COBIT (Control Objectives for Information and Related Technology) is an international open standard that defines requirements for the control and security of sensitive data and provides a reference framework. COBIT, which provides a reference framework, was introduced in the 1990s by the IT Governance Institute.
COBIT consists of an executive summary, management guidelines, framework, control objectives, implementation toolset and audit guidelines. Extensive support is provided, including a list of critical success factors for measuring security program effectiveness and benchmark s for auditing purposes. COBIT has been revised several times since inception and upgrades are published at regular intervals.