New ISACA Resources Offer Step-by-Step Guidance for NIST Cybersecurity Framework Implementation Using COBIT 2019

Schaumburg, Ill. (17 December 2019) — Enterprises seeking to better manage their information and technology (I&T) risk by integrating cybersecurity standards and enterprise governance can look to the Framework for Improving Critical Infrastructure Cybersecurity (CSF) from the U.S. National Institute of Standards and Technology (NIST).


Now, they can gain greater understanding of the steps and activities involved with the CSF while also aligning them with measurable governance and management practices in COBIT 2019 through the newly released book, Implementing the NIST Cybersecurity Framework Using COBIT 2019 and white paper, Governance Playbook: Integrating Frameworks to Tackle Cybersecurity.


Implementing the NIST Cybersecurity Framework Using COBIT 2019 outlines how specific CSF steps and activities map to COBIT 2019, an industry-leading information and technology (I&T) governance and management framework, illuminating how this framework can help enterprises better protect critical infrastructure.


In addition to introducing NIST CSF and framework implementation coordination, the book demonstrates how COBIT 2019 goals cascade to the CSF, details each phase involved and walks through recommendations for communicating cybersecurity requirements with stakeholders. Also included are a detailed template for framework profile, action planning guide, and insights into critical infrastructure sectors.


Supplementing this book, the Governance Playbook: Integrating Frameworks to Tackle Cybersecurity white paper offers an easily digestible overview of these steps that can be taken to implement the NIST cybersecurity framework using COBIT 2019.


"Implementing the NIST CSF is an important step for enterprises in strengthening their cybersecurity posture. By leveraging COBIT 2019, they can reap the benefits of more effective I&T prioritization and greater transparency and communication around I&T risk," says Greg Witte, CISM, an expert reviewer for the book. "ISACA's resources offer clear guidance and action plans for structuring an implementation approach and ultimately improving risk management."


Implementing the NIST Cybersecurity Framework Using COBIT 2019 costs $25 for ISACA members and $60 for non-members. The Governance Playbook: Integrating Frameworks to Tackle Cybersecurity white paper is free to both members and non-members. To download the book, visit To download the white paper, visit For more information about COBIT, visit



Now in its 50th anniversary year, ISACA ( is a global association helping individuals and enterprises achieve the positive potential of technology. Today's world is powered by information and technology, and ISACA equips practitioners with the knowledge, credentials, education and community to advance their careers and transform their organizations. ISACA leverages the expertise of its 460,000 engaged practitioners—including its 140,000 members—in information and cybersecurity, governance, assurance, risk and innovation, as well as its enterprise performance subsidiary, CMMI Institute, to help advance innovation through technology. ISACA has a presence in more than 188 countries, including more than 220 chapters worldwide and offices in both the United States and China.