COBIT 2019 vs ITIL 4, which is better?

First off, let’s understand what COBIT 2019 is and what ITIL 4 is before we dive into a comparison between the two to appreciate which one is “better” and why is that so?  Or are they both the “same” driving the same thing?

Let’s first understand “what is COBIT”?  Here’s Wikipedia’s definition of what is COBIT:

COBIT (Control Objectives for Information and Related Technologies) is a framework created by ISACA for information technology (IT) management and IT governance.^[1]

The framework is business focused and defines a set of generic processes for the management of IT, with each process defined together with process inputs and outputs, key process activities, process objectives, performance measures, and an elementary maturity model.^[1]

Below is Wikipedia’s definition of “what is ITIL”?

The Information Technology Infrastructure Library (ITIL) is a set of detailed practices for IT activities such as IT service management (ITSM) and IT asset management (ITAM) that focus on aligning IT services with the needs of the business.^[1]

ITIL describes processes, procedures, tasks, and checklists which are neither organization-specific nor technology-specific but can be applied by an organization toward strategy, delivering value, and maintaining a minimum level of competency. It allows the organization to establish a baseline to plan, implement, and measure. It is used to demonstrate compliance and to measure improvement. No formal independent third-party compliance assessment is available for ITIL compliance in an organization. Certification in ITIL is only available to individuals. Since 2021, ITIL has been owned by PeopleCert.^[2][3]

As we can see from the definition of both above; they clearly focuses on different areas and have a different purpose when one implements in an organization.

Next if we look at mapping and aligning the COBIT 2019 process with the ITIL4 practices (as shown in figure below).

Now looking at the two different definitions above, what do we see?  The ITIL4 “Management Practices” does align and map directly into COBIT 2019 “Processes” under the Control objectives itself.

COBIT 2019 is a framework where ITIL4 is a set of best practices that one can adopt.  Very simply COBIT 2019 is used at the Enterprise Governance level (from the Board of Directors level down) and ITIL 4 Best practices at the execution level (from the Management of IT Service Delivery at the grounds up).

Therefore, to answer the question which is better would require the approach one would like to take?  Top-down from the Board of Directors along with the CXO levels to drive Governance, Risk and Compliance then COBIT 2019 would be the best framework you should consider adopting.  Again, depending on the strategic needs of your organization COBIT 2019 allows you to tailor and customize the control objectives to help you achieve it.

If you want to drive from the bottom up from Operations level to Line of Business, then ITIL4 Best Practices allows you to drive and focus on Operations Excellence per se.  ITIL4 Best Practices allows your team to make continuous improvement thereby ensuring a quality services delivery to your stakeholders.

Another myth that many people have is that you can only choose either COBIT 2019 or ITIL4 which is NOT true.  As you can see from the diagram above, the areas in which COBIT 2019 and ITIL4 cover and overlap. This clearly shows how COBIT2019 and ITIL4 can complement each other and work well in ensuring a more complete and holistic approach in driving Governance, Risk and Compliance as well as Operation Excellence together.  Both offer organizations who adopt both driving values for their customers and stakeholders.

Still undecided about picking either COBIT 2019 or ITIL4?  Or are you considering combining COBIT 2019 and ITIL4 but unsure how to get started?  Reach out to us at info@cybiant.com and talk to one of our consultants to help you get started on your journey.