This article provides an overview and summary of the COBIT 5 process Ensure Governance Framework Setting and Maintenance, which is part of the Governance – Evaluate, Direct and Monitor domain.

This COBIT 5 process is to analyse and articulate the requirements for the governance of organisational IT, and to implement effective structures, principles, processes and practices, with clear roles and responsibilities to achieve the organisational goals and objectives.

The process goal is provide consistent approach that is aligned with the corporate governance approach. To ensure that IT-related decisions are aligned with the organisational strategies and objectives by having a:

  1. Strategic decision-making model for IT that is aligned with the organisations internal and external requirements.
  2. A governance system for IT is embedded the organisational governance system.
  3. Assurance that the governance system for IT is operating effectively and efficiently.

The following sub-governance processes are further supported by a list of control activities:

  1. Evaluate the governance system. Continually identify and engage with the stakeholders, document the requirements, implement current and future design of governance of enterprise IT.
  2. Direct the governance system. Inform leadership and obtain their support, buy-in and commitment.
  3. Implement the structures, processes and practices for the governance of IT in line with agreed-on governance design principles, decision-making models and authority levels.
  4. Monitor the governance system. Monitor the effectiveness and performance of the governance of IT.

For more information please contact Morland-Austin at