The COBIT 5 for Assurance deals with two perspectives: the assurance function and the assurance process. The assurance function perspective describes how the COBIT 5 enablers can be used to implement effective and efficient assurance governance and management in the eneterprise. The COBIT 5 for Risk contains a wealth of practical examples of artefacts from the assurance process.
The COBIT 5 generic enablers are Stakeholders, Goals, Life-cycle and Good Practices. They provide a general perspective of what the Assurance function should consider when fulfilling their responsibilities. More specific guidance can be found in the enablers themselves:
- Principles, Policies and Frameworks
- Organisational structures
- Culture, Ethics and Behaviour
- Services, Infrastructure and Applications
- People, Skills and Competencies.
The ITGN combines this knowledge into an approach to assurance which is both effective and efficient. As with all processes, the assurance function and its processes are designed to achieve specific outcomes that align with the businesses goals and the organisations strategic objectives. The ITGN approach combines the best practices for providing assurance with the COBIT 5 knowledge pool to build capability in providing assurance.