What is COBIT 5?

COBIT 5 is the latest edition of ISACA's globally accepted framework. It provides an end-to-end
business view of the governance of enterprise IT, reflecting the central role of information and
technology in creating value for enterprises of all sizes. The principles, practices, analytical tools and
models found in COBIT 5 embody thought leadership and guidance from business, IT and
governance experts around the world.
COBIT 5 provides guidance to executives and those charged with making decisions concerning the
use of technology in support of organizational objectives. COBIT 5 helps business leaders address
the needs of all stakeholders across the enterprise and ultimately maximize the value from
information and technology.
How can I train for the COBIT 5 examinations?
Training is available from the network of COBIT 5 Accredited Training Organizations (ATOs) and
accredited COBIT 5 individual trainers who are assessed and certified by APMG-International. The
full list of COBIT 5 ATOs can be found at:
www.apmg-international.com/en/search/ao-search-en.aspx
Only these organizations and registered partners/affiliates are authorized to deliver APMG-
International COBIT 5 training.
Do I have to receive training to sit the exam?
It is not mandatory for COBIT 5 Foundation examination candidates to attend a training course before
sitting the exam. It will be possible to sit the examination through our network of public exam centres.
Please click on the link below for further information:
www.apmg-international.com/en/exams/public-exams.aspx
It is mandatory for candidates to attend a training course before they can sit the COBIT
Implementation, Assessor, Assessor for Security and/or Implementing the NIST Standards using
COBIT 5 (INCS) exams.
How do I sit the exams?
The COBIT 5 Foundation, Implementation, Assessor for Security and Assessor exams can be taken
via an Accredited Training Organization (ATO) or accredited individual trainer, as part of an accredited
training course.
The full list of COBIT 5 ATOs and individual trainers can be found at:
www.apmg-international.com/en/search/ao-search-en.aspx
Alternatively, candidates who would prefer to self-study can sit the COBIT 5 Foundation exam
through one of our public exam centres. Please click on the link below for further information on how
to take an exam at a public centre:
www.apmg-international.com/en/exams/public-exams.aspx
Please note that the COBIT 5 Implementation, Assessor, Assessor for Security and Implementing the
NIST standards using COBIT 5 exams are not available via public exam centres.
How much does it cost to sit the COBIT 5 examination?
If you are sitting the examinations through an accredited training organization, the costs of the exams
are generally included in the course fee. APMG-International use a global pricing structure, so for
those sitting exams at a public exam centre, the cost is dependent on where the exams are being sat.
To find out the cost in your region, please contact the APMG-International Service Desk on +44
(0)1494 452450 or at:
servicedesk@apmg-international.com
Are there any pre-requisites for the COBIT 5 examination?
There are no pre-requisites for the foundation examination and Implementing the NIST Standards
using COBIT 5 (INCS) examinations. The pre-requisites for the COBIT 5 Implementation, Assessor
and Assessor for Security is that the candidate must have passed the COBIT 5 Foundation exam and
have attended an accredited Implementation/Assessor/Assessor for Security/ Implementing the NIST
Standards using COBIT 5 (INCS) training course.
 What study material is available for COBIT 5 and where can I purchase it?
The COBIT 5 Foundation exam is based on the ISACA publication: COBIT 5 a Business Framework
for the Governance and Management of Enterprise IT. This can be purchased directly from ISACA
(www.isaca.org/COBIT/Pages/Product-Family.aspx) or from APMG-Business Books (www.apmg-
businessbooks.com).
There is also a supplementary guide which will be provided to you as part of your training course, or
when you book your public exam.
The COBIT 5 Implementation exam is based on two ISACA publications:
COBIT 5 Implementation
COBIT 5 Enabling Processes Guide
These can be purchased directly from ISACA (www.isaca.org/COBIT/Pages/Product-Family.aspx) or
from APMG-Business Books (www.apmg-businessbooks.com).
The COBIT 5 Assessor and Assessor for Security examinations are based on two ISACA
publications:
COBIT 5 Assessor Guide: Using COBIT 5
COBIT Process Assessment Model (PAM): Using COBIT 5
These can be purchased directly from ISACA (www.isaca.org/COBIT/Pages/Product-Family.aspx) or
from APMG-Business Books (www.apmg-businessbooks.com).
The Implementing the NIST Standards using COBIT 5 (INCS) exam is based on two ISACA
publications:
COBIT 5: A Business Framework for the Governance and Management of Enterprise IT.
This can be purchased directly from ISACA (www.isaca.org/COBIT/Pages/Product-Family.aspx)
or from APMG-Business Books (www.apmg-businessbooks.com).
Implementing NIST Cybersecurity Framework Using COBIT 5. This can be purchased
directly from ISACA (www.isaca.org/COBIT/Pages/Product-Family.aspx)
Which languages is the COBIT 5 examination available in?
The COBIT 5 Foundation exam is currently available in English, French, German, Latin American
