# COBIT Governance One-sentence definition: Framework for governance and management of enterprise IT, aligning IT goals with business objectives. ## Key Facts - Distinguishes Governing (Evaluate, Direct, Monitor) vs Managing (APO, BAI, DSS, MEA). - Provides goals cascade, processes, and management objectives. - Enables metrics/KPIs and maturity evaluation. - Supports compliance, risk, and value delivery alignment. - Integrates with ISO/NIST frameworks. - **Verify:** check official (ISC)² CBK and current exam outline. ## Exam Relevance - Identify governance vs management example via COBIT lens. **Mnemonic:** “EDM + APO/BAI/DSS/MEA.” ## Mini Scenario Q: Which COBIT domain covers incident handling? A: DSS (Deliver, Service, Support). ## Revision Checklist - Name the govern vs manage domains. - Provide one process per domain. - Explain goals cascade purpose. ## Related [[Governance vs Management]] · [[Security Governance]] · [[Security Metrics, KPIs, KRIs]] · [[Security Strategy and Roadmap]] · [[Compliance and Regulatory Concepts]] · [[Domain 1 - Index]]