security Code of Practice
  • ISO-27005 – Security Risk Management
  • ITIL – IT Infrastructure Library
  • FISMA – FIPS 199, NIST 800-53

Assessing IT Governance Using COBIT® 2019

  • IIA Governance Definitions
  • Defining IT Governance
  • Linking Enterprise and IT Governance
  • IT Governance Practices
  • Governance Frameworks, Standards and Guidelines
  • Using COBIT® 2019 to Assess IT Governance
  • ISO 38500 – Corporate Governance of IT
  • COBIT® 5 Evaluate, Direct and Monitor (EDM)
  • EDM-01 – Ensured Governance Framework Setting and Maintenance
  • EDM-02 – Ensured Benefits Delivery
  • EDM-03 – Ensured Risk Optimization
  • EDM-04 – Ensured Resource Optimization
  • EDM-05 – Ensured Stakeholder Transparency

Risk Management

  • Risk Definitions
  • Risk Analysis
  • COSO – Risk Assessment
  • COSO Enterprise Risk Management
  • COBIT® 2019 - Risk Management
  • EDM-03 – Ensured Risk Optimization
  • APO-12 – Managed Risk
  • IIA GTAG – Developing the IT Audit Plan
  • ISACA – Risk IT Framework
  • ISO 27001 – ISMS Risk Assessment / Management
  • ISO 27002 – Section 4 – Risk Assessment
  • ISO 27005 – Information Security Risk Management
  • NIST 800-30 – Risk Management Guide for IT Systems
  • ISACA Risk Standards / Guidelines

Information Security Management

  • COBIT® 2019 – Security Management
  • APO-13 – Managed Security
  • DSS-05 – Managed Security Services
  • Information Security Resources

Business Continuity Planning

  • COBIT® 2019 DSS-04 – Managed Continuity
  • IIA GTAG – Business Continuity Management
  • ISO-27002 – Section 14 - Business Continuity Management
  • NIST 800-53 – Section CP – Contingency Planning

COBIT® 2019 Resources

  • Risk IT Framework
  • Val IT Framework
  • VIT Assurance Framework
  • Board Briefing on IT Governance
  • COBIT® 2019 Design and Implementation Guides

Schedule your course

Use the table below to select the time and location that works best for you.

We don't currently have any dates scheduled for this course.


ACI Learning is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: