This article provides an overview and summary of the COBIT 5 process Manage Requirements Definition, which is part of the Management – build (Build, Acquire, Implement) domain.

The purpose of this COBIT 5 process is to identify solutions and analyse requirements before acquisition or creation to ensure that they are feasible and in line with the organisation strategic requirements.

The following sub-governance processes are further supported by a list of control activities:

  1. Define and maintain organisation functional and technical requirements. Based on the organisation case, identify, prioritise, specify and agree on organisation information, functional, technical and control requirements covering the scope/understanding of all IT initiatives.
  2. Perform a feasibility study and formulate alternative solutions. Perform a feasibility study of potential alternative solutions, assess their viability and select the best option.
  3. Manage requirements risk. Identify, document, prioritise and mitigate functional, technical risks of proposed solutions.
  4. Obtain approval of requirements and solutions. Ensure feedback and sign-off from key stakeholders and organisation sponsors on functional and technical requirements, feasibility studies, risk analyses and recommended solutions.

For more information please contact Morland-Austin at