Spanish, Brazilian Portuguese and Polish. The COBIT 5 Implementation, Assessor, Assessor for
Security and Implementing the NIST Standards using COBIT 5 (INCS) examinations are available in
English only.
How long will it take to learn the COBIT 5 material?
Training courses are generally delivered over 3 days. It is worth investigating with individual
providers, as many will offer tailored and blended learning solutions. If you are self-studying for the
exam, the amount of time required to learn the material will depend on the individual.
What is the structure of the COBIT 5 examination?
Summaries of the structure of the COBIT 5 foundation, Implementation, Assessor, Security for
Assessor and Implementing the NIST Standards using COBIT 5 (INCS) examinations can be seen
at:
www.apmg-international.com/en/qualifications/cobit5/cobit5.aspx
How long is the COBIT 5 qualification valid for?
The COBIT 5 qualifications are not valid for a defined period and do not expire.
When can I expect the results of my COBIT 5 examination?
Your result will be sent to your ATO approximately 7-10 days after your exam date. Your ATO should
notify you of your results so please contact them for further details.
For candidates sitting the Foundation exam through a public centre, results will be issued within one
week of APMG receiving your completed exam pack from the exam venue.
When will I receive my certificate?
 A foundation certificate will be dispatched to you approximately 2 weeks after we have received your
exam paper back into our offices, if you only took the foundation exam.
If you sat the Implementation, Assessor or Assessor for Security exams a practitioner certificate will
be dispatched 2 weeks after the practitioner results have been released.
Please note that if you have taken your examinations via an ATO, certificates will be dispatched
based on the preferences that the ATO selected when booking the exam. The ATO can select either
an e-certificate or hard copy and whether this type is sent to the ATO or directly to the candidate.
If you have not received your certificate shortly after the above time frame please contact our
Customer Interaction Team servicedesk@apmg-international.com
What is the pass mark for the COBIT 5 examination?
Candidates must achieve a score of 25/50 (50%) to pass the COBIT 5 Foundation.
Candidates will need to score 40 marks out of 80 (50%) to pass the COBIT 5 Implementation,
Assessor and Assessor for Security examinations.
Candidates will need to score 35/70 (50%) to pass the Implementing the NIST Standards using
COBIT 5 (INCS) examination.
What pass mark is required to be eligible to become a COBIT 5 trainer?
To be eligible to apply to become a COBIT 5 trainer individuals must achieve:
A score of 66% (33/50) in the Foundation exam
A score of 66% (53/80) in the Implementation, Assessor and Assessor for Security exams
A score of 66% (46/70) in the Implementing the NIST Standards using COBIT 5 (INCS)
exam
How do I find out if I scored enough to be eligible to become a trainer?
To find out if you scored enough to be eligible as a trainer, please email servicedesk@apmg-
international.com noting your interest. A representative of the Service Desk will be able to advise.
Is the COBIT 5 qualification complementary to ITIL?
No.
How do I become a COBIT 5 Trainer?
To become a COBIT 5 trainer you will either need to be sponsored by an APMG accredited COBIT 5
training organization (ATO) or you can apply to be accredited as an individual trainer.
Please contact the ATO directly to express your interest in becoming an accredited trainer. The ATO
will then be responsible for liaising directly with APMG to process your application and undergo
accreditation to become a trainer. Details of all COBIT 5 ATOs can be found at:
www.apmg-international.com/en/search/ao-search-en.aspx
If you would like to be accredited as an individual trainer, please contact your local APMG office for
further details on the application process.

How does my organization become a COBIT 5 Accredited Training Organization (ATO)?

An organization wishing to become a COBIT 5 ATO must first submit an application form to either
the APMG-International Service Desk or the relevant APMG-International office. Where appropriate,
an invoice will be raised and the organization will then be subject to APMG-International's ATO
assessment process.
Can I earn CPE credits for passing the COBIT 5 examination?
ISACA does not review and approve specific courses for CPE credit other than those that they offer.
However each certification accepts a broad array of topics that will be accepted by ISACA for credit.
These topics are covered by the knowledge statements of each certification and include technical and
managerial training that is directly applicable to the:
 CISA: assessment of information systems or the improvement of audit, control, security
or managerial skills (CISA job practice). CPE hours related to management skills must be
relevant to management of audits and/or audit resources.
CISM: management, design or assessment of an enterprises information security or the
improvement of those skills (CISM job practice).
CGEIT: management and governance of enterprise IT governance (CGEIT job practice).
CRISC: risk identification, assessment, evaluation, response and monitoring and the
design, implementation, monitoring, and maintenance of IS controls (CRISC job practice).