ISACA has released what they call an “exposure draft” of COBIT 5 and is asking for public comment.

The primary objective of this exposure is to obtain public input and comment regarding the completeness, quality and value of the development work undertaken. Please complete the short survey questionnaire below to provide your feedback on the work completed to extend, improve and advance ISACA guidance in this area. This online questionnaire will remain open until 31 July 2011.

The primary differences from COBIT 4.1 seem to be twofold:

1) A move to pull all the ISACA frameworks and guidance together under COBIT as well as synchronize better with external standards

– Board Briefing on IT Governance, 2nd Edition
– Business Model for Information Security™(BMIS™)
– IT Assurance Framework™ (ITAF™)
– Risk IT Framework
– Taking Governance Forward
– Val IT™ Framework
Connect to other major frameworks and standards in the marketplace (ITIL, ISO standards, etc.)

Most notable is the integration with a capability maturity model to measure progress (e.g. ISO/IEC 15504 Based Capability Levels). This helps COBIT audits work on a more standardized measurement system.

2) Streamlined guideline process. Version 4.1, for example, had 36 processes to follow while version 5 is trying to organize them into just 7 slices (21 total — no bullseye). I heard it originally had 8 slices but “Where do you want to go today” ran into some kind of legal issue. The following graphic also has the advantage of being easily converted into a fortune wheel of audit that IT managers can spin or throw darts at…