Professionals who have mastered the COBIT 5 Assessor Course can prove their expertise by earning a certificate.

Learn More

Not an ISACA member?

Learn how to become a member and gain access to our entire resource library, along with a host of other member benefits.

Join Now

The COBIT 5 Assessor course helps students learn the basis for assessing an enterprise’s process cybersecurity capabilities against the COBIT 5 Process Assessment Model (PAM).   This evidence-based model helps IT leaders gain C-level and board member buy-in for change and improvement initiatives, by providing a reliable, consistent and repeatable method to assess IT process capabilities.  

The results from conducting this type of assessment offer a means of determining process capability and can be used for:

  • Process improvement
  • Delivering value to the business
  • Measuring the achievement of current or projected business goals
  • Benchmarking
  • Consistent reporting
  • Organizational compliance


The Course will help you:

  • How to perform a process capability assessment using using COBIT 5
  • How to apply the Process Assessment Model (The PAM) in performing a process capability assessment and:
    • To use the Process Reference Model, in particular to be able to use the 37 processes outlined in the PRM
    • To apply and analyze the measurement model in assessing process capability levels
    • To apply and analyze the capability dimension using generic criteria outlined in the PAM
  • How to identify and assess the roles and responsibilities in the process capability assessment process
  • How to perform and assess the 7 steps outlined in the Assessor Guide in order to:
    • Initiate a process assessment
    • Scope an assessment, using the tools provided and the PAM for the selection of the appropriate processes
    • Plan and brief the teams
    • Collect and validate the data
    • Do a process attribute rating
    • Report the findings of the assessment
  • How to use the self-assessment guide


The Course is designed for internal and external auditors, IT auditors and consultants, cybersecurity professionals


Cybersecurity Nexus (CSX) is a new program designed for the most ambitious cybersecurity professionals, empowering them to elevate their work, take control of their career paths, and earn their place amongst the best.


  • Successful Completion of the COBIT 5 Foundation Exam

Recommended Length: 3 days

Available Through:
  • Accredited Training Organizations (ATO)
  • Accredited Trainers
    ISACA’s Training and Educational Programs Including: On-site training | Conferences | Training Weeks

Interested in classroom training?  View our Accredited Training partners to find COBIT training near you.

Bring the training to you. For more information on ISACA’s COBIT on-site training program, contact


For those professionals that have mastered the understanding of how to perform a formal Process Capability Assessment and how it can be used to:

  • Enable business goals
  • Prioritize improvement initiatives
  • Identify opportunities for improving the governance and management of information and technology assets

These professionals ensure stronger, more reliable control over internal processes and provide stakeholders a clear line of sight into process capabilities, allowing IT leaders to redirect or liberate resources – from service delivery to designing and implementing technology-enabled, information-rich and transformed business process – to increase innovation and value for the enterprise.


  • Successful completion of the COBIT 5 Foundation Exam
  • Successful completion of the COBIT 5 Assessor Course


  • Internal and External Auditors
  • IT Auditors
  • Consultants

Preparation Resources:

  • COBIT 5 Assessor Course
  • COBIT 5: A Business Framework for the Governance and Management of Enterprise IT
  • The Assessor Guide: using COBIT 5
  • The Process Assessment Model (PAM): using COBIT

For additional information please view Exam Information or contact