COBIT 5 Assessor for Security


Contact Us

We would love to hear from you. Please complete this form to pre-book or request further information about our delivery options.


I'd like to receive emails with the latest updates and promotions from Insoft.

Data Protection & Privacy

I hereby allow Insoft Ltd. to contact me on this topic. Further, I authorise Insoft Ltd. processing, using collecting and storing my personal data for the purpose of these activities. All your data will be protected and secured as outlined in our privacy policy.

Upcoming Dates

Sep 19 - Sep 21, 2022
09:00 - 17:00

Oct 17 - Oct 19, 2022
09:00 - 17:00

Nov 14 - Nov 16, 2022
09:00 - 17:00

Dec 12 - Dec 14, 2022
09:00 - 17:00

Jan 9 - Jan 11, 2023
09:00 - 17:00

Feb 6 - Feb 8, 2023
09:00 - 17:00

COBIT 5 Assessor for Security
3 days  (Instructor Led Online)  |  COBIT

Course Details

The COBIT 5 Assessor for Security course provides a basis for assessing an enterprise’s process capabilities against the COBIT 5 Process Assessment Model (PAM). Evidence-based to enable a reliable, consistent, and repeatable way to assess IT process capabilities, this model helps IT leaders gain C-level and board member buy-in for change and improvement initiatives.

Assessment results provide a determination of process capability. They can be used for process improvement, delivering value to the business, measuring the achievement of current or projected business goals, benchmarking, consistent reporting, and organizational compliance.


See other courses available


The COBIT 5 Assessor for Security course is designed as an advanced assessor guide to COBIT 5 and enables you to understand how an integrated business framework for the governance and management of enterprise IT can be utilized to achieve IT business integration, cost reductions, and increased productivity. The syllabus areas that this course is designed to cover are:

  •  How to perform a process capability assessment using the Assessor Guide: using COBIT 5
  •  How to apply the Process Assessment Model (The PAM) in performing a process capability assessment
  • Specifically: To use the Process Reference Model, in particular, to be able to use the 37 processes outlined in the PRM; To apply and analyze the measurement model in assessing process capability levels; and, To apply and analyze the capability dimension using generic criteria outlined in the PAM
  • How to identify and assess the roles and responsibilities in the process capability assessment process
  • How to perform and assess the 7 steps outlined in the Assessor Guide
  • Specifically: Initiate a process assessment; Scope an assessment, using the tools provided and the PAM for the selection of the appropriate processes; Plan and brief the teams; Collect and validate the data; Do a process attribute rating; and, Report the findings of the assessment


Lesson 1: Foundation Review

  • Process Capability Assessment
  • COBIT Assessment Program
  • Process Capability Program
  • Advantages of the ISO/IEC15504 Approach
  • Key Definitions
  • Process Reference Model
  • Assessing Process Capability
  • COBIT Process Assessment Attributes
  • Consequences of Capability Gaps

Lesson 2: Roles and Responsibilities

  • Assessment Team
  • Role – Sponsor
  • Role – Lead Assessor
  • Role – Assessor
  • Role – Co-ordinator
  • Competencies for Assessors
  • Key Issues for an Assessment

Lesson 3: Assessment Initiation and Scoping

  • Recommend Steps
  • Pre-Assessment Questionnaire
  • Scoping Process
  • Selection of Processes
  • Initial Mapping of the Processes
  • Setting Target Capability Levels
  • Assessment Class Selection
  • Self-Assessment

Lesson 4: Planning the Assessment and Briefing the Teams

  • Planning Overview
  • Recommendation Planning Steps
  • Assessment Plan
  • Briefing Overview
  • Recommended Briefing Steps
  • Issues – Management Support
  • Issues – Training

Lesson 5: Data Collection, Validation and Attribute Rating

  • Data Collection Overview
  • Data Collection Recommended Steps
  • Process Purpose & Outcomes, Base Products and Work Products
  • Data Collection Strategy
  • Instances of Process Performance
  • Evidence Requirements
  • Capability Levels of Evidence
  • Recording
  • Data Validation Recommended Steps
  • Review of Data Collected
  • Dealing with Deficiencies

Lesson 6: Process Rating

  • Attribute Rating Recommended Steps
  • Attribute Rating Scales
  • Process Capability Levels
  • Attribute Ratings and Capability Levels
  • Decision Making Process

Lesson 7: Assessment Reporting

  • Assessment Reporting Recommended Steps
  • Reporting
  • Minimum Report Content
  • Implication of Results
  • Presentation to Participants

Lesson 8: Self-Assessment

  • The Self-Assessment Process
  • Deciding on a Process to Assess
  • Determine Level 1 Capability
  • Determine Capability Levels 2 to 5
  • Record and Summarize Results

Lesson 9: Exam Preparation

  • Exam Structure
  • Exam Question Types

Target Audience

Although there is no mandatory requirement, ideally candidates should have at least two year’s professional experience working in an IT Services environment. Candidates wishing to attend this course must have attained the COBIT 5 Foundation course prior to attending the course.

The COBIT 5 Assessor course would suit candidates working in the following IT professions or areas:

  • Internal and external auditors
  • IT auditors and consultants
  • IT Managers
  • IT Quality professionals
  • IT Leadership
  • Process practitioners

The above list is a suggestion only; individuals may wish to attend based on their own career aspirations, personal goals, or objectives. Delegates may take as few or as many Intermediate qualifications as they require, and to suit their needs.


Candidates must have successfully achieved the COBIT 5 Foundation examination and should have successfully completed a COBIT 5 Assessor Course. Although it is not a mandatory requirement, it is recommended that candidates should also have a good understanding of enterprise governance concepts and IT organizational management.